libtins  3.4
 All Classes Namespaces Functions Variables Typedefs Enumerations Enumerator Friends Pages
Classes | Public Types | Public Member Functions | Static Public Member Functions | Static Public Attributes | Friends | List of all members
Tins::DNS Class Reference

Represents a DNS PDU. More...

#include <dns.h>

Inheritance diagram for Tins::DNS:
Tins::PDU

Classes

class  query
 Struct that represent DNS queries. More...
 
class  resource
 Class that represent DNS resource records. More...
 
class  soa_record
 Class that represents a Start Of Authority record. More...
 

Public Types

enum  QRType { QUERY = 0, RESPONSE = 1 }
 
enum  QueryType {
  A = 1, NS, MD, MF,
  CNAME, SOA, MB, MG,
  MR, NULL_R, WKS, PTR,
  HINFO, MINFO, MX, TXT,
  RP, AFSDB, X25, ISDN,
  RT, NSAP, NSAP_PTR, SIG,
  KEY, PX, GPOS, AAAA,
  LOC, NXT, EID, NIMLOC,
  SRV, ATMA, NAPTR, KX,
  CERT, A6, DNAM, SINK,
  OPT, APL, DS, SSHFP,
  IPSECKEY, RRSIG, NSEC, DNSKEY,
  DHCID, NSEC3, NSEC3PARAM
}
 Query types enum.
 
enum  QueryClass { IN = 1, CH = 3, HS = 4, ANY = 255 }
 
typedef std::list< queryqueries_type
 
typedef std::list< resourceresources_type
 
typedef IPv4Address address_type
 
typedef IPv6Address address_v6_type
 
- Public Types inherited from Tins::PDU
enum  endian_type { BE, LE }
 
enum  PDUType {
  RAW, ETHERNET_II, IEEE802_3, DOT3 = IEEE802_3,
  RADIOTAP, DOT11, DOT11_ACK, DOT11_ASSOC_REQ,
  DOT11_ASSOC_RESP, DOT11_AUTH, DOT11_BEACON, DOT11_BLOCK_ACK,
  DOT11_BLOCK_ACK_REQ, DOT11_CF_END, DOT11_DATA, DOT11_CONTROL,
  DOT11_DEAUTH, DOT11_DIASSOC, DOT11_END_CF_ACK, DOT11_MANAGEMENT,
  DOT11_PROBE_REQ, DOT11_PROBE_RESP, DOT11_PS_POLL, DOT11_REASSOC_REQ,
  DOT11_REASSOC_RESP, DOT11_RTS, DOT11_QOS_DATA, LLC,
  SNAP, IP, ARP, TCP,
  UDP, ICMP, BOOTP, DHCP,
  EAPOL, RC4EAPOL, RSNEAPOL, DNS,
  LOOPBACK, IPv6, ICMPv6, SLL,
  DHCPv6, DOT1Q, PPPOE, STP,
  PPI, IPSEC_AH, IPSEC_ESP, PKTAP,
  MPLS, UNKNOWN = 999, USER_DEFINED_PDU = 1000
}
 Enum which identifies each type of PDU. More...
 
typedef byte_array serialization_type
 

Public Member Functions

 TINS_DEPRECATED (typedef query Query)
 
 TINS_DEPRECATED (typedef resource Resource)
 
 DNS ()
 Default constructor. More...
 
 DNS (const uint8_t *buffer, uint32_t total_sz)
 Constructs a DNS object from a buffer. More...
 
uint16_t id () const
 Setter for the id field. More...
 
QRType type () const
 Setter for the query response field. More...
 
uint8_t opcode () const
 Setter for the opcode field. More...
 
uint8_t authoritative_answer () const
 Setter for the authoritative answer field. More...
 
uint8_t truncated () const
 Setter for the truncated field. More...
 
uint8_t recursion_desired () const
 Setter for the recursion desired field. More...
 
uint8_t recursion_available () const
 Setter for the recursion available field. More...
 
uint8_t z () const
 Setter for the z desired field. More...
 
uint8_t authenticated_data () const
 Setter for the authenticated data field. More...
 
uint8_t checking_disabled () const
 Setter for the checking disabled field. More...
 
uint8_t rcode () const
 Setter for the rcode field. More...
 
uint16_t questions_count () const
 Setter for the questions field. More...
 
uint16_t answers_count () const
 Setter for the answers field. More...
 
uint16_t authority_count () const
 Setter for the authority field. More...
 
uint16_t additional_count () const
 Setter for the additional field. More...
 
