Build and install drill(1).

Approved by:	re (blanket)
This commit is contained in:
des 2013-09-22 20:30:55 +00:00
parent 752a7a786f
commit 819dbfe373
4 changed files with 559 additions and 0 deletions

297
contrib/ldns/drill/config.h Normal file
View File

@ -0,0 +1,297 @@
/* config.h. Generated from config.h.in by configure. */
/* config.h.in. Generated from configure.ac by autoheader. */
/* Define to 1 if you have the <arpa/inet.h> header file. */
#define HAVE_ARPA_INET_H 1
/* Define to 1 if you have the <assert.h> header file. */
#define HAVE_ASSERT_H 1
/* Define to 1 if you have the <ctype.h> header file. */
#define HAVE_CTYPE_H 1
/* Whether getaddrinfo is available */
#define HAVE_GETADDRINFO 1
/* Define to 1 if you have the <getopt.h> header file. */
#define HAVE_GETOPT_H 1
/* If you have HMAC_CTX_init */
#define HAVE_HMAC_CTX_INIT 1
/* Define to 1 if you have the <inttypes.h> header file. */
#define HAVE_INTTYPES_H 1
/* Define to 1 if you have the `isblank' function. */
#define HAVE_ISBLANK 1
/* Define to 1 if you have the `ldns' library (-lldns). */
#define HAVE_LIBLDNS 1
/* Define to 1 if you have the <memory.h> header file. */
#define HAVE_MEMORY_H 1
/* Define to 1 if you have the <netinet/if_ether.h> header file. */
#define HAVE_NETINET_IF_ETHER_H 1
/* Define to 1 if you have the <netinet/in.h> header file. */
#define HAVE_NETINET_IN_H 1
/* Define to 1 if you have the <netinet/in_systm.h> header file. */
#define HAVE_NETINET_IN_SYSTM_H 1
/* Define to 1 if you have the <netinet/ip6.h> header file. */
#define HAVE_NETINET_IP6_H 1
/* Define to 1 if you have the <netinet/ip.h> header file. */
#define HAVE_NETINET_IP_H 1
/* Define to 1 if you have the <netinet/udp.h> header file. */
#define HAVE_NETINET_UDP_H 1
/* Define to 1 if you have the <net/if.h> header file. */
#define HAVE_NET_IF_H 1
/* Define to 1 if you have the <openssl/err.h> header file. */
#define HAVE_OPENSSL_ERR_H 1
/* Define to 1 if you have the <openssl/rand.h> header file. */
#define HAVE_OPENSSL_RAND_H 1
/* Define to 1 if you have the <openssl/ssl.h> header file. */
#define HAVE_OPENSSL_SSL_H 1
/* Define if you have the SSL libraries installed. */
#define HAVE_SSL /**/
/* Define to 1 if you have the <stdint.h> header file. */
#define HAVE_STDINT_H 1
/* Define to 1 if you have the <stdio.h> header file. */
#define HAVE_STDIO_H 1
/* Define to 1 if you have the <stdlib.h> header file. */
#define HAVE_STDLIB_H 1
/* Define to 1 if you have the <strings.h> header file. */
#define HAVE_STRINGS_H 1
/* Define to 1 if you have the <string.h> header file. */
#define HAVE_STRING_H 1
/* Define to 1 if you have the <sys/mount.h> header file. */
#define HAVE_SYS_MOUNT_H 1
/* Define to 1 if you have the <sys/param.h> header file. */
#define HAVE_SYS_PARAM_H 1
/* Define to 1 if you have the <sys/select.h> header file. */
#define HAVE_SYS_SELECT_H 1
/* Define to 1 if you have the <sys/socket.h> header file. */
#define HAVE_SYS_SOCKET_H 1
/* Define to 1 if you have the <sys/stat.h> header file. */
#define HAVE_SYS_STAT_H 1
/* Define to 1 if you have the <sys/time.h> header file. */
#define HAVE_SYS_TIME_H 1
/* Define to 1 if you have the <sys/types.h> header file. */
#define HAVE_SYS_TYPES_H 1
/* Define to 1 if you have the <time.h> header file. */
#define HAVE_TIME_H 1
/* Define to 1 if you have the <unistd.h> header file. */
#define HAVE_UNISTD_H 1
/* Define to 1 if you have the <winsock2.h> header file. */
/* #undef HAVE_WINSOCK2_H */
/* Define to 1 if you have the <ws2tcpip.h> header file. */
/* #undef HAVE_WS2TCPIP_H */
/* Default trust anchor file */
