Net-DNS-Resolver-Unbound
view release on metacpan or search on metacpan
lib/Net/DNS/Resolver/Unbound.pm view on Meta::CPAN
delete $self->{$_} for IRRELEVENT;
$self->_finalise_config; # default configuration
return $self unless @args;
while ( my $attr = shift @args ) {
my $value = shift @args;
$self->$attr( ref($value) ? @$value : $value );
}
$self->_finalise_config; # merge config updates
return $self;
}
=head2 nameservers
my $DNSSEC_resolver = Net::DNS::Resolver::Unbound->new(
nameservers => [], # override /etc/resolv.conf
add_ta_file => '/var/lib/unbound/root.key'
);
my $DNSSEC_stub = Net::DNS::Resolver::Unbound->new(
nameservers => ['8.8.8.8', '1.1.1.1'],
add_ta_file => '/var/lib/unbound/root.key'
);
my $DoT_resolver = Net::DNS::Resolver::Unbound->new(
nameserver => '2606:4700:4700::1111@853#cloudflare-dns.com',
nameserver => '1.1.1.1@853#cloudflare-dns.com',
nameserver => '2001:4860:4860::8888@853#dns.google',
nameserver => '8.8.8.8@853#dns.google',
add_ta_file => '/var/lib/unbound/root.key',
option => ['tls-cert-bundle' => '/etc/ssl/cert.pem'],
set_tls => 1
);
$resolver->nameservers( '::1', '127.0.0.1', ... );
@nameservers = $resolver->nameservers;
By default, DNS queries are sent to the IP addresses listed in
F</etc/resolv.conf> or similar platform-specific sources.
=cut
sub nameservers {
my ( $self, @nameservers ) = @_;
if ( defined wantarray ) {
my $config = $self->{ub_cfg};
my $update = $self->{ub_upd};
my @setfwd = ( $update->{set_fwd}, $config->{set_fwd}, [] );
my ($setfwd) = grep { defined $_ } @setfwd;
my @value = map { ref($_) ? @$_ : $_ } $setfwd;
return @value;
}
$self->set_fwd() unless @nameservers;
$self->set_fwd($_) foreach @nameservers;
return;
}
sub nameserver { return &nameservers }
=head2 search, query, send, bgsend, bgbusy, bgread
See L<Net::DNS::Resolver>.
=cut
use constant UB_SEND => UB_CONTEXT->can('ub_send');
sub send {
my ( $self, @argument ) = @_;
my $handle = $self->bgsend(@argument); # resolve asynchronously
return $self->bgread($handle);
}
sub bgsend {
my ( $self, @argument ) = @_;
$self->_reset_errorstring;
$self->_finalise_config; # merge config updates
my $query = $self->_make_query_packet(@argument);
my ($q) = $query->question;
return $self->{ub_ctx}->ub_resolve_async( $q->name, $q->{qtype}, $q->{qclass}, $query );
}
sub bgread {
my ( $self, $handle ) = @_;
return unless $handle;
$self->{ub_ctx}->ub_wait;
$self->errorstring( $handle->err );
my $qident = $handle->async_id;
my $reply = $self->_decode_result( $handle->result ) || return;
$handle->query->{id} = $reply->_quid; # zero id replaced by random lie
$reply->print if $self->debug;
return $reply;
}
sub bgbusy {
my ( $self, $handle ) = @_;
return unless $handle;
return unless $handle->waiting;
$self->{ub_ctx}->ub_process;
eval { select( undef, undef, undef, 0.200 ) }; # avoid tight loop on bgbusy()
return $handle->waiting;
}
=head2 option
$resolver->option( 'tls-cert-bundle' => '/etc/ssl/cert.pem' );
Set Unbound resolver (name,value) context option.
=cut
sub option {
my ( $self, $name, @value ) = @_;
return $self->_option( $name, @value );
}
=head2 config
$resolver->config( 'Unbound.cfg' );
This is a power-users interface that lets you specify all sorts of
Unbound configuration options.
=cut
sub config {
my ( $self, $filename ) = @_;
return $self->_config( 'config', $filename );
}
=head2 set_fwd
$resolver->set_fwd( 'IP address' );
Set IPv4 or IPv6 address to which DNS queries are to be directed.
The destination machine is expected to run a recursive resolver.
If the proxy is not DNSSEC-capable, validation may fail.
Can be called several times, in that case the addresses are used
as backup servers.
=cut
sub set_fwd {
my ( $self, @fwd ) = @_;
return $self->_config( 'set_fwd', @fwd );
}
=head2 set_tls
$resolver->set_tls( 0 );
$resolver->set_tls( 1 );
Use DNS over TLS for queries to nameservers specified using set_fwd().
=cut
( run in 0.505 second using v1.01-cache-2.11-cpan-39bf76dae61 )