How to read DNS TXT record contents?

[TurboMagic 87]

I have D10.4.2 with ICS 8.65 installed (having not had any need for ICS in the recent years I only got aware of V9.0 now).

I would like to read out the contents on a DNS TXT record. For this I looked at the OverbyteICSNSLookup sample application.

While this can display a bunch of stuff read out from DNS I don't see where the contents of a TXT record if accessed.
I don't want to parse the raw DNS answer. I guess there's some simpler way available. The only string like thing I found
was AnswerName but that doesn't really sound like it.

[Angus Robertson 466]

TDnsQuery in V9.0 added TXTRecordCount and TXTRecord[n] methods, since there are often multiple TXT records.   Also sync mode to make it easier to use.  

 

Look at the latest OverbyteIcsNsLookup sample.

 

Angus

 

[TurboMagic 87]

Ok, time to upgrade. I see. Thanks! What I learned is, that TXT records can have a name and thus I could retrieve that one
with this?

[Angus Robertson 466]

DNS TXT records are undefined, the content varies according to the application.

 

The ICS unit for ordering wildcard SSL certificates simply checks the entire TXT record against the value given:

 

                FDnsQuery.QueryAnySync(Item.CPage, DnsQueryTXT) ;
                if FDnsQuery.TXTRecordCount > 0 then begin
                    for I := 0 to FDnsQuery.TXTRecordCount - 1 do begin
                        if (FDnsQuery.TXTRecord = Item.CDNSValue) then begin
                            LogEvent('Successfully tested DNS challenge for: ' + Item.CPage + ', Data=' + Item.CDNSValue);
                            Result := True;
                            Exit;
                        end;
                    end;

 

For email SPF records, you might search the record for v=spf1 and look at the rest afterwards.

 

Angus

 

[TurboMagic 87]

Thanks, this looks like what I'm after.

[Angus Robertson 466]

Beware DNS caches are not very clever with new TXT records, I found it may take a couple of requests before a newly added TXT records was found, should not matter for email since that rarely changes.

 

Angus

 

[TurboMagic 87]

Well, I won't use this for e-mail, but the data will most likely not change often, if at all.
But this is good to know for first tests.

[Angus Robertson 466]

Look at where that code came from in the X509Certs unit, it loops through a few different public DNS servers until one gives the expected result. 

 

Angus

 

[TurboMagic 87]

Ok, I can query this TXT record now, when I know the IP of one of our internal DNS servers.

But how to find that one out?

Yes, cmd.exe -> ipconfig /all would tell me, but I need to implement this internally.

I tried to understand what THTTPCli does to determine that, but I failed to do so.

Is there some other easier solution available to get such an IP-address?

I know that I can have several connections and thus several DNS servers. but I think I can manage
when I get a list of all those.

[Kas Ob. 44]

43 minutes ago, TurboMagic said:

Ok, I can query this TXT record now, when I know the IP of one of our internal DNS servers.

But how to find that one out?

Do the same for A (IPv4)  or AAAA (IPv6)

https://en.wikipedia.org/wiki/List_of_DNS_record_types

[Angus Robertson 466]

ICS V9.0 added a function IpHlpGetDnsServers  in unit OverbyteIcsIpHlpApi.pas that sets a TStringList with the local PC DNS server IPs.

 

The DnsQuey unit also has a list of public DNS servers, Cloudfare, Google, etc, that TDnsQuey can loop through.  Ditto for DoH.

 

Angus

 

[TurboMagic 87]

Thanks for the info! That one works for me. My DNS is an inernal one so Google etc. don't help me...