06_DNS解析:从域名到IP地址
本文将通过C语言,手写实现一个基于UDP编程的DNS域名解析。
一.DNS是什么?
DNS(Domain Name System)的作用将我们容易记忆的域名转换为计算机可以处理的IP地址,DNS 使用 TCP 和 UDP 端口 53。
常用的nslookup命令,可以帮助我们快速查询对应域名的ip地址。
nslookup www.baidu.com --DNS解析--> 127.0.0.53
域名解析过程:
静态域名:HOST文件
动态域名:需要查询
流程如下:
-
主机向本地域名服务器递归查询
-
本地域名服务器使用迭代查询,告诉下一次应该查询根域名服务器
-
根域名服务器告诉下一次应该查询顶级域名服务器
-
顶级域名服务器告诉下一次应该查询阿里云(权限)域名服务器
-
(权限)域名服务器告诉IPv4地址
-
本地域名服务器把结果告诉主机
二.代码实现DNS域名解析
DNS解析过程:
- DNS 请求头的构造 (创建header,question,接着将他们合并创建为request)
- UDP发送请求与接收响应 (socket函数 --> connect探路 --> sendto发送给服务器请求 --> recvfrom接收服务器响应)
- 解析响应,返回对应的IP地址或其他信息。 (不需要理解,直接拿来用)
1. DNS 请求头的构造
要想让DNS客户端与服务器进行交流,总得需要一个共同语言吧,这就需要知道DNS协议报文了。
DNS报文:
DNS报文由头部header和查询question组成,我们必须按照DNS报文的格式发送数据,才能被DNS服务器正常识别,字段均为网络字节序,使用 htons() 函数转换。
Queries具体如下:
DNS报文头部结构体:
struct dns_header{
//16位,两个字节 --> short
unsigned short id; //会话id
unsigned short flags; //标志
unsigned short questions; //问题数
unsigned short answers; //回答资源记录数
unsigned short authority; //授权资源记录数
unsigned short additional; //附加资源记录数
};
其中,Transaction ID是 DNS 报文的 ID 标识,对于请求报文和其对应的应答报文,这个字段是相同的,通过它可以区分 DNS 应答报文是哪个请求的响应。
DNS报文查询结构体:
// DNS 查询部分
struct dns_question{
int length;
unsigned short qtype; // 查询类型(1=A记录,即IPv4地址)
unsigned short qclass; // 查询类(1=Internet,即互联网地址)
unsigned char *name; //长度不固定, 存储域名(按DNS协议格式存储,如"www.baidu.com"转换为"3www5baidu3com0")
};
实现DNS头部header与question的创建,并将header和question进行合并为请求request
// 创建 DNS 头部
int dns_creat_header(struct dns_header *header) {
if(header == NULL) return -1;
memset(header, 0, sizeof(struct dns_header));
//通过random生成id
srandom(time(NULL)); //随机值范围,1970年到现在的秒数
header->id = random();
header->flags = htons(0x0100); //转换为网络字节序
header->questions = htons(1); //查询域名个数为1
return 0;
}
// 创建查询部分
// 将用户输入的域名(如www.0voice.com)转换为 DNS 协议要求的格式
// hostname: www.0voice.com ==> name: 3www60voice3com0
int dns_create_question(struct dns_question *question, const char *hostname) {
if(question == NULL || hostname == NULL) return -1;
memset(question, 0, sizeof(struct dns_question));
question->name = (char*)malloc(strlen(hostname)+2);
if(question->name == NULL) {
return -2;
}
question->length = strlen(hostname)+2;
question->qtype = htons(1); //域名获得 IPv4 地址
question->qclass = htons(1); //通常为1,表明是Internet数据
// name
const char delim[2] = ".";
char *qname = question->name; //指向question->name的首地址
char *hostname_dup = strdup(hostname); //复制一份,附带malloc
char *token = strtok(hostname_dup, delim);
while(token != NULL) {
size_t len = strlen(token);
*qname = len; //定位到第len个地址
qname ++;
strncpy(qname, token, len+1); //strncpy区别于strcpy,其可以指定复制长度,len+1是复制到'\0'
qname += len;
token = strtok(NULL, delim);
}
free(hostname_dup);
}
//struct dns_header *header, struct dns_question *question, char *request
//建立的数据是,在header和question基础上,把request合并起来,然后一起发出去
int dns_build_request(struct dns_header *header, struct dns_question *question, char *request, int rlen) {
if(header == NULL || question == NULL || request == NULL) return -1;
memset(request, 0, rlen);
// header --> request
memcpy(request, header, sizeof(struct dns_header));
int offset = sizeof(struct dns_header);
// question --> request
memcpy(request+offset, question->name, question->length);
offset += question->length;
memcpy(request+offset, &question->qtype, sizeof(question->qtype));
offset += sizeof(question->qtype);
memcpy(request+offset, &question->qclass, sizeof(question->qclass));
offset += sizeof(question->qclass);
return offset;
}
2.UDP发送请求与接收响应
- 使用socket函数创建一个UDP SOCKET
socfd - 创建一个DNS Server服务器地址
struct sockaddr_in servaddr, - connect探路:这里有一个
tips,我们知道UDP是无连接的,可以不用connect操作,直接sendto给服务器,但是不能保证成功发送给服务器,如果在UDP sendto之前添加connect,相当于给sendto探路,保证能够成功发送给服务器 - sendto:
socfd向DNS服务器发送我们填充好的request,sendto(socfd, request, len, 0, (struct sockaddr*)&servaddr, sizeof(struct sockaddr)); - recvfrom:socfd接收服务器返回的数据
