alexreinert / arsoft.tools.net Goto Github PK

Would it be possible to create a .NETCore 2.0 build?

I am using to get the txt records but it is returning null.
DnsMessage dnsMessage = await DnsClient.Default.Resolve(DomainName.Parse("google.com"), RecordType.Txt)

while non async version
DnsMessage dnsMessage = DnsClient.Default.Resolve(DomainName.Parse("google.com"), RecordType.Txt) working fine.

Sending a TSIG update request to the server from nix tool nsupdate.
When server attempts to process the packet (after bypassing #18 ) it fails and emits a Server_InvalidSignedMessageReceived.

After some digging it appears to be because property TsigKeySelector on class DnsServer is null and is never set, so I assume it cannot decode the packet.

Out of my depth with the RFC theory on TSIG processing so I cant offer a fix.

There are 3 places in the library where I find this code:

if ((msg == null) || ((msg.ReturnCode != ReturnCode.NoError) && (msg.ReturnCode != ReturnCode.NxDomain)))
{
	throw new Exception("DNS request failed");
}

The exception does not include the actual error code returned from the DNS server (if a message was received).

I'd like to contribute a change here. @alexreinert, do you accept PRs for this?

Hi,

with the current version I get an error when using a .NET Core / Standard project (translated):

Package System.Private.Networking 4.0.0 not compatible with netcoreapp2.0 (.NETCoreApp,Version=v2.0)/win10-x64. System.Private.Networking 4.0.0 supports:

• dnxcore50 (DNXCore,Version=v5.0)
• netcore50 (.NETCore,Version=v5.0)

Is there maybe a workaround for this, e.g. a newer preview version for this package?
Thank you

Edit:
Nevermind, error disappeared when creating a new .NET Standard project solution for the library.

Repro code below, check the comment for where it throws vs it doesn't.

List<IPAddress> lDnsServers = new List<IPAddress>();
lDnsServers.Add(IPAddress.Parse("1.4.5.6")); // non existent
lDnsServers.Add(IPAddress.Parse("8.8.8.8"));

DnsClient lClient = new DnsClient(lDnsServers, 5000);
lClient.IsTcpEnabled = true;
var resolver = new DnsStubResolver(lClient);
var records1 = resolver.Resolve<MxRecord>(lDomain, RecordType.Mx); // this will NOT throw and get the result from 8.8.8.8
var records2 = await resolver.ResolveAsync<MxRecord>(lDomain, RecordType.Mx).ConfigureAwait(false); // this will throw on the non existent server and never query 8.8.8.8

I have a list of domain names i'm trying to get their SPF addresses using the ARSoft package, but some requests return a huge result because something went wrong with extracting those domains SPF addresses, what I want to do is skip those domains, but C# does not catch StackOverFlowException, here is my lines:

var resolver = new DnsStubResolver(new DnsClient(IPAddress.Parse("8.8.8.8"), 3000));
List<TxtRecord> records = new List<TxtRecord>();
try {
    records = resolver.Resolve<TxtRecord>(array[0].ToString(),  RecordType.Txt);
} catch(StackOverflowException ex) { 
    return;
} 

foreach (var record in records) { ... } 

the "return" doesn't get executed because the app is blocked and the VS window is brought to front with the exception, any ideas ?

Hello.

This looks like a very useful project, but I had to use Google to find the API documentation and code samples! (https://docs.ar-soft.de/arsoft.tools.net/)

I think this should be linked in README.md.

I'm trying to setup the DnsServer class and I don't see a way to pass the Port I want the server to run on to either TCPTransport or UDPTransport. Looking at the code, it seems the value is hardcoded for 53.

Is it possible to add a new parameter to the constructor so the port can be customized?

We need a new nuget package version, because Bouncy Castle just updated. If a application requires the new bouncy castle version 1.8.2, the current ARSoft version 2.2.9 fails with a dependency error during runtime!

When the spf record below is validated the %{d} parts gets an additional dot which invalidates the resulting domain name. The DomainName.Parse method throws an exception.

v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com -all

The issue is the case "d" at line 556. More precisely line 557. The domain.ToString() returns a domain name with a dot prefix. This causes two dots and invalidates the resulting string.

Hi, I'm trying to use your library to implement Let's Encrypt validation, which requires me to add and delete TXT records. Adding works fine, but I don't seem to be able to delete the records afterwards.

If I send a DeleteAllRecordsUpdate the server returns a FormatError. If I send a DeleteRecordUpdate it only changes the TTL to 0. Server logs confirm that the DeleteRecordUpdate looks exactly the same as an AddRecordUpdate. I tried to make sense of the code, but there doesn't seem to be any difference between those two classes, except for the TTL thing.

What seems to be missing is some property or logic to change the command from add to delete for both of those update types.

win-acme/win-acme#2364

Testing the server component by issuing it an update request from nix tool nsupdate. Am including an update key in the update packet (TSIG).
Server receives UDP packet and commences processing of the packet but throws the exception on line 138 of the TSigRecord.cs.
protected internal override int MaximumRecordDataLength => TSigAlgorithmHelper.GetDomainName(Algorithm).MaximumRecordDataLength + 18 + TSigAlgorithmHelper.GetHashSize(Algorithm) + OtherData.Length;

Algorithim = "Unknown" and as a result GetDomainName() returns a null reference.