#define LDNS_TRUST_ANCHOR_FILE "/etc/unbound/root.key"
/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT "libdns@nlnetlabs.nl"
/* Define to the full name of this package. */
#define PACKAGE_NAME "ldns"
/* Define to the full name and version of this package. */
#define PACKAGE_STRING "ldns 1.6.16"
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "libdns"
/* Define to the home page for this package. */
#define PACKAGE_URL ""
/* Define to the version of this package. */
#define PACKAGE_VERSION "1.6.16"
/* Define to 1 if you have the ANSI C header files. */
#define STDC_HEADERS 1
/* Enable extensions on AIX 3, Interix. */
#ifndef _ALL_SOURCE
# define _ALL_SOURCE 1
#endif
/* Enable GNU extensions on systems that have them. */
#ifndef _GNU_SOURCE
# define _GNU_SOURCE 1
#endif
/* Enable threading extensions on Solaris. */
#ifndef _POSIX_PTHREAD_SEMANTICS
# define _POSIX_PTHREAD_SEMANTICS 1
#endif
/* Enable extensions on HP NonStop. */
#ifndef _TANDEM_SOURCE
# define _TANDEM_SOURCE 1
#endif
/* Enable general extensions on Solaris. */
#ifndef __EXTENSIONS__
# define __EXTENSIONS__ 1
#endif
/* Whether the windows socket API is used */
/* #undef USE_WINSOCK */
/* the version of the windows API enabled */
#define WINVER 0x0502
/* Define to 1 if on MINIX. */
/* #undef _MINIX */
/* Define to 2 if the system does not provide POSIX.1 features except with
this defined. */
/* #undef _POSIX_1_SOURCE */
/* Define to 1 if you need to in order for `stat' and other things to work. */
/* #undef _POSIX_SOURCE */
/* in_addr_t */
/* #undef in_addr_t */
/* in_port_t */
/* #undef in_port_t */
/* Define to `__inline__' or `__inline' if that's what the C compiler
calls it, or to nothing if 'inline' is not supported under any name. */
#ifndef __cplusplus
/* #undef inline */
#endif
/* Define to `short' if <sys/types.h> does not define. */
/* #undef int16_t */
/* Define to `int' if <sys/types.h> does not define. */
/* #undef int32_t */
/* Define to `long long' if <sys/types.h> does not define. */
/* #undef int64_t */
/* Define to `char' if <sys/types.h> does not define. */
/* #undef int8_t */
/* Define to `unsigned int' if <sys/types.h> does not define. */
/* #undef size_t */
/* Define to 'int' if not defined */
/* #undef socklen_t */
/* Define to `int' if <sys/types.h> does not define. */
/* #undef ssize_t */
/* Define to `unsigned short' if <sys/types.h> does not define. */
/* #undef uint16_t */
/* Define to `unsigned int' if <sys/types.h> does not define. */
/* #undef uint32_t */
/* Define to `unsigned long long' if <sys/types.h> does not define. */
/* #undef uint64_t */
/* Define to `unsigned char' if <sys/types.h> does not define. */
/* #undef uint8_t */
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <assert.h>
#if STDC_HEADERS
#include <stdlib.h>
#include <stddef.h>
#endif
#ifdef HAVE_STDINT_H
#include <stdint.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#ifdef HAVE_NETINET_UDP_H
#include <netinet/udp.h>
#endif
#ifdef HAVE_TIME_H
#include <time.h>
#endif
#ifdef HAVE_NETINET_IN_SYSTM_H
#include <netinet/in_systm.h>
#endif
#ifdef HAVE_NETINET_IP_H
#include <netinet/ip.h>
#endif
#ifdef HAVE_NET_IF_H
#include <net/if.h>
#endif
#ifdef HAVE_NETINET_IF_ETHER_H
#include <netinet/if_ether.h>
#endif
#ifdef HAVE_WINSOCK2_H
#define USE_WINSOCK 1
#include <winsock2.h>
#endif
#ifdef HAVE_WS2TCPIP_H
#include <ws2tcpip.h>
#endif
extern char *optarg;
extern int optind, opterr;
#ifndef EXIT_FAILURE
#define EXIT_FAILURE 1
#endif
#ifndef EXIT_SUCCESS
#define EXIT_SUCCESS 0
#endif
#ifdef S_SPLINT_S
#define FD_ZERO(a) /* a */
#define FD_SET(a,b) /* a, b */
#endif