response,recvfrom(socfd, response, sizeof(response), 0, (struct sockaddr*)&addr, (socklen_t*)&addr_len);
int dns_client_commit(const char *domain) {
int socfd = socket(AF_INET, SOCK_DGRAM, 0);
if(socfd < 0) return -1;
struct sockaddr_in servaddr = {0};
servaddr.sin_family = AF_INET;
servaddr.sin_port = htons(DNS_SERVER_PORT);
servaddr.sin_addr.s_addr = inet_addr(DNS_SERVER_IP);
// 正常情况下, UDP是无连接的,可以不用connect操作,直接sendto给服务器,但是不能保证成功发送给服务器,
// 如果在UDP sendto之前添加connect,相当于给sendto探路,保证能够成功发送给服务器
int ret = connect(socfd, (struct sockaddr*)&servaddr, sizeof(servaddr));
printf("%d\n", ret);
struct dns_header header = {0};
dns_creat_header(&header);
struct dns_question question = {0};
dns_create_question(&question, domain);
char request[1024] = {0};
int len = dns_build_request(&header, &question, request, 1024);
// request
int slen = sendto(socfd, request, len, 0, (struct sockaddr*)&servaddr, sizeof(struct sockaddr));
// recvfrom 得到服务器返回的数据
char response[1024] = {0};
struct sockaddr_in addr;
size_t addr_len = sizeof(struct sockaddr_in);
int n = recvfrom(socfd, response, sizeof(response), 0, (struct sockaddr*)&addr, (socklen_t*)&addr_len);
//printf("recvfrom: %d %s\n", n, response);
//解析response
struct dns_item *dns_domain = NULL;
dns_parse_response(response, &dns_domain);
free(dns_domain);
return n;
}
完整代码
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <time.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <unistd.h>
#include <arpa/inet.h>
#define DNS_SERVER_PORT 53
#define DNS_SERVER_IP "114.114.114.114"
#define DNS_HOST 0x01
#define DNS_CNAME 0x05
// DNS 报文头部
struct dns_header{
//16位,两个字节 --> short
unsigned short id; //会话id
unsigned short flags; //标志
unsigned short questions; //问题数
unsigned short answers; //回答资源记录数
unsigned short authority; //授权资源记录数
unsigned short additional; //附加资源记录数
};
// DNS 查询部分
struct dns_question{
int length;
unsigned short qtype; // 查询类型(1=A记录,即IPv4地址)
unsigned short qclass; // 查询类(1=Internet,即互联网地址)
unsigned char *name; //长度不固定, 存储域名(按DNS协议格式存储,如"www.baidu.com"转换为"3www5baidu3com0")
};
// 存储解析后的域名和对应的 IP 地址:
struct dns_item {
char *domain;
char *ip;
};
// client send to dns_server
// 创建 DNS 头部
int dns_creat_header(struct dns_header *header) {
if(header == NULL) return -1;
memset(header, 0, sizeof(struct dns_header));
//通过random生成id
srandom(time(NULL)); //随机值范围,1970年到现在的秒数
header->id = random();
header->flags = htons(0x0100); //转换为网络字节序
header->questions = htons(1); //查询域名个数为1
return 0;
}
// 创建查询部分
// 将用户输入的域名(如www.0voice.com)转换为 DNS 协议要求的格式
// hostname: www.0voice.com ==> name: 3www60voice3com0
int dns_create_question(struct dns_question *question, const char *hostname) {
if(question == NULL || hostname == NULL) return -1;
memset(question, 0, sizeof(struct dns_question));
question->name = (char*)malloc(strlen(hostname)+2);
if(question->name == NULL) {
return -2;
}
question->length = strlen(hostname)+2;
question->qtype = htons(1); //域名获得 IPv4 地址
question->qclass = htons(1); //通常为1,表明是Internet数据
// name
const char delim[2] = ".";
char *qname = question->name; //指向question->name的首地址
char *hostname_dup = strdup(hostname); //复制一份,附带malloc
char *token = strtok(hostname_dup, delim);
while(token != NULL) {
size_t len = strlen(token);
*qname = len; //定位到第len个地址
qname ++;
strncpy(qname, token, len+1); //strncpy区别于strcpy,其可以指定复制长度,len+1是复制到'\0'
qname += len;
token = strtok(NULL, delim);
}
free(hostname_dup);
}
//struct dns_header *header, struct dns_question *question, char *request
//建立的数据是,在header和question基础上,把request合并起来,然后一起发出去
int dns_build_request(struct dns_header *header, struct dns_question *question, char *request, int rlen) {
if(header == NULL || question == NULL || request == NULL) return -1;
memset(request, 0, rlen);
// header --> request
memcpy(request, header, sizeof(struct dns_header));
