概述

Hickory DNS Util 是 Hickory DNS 库的支持库。

解析

通过独立的 CLI 测试 hickory-resolver 及其功能，非常有用

$ cargo install --bin resolve hickory-util

示例

$ resolve www.example.com.
Querying for www.example.com. A from udp:8.8.8.8:53, tcp:8.8.8.8:53, udp:8.8.4.4:53, tcp:8.8.4.4:53, udp:[2001:4860:4860::8888]:53, tcp:[2001:4860:4860::8888]:53, udp:[2001:4860:4860::8844]:53, tcp:[2001:4860:4860::8844]:53
Success for query name: www.example.com. type: A class: IN
        www.example.com. 21063 IN A 93.184.215.14

帮助

$ resolve -h
resolve 0.20.0-alpha.3
A CLI interface for the hickory-resolver.

This utility directly uses the hickory-resolver to perform a lookup to a set of nameservers. Many of the features can
be directly tested via the FLAGS and OPTIONS. By default (like hickory-resolver) the configured nameservers are the
Google provided ones. The system configured ones can be used with the `--system` FLAG. Other nameservers, as many as
desired, can be configured directly with the `--nameserver` OPTION.

USAGE:
    resolve [FLAGS] [OPTIONS] <domainname>

FLAGS:
        --cloudflare    Use cloudflare resolvers
        --debug         Enable debug and all logging
        --error         Enable error logging
        --google        Use google resolvers, default
    -e, --happy         Happy eye balls lookup, ipv4 and ipv6
    -h, --help          Prints help information
        --info          Enable info + warning + error logging
        --ipv4          Use ipv4 addresses only, default is both ipv4 and ipv6
        --ipv6          Use ipv6 addresses only, default is both ipv4 and ipv6
        --quad9         Use quad9 resolvers
    -s, --system        Use system configuration, e.g. /etc/resolv.conf, instead of defaults
        --tcp           Use only TCP, default to UDP and TCP
        --udp           Use only UDP, default to UDP and TCP
    -V, --version       Prints version information
        --warn          Enable warning + error logging

OPTIONS:
    -n, --nameserver <nameserver>...    Specify a nameserver to use, ip and port e.g. 8.8.8.8:53 or
                                        [2001:4860:4860::8888]:53 (port required)
    -t, --type <ty>                     Type of query to issue, e.g. A, AAAA, NS, etc [default: A]

ARGS:
    <domainname>    Name to attempt to resolve, if followed by a '.' then it's a fully-qualified-domain-name

dnskey-to-pem

此命令将从 BIND9 生成的私有 DNSKEY 输出与 OpenSSL 兼容的 PEM 格式文件。 警告 这将包含私钥材料。

$ cargo run --bin pem-to-public-dnskey -- --help
Hickory DNS dnskey-to-pem 0.11.3
Benjamin Fry <[email protected]>
Converts a dnskey, as generated from BIND's dnssec-keygen, into pem format

USAGE:
    dnskey-to-pem [OPTIONS] <PRIVATE_KEY_FILE>

FLAGS:
    -h, --help       Prints help information
    -V, --version    Prints version information

OPTIONS:
    -o, --output <OUTPUT_FILE>    Output FILE to write to [default: out.pem]

ARGS:
    <PRIVATE_KEY_FILE>    Input FILE from which to read the DNSSEC private key

pem-to-public-dnskey

此工具可用于输出 DNSKEY RDATA 格式的原始字节。这对于将自定义公钥与 Hickory DNS 的 TrustAnchor 功能关联起来非常有用。

$ cargo run --bin pem-to-public-dnskey -- --help
Hickory DNS pem-to-public-dnskey 0.11.3
Benjamin Fry <[email protected]>
Converts a PEM formatted public key into a raw public dnskey (this is not the inverse of bind_dnskey_to_pem). This can be used to create a dnskey in the TrustAnchor internal
format.

USAGE:
    pem-to-public-dnskey [OPTIONS] <PEM_KEY_FILE>

FLAGS:
    -h, --help       Prints help information
    -V, --version    Prints version information

OPTIONS:
    -o, --output <OUTPUT_FILE>    Output FILE to write to [default: out.dnskey]

ARGS:
    <PEM_KEY_FILE>    Input PEM FILE from which to read the public key

版本控制

Hickory DNS 尽力遵循 semver。在公开的 API 稳定后，Hickory DNS 将升级到 1.0 版。这并不意味着 Hickory DNS 在 0.x 更新之间升级时一定会破坏。只要可能，旧 API 将会弃用，并注明替代这些弃用的内容。Hickory DNS 将尽力确保由于 API 变更而不会破坏依赖于它的软件，尽管这不能保证。弃用的接口将在弃用后至少一个主要版本后维护（如果可能），但升级到 1.0 的例外是，所有弃用的接口都计划在 1.0 升级中删除。