文章目录
一、通过uslookup根据域名查看ip
打开Windows的cmd终端,输入:
nslookup www.baidu.com
二、DNS协议报文格式
Queries
查询名: 长度不固定,且不使用填充字节,一般该字段表示的就是需要查询的域名(如果是反向查询,则为 IP,反向查询即由 IP 。
三、C语言实现DNS请求
1. 结构体定义
根据dns报文协议,创建2个结构体:
1个存储dns首部header,另1个存储Queries
(1) dns_header
struct dns_header {
unsigned short id;
unsigned short flags;
unsigned short questions;
unsigned short answer;
unsigned short authority;
unsigned short additional;
};
(2) dns_question
struct dns_question {
int length;
unsigned short qtype;
unsigned short qclass;
unsigned char *name;
};
2.头部初始化
(id 随机,flags=0x0100 代表标准查询,questions = 1,表示只查询一个,htons是为了转化为网络字节序)
int dns_create_header(struct dns_header *header) {
if (header == NULL) return -1;
memset(header, 0, sizeof(struct dns_header));
//random
srandom(time(NULL));
header->id = random();
header->flags = htons(0x0100);
header->questions = htons(1);
return 0;
}
3.question初始化
即dns协议报文中的Queries,由于规则问题,要将www.baidu.com转为3www5baidu3com’\0’,这个‘\0’是字符串结尾标志
//创建question
//hostname:www.baidu.com
//name:3www5baidu3com'\0'
int dns_create_question(dns_question* question,const char* hostname){
if(question==NULL||hostname==NULL) return -1;
memset(question,0,sizeof(question));
question->name=(char*)malloc(strlen(hostname)+2);//因为要判断结尾'\0',然后再补充一个开头
if(question->name==NULL){//如果内存分配失败
return -2;
}
question->length=strlen(hostname)+2;
question->qtype=htons(1);//查询类型,(1表示:由域名获得 IPv4 地址)
question->qclass=htons(1);//通常为 1,表明是 Internet 数据
//hostname->name
const char delim[2]=".";//分隔符,末尾补个'\0'
char* qname=question->name;
char* hostname_dup=strdup(hostname);//复制一份hostname --->malloc(所以后续要free)
char* token=strtok(hostname_dup,delim);
while(token!=NULL){
size_t len=strlen(token);//第一个循环token为www,len=3
*qname=len;//先把长度放上去
qname++;
strncpy(qname,token,len+1);//复制www,这里不+1也是可以的,这样是为了把最后的'\0'也复制过来,因为最后也会被覆盖的。(如果这边不+1,最后一步,需要额外加上'\0')
qname+=len;
token=strtok(NULL,delim);//因为上一次,token获取还未结束,因此可以指定NULL即可。(注意:要依赖上一次的结果,因此也是线程不安全的)
}
free(hostname_dup);
}
4.将header和question合并为一个报文
//struct dns_header* header
//struct dns_question* question
//把上面两个合到request中 返回长度
int dns_build_requestion(dns_header* header,dns_question* question,char* request,int rlen){
if(header==NULL||question==NULL||request==NULL) return -1;
memset(request,0,rlen);
//header-->request
memcpy(request,header,sizeof(dns_header));//把header的数据 拷贝 到request中
int offset=sizeof(dns_header);
//question-->request
memcpy(request+offset,question->name,question->length);
offset+=question->length;
memcpy(request+offset,&question->qtype,sizeof(question->qtype));
offset+=sizeof(question->qtype);
memcpy(request+offset,&question->qclass,sizeof(question->qclass));
offset+=sizeof(question->qclass);
return offset;
}
5.通过socket实现DNS请求
- 创建sockfd
- servaddr服务器地址
- 获得request,
- sendto发送请求
- recvfrom接受数据
- 从数据中解析出ip地址
int dns_client_commit(const char* domin){
int sockfd=socket(AF_INET,SOCK_DGRAM,0);//创建sockfd,AF_INET表示ipv4, SOCK_DGRAM为报文方式(UDP);
if(sockfd<0){//创建失败
return -1;
}
sockaddr_in servaddr={0};//服务器地址(sockaddr_in存储)
servaddr.sin_family=AF_INET;//协议簇