242
contrib/ldns/drill/drill.1 Normal file
View File

@ -0,0 +1,242 @@
.\" @(#)drill.1 1.7.0 14-Jul-2004 OF;
.TH drill 1 "28 May 2006"
.SH NAME
drill \- get (debug) information out of DNS(SEC)
.SH SYNOPSIS
.B drill
[
.IR OPTIONS
]
.IR name
[
.IR @server
]
[
.IR type
]
[
.IR class
]
.SH DESCRIPTION
\fBdrill\fR is a tool to designed to get all sorts of information out of the
DNS. It is specificly designed to be used with DNSSEC.
.PP
The name \fBdrill\fR is a pun on \fBdig\fR. With \fBdrill\fR you should be able
get even more information than with \fBdig\fR.
.PP
If no arguments are given class defaults to 'IN' and type to 'A'. The
server(s) specified in /etc/resolv.conf are used to query against.
.PP
\fIname\fR
Ask for this name.
.PP
\fI@server\fR
Send to query to this server. If not specified use the nameservers from
\fI/etc/resolv.conf\fR.
.PP
\fItype\fR
Ask for this RR type. If type is not given on the command line it defaults
to 'A'. Except when doing to reverse lookup when it defaults to 'PTR'.
.PP
\fIclass\fR
Use this class when querying.
.SH SAMPLE USAGE
\fBdrill mx miek.nl\fR
Show the MX records of the domain miek.nl
.TP
\fBdrill -S jelte.nlnetlabs.nl\fR
Chase any signatures in the jelte.nlnetlab.nl domain. This option is
only available when ldns has been compiled with openssl-support.
.TP
\fBdrill -TD www.example.com\fR
Do a DNSSEC (-D) trace (-T) from the rootservers down to www.example.com.
This option only works when ldns has been compiled with openssl support.
.TP
\fBdrill -s dnskey jelte.nlnetlabs.nl\fR
Show the DNSKEY record(s) for jelte.nlnetlabs.nl. For each found DNSKEY
record also print the DS record.
.SH OPTIONS
.TP
\fB\-D
Enable DNSSEC in the query. When querying for DNSSEC types (DNSKEY, RRSIG,
DS and NSEC) this is \fInot\fR automaticly enabled.
.TP
\fB\-T
Trace \fIname\fR from the root down. When using this option the @server and
the type arguments are not used.
.TP
\fB\-S
Chase the signature(s) of 'name' to a known key or as high up in
the tree as possible.
.TP
\fB\-V \fIlevel\fR
Be more verbose. Set level to 5 to see the actual query that is sent.
.TP
\fB\-Q
Quiet mode, this overrules -V.
.TP
\fB\-f \fIfile\fR
Read the query from a file. The query must be dumped with -w.
.TP
\fB\-i \fIfile\fR
read the answer from the file instead from the network. This aids
in debugging and can be used to check if a query on disk is valid.
If the file contains binary data it is assumed to be a query in
network order.
.TP
\fB\-w \fIfile\fR
Write an answer packet to file.
.TP
\fB\-q \fIfile\fR
Write the query packet to file.
.TP
\fB\-v
Show drill's version.
.TP
\fB\-h
Show a short help message.
.SS QUERY OPTIONS
.TP
\fB\-4
Stay on ip4. Only send queries to ip4 enabled nameservers.
.TP
\fB\-6
Stay on ip6. Only send queries to ip6 enabled nameservers.
.TP
\fB\-a
Use the resolver structure's fallback mechanism if the answer
is truncated (TC=1). If a truncated packet is received and this
option is set, drill will first send a new query with EDNS0
buffer size 4096.
If the EDNS0 buffer size was already set to 512+ bytes, or the
above retry also results in a truncated answer, the resolver
structure will fall back to TCP.
.TP
\fB\-b \fIsize\fR
Use size as the buffer size in the EDNS0 pseudo RR.
.TP