int offset = sizeof(struct dns_header);
// question --> request
memcpy(request+offset, question->name, question->length);
offset += question->length;
memcpy(request+offset, &question->qtype, sizeof(question->qtype));
offset += sizeof(question->qtype);
memcpy(request+offset, &question->qclass, sizeof(question->qclass));
offset += sizeof(question->qclass);
return offset;
}
static int is_pointer(int in) {
return ((in & 0xC0) == 0xC0);
}
static void dns_parse_name(unsigned char *chunk, unsigned char *ptr, char *out, int *len) {
int flag = 0, n = 0, alen = 0;
char *pos = out + (*len);
while (1) {
flag = (int)ptr[0];
if (flag == 0) break;
if (is_pointer(flag)) {
n = (int)ptr[1];
ptr = chunk + n;
dns_parse_name(chunk, ptr, out, len);
break;
} else {
ptr ++;
memcpy(pos, ptr, flag);
pos += flag;
ptr += flag;
*len += flag;
if ((int)ptr[0] != 0) {
memcpy(pos, ".", 1);
pos += 1;
(*len) += 1;
}
}
}
}
static int dns_parse_response(char *buffer, struct dns_item **domains) {
int i = 0;
unsigned char *ptr = buffer;
ptr += 4;
int querys = ntohs(*(unsigned short*)ptr);
ptr += 2;
int answers = ntohs(*(unsigned short*)ptr);
ptr += 6;
for (i = 0;i < querys;i ++) {
while (1) {
int flag = (int)ptr[0];
ptr += (flag + 1);
if (flag == 0) break;
}
ptr += 4;
}
char cname[128], aname[128], ip[20], netip[4];
int len, type, ttl, datalen;
int cnt = 0;
struct dns_item *list = (struct dns_item*)calloc(answers, sizeof(struct dns_item));
if (list == NULL) {
return -1;
}
for (i = 0;i < answers;i ++) {
bzero(aname, sizeof(aname));
len = 0;
dns_parse_name(buffer, ptr, aname, &len);
ptr += 2;
type = htons(*(unsigned short*)ptr);
ptr += 4;
ttl = htons(*(unsigned short*)ptr);
ptr += 4;
datalen = ntohs(*(unsigned short*)ptr);
ptr += 2;
if (type == DNS_CNAME) {
bzero(cname, sizeof(cname));
len = 0;
dns_parse_name(buffer, ptr, cname, &len);
ptr += datalen;
} else if (type == DNS_HOST) {
bzero(ip, sizeof(ip));
if (datalen == 4) {
memcpy(netip, ptr, datalen);
inet_ntop(AF_INET , netip , ip , sizeof(struct sockaddr));
printf("%s has address %s\n" , aname, ip);
printf("\tTime to live: %d minutes , %d seconds\n", ttl / 60, ttl % 60);
list[cnt].domain = (char *)calloc(strlen(aname) + 1, 1);
memcpy(list[cnt].domain, aname, strlen(aname));
list[cnt].ip = (char *)calloc(strlen(ip) + 1, 1);
memcpy(list[cnt].ip, ip, strlen(ip));
cnt ++;
}
ptr += datalen;
}
}
*domains = list;
ptr += 2;
return cnt;
}
// 按照DNS的协议发送给DNS服务器 UDP编程实现
// 服务器会按照DNS协议返回数据
int dns_client_commit(const char *domain) {
int socfd = socket(AF_INET, SOCK_DGRAM, 0);
if(socfd < 0) return -1;
struct sockaddr_in servaddr = {0};
servaddr.sin_family = AF_INET;
servaddr.sin_port = htons(DNS_SERVER_PORT);
servaddr.sin_addr.s_addr = inet_addr(DNS_SERVER_IP);
// 正常情况下, UDP是无连接的,可以不用connect操作,直接sendto给服务器,但是不能保证成功发送给服务器,
// 如果在UDP sendto之前添加connect,相当于给sendto探路,保证能够成功发送给服务器
int ret = connect(socfd, (struct sockaddr*)&servaddr, sizeof(servaddr));
printf("%d\n", ret);
struct dns_header header = {0};
dns_creat_header(&header);
struct dns_question question = {0};
dns_create_question(&question, domain);
char request[1024] = {0};
int len = dns_build_request(&header, &question, request, 1024);
// request
int slen = sendto(socfd, request, len, 0, (struct sockaddr*)&servaddr, sizeof(struct sockaddr));
// recvfrom 得到服务器返回的数据
char response[1024] = {0};
struct sockaddr_in addr;
size_t addr_len = sizeof(struct sockaddr_in);
int n = recvfrom(socfd, response, sizeof(response), 0, (struct sockaddr*)&addr, (socklen_t*)&addr_len);
//printf("recvfrom: %d %s\n", n, response);
//解析response
struct dns_item *dns_domain = NULL;
dns_parse_response(response, &dns_domain);
free(dns_domain);
return n;
}
int main(int argc, char *argv[]) {
if(argc < 2) return -1;
dns_client_commit(argv[1]);
}
参考资料:
零声学院
浙公网安备 33010602011771号