After some digging, it appears the algorithim is not selected properly from the DSigAlgorithimHelper. The GetAlgorithimByName() method has the MD5 algorithim as "hmac-md5.sig-alg.reg.int" but upon the DomainName.ToString() call the return string is appended with a period.

Adding a period to the switch case of GetAlgorithimByName() resolves the problem, but I'm unsure if this is the correct fix as my knowledge of the various RFC's is basic at best.

I'd like to have a sample of how to use DnsSec on the server side.

I have come as far as this
https://github.com/ststeiger/Arsoft/blob/master/ArsoftTestServer/Servers/DnsSecServer.cs

but I can't find any information anywhere about which algorithms are used, from what value the hash/signature is computed, in which encoding, which keys of what size, etc.
The RFCs are vague at best.

Since you have already added DnsSec stuff in your library, I presume you know more about the subject.
So any help by sample would be really useful.

DMARC is a policy that applies to SPF/SenderID and DKIM.

Since all of the above uses DNS entries to publish keys, it would be great if this library also included support for these more modern email protocols.

Hello

Would you be able to add the HTTPS and SVCB record types? We can expect the RFC this year, but the records are in use since 2020.

Cheers

We use your DnsMessage with a self-written UdpListener, and we use DnsMessageBase.Encode() for serialization, which has to be made public. Is there a way to open this method so that we don't have to download the source code every time, change internal to public, and manually connect the dll to the solution, but just download the library from NuGet?

We got null return in server for some cases.
But when I have tested in my local with the same domain and same functionality we got the result always.
For the same domain, I have also checked here: https://dnschecker.org/ It looks fine.

DnsMessage dnsMessage = DnsClient.Default.Resolve(DomainName.Parse("google.com"), RecordType.Txt) // returns null in server some times

Using Version: "2.2.9"
.Net Version: v4.7.2

Hi,
during usage of you library sometimes we track the exception:
System.Exception: Error parsing dns query ---> System.ArgumentOutOfRangeException: Index was out of range. Must be non-negative and less than the size of the collection. (Parameter 'index') at System.ArraySegment1.System.Collections.Generic.IList.get_Item(Int32 index)
at ARSoft.Tools.Net.Dns.DnsMessageBase.ParseDomainName(IList1 resultData, Int32 currentPosition, Int32& uncompressedLabelBytes) at ARSoft.Tools.Net.Dns.DnsQuestion.Parse(IList1 data, Int32& currentPosition)
at ARSoft.Tools.Net.Dns.DnsMessageBase.ParseQuestionSection(IList1 data, Int32& currentPosition, Int32 recordCount) at ARSoft.Tools.Net.Dns.DnsMessageBase.ParseInternal(IList1 data, SelectTsigKey tsigKeySelector, Byte[] originalMac)
at ARSoft.Tools.Net.Dns.DnsMessageBase.CreateByFlag(IList1 package, SelectTsigKey tsigKeySelector, Byte[] originalMac) at ARSoft.Tools.Net.Dns.DnsServer.ProcessRawPackageAsync(IServerConnection connection, DnsReceivedRawPackage queryPackage, CancellationToken token) --- End of inner exception stack trace --- at ARSoft.Tools.Net.Dns.DnsServer.ProcessRawPackageAsync(IServerConnection connection, DnsReceivedRawPackage queryPackage, CancellationToken token)

Our dev-ops engineer managed to reproduce this with small powershell sceipt:
`function Send-UdpDatagram
{
Param ([string] $EndPoint,
[int] $Port,
[string] $Message)

  $IP = [System.Net.Dns]::GetHostAddresses($EndPoint) 
  $Address = [System.Net.IPAddress]::Parse($IP) 
  $EndPoints = New-Object System.Net.IPEndPoint($Address, $Port) 
  $Socket = New-Object System.Net.Sockets.UDPClient 
  $EncodedText = [Text.Encoding]::ASCII.GetBytes($Message) 
  $SendMessage = $Socket.Send($EncodedText, 12, $EndPoints)
  $Socket.Close() 

}

While ($True){
Write-Host "Send Message"
Send-UdpDatagram -EndPoint "127.0.0.1" -Port 53 -Message "F/*/**966jgFF"
}`
Could you please check this and fix, because I have no ways to override or implement this by myself.

when QueryByTcp receives null as the tcp client.
in case of some error it will not dispose of the new tcp client created.

Thank you for this great library @alexreinert !
It has been useful in my current project and have worked flawless so far.

I do note that the library hasn't been updated since 2017-2018 and wonder if you are accepting pulling requests for supporting .Net 5? I see you are currently playing with CCU code, so you are still here ;)

If not, would you accept a clone & release of a ".portable" version like Bouncycastle has: https://www.nuget.org/packages/Portable.BouncyCastle/ ?

Cheers and happy new year (Y)