PDUType pdu_type () const
 Getter for the PDU's type. More...
 
uint32_t header_size () const
 The header's size.
 
void id (uint16_t new_id)
 Setter for the id field. More...
 
void type (QRType new_qr)
 Setter for the query response field. More...
 
void opcode (uint8_t new_opcode)
 Setter for the opcode field. More...
 
void authoritative_answer (uint8_t new_aa)
 Setter for the authoritative answer field. More...
 
void truncated (uint8_t new_tc)
 Setter for the truncated field. More...
 
void recursion_desired (uint8_t new_rd)
 Setter for the recursion desired field. More...
 
void recursion_available (uint8_t new_ra)
 Setter for the recursion available field. More...
 
void z (uint8_t new_z)
 Setter for the z(reserved) field. More...
 
void authenticated_data (uint8_t new_ad)
 Setter for the authenticated data field. More...
 
void checking_disabled (uint8_t new_cd)
 Setter for the checking disabled field. More...
 
void rcode (uint8_t new_rcode)
 Setter for the rcode field. More...
 
void add_query (const query &query)
 Add a query to perform. More...
 
void add_answer (const resource &resource)
 Add an answer resource record. More...
 
void add_authority (const resource &resource)
 Add an authority resource record. More...
 
void add_additional (const resource &resource)
 Add an additional resource record. More...
 
queries_type queries () const
 Getter for this PDU's DNS queries. More...
 
resources_type answers () const
 Getter for this PDU's DNS answers. More...
 
resources_type authority () const
 Getter for this PDU's DNS authority records. More...
 
resources_type additional () const
 Getter for this PDU's DNS additional records. More...
 
bool matches_response (const uint8_t *ptr, uint32_t total_sz) const
 Check whether ptr points to a valid response for this PDU. More...
 
DNSclone () const
 
- Public Member Functions inherited from Tins::PDU
 PDU ()
 Default constructor.
 
 PDU (PDU &&rhs) TINS_NOEXCEPT
 Move constructor. More...
 
PDUoperator= (PDU &&rhs) TINS_NOEXCEPT
 Move assignment operator. More...
 
virtual ~PDU ()
 PDU destructor. More...
 
virtual uint32_t trailer_size () const
 Trailer's size. More...
 
uint32_t size () const
 The whole chain of PDU's size, including this one. More...
 
PDUinner_pdu () const
 Getter for the inner PDU. More...
 
PDUrelease_inner_pdu ()
 Releases the inner PDU. More...
 
void inner_pdu (PDU *next_pdu)
 Sets the child PDU. More...
 
void inner_pdu (const PDU &next_pdu)
 Sets the child PDU. More...
 
serialization_type serialize ()
 Serializes the whole chain of PDU's, including this one. More...
 
template<typename T >
T * find_pdu (PDUType type=T::pdu_flag)
 Finds and returns the first PDU that matches the given flag. More...
 
template<typename T >
const T * find_pdu (PDUType type=T::pdu_flag) const
 Finds and returns the first PDU that matches the given flag. More...
 
template<typename T >
T & rfind_pdu (PDUType type=T::pdu_flag)
 Finds and returns the first PDU that matches the given flag. More...
 
template<typename T >
const T & rfind_pdu (PDUType type=T::pdu_flag) const
 Finds and returns the first PDU that matches the given flag. More...
 
virtual void send (PacketSender &sender, const NetworkInterface &iface)
 Send the stack of PDUs through a PacketSender. More...
 
virtual PDUrecv_response (PacketSender &sender, const NetworkInterface &iface)
 Receives a matching response for this packet. More...
 
virtual bool matches_flag (PDUType flag) const
 Check whether this PDU matches the specified flag. More...
 

Static Public Member Functions

static metadata extract_metadata (const uint8_t *buffer, uint32_t total_sz)
 Extracts metadata for this protocol based on the buffer provided. More...
 
static std::string encode_domain_name (const std::string &domain_name)
 Encodes a domain name. More...
 
static std::string decode_domain_name (const std::string &domain_name)
 Decodes a domain name. More...
 