\fB\-c \fIfile\fR
Use file instead of /etc/resolv.conf for nameserver configuration.
.TP
\fB\-d \fIdomain\fR
When tracing (-T), start from this domain instead of the root.
.TP
\fB\-t
Use TCP/IP when querying a server
.TP
\fB\-k \fIkeyfile\fR
Use this file to read a (trusted) key from. When this options is
given \fBdrill\fR tries to validate the current answer with this
key. No chasing is done. When \fBdrill\fR is doing a secure trace, this
key will be used as trust anchor. Can contain a DNSKEY or a DS record.
Alternatively, when DNSSEC enabled tracing (\fB-TD\fR) or signature
chasing (\fB-S\fR), if \fB-k\fR is not specified, and a default trust anchor
(/etc/unbound/root.key) exists and contains a valid DNSKEY or DS record,
it will be used as the trust anchor.
.TP
\fB\-o \fImnemonic\fR
Use this option to set or unset specific header bits. A bit is
set by using the bit mnemonic in CAPITAL letters. A bit is unset when
the mnemonic is given in lowercase. The following mnemonics are
understood by \fBdrill\fR:
QR, qr: set, unset QueRy (default: on)
AA, aa: set, unset Authoritative Answer (default: off)
TC, tc: set, unset TrunCated (default: off)
RD, rd: set, unset Recursion Desired (default: on)
CD, cd: set, unset Checking Disabled (default: off)
RA, ra: set, unset Recursion Available (default: off)
AD, ad: set, unset Authenticated Data (default: off)
Thus: \fB-o CD\fR, will enable Checking Disabled, which instructs the
cache to not validate the answers it gives out.
.TP
\fB\-p \fIport\fR
Use this port instead of the default of 53.
.TP
\fB\-r \fIfile\fR
When tracing (-T), use file as a root servers hint file.
.TP
\fB\-s
When encountering a DNSKEY print the equivalent DS also.
.TP
\fB\-u
Use UDP when querying a server. This is the default.
.TP
\fB\-w \fIfile\fR
write the answer to a file. The file will contain a hexadecimal dump
of the query. This can be used in conjunction with -f.
.TP
\fB\-x
Do a reverse loopup. The type argument is not used, it is preset to PTR.
.TP
\fB\-y \fI<name:key[:algo]>\fR
specify named base64 tsig key, and optional an algorithm (defaults to hmac-md5.sig-alg.reg.int)
.TP
\fB\-z \fR
don't randomize the nameserver list before sending queries.
.SH "FILES"
.TP
/etc/unbound/root.key
The file from which trusted keys are loaded when no \fB-k\fR option is given.
.SH "SEE ALSO"
.LP
unbound-anchor(8)
.SH AUTHOR
Jelte Jansen and Miek Gieben. Both of NLnet Labs.
.SH REPORTING BUGS
Report bugs to <ldns-team@nlnetlabs.nl>.
.SH BUGS
.SH COPYRIGHT
Copyright (c) 2004-2008 NLnet Labs.
Licensed under the revised BSD license. There is NO warranty; not even for MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE.
.SH SEE ALSO
\fBdig\fR(1), \fIRFC403{3,4,5}\fR.

View File

@ -265,6 +265,7 @@ SUBDIR+= compile_et
.endif
.if ${MK_LDNS_UTILS} != "no"
SUBDIR+= drill
SUBDIR+= host
.endif

19
usr.bin/drill/Makefile Normal file
View File

@ -0,0 +1,19 @@
# $FreeBSD$
# Vendor sources and generated files
LDNSDIR= ${.CURDIR}/../../contrib/ldns
.PATH: ${LDNSDIR}/drill
PROG= drill
SRCS= drill.c drill_util.c error.c root.c work.c \
chasetrace.c dnssec.c securetrace.c
CFLAGS+= -I${LDNSDIR}
NO_WERROR= true
MAN= drill.1
DPADD+= ${LIBLDNS} ${LIBCRYPTO}
LDADD+= -lldns -lcrypto
USEPRIVATELIB= ldns
.include <bsd.prog.mk>