def getdns(self, domain):
DNS.ParseResolvConf("/etc/resolv.conf")
# nameserver=DNS.defaults['server'][0]
dom = domain
if self.subdo == True:
dom = domain.split(".")
dom.pop(0)
rootdom = ".".join(dom)
else:
rootdom = dom
if self.nameserver == "":
try:
r = DNS.Request(rootdom, qtype='SOA').req()
primary, email, serial, refresh, retry, expire, minimum = r.answers[
0]['data']
test = DNS.Request(rootdom, qtype='NS', server=primary,
aa=1).req()
except Exception as e:
print e
if test.header['status'] != "NOERROR":
print "Error"
sys.exit()
self.nameserver = test.answers[0]['data']
elif self.nameserver == "local":
self.nameserver = nameserver
return self.nameserver
def connect_gw(gw_url):
if re.search(r'^feed', gw_url):
gw_srv = re.sub(r'feed\://', '_feed._tcp.', gw_url)
srv = True
elif re.search(r'^broker', gw_url):
gw_srv = re.sub(r'broker\://', '_broker2._tcp.', gw_url)
srv = True
elif re.search(r'^.*\..*\.zorg|ghcg.sh|com$', gw_url):
gw_host = gw_url
srv = False
else:
return None
if srv:
DNS.ParseResolvConf()
srv_req = DNS.Request(qtype='srv')
srv_resp = srv_req.req(gw_srv)
gw_host = srv_resp.answers[0]['data'][-1]
logging.debug('gw hostname: {}'.format(gw_host))
ssh_client = paramiko.SSHClient()
ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy)
ssh_client.load_system_host_keys()
ssh_client.connect(gw_host, username=os.getenv('USER'))
return(ssh_client)
def __get_remote_current_version(self):
"""
Retrieve last info about database
return dictionary that contains engine, main and daily current version, else None
"""
# automatically load nameserver(s) from /etc/resolv.conf
# (works on unix - not on windows
conf = self.__resolv_conf_for_win()
DNS.ParseResolvConf(conf)
self.__del_file(conf)
dns_request = DNS.DnsRequest(name='current.cvd.clamav.net', qtype='TXT')
dns_answer = dns_request.req()
if not dns_answer:
return CL_Py_DNS_Error
all_info = dns_answer.answers[0]
raw = str(all_info["data"][0])
raw_split = raw.split(':')
current_version = dict()
current_version["engine"] = raw_split[0]
current_version["main"] = atoi(raw_split[1])
current_version["daily"] = atoi(raw_split[2])
return current_version
def DNSResolve(s):
if DNS:
DNS.ParseResolvConf() # Windows?
r = DNS.DnsRequest(name=s, qtype='A')
a = r.req()
return a.answers[0]['data']
else:
return socket.gethostbyname(s)
def srvData(domain):
DNS.ParseResolvConf()
srv_req = DNS.Request(qtype='srv')
srv_result = srv_req.req('_minecraft._tcp.%s' % domain)
for getsrv in srv_result.answers:
if getsrv['typename'] == 'SRV':
data = [getsrv['data'][2], getsrv['data'][3]]
return data
def dns_DNS_BULK_Tests(self, hostfile=None,
known_good_resolver="8.8.8.8", test_resolver=None):
tampering = False # By default we'll pretend the internet is nice
tampering_list = []
host_list, host_count = load_list_of_test_hosts()
known_proxies, proxy_count = load_list_of_known_censors()
check_count = 1
if test_resolver == None:
DNS.ParseResolvConf() # Set the local resolver as our default
if self.randomize:
random.shuffle(host_list) # This makes our list non-sequential for now
for host_name in host_list:
host_name = host_name.strip()
print "Total progress: " + str(check_count) + " of " + str(host_count) + " hosts to check"
print "Resolving with control resolver..."
print "Testing " + host_name + " with control resolver: " + str(known_good_resolver)
print "Testing " + host_name + " with experiment resolver: " + str(test_resolver)
# XXX TODO - we need to keep track of the status of these requests and then resume them
while True:
try:
control_data = generic_DNS_resolve(host_name, known_good_resolver)
break
except KeyboardInterrupt:
print "bailing out..."
exit()
except DNS.Base.DNSError:
print "control resolver appears to be failing..."
continue
except:
print "Timeout; looping!"
continue
print "Resolving with experiment resolver..."
while True:
try:
experiment_data = generic_DNS_resolve(host_name, test_resolver)
break
except KeyboardInterrupt:
print "bailing out..."
exit()
except DNS.Base.DNSError:
print "experiment resolver appears to be failing..."
continue
except:
print "Timeout; looping!"