Static Public Attributes

static const PDU::PDUType pdu_flag = PDU::DNS
 This PDU's flag.
 
- Static Public Attributes inherited from Tins::PDU
static const endian_type endianness = BE
 

Friends

class soa_record
 

Additional Inherited Members

- Protected Member Functions inherited from Tins::PDU
 PDU (const PDU &other)
 Copy constructor.
 
PDUoperator= (const PDU &other)
 Copy assignment operator.
 
void copy_inner_pdu (const PDU &pdu)
 Copy other PDU's inner PDU(if any). More...
 
virtual void prepare_for_serialize (const PDU *parent)
 Prepares this PDU for serialization. More...
 
void serialize (uint8_t *buffer, uint32_t total_sz, const PDU *parent)
 Serializes this PDU and propagates this action to child PDUs. More...
 

Detailed Description

Represents a DNS PDU.

This class represents the DNS PDU, and allows easy access to queries and answer records.

The DNS PDU is not parsed automatically while sniffing, so you will have to parse it manually from an UDP packet's payload, for example:

// Assume we get an udp packet from somewhere.
UDP udp = get_udp_packet();
// Now:
// 1 - Get the RawPDU layer (contains the payload).
// 2 - Construct a DNS object over its contents.
DNS dns = udp.rfind_pdu<RawPDU>().to<DNS>();
// Now use the DNS object!
for(const auto& query : dns.queries()) {
// Process a query
}

Member Enumeration Documentation

The DNS type.

Constructor & Destructor Documentation

Tins::DNS::DNS ( )

Default constructor.

This constructor initializes every field to 0.

Tins::DNS::DNS ( const uint8_t *  buffer,
uint32_t  total_sz 
)

Constructs a DNS object from a buffer.

If there's not enough size for the DNS header, or any of the records are malformed, a malformed_packet is be thrown.

Parameters
bufferThe buffer from which this PDU will be constructed.
total_szThe total size of the buffer.

Member Function Documentation

void Tins::DNS::add_additional ( const resource resource)

Add an additional resource record.

Parameters
resourceThe resource to be added.
void Tins::DNS::add_answer ( const resource resource)

Add an answer resource record.

Parameters
resourceThe resource to be added.
void Tins::DNS::add_authority ( const resource resource)

Add an authority resource record.

Parameters
resourceThe resource to be added.
void Tins::DNS::add_query ( const query query)

Add a query to perform.

Parameters
queryThe query to be added.
DNS::resources_type Tins::DNS::additional ( ) const

Getter for this PDU's DNS additional records.

Returns
The additional records in this PDU.
uint16_t Tins::DNS::additional_count ( ) const
inline

Setter for the additional field.

Returns
uint16_t containing the value of the additional field.
DNS::resources_type Tins::DNS::answers ( ) const

Getter for this PDU's DNS answers.

Returns
The answer records in this PDU.
uint16_t Tins::DNS::answers_count ( ) const
inline

Setter for the answers field.

Returns
uint16_t containing the value of the answers field.
uint8_t Tins::DNS::authenticated_data ( ) const
inline

Setter for the authenticated data field.

Returns
uint8_t containing the value of the authenticated data field.
void Tins::DNS::authenticated_data ( uint8_t  new_ad)

Setter for the authenticated data field.

Parameters
new_adThe new authenticated data value to be set.
uint8_t Tins::DNS::authoritative_answer ( ) const
inline

Setter for the authoritative answer field.

Returns
uint8_t containing the value of the authoritative answer field.
void Tins::DNS::authoritative_answer ( uint8_t  new_aa)

Setter for the authoritative answer field.

Parameters
new_aaThe new authoritative answer field value to be set.
DNS::resources_type Tins::DNS::authority ( ) const

Getter for this PDU's DNS authority records.

Returns
The authority records in this PDU.
uint16_t Tins::DNS::authority_count ( ) const
inline

Setter for the authority field.

Returns
uint16_t containing the value of the authority field.
uint8_t Tins::DNS::checking_disabled ( ) const
inline

Setter for the checking disabled field.

Returns
uint8_t containing the value of the checking disabled field.
void Tins::DNS::checking_disabled ( uint8_t  new_cd)

Setter for the checking disabled field.

