[PATCH] Bug 9076 - Whois using a non working host for queries by default

Denys Vlasenko vda.linux at googlemail.com
Wed Jul 6 12:14:29 UTC 2016


On Wed, Jul 6, 2016 at 1:40 AM, Vito Mulè <mule.vito at gmail.com> wrote:
>
> On 5 July 2016 at 23:44, Bernhard Reutner-Fischer <rep.dot.nop at gmail.com>
> wrote:
>  >Remove odd code until size whois.o is about 300 bytes in total, i'd say.
>  >cheers,
>
> I managed to go down to 264 bytes, removed all the unused code and used
> strrchr as suggested instead of strtok, thanks.
> Got rid also of func pipe_out, put the needed logic into main.
> Cheers

Whee, it's time for me to learn what whois is.

OMG. https://tools.ietf.org/html/rfc3912

So, the protocol is "you send one string, server replies with
gobs of text with unknown format".

Then I look at Fedora's /etc/jwhois.conf and what it tells me
is that there are absolutely no standards here. Some whois
servers even talk HTTP instead! What??

Example. Lets try cnn.com.


$ busybox whois -h whois.iana.org "com"
% IANA WHOIS server
% for more information on IANA, visit http://www.iana.org
% This query returned 1 object

domain:       COM

organisation: VeriSign Global Registry Services
...
nserver:      M.GTLD-SERVERS.NET 192.55.83.30
ds-rdata:     30909 8 2
E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CFC41A5766

whois:        whois.verisign-grs.com


You'd think now just querying whois.verisign-grs.com would work?
Nope. whois.verisign-grs.com wants "domain DOMAIN", not "DOMAIN"
as an input. OOOOkay....


$ busybox whois -h whois.verisign-grs.com "domain cnn.com"

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

   Domain Name: CNN.COM
   Registrar: CSC CORPORATE DOMAINS, INC.
   Sponsoring Registrar IANA ID: 299
   Whois Server: whois.corporatedomains.com
   Referral URL:
http://www.cscglobal.com/global/web/csc/digital-brand-services.html
   Name Server: NS1.P42.DYNECT.NET
   Name Server: NS1.TIMEWARNER.NET
   Name Server: NS2.P42.DYNECT.NET
   Name Server: NS3.TIMEWARNER.NET
   Status: clientTransferProhibited
https://icann.org/epp#clientTransferProhibited
   Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
   Status: serverTransferProhibited
https://icann.org/epp#serverTransferProhibited
   Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
   Updated Date: 29-aug-2013
   Creation Date: 22-sep-1993
   Expiration Date: 21-sep-2018

>>> Last update of whois database: Wed, 06 Jul 2016 12:10:05 GMT <<<

For more information on Whois status codes, please visit https://icann.org/epp
...


So now we need to ask whois.corporatedomains.com. Experimentally,
this one doesn't need, and doesn't understand "domain FOO",
wants bare domain name instead.


$ busybox whois -h whois.corporatedomains.com cnn.com

Domain Name: cnn.com
Domain ID: 3269879_DOMAIN_COM-VRSN
WHOIS Server: whois.corporatedomains.com
Referral URL: www.cscprotectsbrands.com
Updated Date: 2014-02-09T20:30:35Z
Creation Date: 1993-09-22T04:00:00Z
Registry Expiry Date: 2018-09-21T04:00:00Z
Sponsoring Registrar: CSC CORPORATE DOMAINS, INC.
Sponsoring Registrar IANA ID: 299
Registrar Abuse Contact Email: domainabuse at cscglobal.com
...


I'll try to cook up something which works with this.... er....
"protocol", but it's a mess all right.


More information about the busybox mailing list