Author Archives: admin

Net_DNS2 v1.5.0 – Version Bump (requires >= PHP 5.4)

I’ve released version 1.5.0 of the Net_DNS2 library.

This release requires at least PHP version 5.4.

You can add it to your project using composer:

composer require pear/net_dns2

Or you can install it through the command line PEAR installer:

pear install Net_DNS2

Version 1.5.0

  • added the AMTRELAY resource record type (RFC 8777).
  • added Net_DNS2_RR::asArray(), which returns the same values as __toString(), but as an array for easier access.
  • added Net_DNS2::closeSockets(), which lets you close all cached network sockets in the resolver object.
  • added Net_DNS2::getSockets(), which returns the local sockets cache array.
  • added date_created and date_last_used to the Net_DNS2_Socket object, to track usage stats on each socket object.
  • added the SHA256, SHA384, and GOST digest defines to Lookups.php.
  • dropped the Net_DNS2_Socket_Sockets, and switch to just using the streams code. There’s no speed difference anymore.
  • fixed a bug in Net_DNS2_Packet::compress() and Net_DNS2_Packet::expand() related to dot literals in compressed names.
  • fixed a display issue in the IPSECKEY RR when displaying hostname / domain names in the gateway field.
  • fixed a couple inconsistencies in the docs.
  • fixed a PHP 7.4 bug in Sockets.php; accessing a null value as an array throws an exception now.
  • fixed Net_DNS2_RR_DS so it will be able to support other digest definitions without any other changes.
  • the Net_DNS2_RR_NIMLOC class was incorrectly named Net_DNS2_RR_NIMLOCK.
  • Net_DNS2_PrivateKey was using the wrong member variable name for the key_format value.
  • changed all references to array() to [].
  • removed all sorts of license noise from the files.
  • updated the test cases to use PHPUnit v9+.

Net_DNS2 v1.4.4 – Bugfixes and Updates for PHP 7.2

I’ve released version 1.4.4 of the PEAR Net_DNS2 library- this release is primarily just bug fixes.

You can install it now through the command line PEAR installer:

pear install Net_DNS2

Or, you can also add it to your project using composer:

composer require pear/net_dns2

Version 1.4.4

  • Bugfix when returning an empty bitmap-type in BitMap.php – patch from BugMaster510945.
  • Added the BIND 9 private record RR (TYPE65534) – patch from BugMaster510945.
  • Added DNSSEC algorithms 13-16 (ECDSAP256SHA256, ECDSAP384SHA384, ED25519, and ED448).
  • Added SSHFP algoritm ED25519.
  • Modified Net_DNS2::sendPacket() to use current()/next() rather than the deprecated each() (deprecated in 7.2).

Net_DNS2 v1.4.3 – Interim Bugfix Release

I’ve released version 1.4.3 of the PEAR Net_DNS2 library- this release is primarily just bug fixes.

You can install it now through the command line PEAR installer:

pear install Net_DNS2

Or, you can also add it to your project using composer:

composer require pear/net_dns2

Version 1.4.3

  • fixed an issue when looking up . or com., when using the strict_query_mode flag.
  • fixed a bug in the caching logic where I was loading the content more than once per instance, when really I only need to do it once.
  • changed the Net_DNS2::sock array to use the SOCK_DGRAM and SOCK_STREAM defines, rather than the strings ‘tcp’ or ‘udp’.
  • fixed a bug in the Net_DNS2_Header and Net_DNS2_Question classes, where I was using the wrong bit-shift operators when parsing some of the values. This only became apparent when somebody was trying to use the CAA class (id 257); it was causing this to roll over to the next 8 bit value, and returning 1 (RR A) instead of the CAA class.
  • fixed a bug that occurs when a DNS lookup request times out, and then the same class is reused for a subsequent request. Because I’m caching the sockets, the timed out data could eventually come in, and end up being seen as the result for a subsequent lookup.
  • fixed a couple cases in NSAP.php where I was comparing a string to an integer.

