rubydns 2.0.2 → 2.1.0

data/README.md

@@ -1,167 +0,0 @@
-# RubyDNS
-
-RubyDNS is a high-performance DNS server which can be easily integrated into other projects or used as a stand-alone daemon. By default it uses rule-based pattern matching. Results can be hard-coded, computed, fetched from a remote DNS server or fetched from a local cache, depending on requirements.
-
-[![Build Status](https://travis-ci.org/socketry/rubydns.svg)](https://travis-ci.org/socketry/rubydns)
-[![Code Climate](https://codeclimate.com/github/socketry/rubydns.svg)](https://codeclimate.com/github/socketry/rubydns)
-[![Coverage Status](https://coveralls.io/repos/socketry/rubydns/badge.svg)](https://coveralls.io/r/socketry/rubydns)
-[![Gitter](https://badges.gitter.im/join.svg)](https://gitter.im/socketry/rubydns)
-
-[![RubyDNS Introduction](http://img.youtube.com/vi/B9ygq0xh3HQ/maxresdefault.jpg)](https://www.youtube.com/watch?v=B9ygq0xh3HQ&feature=youtu.be&hd=1 "RubyDNS Introduction")
-
-## Installation
-
-Add this line to your application's Gemfile:
-
-	gem 'rubydns'
-
-And then execute:
-
-	$ bundle
-
-Or install it yourself as:
-
-	$ gem install rubydns
-
-## Usage
-
-There are [lots of examples available](examples/README.md) in the `examples/` directory.
-
-### Basic DNS Server
-
-Here is the code from `examples/basic-dns.rb`:
-
-```ruby
-#!/usr/bin/env ruby
-require 'rubydns'
-
-INTERFACES = [
-	[:udp, "0.0.0.0", 5300],
-	[:tcp, "0.0.0.0", 5300],
-]
-
-IN = Resolv::DNS::Resource::IN
-
-# Use upstream DNS for name resolution.
-UPSTREAM = RubyDNS::Resolver.new([[:udp, "8.8.8.8", 53], [:tcp, "8.8.8.8", 53]])
-
-# Start the RubyDNS server
-RubyDNS::run_server(INTERFACES) do
-	match(%r{test.local}, IN::A) do |transaction|
-		transaction.respond!("10.0.0.80")
-	end
-
-	# Default DNS handler
-	otherwise do |transaction|
-		transaction.passthrough!(UPSTREAM)
-	end
-end
-```
-
-Start the server using `RUBYOPT=-w ./examples/basic-dns.rb`. You can then test it using dig:
-
-	$ dig @localhost -p 5300 test.local
-	$ dig @localhost -p 5300 google.com
-
-### File Handle Limitations
-
-On some platforms (e.g. Mac OS X) the number of file descriptors is relatively low by default and should be increased by calling `ulimit -n 10000` before running tests or even before starting a server which expects a large number of concurrent incoming connections.
-
-### Custom Servers
-
-It is possible to create and integrate your own custom servers, however this functionality has now moved to [`Async::DNS::Server`](https://github.com/socketry/async-dns).
-
-```ruby
-class MyServer < Async::DNS::Server
-	def process(name, resource_class, transaction)
-		transaction.fail!(:NXDomain)
-	end
-end
-
-Async::Reactor.run do
-	task = MyServer.new.run
-	
-	# ... do other things, e.g. run specs/tests
-	
-	# Shut down the server manually if required, otherwise it will run indefinitely.
-	# task.stop
-end
-```
-
-This is the best way to integrate with other projects.
-
-## Performance
-
-**Due to changes in the underlying code, there have been some very minor performance regressions. The numbers below will be updated in due course.**
-
-We welcome additional benchmarks and feedback regarding RubyDNS performance. To check the current performance results, consult the [travis build job output](https://travis-ci.org/ioquatix/rubydns).
-
-### Server
-
-The performance is on the same magnitude as `bind9`. Some basic benchmarks resolving 1000 names concurrently, repeated 5 times, using `RubyDNS::Resolver` gives the following:
-
-	                           user     system      total        real
-	RubyDNS::Server        4.280000   0.450000   4.730000 (  4.854862)
-	Bind9                  4.970000   0.520000   5.490000 (  5.541213)
-
-These benchmarks are included in the unit tests. To test bind9 performance, it must be installed and `which named` must return the executable.
-
-### Resolver
-
-The `RubyDNS::Resolver` is highly concurrent and can resolve individual names as fast as the built in `Resolv::DNS` resolver. Because the resolver is asynchronous, when dealing with multiple names, it can work more efficiently:
-
-	                           user     system      total        real
-	RubyDNS::Resolver      0.020000   0.010000   0.030000 (  0.030507)
-	Resolv::DNS            0.070000   0.010000   0.080000 (  1.465975)
-
-These benchmarks are included in the unit tests.
-
-### DNSSEC support
-
-DNSSEC is currently not supported and is [unlikely to be supported in the future](http://sockpuppet.org/blog/2015/01/15/against-dnssec/).
-
-## Contributing
-
-1. Fork it
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create new Pull Request
-
-### Desired Features
-
-* Support for more features of DNS such as zone transfer.
-* Support reverse records more easily.
-* Some kind of system level integration, e.g. registering a DNS server with the currently running system resolver.
-
-## See Also
-
-The majority of this gem is now implemented by `async-dns`.
-
-- [async-io](https://github.com/socketry/async-io) — Asynchronous networking and sockets.
-- [async-dns](https://github.com/socketry/async-dns) — Asynchronous DNS resolver and server.
-- [async-rspec](https://github.com/socketry/async-rspec) — Shared contexts for running async specs.
-
-## License
-
-Released under the MIT license.
-
-Copyright, 2017, by [Samuel G. D. Williams](http://www.codeotaku.com/samuel-williams).
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.