Parameters
new_zThe new checking disabled value to be set.
DNS* Tins::DNS::clone ( ) const
inlinevirtual
See Also
PDU::clone

Implements Tins::PDU.

string Tins::DNS::decode_domain_name ( const std::string &  domain_name)
static

Decodes a domain name.

This method processes an encoded domain name and returns the decoded version. This can't handle offset labels.

For example, given the input "\x03www\x07example\x03com\x00", the output would be www.example.com".

Parameters
domain_nameThe domain name to decode.
Returns
The decoded domain name.
string Tins::DNS::encode_domain_name ( const std::string &  domain_name)
static

Encodes a domain name.

This processes the input domain name and returns the encoded version. Each label in the original domain name will be prefixed with a byte that indicates the label's length. The null-terminator byte will be included in the encoded string. No compression is performed.

For example, given the input "www.example.com", the output would be "\x03www\x07example\x03com\x00".

Parameters
domain_nameThe domain name to encode.
Returns
The encoded domain name.
PDU::metadata Tins::DNS::extract_metadata ( const uint8_t *  buffer,
uint32_t  total_sz 
)
static

Extracts metadata for this protocol based on the buffer provided.

Parameters
bufferPointer to a buffer
total_szSize of the buffer pointed by buffer
uint16_t Tins::DNS::id ( ) const
inline

Setter for the id field.

Returns
uint16_t containing the value of the id field.
void Tins::DNS::id ( uint16_t  new_id)

Setter for the id field.

Parameters
new_idThe new id to be set.
bool Tins::DNS::matches_response ( const uint8_t *  ptr,
uint32_t  total_sz 
) const
virtual

Check whether ptr points to a valid response for this PDU.

See Also
PDU::matches_response
Parameters
ptrThe pointer to the buffer.
total_szThe size of the buffer.

Reimplemented from Tins::PDU.

uint8_t Tins::DNS::opcode ( ) const
inline

Setter for the opcode field.

Returns
uint8_t containing the value of the opcode field.
void Tins::DNS::opcode ( uint8_t  new_opcode)

Setter for the opcode field.

Parameters
new_opcodeThe new opcode to be set.
PDUType Tins::DNS::pdu_type ( ) const
inlinevirtual

Getter for the PDU's type.

Returns
Returns the PDUType corresponding to the PDU.

Implements Tins::PDU.

DNS::queries_type Tins::DNS::queries ( ) const

Getter for this PDU's DNS queries.

Returns
The query records in this PDU.
uint16_t Tins::DNS::questions_count ( ) const
inline

Setter for the questions field.

Returns
uint16_t containing the value of the questions field.
uint8_t Tins::DNS::rcode ( ) const
inline

Setter for the rcode field.

Returns
uint8_t containing the value of the rcode field.
void Tins::DNS::rcode ( uint8_t  new_rcode)

Setter for the rcode field.

Parameters
new_rcodeThe new rcode value to be set.
uint8_t Tins::DNS::recursion_available ( ) const
inline

Setter for the recursion available field.

Returns
uint8_t containing the value of the recursion available field.
void Tins::DNS::recursion_available ( uint8_t  new_ra)

Setter for the recursion available field.

Parameters
new_raThe new recursion available value to be set.
uint8_t Tins::DNS::recursion_desired ( ) const
inline

Setter for the recursion desired field.

Returns
uint8_t containing the value of the recursion desired field.
void Tins::DNS::recursion_desired ( uint8_t  new_rd)

Setter for the recursion desired field.

Parameters
new_rdThe new recursion desired value to be set.
uint8_t Tins::DNS::truncated ( ) const
inline

Setter for the truncated field.

Returns
uint8_t containing the value of the truncated field.
void Tins::DNS::truncated ( uint8_t  new_tc)

Setter for the truncated field.

Parameters
new_tcThe new truncated field value to be set.
QRType Tins::DNS::type ( ) const
inline

Setter for the query response field.

Returns
QRType containing the value of the query response field.
void Tins::DNS::type ( QRType  new_qr)

Setter for the query response field.

Parameters
new_qrThe new qr to be set.
uint8_t Tins::DNS::z ( ) const
inline

Setter for the z desired field.

Returns
uint8_t containing the value of the z field.
void Tins::DNS::z ( uint8_t  new_z)

Setter for the z(reserved) field.

Parameters
new_zThe new z value to be set.

The documentation for this class was generated from the following files: