Re: [dns-operations] CLI Tool for DoH

2020-09-29 Thread Peter van Dijk 
On Tue, 2020-09-29 at 02:31 +, Mark Delany wrote:
> On 28Sep20, cjc+dns-o...@pumpky.net allegedly wrote:
> > Looking for a command line tool to do testing of DoH. Something like
> > dig or drill with DoH support. I suspect there's a Python tool or
> > the like out there somewhere, but my google-fu is failing.
> > 
> > Don't want to re-invent the wheel if I don't have to.
> 
> Just to toot a little, trustydns-dig might do what you want.
> 
> 
> https://github.com/markdingo/trustydns/tree/master/cmd/trustydns-dig

To jump on the toot toot self-tooting train, 
https://doc.powerdns.com/authoritative/manpages/sdig.1.html also
supports DoH. It's part of pdns-tools, available via the
'authoritative' repos at https://repo.powerdns.com/

(DoT support is pending).

Kind regards,
-- 
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/

___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] CLI Tool for DoH

2020-09-29 Thread Stephane Bortzmeyer 
On Tue, Sep 29, 2020 at 11:37:29AM +0200,
 Jeroen Massar via dns-operations  wrote 
 a message of 88 lines which said:

> one can also test quickly with Stéphane Bortzmeyer's script:
> https://www.bortzmeyer.org/files/test-doh.py

Now superseded by Homer 
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] CLI Tool for DoH

2020-09-29 Thread Jeroen Massar via dns-operations 
--- Begin Message ---

> On 20200929, at 10:47, Petr Špaček  wrote:
> 
> On 29. 09. 20 3:30, cjc+dns-o...@pumpky.net wrote:
>> Looking for a command line tool to do testing of DoH. Something like
>> dig or drill with DoH support. I suspect there's a Python tool or
>> the like out there somewhere, but my google-fu is failing.
>> 
>> Don't want to re-invent the wheel if I don't have to.
> 
> Knot DNS 3.0 has DoH support in kdig:
> 
> Examples for various DoH server implementations:
> $ kdig @1.1.1.1 +https example.com.
> $ kdig @193.17.47.1 +https=/doh example.com.
> $ kdig @8.8.4.4 +https +https-get example.com.
> 
> Version 3.0 was released couple weeks ago and might not be in Linux 
> distributions yet. Packages for common distributions and also source code is 
> available from https://www.knot-dns.cz/download/

Thanks Petr for adding that, very useful tool!
I was already using it for testing DoT, thus having DoH support in the same 
style/binary is very useful.
(kdig -d @ +tls-ca +tls-host= )


Otherwise, for DoH, for platforms where one has Python (gotta use what one has)
with (Debian: python3-dnspython python3-pycurl) one can also test quickly with 
Stéphane Bortzmeyer's script:

https://www.bortzmeyer.org/files/test-doh.py 

Greets,
 Jeroen


--- End Message ---
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] CLI Tool for DoH

2020-09-29 Thread Stephane Bortzmeyer 
On Mon, Sep 28, 2020 at 06:30:33PM -0700,
 cjc+dns-o...@pumpky.net  wrote 
 a message of 9 lines which said:

> Looking for a command line tool to do testing of DoH. Something like
> dig or drill with DoH support. I suspect there's a Python tool

https://framagit.org/bortzmeyer/homer

% homer https://doh.bortzmeyer.fr/ dns-oarc.net
id 0
opcode QUERY
rcode NOERROR
flags QR RD RA AD
edns 0
payload 4096
option ECS ::/0 scope/0
;QUESTION
dns-oarc.net. IN 
;ANSWER
dns-oarc.net. 120 IN  2620:ff:c000::198
;AUTHORITY
;ADDITIONAL

Total elapsed time: 1.20 seconds (1195.46 ms/request)
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] CLI Tool for DoH

2020-09-29 Thread Petr Špaček 
On 29. 09. 20 3:30, cjc+dns-o...@pumpky.net wrote:
> Looking for a command line tool to do testing of DoH. Something like
> dig or drill with DoH support. I suspect there's a Python tool or
> the like out there somewhere, but my google-fu is failing.
> 
> Don't want to re-invent the wheel if I don't have to.

Knot DNS 3.0 has DoH support in kdig:

Examples for various DoH server implementations:
$ kdig @1.1.1.1 +https example.com.
$ kdig @193.17.47.1 +https=/doh example.com.
$ kdig @8.8.4.4 +https +https-get example.com.

Version 3.0 was released couple weeks ago and might not be in Linux 
distributions yet. Packages for common distributions and also source code is 
available from https://www.knot-dns.cz/download/

-- 
Petr Špaček  @  CZ.NIC
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] CLI Tool for DoH

2020-09-28 Thread fujiwara 
> From: cjc+dns-o...@pumpky.net
> Looking for a command line tool to do testing of DoH. Something like
> dig or drill with DoH support. I suspect there's a Python tool or
> the like out there somewhere, but my google-fu is failing.
> 
> Don't want to re-invent the wheel if I don't have to.

Python has good DNS and HTTPS library.
You can write DoH client easily and quickly.

For me, I like perl. For example,
(Many codes from manual pages)
-
#!/usr/bin/env perl
use strict;
use Net::DNS::Packet;
use MIME::Base64;
use LWP::Protocol::https;
use LWP::UserAgent;
#
my $server = 'https://cloudflare-dns.com/dns-query';
our @ARGV;
# Usage: DoHclient.pl QNAME QTYPE QCLASS
my $qname = shift @ARGV;
if (!defined($qname)) { $qname = '.'; }
my $qtype = shift @ARGV;
if (!defined($qtype)) { $qtype = 'A'; }
my $qclass = shift @ARGV;
if (!defined($qclass)) { $qclass = 'IN'; }
#
my $q = new Net::DNS::Packet($qname, $qtype, $qclass);
$q->header->rd(1);
my $base64 = encode_base64($q->data);
chomp $base64;
my $url = sprintf("%s?dns=%s", $server, $base64);
my $ua = LWP::UserAgent->new();
my $r = $ua->get($url);
if ($r->is_success) {
my $packet = new Net::DNS::Packet(\($r->decoded_content));
$packet->print;
} else {
die $r->status_line;
}
-

--
Kazunori Fujiwara, JPRS 
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] CLI Tool for DoH

2020-09-28 Thread Mark Delany 
On 28Sep20, cjc+dns-o...@pumpky.net allegedly wrote:
> Looking for a command line tool to do testing of DoH. Something like
> dig or drill with DoH support. I suspect there's a Python tool or
> the like out there somewhere, but my google-fu is failing.
> 
> Don't want to re-invent the wheel if I don't have to.

Just to toot a little, trustydns-dig might do what you want.


https://github.com/markdingo/trustydns/tree/master/cmd/trustydns-dig


Mark.
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] CLI Tool for DoH

2020-09-28 Thread P Vixie 

   


  

  
  
https://github.com/curl/dohGet BlueMail for Mobilecjc+dns-o...@pumpky.net wrote:Looking for a command line tool to do testing of DoH. Something likedig or drill with DoH support. I suspect there's a Python tool orthe like out there somewhere, but my google-fu is failing.Don't want to re-invent the wheel if I don't have to.___dns-operations mailing listdns-operations@lists.dns-oarc.nethttps://lists.dns-oarc.net/mailman/listinfo/dns-operations
  

  
  
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

[dns-operations] CLI Tool for DoH

2020-09-28 Thread cjc+dns-oarc 

Looking for a command line tool to do testing of DoH. Something like
dig or drill with DoH support. I suspect there's a Python tool or
the like out there somewhere, but my google-fu is failing.

Don't want to re-invent the wheel if I don't have to.
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations