TurboMagic 92 Posted November 20, 2023 I have D10.4.2 with ICS 8.65 installed (having not had any need for ICS in the recent years I only got aware of V9.0 now). I would like to read out the contents on a DNS TXT record. For this I looked at the OverbyteICSNSLookup sample application. While this can display a bunch of stuff read out from DNS I don't see where the contents of a TXT record if accessed. I don't want to parse the raw DNS answer. I guess there's some simpler way available. The only string like thing I found was AnswerName but that doesn't really sound like it. Share this post Link to post
Angus Robertson 577 Posted November 20, 2023 TDnsQuery in V9.0 added TXTRecordCount and TXTRecord[n] methods, since there are often multiple TXT records. Also sync mode to make it easier to use. Look at the latest OverbyteIcsNsLookup sample. Angus Share this post Link to post
TurboMagic 92 Posted November 20, 2023 Ok, time to upgrade. I see. Thanks! What I learned is, that TXT records can have a name and thus I could retrieve that one with this? Share this post Link to post
Angus Robertson 577 Posted November 20, 2023 DNS TXT records are undefined, the content varies according to the application. The ICS unit for ordering wildcard SSL certificates simply checks the entire TXT record against the value given: FDnsQuery.QueryAnySync(Item.CPage, DnsQueryTXT) ; if FDnsQuery.TXTRecordCount > 0 then begin for I := 0 to FDnsQuery.TXTRecordCount - 1 do begin if (FDnsQuery.TXTRecord = Item.CDNSValue) then begin LogEvent('Successfully tested DNS challenge for: ' + Item.CPage + ', Data=' + Item.CDNSValue); Result := True; Exit; end; end; For email SPF records, you might search the record for v=spf1 and look at the rest afterwards. Angus Share this post Link to post
TurboMagic 92 Posted November 20, 2023 Thanks, this looks like what I'm after. Share this post Link to post
Angus Robertson 577 Posted November 20, 2023 Beware DNS caches are not very clever with new TXT records, I found it may take a couple of requests before a newly added TXT records was found, should not matter for email since that rarely changes. Angus Share this post Link to post
TurboMagic 92 Posted November 20, 2023 Well, I won't use this for e-mail, but the data will most likely not change often, if at all. But this is good to know for first tests. Share this post Link to post
Angus Robertson 577 Posted November 21, 2023 Look at where that code came from in the X509Certs unit, it loops through a few different public DNS servers until one gives the expected result. Angus Share this post Link to post
TurboMagic 92 Posted November 23, 2023 Ok, I can query this TXT record now, when I know the IP of one of our internal DNS servers. But how to find that one out? Yes, cmd.exe -> ipconfig /all would tell me, but I need to implement this internally. I tried to understand what THTTPCli does to determine that, but I failed to do so. Is there some other easier solution available to get such an IP-address? I know that I can have several connections and thus several DNS servers. but I think I can manage when I get a list of all those. Share this post Link to post
Kas Ob. 124 Posted November 23, 2023 43 minutes ago, TurboMagic said: Ok, I can query this TXT record now, when I know the IP of one of our internal DNS servers. But how to find that one out? Do the same for A (IPv4) or AAAA (IPv6) https://en.wikipedia.org/wiki/List_of_DNS_record_types Share this post Link to post
Angus Robertson 577 Posted November 23, 2023 ICS V9.0 added a function IpHlpGetDnsServers in unit OverbyteIcsIpHlpApi.pas that sets a TStringList with the local PC DNS server IPs. The DnsQuey unit also has a list of public DNS servers, Cloudfare, Google, etc, that TDnsQuey can loop through. Ditto for DoH. Angus Share this post Link to post
TurboMagic 92 Posted November 23, 2023 Thanks for the info! That one works for me. My DNS is an inernal one so Google etc. don't help me... Share this post Link to post