servaddr.sin_port=htons(DNS_SERVER_PORT);//端口
servaddr.sin_addr.s_addr=inet_addr(DNS_SERVER_IP);//添加dns服务器ip
int ret=connect(sockfd,(sockaddr*)&servaddr,sizeof(servaddr));//在udp编程中可加可不加
printf("connect:%d",ret);
dns_header header={0};
dns_create_header(&header);
dns_question question={0};
dns_create_question(&question,domin);
char request[1024]={0};//假设定义为1024长度
int length = dns_build_requestion(&header,&question,request,1024);
//request 发送请求
int slen=sendto(sockfd,request,length,0,(sockaddr*)&servaddr,sizeof(sockaddr));
//receive from 接受数据
char response[1024]={0};
sockaddr_in addr;
size_t addr_len=sizeof(sockaddr_in);
int n = recvfrom(sockfd,response,sizeof(response),0,(sockaddr*)&addr,(socklen_t*)&addr_len);
printf("recvfrom:%d \n",n);
for(int i=0;i<n;i++){
printf("%c",response[i]);
}
for(int i=0;i<n;i++){
printf("%x",response[i]);
}
printf("\n");
return n;
}
6.解析结果
#define DNS_HOST 0x01
#define DNS_CNAME 0x05
struct dns_item {
char *domain;
char *ip;
};
static int is_pointer(int in) {
return ((in & 0xC0) == 0xC0);
}
static void dns_parse_name(unsigned char *chunk, unsigned char *ptr, char *out, int *len) {
int flag = 0, n = 0, alen = 0;
char *pos = out + (*len);
while (1) {
flag = (int)ptr[0];
if (flag == 0) break;
if (is_pointer(flag)) {
n = (int)ptr[1];
ptr = chunk + n;
dns_parse_name(chunk, ptr, out, len);
break;
} else {
ptr ++;
memcpy(pos, ptr, flag);
pos += flag;
ptr += flag;
*len += flag;
if ((int)ptr[0] != 0) {
memcpy(pos, ".", 1);
pos += 1;
(*len) += 1;
}
}
}
}
static int dns_parse_response(char *buffer, struct dns_item **domains) {
int i = 0;
unsigned char *ptr = (unsigned char* )buffer;
ptr += 4;
int querys = ntohs(*(unsigned short*)ptr);
ptr += 2;
int answers = ntohs(*(unsigned short*)ptr);
ptr += 6;
for (i = 0;i < querys;i ++) {
while (1) {
int flag = (int)ptr[0];
ptr += (flag + 1);
if (flag == 0) break;
}
ptr += 4;
}
char cname[128], aname[128], ip[20], netip[4];
int len, type, ttl, datalen;
int cnt = 0;
struct dns_item *list = (struct dns_item*)calloc(answers, sizeof(struct dns_item));
if (list == NULL) {
return -1;
}
for (i = 0;i < answers;i ++) {
bzero(aname, sizeof(aname));
len = 0;
dns_parse_name((unsigned char* )buffer, ptr, aname, &len);
ptr += 2;
type = htons(*(unsigned short*)ptr);
ptr += 4;
ttl = htons(*(unsigned short*)ptr);
ptr += 4;
datalen = ntohs(*(unsigned short*)ptr);
ptr += 2;
if (type == DNS_CNAME) {
bzero(cname, sizeof(cname));
len = 0;
dns_parse_name((unsigned char* )buffer, ptr, cname, &len);
ptr += datalen;
} else if (type == DNS_HOST) {
bzero(ip, sizeof(ip));
if (datalen == 4) {
memcpy(netip, ptr, datalen);
inet_ntop(AF_INET , netip , ip , sizeof(struct sockaddr));
printf("%s has address %s\n" , aname, ip);
printf("\tTime to live: %d minutes , %d seconds\n", ttl / 60, ttl % 60);
list[cnt].domain = (char *)calloc(strlen(aname) + 1, 1);
memcpy(list[cnt].domain, aname, strlen(aname));
list[cnt].ip = (char *)calloc(strlen(ip) + 1, 1);
memcpy(list[cnt].ip, ip, strlen(ip));
cnt ++;
}
ptr += datalen;
}
}
*domains = list;
ptr += 2;
return cnt;
}