data/Rakefile

@@ -1,6 +0,0 @@
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
-
-RSpec::Core::RakeTask.new(:test)
-
-task :default => :test

data/bin/rubydns-check

@@ -1,374 +0,0 @@
-#!/usr/bin/env ruby
-# Copyright, 2009, 2012, by Samuel G. D. Williams. <http://www.codeotaku.com>
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-# Pulls down DNS data from old-dns
-# rd-dns-check -s old-dns.mydomain.com -d mydomain.com. -f old-dns.yml
-
-# Check data against old-dns
-# rd-dns-check -s old-dns.mydomain.com -d mydomain.com. -c old-dns.yml
-
-# Check data against new DNS server
-# rd-dns-check -s 10.0.0.36 -d mydomain.com. -c old-dns.yml
-
-require 'yaml'
-require 'optparse'
-require 'set'
-
-class DNSRecord
-	def initialize(arr)
-		@record = arr
-		normalize
-	end
-  
-	def normalize
-		@record[0] = @record[0].downcase
-		@record[1] = @record[1].upcase
-		@record[2] = @record[2].upcase
-		@record[3] = @record[3].downcase
-	end
-  
-	def hostname
-		@record[0]
-	end
-  
-	def klass
-		@record[1]
-	end
-  
-	def type
-		@record[2]
-	end
-  
-	def value
-		@record[3]
-	end
-  
-	def is_address?
-		["A", "AAAA"].include?(type)
-	end
-  
-	def is_cname?
-		return type == "CNAME"
-	end
-  
-	def to_s
-		"#{hostname.ljust(50)} #{klass.rjust(4)} #{type.rjust(5)} #{value}"
-	end
-  
-	def key
-		"#{hostname}:#{klass}:#{type}".downcase
-	end
-  
-	def to_a
-		@record
-	end
-  
-	def == other
-		return @record == other.to_a
-	end
-end
-
-def dig(dns_server, cmd, exclude = ["TXT", "HINFO", "SOA", "NS"])
-	records = []
-	
-	IO.popen("dig @#{dns_server} +nottlid +nocmd +noall +answer " + cmd) do |p|
-		p.each do |line|
-			r = line.chomp.split(/\s/, 4)
-			
-			next if exclude.include?(r[2])
-      
-			records << DNSRecord.new(r)
-		end
-	end
-	
-	return records
-end
-
-def retrieve_records(dns_server, dns_root)
-	return dig(dns_server, "#{dns_root} AXFR")
-end
-
-def resolve_hostname(dns_server, hostname)
-	return dig(dns_server, "#{hostname} A").first
-end
-
-def resolve_address(dns_server, address)
-	return dig(dns_server, "-x #{address}").first
-end
-
-def print_summary(records, errors, okay, &block)
-	puts "[ Summary ]".center(72, "=")
-	puts "Checked #{records.size} record(s). #{errors} errors."
-	if errors == 0
-		puts "Everything seemed okay."
-	else
-		puts "The following records are okay:"
-		okay.each do |r|
-			if block_given?
-				yield r
-			else
-				puts "".rjust(12) + r.to_s
-			end
-		end
-	end
-end
-
-# Resolve hostnames to IP address "A" or "AAAA" records.
-# Works through CNAME records in order to find out the final
-# address if possible. Checks for loops in CNAME records.
-def resolve_addresses(records)
-	addresses = {}
-	cnames = {}
-  
-	# Extract all hostname -> ip address mappings
-	records.each do |r|
-		if r.is_address?
-			addresses[r.hostname] = r
-		elsif r.is_cname?
-			cnames[r.hostname] = r
-		end
-	end
-  
-	cnames.each do |hostname, r|
-		q = r
-		trail = []
-		failed = false
-    
-		# Keep track of CNAME records to avoid loops
-		while q.is_cname?
-			trail << q
-			q = cnames[q.value] || addresses[q.value]
-      
-			# Q could be nil at this point, which means there was no address record
-			# Q could be already part of the trail, which means there was a loop
-			if q == nil || trail.include?(q)
-				failed = true
-				break
-			end
-		end
-    
-		if failed
-			q = trail.last
-			puts "*** Warning: CNAME record #{hostname} does not point to actual address!"
-			trail.each_with_index do |r, idx|
-				puts idx.to_s.rjust(10) + ": " + r.to_s
-			end
-		end
-    
-		addresses[r.hostname] = q
-	end
-  
-	return addresses, cnames
-end
-
-def check_reverse(records, dns_server)
-	errors = 0
-	okay = []
-  
-	puts "[ Checking Reverse Lookups ]".center(72, "=")
-  
-	records.each do |r|
-		next unless r.is_address?
-    
-		sr = resolve_address(dns_server, r.value)
-    
-		if sr == nil
-			puts "*** Could not resolve host"
-			puts "".rjust(12) + r.to_s
-			errors += 1
-		elsif r.hostname != sr.value
-			puts "*** Hostname does not match"
-			puts "Primary: ".rjust(12) + r.to_s
-			puts "Secondary: ".rjust(12) + sr.to_s
-			errors += 1
-		else
-			okay << [r, sr]
-		end
-	end
-  
-	print_summary(records, errors, okay) do |r|
-		puts "Primary:".rjust(12) + r[0].to_s
-		puts "Secondary:".rjust(12) + r[1].to_s
-	end
-end
-
-def ping_records(records)
-	addresses, cnames = resolve_addresses(records)
-
-	errors = 0
-	okay = []
-
-	puts "[ Pinging Records ]".center(72, "=")
-  
-	addresses.each do |hostname, r|
-		ping = "ping -c 5 -t 5 -i 1 -o #{r.value} > /dev/null"
-    
-		system(ping)
-    
-		if $?.exitstatus == 0
-			okay << r
-		else
-			puts "*** Could not ping host #{hostname.dump}: #{ping.dump}"
-			puts "".rjust(12) + r.to_s
-			errors += 1
-		end
-	end
-  
-	print_summary(records, errors, okay)
-end
-
-def query_records(primary, secondary_server)
-	addresses, cnames = resolve_addresses(primary)
-  
-	okay = []
-	errors = 0
-  
-	primary.each do |r|
-		sr = resolve_hostname(secondary_server, r.hostname)
-    
-		if sr == nil
-			puts "*** Could not resolve hostname #{r.hostname.dump}"
-			puts "Primary: ".rjust(12) + r.to_s
-      
-			rsr = resolve_address(secondary_server, (addresses[r.value] || r).value)
-			puts "Address: ".rjust(12) + rsr.to_s if rsr
-      
-			errors += 1
-		elsif sr.value != r.value
-			ra = addresses[r.value] if r.is_cname?
-			sra = addresses[sr.value] if sr.is_cname?
-      
-			if (sra || sr).value != (ra || r).value
-				puts "*** IP Address does not match"
-				puts "Primary: ".rjust(12) + r.to_s
-				puts "Resolved: ".rjust(12) + ra.to_s if ra
-				puts "Secondary: ".rjust(12) + sr.to_s
-				puts "Resolved: ".rjust(12) + sra.to_s if sra
-				errors += 1
-			end
-		else
-			okay << r
-		end
-	end
-  
-	print_summary(primary, errors, okay)
-end
-
-def check_records(primary, secondary)
-	s = {}
-	okay = []
-	errors = 0
-  
-	secondary.each do |r|
-		s[r.key] = r
