How to use getdns - 10 common examples
To help you get started, we’ve selected a few getdns examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
getdnsapi / getdns-node / samples / getdns-resolver-check-tls / app.js View on Github 
/* eslint-disable no-console */
console.log("resolver = " + req.query.resolver);
console.log("query = " + req.query.query);
console.log("hostname = " + req.query.hostname);
/* eslint-enable no-console */
const porttls = 853;
const upstreamresolvers = [];
upstreamresolvers.push(req.query.resolver);
upstreamresolvers.push(porttls);
upstreamresolvers.push(req.query.hostname);
const up1 = [];
up1.push(upstreamresolvers);
// Create the contexts we need to test with the above options.
const context = getdns.createContext(options);
context.upstream_recursive_servers = up1;
context.timeout = 10000;
context.tls_authentication = getdns.AUTHENTICATION_HOSTNAME;
//g context.upstream_recursive_servers = resolver;
context.dns_transport = getdns.TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN;
const context1 = getdns.createContext(options);
context1.upstream_recursive_servers = up1;
context1.timeout = 10000;
context1.tls_authentication = getdns.AUTHENTICATION_NONE;
context1.dns_transport = getdns.TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN;
const porttcp = 53;
const upstreamresolvertcp = [];
upstreamresolvertcp.push(resolver);
upstreamresolvertcp.push(porttcp);res1 += "<ul>";
res1 += "<li>Target Resolver: " + resolver + "</li>";
res1 += "<li>Recursive's Hostname in Certificate (SubjectName): " + hostname + "</li>";
res1 += "</ul>";
res1 += "<h2>Checking for</h2>";
res1 += "<ol>";
res1 += "<li>Successful TCP connection</li>";
res1 += "<li>Successful TLS connection</li>";
res1 += "<li>Successful TLS Authentication (Hostname match to server certificate)</li>";
res1 += "<li>Opportunistic TLS with fallback to TCP available</li>";
res1 += "</ol>";
res1 += "<h2>Result</h2>";
context.general(query, getdns.RRTYPE_A, (err0, result0) => {
if (err0) {
// NOTE: TLS auth error.
context.destroy();
context1.general(query, getdns.RRTYPE_A, (err1, result1) => {
if (err1) {
// NOTE: Try TLS no auth.
context1.destroy();
context2.general(query, getdns.RRTYPE_A, (err2, result2) => {
if (err2) {
// NOTE: TCP only failed.
/* eslint-disable no-console */
console.error("Error2 = " + JSON.stringify(err2));
/* eslint-enable no-console */
res1 += "<p>❌ No TCP, no TLS!</p>";
} else if (result2.status === 900) {context.general(query, getdns.RRTYPE_A, (err0, result0) => {
if (err0) {
// NOTE: TLS auth error.
context.destroy();
context1.general(query, getdns.RRTYPE_A, (err1, result1) => {
if (err1) {
// NOTE: Try TLS no auth.
context1.destroy();
context2.general(query, getdns.RRTYPE_A, (err2, result2) => {
if (err2) {
// NOTE: TCP only failed.
/* eslint-disable no-console */
console.error("Error2 = " + JSON.stringify(err2));
/* eslint-enable no-console */
res1 += "<p>❌ No TCP, no TLS!</p>";
} else if (result2.status === 900) {
// NOTE: TCP worked.
/* eslint-disable no-console */
console.log("In callback TCP fallback worked " + JSON.stringify(result2.replies_tree));console.log("hostname = " + req.query.hostname);
/* eslint-enable no-console */
const porttls = 853;
const upstreamresolvers = [];
upstreamresolvers.push(req.query.resolver);
upstreamresolvers.push(porttls);
upstreamresolvers.push(req.query.hostname);
const up1 = [];
up1.push(upstreamresolvers);
// Create the contexts we need to test with the above options.
const context = getdns.createContext(options);
context.upstream_recursive_servers = up1;
context.timeout = 10000;
context.tls_authentication = getdns.AUTHENTICATION_HOSTNAME;
//g context.upstream_recursive_servers = resolver;
context.dns_transport = getdns.TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN;
const context1 = getdns.createContext(options);
context1.upstream_recursive_servers = up1;
context1.timeout = 10000;
context1.tls_authentication = getdns.AUTHENTICATION_NONE;
context1.dns_transport = getdns.TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN;
const porttcp = 53;
const upstreamresolvertcp = [];
upstreamresolvertcp.push(resolver);
upstreamresolvertcp.push(porttcp);
const up2 = [];
up2.push(upstreamresolvertcp);
const context2 = getdns.createContext(options);const serviceCallback = displayLookupResults.bind(null, "service");
const hostnameCallback = displayLookupResults.bind(null, "hostname");
const options = {
// Request timeout time in milliseconds.
timeout: 5000,
"upstreams": [
"8.8.8.8",
],
// Always return dnssec status.
return_dnssec_status: true,
};
// Create the context with the above options.
// When done with a context, it must be explicitly destroyed, for example in a callback.
const context = getdns.createContext(options);
// Getdns general.
// Third argument may be a dictionary for extensions.
// Last argument must be a callback.
// Returns a transaction id, which may be used to cancel the request.
/* eslint-disable no-unused-vars */
const transactionId = context.general("labs.verisigninc.com", getdns.RRTYPE_A, generalCallback);
/* eslint-enable no-unused-vars */
// Cancel a request.
//context.cancel(transactionId);
// Other getdns context methods.
// NOTE: don't destroy context in callback so it can be reused.
