Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
/* eslint-disable no-console */
console.log("resolver = " + req.query.resolver);
console.log("query = " + req.query.query);
console.log("hostname = " + req.query.hostname);
/* eslint-enable no-console */
const porttls = 853;
const upstreamresolvers = [];
upstreamresolvers.push(req.query.resolver);
upstreamresolvers.push(porttls);
upstreamresolvers.push(req.query.hostname);
const up1 = [];
up1.push(upstreamresolvers);
// Create the contexts we need to test with the above options.
const context = getdns.createContext(options);
context.upstream_recursive_servers = up1;
context.timeout = 10000;
context.tls_authentication = getdns.AUTHENTICATION_HOSTNAME;
//g context.upstream_recursive_servers = resolver;
context.dns_transport = getdns.TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN;
const context1 = getdns.createContext(options);
context1.upstream_recursive_servers = up1;
context1.timeout = 10000;
context1.tls_authentication = getdns.AUTHENTICATION_NONE;
context1.dns_transport = getdns.TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN;
const porttcp = 53;
const upstreamresolvertcp = [];
upstreamresolvertcp.push(resolver);
upstreamresolvertcp.push(porttcp);
const serviceCallback = displayLookupResults.bind(null, "service");
const hostnameCallback = displayLookupResults.bind(null, "hostname");
const options = {
// Request timeout time in milliseconds.
timeout: 5000,
"upstreams": [
"8.8.8.8",
],
// Always return dnssec status.
return_dnssec_status: true,
};
// Create the context with the above options.
// When done with a context, it must be explicitly destroyed, for example in a callback.
const context = getdns.createContext(options);
// Getdns general.
// Third argument may be a dictionary for extensions.
// Last argument must be a callback.
// Returns a transaction id, which may be used to cancel the request.
/* eslint-disable no-unused-vars */
const transactionId = context.general("labs.verisigninc.com", getdns.RRTYPE_A, generalCallback);
/* eslint-enable no-unused-vars */
// Cancel a request.
//context.cancel(transactionId);
// Other getdns context methods.
// NOTE: don't destroy context in callback so it can be reused.
// Extensions are passed as dictionaries where the value for on/off are normal booleans.
context.address("nlnetlabs.nl", { dnssec_return_only_secure: true }, addressCallback);
const TLSA_NAME = "77fa5113ab6a532ce2e6901f3bd3351c0db5845e0b1b5fb09907808d._smimecert.getdnsapi.org";
const TLSA_TYPE = getdns.RRTYPE_TLSA;
// Message.
const MESSAGE = "Hello, World";
// Context options.
const options = {
return_dnssec_status: true,
// Request timeout time in millis.
timeout: 5000,
};
// Create the context with the above options.
const context = getdns.createContext(options);
// Response util - get a secure response of a particular type.
const getFirstSecureResponse = (result, type) => {
const repliesTree = result.replies_tree;
// Validate that there is a reply with an answer.
if (!repliesTree || !repliesTree.length
|| !repliesTree[0].answer
|| !repliesTree[0].answer.length) {
return "empty answer list for type " + type;
}
const reply = repliesTree[0];
// Ensure the reply is secure.
if (reply.dnssec_status !== getdns.DNSSEC_SECURE) {
return "insecure reply for type " + type;
}
const upstreamresolvers = [];
upstreamresolvers.push(req.query.resolver);
upstreamresolvers.push(porttls);
upstreamresolvers.push(req.query.hostname);
const up1 = [];
up1.push(upstreamresolvers);
// Create the contexts we need to test with the above options.
const context = getdns.createContext(options);
context.upstream_recursive_servers = up1;
context.timeout = 10000;
context.tls_authentication = getdns.AUTHENTICATION_HOSTNAME;
//g context.upstream_recursive_servers = resolver;
context.dns_transport = getdns.TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN;
const context1 = getdns.createContext(options);
context1.upstream_recursive_servers = up1;
context1.timeout = 10000;
context1.tls_authentication = getdns.AUTHENTICATION_NONE;
context1.dns_transport = getdns.TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN;
const porttcp = 53;
const upstreamresolvertcp = [];
upstreamresolvertcp.push(resolver);
upstreamresolvertcp.push(porttcp);
const up2 = [];
up2.push(upstreamresolvertcp);
const context2 = getdns.createContext(options);
context2.upstream_recursive_servers = up2;
context2.timeout = 10000;
context2.tls_authentication = getdns.AUTHENTICATION_NONE;
context2.dns_transport = getdns.TRANSPORT_TLS_FIRST_AND_FALL_BACK_TO_TCP_KEEP_CONNECTIONS_OPEN;
//g context.upstream_recursive_servers = resolver;
context.dns_transport = getdns.TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN;
const context1 = getdns.createContext(options);
context1.upstream_recursive_servers = up1;
context1.timeout = 10000;
context1.tls_authentication = getdns.AUTHENTICATION_NONE;
context1.dns_transport = getdns.TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN;
const porttcp = 53;
const upstreamresolvertcp = [];
upstreamresolvertcp.push(resolver);
upstreamresolvertcp.push(porttcp);
const up2 = [];
up2.push(upstreamresolvertcp);
const context2 = getdns.createContext(options);
context2.upstream_recursive_servers = up2;
context2.timeout = 10000;
context2.tls_authentication = getdns.AUTHENTICATION_NONE;
context2.dns_transport = getdns.TRANSPORT_TLS_FIRST_AND_FALL_BACK_TO_TCP_KEEP_CONNECTIONS_OPEN;
res1 += "<h1>Check TLS at Recursive</h1>";
res1 += "<p>This webpage is created with <a href="\"https://github.com/getdnsapi/getdns-node\"">node.js bindings of getdns</a>, in the expressjs framework.</p>";
res1 += "<h2>Resolver</h2>";
res1 += "<ul>";
res1 += "<li>Target Resolver: " + resolver + "</li>";
res1 += "<li>Recursive's Hostname in Certificate (SubjectName): " + hostname + "</li>";
res1 += "</ul>";
res1 += "<h2>Checking for</h2>";