Net_DNS2 v1.4.2 – SMIMEA and AVC Resource Records and SHA-256 SSHFP

I’ve released version 1.4.2 of the PEAR Net_DNS2 library- you can install it now through the command line PEAR installer:

pear install Net_DNS2

Or, you can also add it to your project using composer:

composer require pear/net_dns2

Version 1.4.2

  • changed the role for the README.md file to doc.
  • parse the resolv.conf options line; right now I just support the timeout and rotate options.
  • the options values only work if you set the new option use_resolv_options to true; this is to keep backwards compatibility.
  • added support for RFC 6594; support for SHA-256 and ECDSA in the SSHFP resource record.
  • added the SMIMEA resource record; this just extends the TLSA record.
  • added the AVC resource records; this just extends the TXT record.
  • added error and EDNS0 defines for DNS Cookies (RFC7873).
  • added EDNS0 defines to the lookup class.
  • dropped the Net_DNS2_Packet::formatIPv6() function; this was deprecated in v1.1.3.
  • re-wrote the Net_DNS2::expandIPv6() function. Based on testing, the new version is about twice as fast.

 

Net_DNS2 v1.4.1 – CSYNC and DNS-Based Service Discovery Support

I’ve released version 1.4.1 of the PEAR Net_DNS2 library- you can install it now through the command line PEAR installer:

pear install Net_DNS2

Or, you can also add it to your project using composer.

Version 1.4.1

  • increased the default DNSSEC payload size value to 4000 bytes per RFC 4035 section 4.1; this is still configurable.
  • fixed a bug where I was still using the DNS_MAX_UDP_SIZE default (512 bytes) for all requests, event DNSSEC, where I should have been using the dnssec_payload_size config value.
  • removed the limitation that PTR records had to look like IP addresses; you can add other things to PTR records, like service discovery objects- RFC 6763.
  • dropped support for using the Sockets library on Windows. There have been too many inconsistencies between versions of Windows; we’ll just default to use the Streams library.
  • fixed the Net_DNS2_RR_PTR class so we can pass ptrdname’s with spaces in them so that we can support DNS-Based Service Discovery (RFC 6763).
  • added support for the CSYNC resource record – see RFC 7477.

Net_DNS2 Moved to GitHub

I’ve never been a bit fan of git- I’ve got used to using SVN over the years, and never saw a compelling reason to change- until now- that Google is shutting down the Google Code service- so I’m forced to move.

Luckily I can still keep using SVN with GitHub- I can put off actually using git for the foreseeable future!

The new Net_DNS2 repository is officially moved to GitHub:

https://github.com/mikepultz/netdns2

DNS in PHP: How to Use the Net_DNS2 Library

The PEAR Net_DNS2 DNS resolver library has been around for a while now- I originally wrote it in late 2010, with the latest release just a few months ago.

Net_DNS2, much like its predecessor Net_DNS, is a native DNS resolver/updater- which means it does not use system commands and is not a language binding on top of a C library, but instead, uses UDP/TCP sockets to communicate directly with DNS servers to retrieve the requested information.

Net_DNS2 will use the name servers specified in your resolv.conf file (for *nix users), or you can specify which name severs to use directly in the config.

Simple Lookup Example

This example uses the Google public DNS servers, to look up the A records for google.com:

$r = new Net_DNS2_Resolver(array('nameservers' => array('8.8.8.8')));    

try
{
    $result = $r->query('google.com', 'A');     

    foreach($result->answer as $record)
    {
        echo $record->address, "\n";
    }

} catch(Net_DNS2_Exception $e)  
{
    echo "::query() failed: ", $e->getMessage(), "\n";    
}

The result is:

66.185.85.45
66.185.85.34
66.185.85.59
66.185.85.30
66.185.85.54
66.185.85.35
66.185.85.39
66.185.85.55
66.185.85.49
66.185.85.25
66.185.85.40
66.185.85.24
66.185.85.44
66.185.85.29
66.185.85.20
66.185.85.50

Net_DNS2 currently supports 58 different resource record types, including all the resource records required for DNSSEC, and some resource records that have only been defined a few months ago, like the OPENPGPKEY record.

Here is an example looking up the MX records (for mail delivery) for gmail.com:

$r = new Net_DNS2_Resolver(array('nameservers' => array('8.8.8.8')));
try
{
    $result = $r->query('gmail.com', 'MX');

    foreach($result->answer as $record)
    {
        printf("preference=%2d, host=%s\n", $record->preference, $record->exchange);
    }

} catch(Net_DNS2_Exception $e)
{
    echo "::query() failed: ", $e->getMessage(), "\n";
}

The result is:

preference=40, host=alt4.gmail-smtp-in.l.google.com
preference=20, host=alt2.gmail-smtp-in.l.google.com
preference= 5, host=gmail-smtp-in.l.google.com
preference=30, host=alt3.gmail-smtp-in.l.google.com
preference=10, host=alt1.gmail-smtp-in.l.google.com