// Extensions are passed as dictionaries where the value for on/off are normal booleans.
context.address("nlnetlabs.nl", { dnssec_return_only_secure: true }, addressCallback);const TLSA_NAME = "77fa5113ab6a532ce2e6901f3bd3351c0db5845e0b1b5fb09907808d._smimecert.getdnsapi.org";
const TLSA_TYPE = getdns.RRTYPE_TLSA;
// Message.
const MESSAGE = "Hello, World";
// Context options.
const options = {
return_dnssec_status: true,
// Request timeout time in millis.
timeout: 5000,
};
// Create the context with the above options.
const context = getdns.createContext(options);
// Response util - get a secure response of a particular type.
const getFirstSecureResponse = (result, type) => {
const repliesTree = result.replies_tree;
// Validate that there is a reply with an answer.
if (!repliesTree || !repliesTree.length
|| !repliesTree[0].answer
|| !repliesTree[0].answer.length) {
return "empty answer list for type " + type;
}
const reply = repliesTree[0];
// Ensure the reply is secure.
if (reply.dnssec_status !== getdns.DNSSEC_SECURE) {
return "insecure reply for type " + type;
}const upstreamresolvers = [];
upstreamresolvers.push(req.query.resolver);
upstreamresolvers.push(porttls);
upstreamresolvers.push(req.query.hostname);
const up1 = [];
up1.push(upstreamresolvers);
// Create the contexts we need to test with the above options.
const context = getdns.createContext(options);
context.upstream_recursive_servers = up1;
context.timeout = 10000;
context.tls_authentication = getdns.AUTHENTICATION_HOSTNAME;
//g context.upstream_recursive_servers = resolver;
context.dns_transport = getdns.TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN;
const context1 = getdns.createContext(options);
context1.upstream_recursive_servers = up1;
context1.timeout = 10000;
context1.tls_authentication = getdns.AUTHENTICATION_NONE;
context1.dns_transport = getdns.TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN;
const porttcp = 53;
const upstreamresolvertcp = [];
upstreamresolvertcp.push(resolver);
upstreamresolvertcp.push(porttcp);
const up2 = [];
up2.push(upstreamresolvertcp);
const context2 = getdns.createContext(options);
context2.upstream_recursive_servers = up2;
context2.timeout = 10000;
context2.tls_authentication = getdns.AUTHENTICATION_NONE;
context2.dns_transport = getdns.TRANSPORT_TLS_FIRST_AND_FALL_BACK_TO_TCP_KEEP_CONNECTIONS_OPEN;"8.8.8.8",
],
// Always return dnssec status.
return_dnssec_status: true,
};
// Create the context with the above options.
// When done with a context, it must be explicitly destroyed, for example in a callback.
const context = getdns.createContext(options);
// Getdns general.
// Third argument may be a dictionary for extensions.
// Last argument must be a callback.
// Returns a transaction id, which may be used to cancel the request.
/* eslint-disable no-unused-vars */
const transactionId = context.general("labs.verisigninc.com", getdns.RRTYPE_A, generalCallback);
/* eslint-enable no-unused-vars */
// Cancel a request.
//context.cancel(transactionId);
// Other getdns context methods.
// NOTE: don't destroy context in callback so it can be reused.
// Extensions are passed as dictionaries where the value for on/off are normal booleans.
context.address("nlnetlabs.nl", { dnssec_return_only_secure: true }, addressCallback);
context.service("dnssec-name-and-shame.com", serviceCallback);
context.hostname("8.8.8.8", hostnameCallback);
process.on("beforeExit", () => {
// NOTE: remember to explicitly destroy the context after being done with lookups.
context.destroy();
});upstreamresolvers.push(req.query.hostname);
const up1 = [];
up1.push(upstreamresolvers);
// Create the contexts we need to test with the above options.
const context = getdns.createContext(options);
context.upstream_recursive_servers = up1;
context.timeout = 10000;
context.tls_authentication = getdns.AUTHENTICATION_HOSTNAME;
//g context.upstream_recursive_servers = resolver;
context.dns_transport = getdns.TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN;
const context1 = getdns.createContext(options);
context1.upstream_recursive_servers = up1;
context1.timeout = 10000;
context1.tls_authentication = getdns.AUTHENTICATION_NONE;
context1.dns_transport = getdns.TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN;
const porttcp = 53;
const upstreamresolvertcp = [];
upstreamresolvertcp.push(resolver);
upstreamresolvertcp.push(porttcp);
const up2 = [];
up2.push(upstreamresolvertcp);
const context2 = getdns.createContext(options);
context2.upstream_recursive_servers = up2;
context2.timeout = 10000;
context2.tls_authentication = getdns.AUTHENTICATION_NONE;
context2.dns_transport = getdns.TRANSPORT_TLS_FIRST_AND_FALL_BACK_TO_TCP_KEEP_CONNECTIONS_OPEN;
res1 += "<h1>Check TLS at Recursive</h1>";const getFirstSecureResponse = (result, type) => {
const repliesTree = result.replies_tree;
// Validate that there is a reply with an answer.
if (!repliesTree || !repliesTree.length
|| !repliesTree[0].answer
|| !repliesTree[0].answer.length) {
return "empty answer list for type " + type;
}
const reply = repliesTree[0];
// Ensure the reply is secure.
if (reply.dnssec_status !== getdns.DNSSEC_SECURE) {
return "insecure reply for type " + type;
}
let answers = reply.answer;
// Get the records of that type.
answers = answers.filter((answer) => {
return answer.type === type;
});
if (!answers.length) {
return "no answers of type " + type;
}
return answers[0];
};getdns
getdns bindings for Node.js. getdns is a modern asynchronous DNS API. It implements DNS entry points from a design developed and vetted by application developers, in an API specification.