-	end
-
-	puts "[ Checking Records ]".center(72, "=")
-
-	primary.each do |r|
-		sr = s[r.key]
-    
-		if sr == nil
-			puts "*** Could not find record"
-			puts "Primary: ".rjust(12) + r.to_s
-			errors += 1
-		elsif sr != r
-			puts "*** Records are different"
-			puts "Primary: ".rjust(12) + r.to_s
-			puts "Secondary: ".rjust(12) + sr.to_s
-			errors += 1
-		else
-			okay << r
-		end
-	end
-  
-	print_summary(primary, errors, okay)
-end
-
-OPTIONS = {
-	:DNSServer => nil,
-	:DNSRoot => ".",
-}
-
-ARGV.options do |o|
-	script_name = File.basename($0)
-  
-	o.set_summary_indent('  ')
-	o.banner = "Usage: #{script_name} [options]"
-	o.define_head "This script is designed to test and check DNS servers."
-  
-	o.on("-s ns.my.domain.", "--server ns.my.domain.", String, "The DNS server to query.") { |host| OPTIONS[:DNSServer] = host }
-	o.on("-d my.domain.", "--domain my.domain.", String, "The DNS zone to transfer/test.") { |host| OPTIONS[:DNSRoot] = host }
-  
-	o.on("-f output.yml", "--fetch output.yml", String, "Pull down a list of hosts. Filters TXT and HINFO records. DNS transfers must be enabled.") { |f|
-		records = retrieve_records(OPTIONS[:DNSServer], OPTIONS[:DNSRoot])
-    
-		output = (f ? File.open(f, "w") : STDOUT)
-    
-		output.write(YAML::dump(records))
-    
-		puts "#{records.size} record(s) retrieved."
-	}
-  
-	o.on("-c input.yml", "--check input.yml", String, "Check that the DNS server returns results as specified by the file.") { |f|
-		input = (f ? File.open(f) : STDIN)
-    
-		master_records = YAML::load(input.read)
-		secondary_records = retrieve_records(OPTIONS[:DNSServer], OPTIONS[:DNSRoot])
-    
-		check_records(master_records, secondary_records)
-	}
-  
-	o.on("-q input.yml", "--query input.yml", String, "Query the remote DNS server with all hostnames in the given file, and checks the IP addresses are consistent.") { |f|
-		input = (f ? File.open(f) : STDIN)
-    
-		master_records = YAML::load(input.read)
-    
-		query_records(master_records, OPTIONS[:DNSServer])
-	}
-  
-	o.on("-p input.yml", "--ping input.yml", String, "Ping all hosts to check if they are available or not.") { |f|
-		input = (f ? File.open(f) : STDIN)
-    
-		master_records = YAML::load(input.read)
-    
-		ping_records(master_records)
-	}
-  
-	o.on("-r input.yml", "--reverse input.yml", String, "Check that all address records have appropriate reverse entries.") { |f|
-		input = (f ? File.open(f) : STDIN)
-    
-		master_records = YAML::load(input.read)
-    
-		check_reverse(master_records, OPTIONS[:DNSServer])
-	}
-  
-	o.separator ""
-	o.separator "Help and Copyright information"
-  
-	o.on_tail("--copy", "Display copyright information") {
-		puts "#{script_name}. Copyright (c) 2009, 2011 Samuel Williams. Released under the MIT license."
-		puts "See http://www.oriontransfer.co.nz/ for more information."
-		exit
-	}
-  
-	o.on_tail("-h", "--help", "Show this help message.") { puts o; exit }
-end.parse!