Simple Update Example

Net_DNS2 can also be used to make dynamic DNS updates. This example updates the MX record for the domain “example.com”. For updates, the DNS server you want to specify is the authoritative DNS server for the domain, and not simply a resolver:

$u = new Net_DNS2_Updater('example.com', array('nameservers' => array('192.168.0.1')));

try  
{
    //    
    // create a new MX RR object to add to the example.com zone    
    //    
    $mx = Net_DNS2_RR::fromString('example.com MX 10 mail.google.com');         

    //    
    // add the record    
    //    
    $u->add($mx);    

    //    
    // add a TSIG RR to authenticate the request 
    //    
    $u->signTSIG('my-key', '9dnf93asdf39fs');    

    //    
    // execute the request    
    //    
    $u->update();    

} catch(Net_DNS2_Exception $e)  
{
        echo "::update() failed: ", $e->getMessage(), "\n";
}

Net_DNS2 supports authentication via TSIG or SIG(0) (current supports RSA keys only); this is often required for sending DNS updates (as in the example above), or for making full zone-transfer requests, like this:

$r = new Net_DNS2_Resolver(array('nameservers' => array('8.8.8.8')));

//
// sign with TSIG to authenticate the zone transfer
//
$r->signTSIG('mykey', '9dnf93asdf39fs');

try
{
    $result = $r->query('example.com', 'AXFR');

    foreach($result->answer as $record)
    {
        echo $record;
    }

} catch(Net_DNS2_Exception $e)
{
    echo "::query() failed: ", $e->getMessage(), "\n";
}

Net_DNS2 is available as a PEAR module, or via Packagist; you can also find out more on the Net_DNS2 website.

Net_DNS2 v1.4.0 – OPENPGPKEY and CDNSKEY Support, and More

I’ve released version 1.4.0 of the PEAR Net_DNS2 library- you can install it now through the command line PEAR installer:

pear install Net_DNS2

Or, you can also add it to your project using composer.

Version 1.4.0

  • added request signing support using RSA 256 and 512 (requires PHP 5.4.8 or up)
  • changed the Net_DNS2::nameservers value (the list of name server) to public so they can be accessed directly if needed.
  • added support for the CDNSKEY and OPENPGPKEY RR types
  • completely re-wrote the sendPacket() function; the old process would throw an exception when the first error was encountered, which meant it never checked the next DNS server. The new code will cycle to the next name server if the request fails, and at the same time keep track of the exception generated by each name server separately.
  • added a new E_NS_SOCKET_FAILED error code.
  • fixed a bug in the Net_DNS2_Exception class; the ‘previous’ argument was only added in PHP 5.3.0
  • fixed Net_DNS2_Packet_Request::set so we can pass ‘.’ in as name value for querying the root name severs
  • fixed Net_DNS2::setServers() so it overrides any existing values, rather than just adding to them. Also made it remove any duplicate name server entries.
  • added the query response_time to the Net_DNS2_Packet_Response object.

Net_DNS2 v1.3.2 – EUI48 and EUI64 Support

I’ve released version 1.3.2 of the PEAR Net_DNS2 library- you can install it now through the command line PEAR installer:

pear install Net_DNS2

Or, you can also add it to your project using composer.

Version 1.3.2

  • added support for the EUI48 and EUI64 resource records (RFC7043).
  • fixed how we handle the return values from socket select() statements; this wasn’t causing a problem, but it wasn’t quite right.
  • added some error messaging when the socket times out).
  • before we cache the data, unset the rdata value; this was causing some JSON errors to be generated, and we don’t need the data anyway.

Net_DNS2 v1.3.1 – NID, L32, L64, and LP Resource Records

I’ve released version 1.3.1 of the PEAR Net_DNS2 library- you can install it now through the command line PEAR installer:

pear install Net_DNS2

Or, you can also add it to your project using composer.

Version 1.3.1

  • added the Net_DNS2_Packet_Request and Net_DNS2_Packet_Response objects to the Net_DNS2_Exception object
  • added support in the TSIG class for SHA algorithms (requires the hash extension, which is included in PHP >= 5.1.2), patch provided by Manuel Mausz
  • added support for the NID, L32, L64, and LP DNS RR’s (RFC6742)
  • lots of phpcs cleanup