continue
print "Comparing control and experiment...",
tampering, conflicts = compare_control_with_experiment(known_proxies, control_data, experiment_data)
if tampering:
tampering_list.append(conflicts)
print "Conflicts with " + str(host_name) + " : " + str(conflicts)
check_count = check_count + 1
host_list.close()
return tampering
def __init__(self, range, verbose=True):
self.range = range
self.iplist = ''
self.results = []
self.verbose = verbose
try:
DNS.ParseResolvConf("/etc/resolv.conf")
nameserver = DNS.defaults['server'][0]
except:
print "Error in DNS resolvers"
sys.exit()
def resolve_hosts(host_list, gw_url):
url_base = urlparse(gw_url).netloc.split('.')[0]
DNS.ParseResolvConf()
dns_request = DNS.Request()
ip_list = list()
if url_base == 'metacrypto':
url_base = 'bitfinex'
regex = re.compile(url_base)
filtered_host = filter(regex.search, host_list)
for hostname in filtered_host:
dns_resp = dns_request.req(hostname)
item = {hostname: list()}
for ans in dns_resp.answers:
if re.match(r'\d+\.\d+\.\d+\.\d+', ans.get('data')):
item[hostname].append(ans.get('data'))
ip_list.append(item)
return(ip_list)
def get_server_host_port(host, use_srv=True):
"""Get the host and port where the server is running. By default, use DNS SRV for that."""
port = 5222
# SRV resolver
if use_srv and (HAVE_DNSPYTHON or HAVE_PYDNS):
possible_queries = ['_xmpp-client._tcp.' + host]
for query in possible_queries:
try:
if HAVE_DNSPYTHON:
try:
answers = [x for x in dns.resolver.query(query, 'SRV')]
except (dns.resolver.NoAnswer, dns.resolver.NXDOMAIN):
logging.debug(
'%s has no SRV records, using "%s:5222"' %
(host, host))
break
except dns.exception.Timeout:
logging.debug(
'A timeout occurred while looking up %s. Their DNS settings may be bad configured.'
% query)
break
else:
if answers:
host = str(answers[0].target)
port = int(answers[0].port)
break
elif HAVE_PYDNS:
# ensure we haven't cached an old configuration
DNS.ParseResolvConf()
response = DNS.Request().req(query, qtype='SRV')
answers = response.answers
if len(answers) > 0:
# ignore the priority and weight for now
_, _, port, host = answers[0]['data']
del _
port = int(port)
break
except:
#TODO: use self.DEBUG()
logging.error('An error occurred while looking up %s' % query,
exc_info=sys.exc_info())
# end of SRV resolver
return host, port
def getUserRealm(ipaddr):
ip = IP(ipaddr)
# First try the address ranges:
for scope, ranges in ipspaces.items():
if filter(lambda x: ip.overlaps(x), ranges):
return scope
# Then try DNS
revip = ip.reverseName().rstrip('.') # Important, DnsRequest breaks
# with a trailing dot
DNS.ParseResolvConf()
req = DNS.DnsRequest(name=revip, qtype='PTR', timeout=2)
try:
res = req.req()
except DNS.DNSError:
return
if res.answers:
return res.answers[0]['data']
def __init__(self, server=None, use_srv=True):
""" Cache connection point 'server'. 'server' is the tuple of (host, port)
absolutely the same as standard tcp socket uses. """
PlugIn.__init__(self)
self.DBG_LINE = 'socket'
self._exported_methods = [self.send, self.disconnect]
# SRV resolver
if use_srv and (HAVE_DNSPYTHON or HAVE_PYDNS):
host, port = server
possible_queries = ['_xmpp-client._tcp.' + host]
for query in possible_queries:
try:
if HAVE_DNSPYTHON:
answers = [x for x in dns.resolver.query(query, 'SRV')]
if answers:
host = str(answers[0].target)
port = int(answers[0].port)
break
elif HAVE_PYDNS:
# ensure we haven't cached an old configuration
DNS.ParseResolvConf()
response = DNS.Request().req(query, qtype='SRV')
answers = response.answers
if len(answers) > 0:
# ignore the priority and weight for now
_, _, port, host = answers[0]['data']
del _
port = int(port)
break
except:
#TODO: use self.DEBUG()
print 'An error occurred while looking up %s' % query
server = (host, port)
# end of SRV resolver
self._server = server
def resolve_ipv6(host):
"""Get the IPv6 address of the host"""
try:
if HAVE_DNSPYTHON:
try:
answers = [x for x in dns.resolver.query(host, 'AAAA')]
except dns.resolver.NoAnswer:
return None
except dns.resolver.NXDOMAIN:
logging.info('%s domain doesn\'t seems to exist' % host)
return None
except dns.exception.Timeout:
logging.debug(
'A timeout occurred while looking up %s. Their DNS settings may be bad configured.'