data/examples/Gemfile

@@ -1,9 +0,0 @@
-source 'https://rubygems.org'
-
-gem 'rubydns', path: '../'
-gem "process-daemon"
-gem 'nokogiri'
-
-gem 'async-http'
-
-gem 'geoip'

data/examples/README.md

@@ -1,137 +0,0 @@
-# RubyDNS Examples
-
-This directory contains several examples of customized RubyDNS servers,
-intended to demonstrate how RubyDNS can be easily customized to specific
-needs.
-
-## FlakeyDNS (flakey-dns.rb)
-
-A DNS server that selectively drops queries based on the requested domain name.  Queries for domains that match specified regular expressions (like 'microsoft.com' or 'sco.com') return NXDomain, while all other queries are passed to upstream resolvers.
-
-By default this server will listen for UDP requests on port 5300 and does not need to be started as root.
-
-To start the server, ensure that you're in the examples subdirectory and type
-
-    bundle
-    bundle exec ./flakey-dns.rb start
-
-To see it in action you can then query some domains.  For example,
-
-    dig @localhost -p 5300 slashdot.org -t A
-    dig @localhost -p 5300 www.hackernews.com -t A
-
-give the correct results. But
-
-    dig @localhost -p 5300 microsoft.com -t A
-    dig @localhost -p 5300 www.microsoft.com -t A
-    dig @localhost -p 5300 www.microsoft.com
-
-all give an NXDomain result.
-
-## FortuneDNS (fortune-dns.rb)
-
-A DNS server that allows a client to generate fortunes and fetch them with subsequent requests.  The server
-'remembers' the fortunes it generates, and can serve them to future requests. The reason for this is because most fortunes won't fit over UDP (maximum size 512 bytes) and the client will request the same fortune via TCP.
-
-You will need to have the `fortune` app installed on your system.  It comes installed by default on
-most Linux distributions, and can be installed on a Mac with Homebrew by typing:
-
-    # Homebrew
-    brew install fortune
-    # MacPorts
-    sudo port install fortune
-    # Arch Linux
-    sudo pacman -S fortune-mod
-
-By default this server will listen for UDP and TCP requests on port 53, and needs to be started as root.  It
-assumes the existence of a user 'daemon', as whom the process will run.  If such a user doesn't exist on your
-system, you will need to either create such a user or update the script to use a user that exists on your
-system.
-
-To start the server, ensure that you're in the examples subdirectory and type
-
-    bundle
-    sudo bundle exec ./fortune-dns.rb start
-
-To create a new fortune type
-
-    dig @localhost fortune -t TXT
-
-This will result in an DNS answer that looks something like this:
-
-    fortune.    0 IN  TXT "Text Size: 714 Byte Size: 714"
-    fortune.    0 IN  CNAME 32bf3bf2b0a2255f2df00ed9e95c8185.fortune.
-
-Take the CNAME from this result and query it.  For our example this would be:
-
-    dig @localhost 32bf3bf2b0a2255f2df00ed9e95c8185.fortune -t TXT
-
-And your answer will be a fortune.
-
-You can also generate a 'short' fortune by typing the following:
-
-    dig @localhost short.fortune -t TXT
-
-or view the fortune stats with:
-
-    dig @localhost stats.fortune -t TXT
-
-## GeoIPDNS (geoip-dns.rb)
-
-A sample DNS daemon that demonstrates how to use RubyDNS to build responses
-that vary based on the geolocation of the requesting peer.  Clients of this
-server who request A records will get an answer IP address based on the 
-continent of the client IP address.
-
-Please note that use of this example requires that the peer have a public
-IP address.  IP addresses on private networks or the localhost IP (127.0.0.1)
-cannot be resolved to a location, and so will always yield the unknown result.
-
-This daemon requires the file downloaded from
-[MaxMind](http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz)
-For more information on the GeoIP library, please click [here](http://www.maxmind.com/en/geolite)
-or [here](https://github.com/cjheath/geoip).  This file should be unzipped and placed in the
-examples root directory, i.e. `examples/GeoLiteCountry.dat`.
-
-By default this server will listen for UDP requests on port 5300 and does not need to be started as root.
-
-To start the server, ensure that you're in the examples subdirectory and type
-
-    bundle
-    sudo bundle exec ./geoip-dns.rb start
-
-To see the behavior, run a DNS query against the server where you are running the GeoIPDNS
-daemon.  Depending on the continent to which the client machine's IP address is mapped,
-you will receive a different IP address in the answer section:
-
-    Africa - 1.1.1.1
-    Antarctica - 1.1.2.1
-    Asia - 1.1.3.1
-    Europe - 1.1.4.1
-    North America - 1.1.5.1
-    Oceania - 1.1.6.1
-    South America - 1.1.7.1
-
-## WikipediaDNS (wikipedia-dns.rb)
-
-A DNS server that queries Wikipedia and returns summaries for specifically crafted queries.
-
-By default this server will listen for UDP and TCP requests on port 53, and needs to be started as root.  It
-assumes the existence of a user 'daemon', as whom the process will run.  If such a user doesn't exist on your
-system, you will need to either create such a user or update the script to use a user that exists on your
-system.
-
-To start the server, ensure that you're in the examples subdirectory and type
-
-    bundle
-    sudo bundle exec ./wikipedia-dns.rb start
-
-To query Wikipedia, pick a term - say, 'helium' - and make a DNS query like
-
-    dig @localhost helium.wikipedia -t TXT
-
-The answer section should contain the summary for this topic from Wikipedia
-
-    helium.wikipedia. 86400 IN  TXT "Helium is a chemical element with symbol He and atomic number 2. It is a colorless, odorless, tasteless, non-toxic, inert, monatomic gas that heads the noble gas group in the periodic table. Its boiling and melting points are the lowest among the elements" " and it exists only as a gas except in extreme conditions."
-
-Long blocks of text cannot be easily replied in DNS as they must be chunked into segments at most 255 bytes. Long replies must be sent back using TCP.