function validateDomain($domainname) { $parentkeys = null; $domainname = strtolower($domainname); $dns = new Metaregistrar\DNS\dnsProtocol(false); $tld = substr($domainname, strpos($domainname, '.') + 1); $dnsservers = $dns->registrynameservers($tld); if (!is_array($dnsservers)) { throw new Metaregistrar\DNS\dnsException("DNSSEC validation not supported yet for the domain name " . $domainname); } foreach ($dnsservers as $dnsserver) { $dns->setServer($dnsserver); $result = $dns->Query($domainname, 'NS'); if ($result->getNameserverResultCount() > 0) { $ns = $result->getNameserverResults(); foreach ($ns as $n) { /* @var $n Metaregistrar\DNS\dnsNSresult */ $nameservers[] = $n->getNameserver(); } $result = $dns->Query($domainname, 'DS'); if ($result->getResourceResultCount() == 0) { # # No DS record found at parent: domain is not secured # throw new Metaregistrar\DNS\dnsException("No DS record found at parent: Domainname is not secured"); } else { $ds = $result->getResourceResults(); foreach ($ds as $d) { /* @var $d Metaregistrar\DNS\dnsDSresult */ $pk['key'] = $d->getKey(); $pk['keytag'] = $d->getKeytag(); $pk['algorithm'] = $d->getAlgorithm(); $pk['matched'] = false; $parentkeys[] = $pk; } } break; } } # # Retrieve all necessary records # if (isset($nameservers) && is_array($nameservers)) { foreach ($nameservers as $ns) { $dns->setServer($ns); $result = $dns->Query($domainname, 'RRSIG'); if ($result->getResourceResultCount() == 0) { throw new Metaregistrar\DNS\dnsException("No RRSIG records found on " . $ns . " for domain name " . $domainname); } else { $rrsigs = $result->getResourceResults(); if (is_array($rrsigs)) { foreach ($rrsigs as $rrsig) { /* @var $rrsig Metaregistrar\DNS\dnsRRSIGresult */ if ($rrsig->getTypeCovered() == 'SOA') { $rr[$ns] = $rrsig; } } } } $result2 = $dns->Query($domainname, 'DNSKEY'); if ($result2->getResourceResultCount() == 0) { throw new Metaregistrar\DNS\dnsException("No DNSKEY records found on " . $ns . " for domain name " . $domainname); } else { $ds = $result2->getResourceResults(); foreach ($ds as $childkey) { /* @var $childkey Metaregistrar\DNS\dnsDNSKEYresult */ if ($childkey->getSep()) { $dnskey[$ns] = $childkey; } } } if (!isset($rr) || !$rr[$ns]) { throw new Metaregistrar\DNS\dnsException("No matching resource record type SOA found on " . $ns . " for " . $domainname); } if (!isset($dnskey) || !$dnskey[$ns]) { throw new Metaregistrar\DNS\dnsException("No matching DNSKEY record found with SEP flag enabled on " . $ns . " for {$domainname}"); } validateRRSIG($domainname, $rr[$ns], $ds); validateDNSKEY($domainname, $dnskey[$ns], $parentkeys); } } return true; }
<?php require 'autoload.php'; $dns = new Metaregistrar\DNS\dnsProtocol(); $dns->setServer('ns1.metaregistrar.com'); $result = $dns->Query('www.metaregistrar.com', 'A'); /* @var $result Metaregistrar\DNS\dnsResponse */ foreach ($result->getResourceResults() as $resource) { if ($resource instanceof Metaregistrar\DNS\dnsAresult) { echo $resource->getDomain() . ' - ' . $resource->getIpv4() . ' - ' . $resource->getTtl() . "\n"; } }