% host)
return None
if answers:
ipv6 = str(answers[0].address)
elif HAVE_PYDNS:
# ensure we haven't cached an old configuration
DNS.ParseResolvConf()
response = DNS.Request().req(host, qtype='AAAA')
answers = response.answers
raise NotImplementedError('PyDNS has no support for IPv6 yet.')
if len(answers) > 0:
# ignore the priority and weight for now
_, _, port, ipv6 = answers[0]['data']
del _
port = int(port)
except:
#TODO: use self.DEBUG()
logging.error('An error occurred while looking up %s' % host,
exc_info=sys.exc_info())
return None
else:
return ipv6
def install():
if config()['offline'] is False:
apt_update(fatal=True)
apt_install(packages=[
'bind9',
'dnsutils',
], fatal=True)
else:
log("Installing offline debian packages")
install_packages('files/bind')
# rerun cuz its buggy
install_packages('files/bind')
log("Installing Python packages")
pip_install('files/bind/pip')
## use the nameserver in /etc/resolv.conf as a forwarder ...
import DNS
DNS.ParseResolvConf("/etc/resolv.conf")
nameserver = DNS.defaults['server'][0]
log('Setting dns to be forwarder to :' + nameserver)
import jinja2
templateLoader = jinja2.FileSystemLoader(
searchpath=os.environ['CHARM_DIR'])
#use Jinja2 template to enable bind forwarding
templateEnv = jinja2.Environment(loader=templateLoader)
template = templateEnv.get_template(
'contrib/bind/templates/named.conf.options.jinja2')
output_from_parsed_template = template.render(forwarder=nameserver)
# to save the results
with open("/etc/bind/named.conf.options", "wb") as fh:
fh.write(output_from_parsed_template)
## use jinja2 templates..
if not os.path.exists('/etc/bind/zone-backup'):
os.makedirs('/etc/bind/zone-backup')
open_port(53, "TCP")
open_port(53, "UDP")
def __init__(self, *args, **kwargs):
LookupHandler.__init__(self, *args, **kwargs)
if not DNS:
return
DNS.ParseResolvConf()
self.req = DNS.Request(qtype="TXT")
def __init__(self, session=None):
if not DNS:
return
DNS.ParseResolvConf()
self.req = DNS.Request(qtype="TXT")
#!/usr/bin/python
import sys
sys.path.insert(0, '..')
import DNS
# automatically load nameserver(s) from /etc/resolv.conf
# (works on unix - on others, YMMV)
DNS.ParseResolvConf()
# lets do an all-in-one request
# set up the request object
r = DNS.DnsRequest(name='munnari.oz.au', qtype='A')
# do the request
a = r.req()
# and do a pretty-printed output
a.show()
# now lets setup a reusable request object
r = DNS.DnsRequest(qtype='ANY')
res = r.req("a.root-servers.nex", qtype='ANY')
res.show()
res = r.req("proxy.connect.com.au")
res.show()
def __init__(self):
import DNS
DNS.ParseResolvConf()
def cc_DNS_Tests_it(self):
tampering = False # By default we'll pretend the internet is nice
tampering_list = []
conflicts = []
known_good_resolver = "8.8.8.8"
host_list, host_count = load_list_of_test_hosts("censorship-lists/italy-gamble-blocklist-07-22-11.txt")
known_http_block_pages, known_block_count = load_list_of_test_hosts("proxy-lists/italy-http-ips.txt")
known_censoring_resolvers, censoring_resolver_count = load_list_of_test_hosts("proxy-lists/italy-dns-ips.txt")
check_count = 1
DNS.ParseResolvConf()
# Set the local resolver as our default
if self.randomize:
random.shuffle(host_list) # This makes our list non-sequential for now
print "We're testing (" + str(host_count) + ") URLs"
print "We're looking for (" + str(known_block_count) + ") block pages"
print "We're testing against (" + str(censoring_resolver_count) + ") censoring DNS resolvers"
for test_resolver in known_censoring_resolvers:
test_resolver = test_resolver.strip()
for host_name in host_list:
host_name = host_name.strip()
print "Total progress: " + str(check_count) + " of " + str(host_count) + " hosts to check"
print "Testing " + host_name + " with control resolver: " + known_good_resolver
print "Testing " + host_name + " with experiment resolver: " + test_resolver
while True:
try:
control_data = generic_DNS_resolve(host_name, known_good_resolver)
break
except KeyboardInterrupt:
print "bailing out..."
exit()
except DNS.Base.DNSError:
print "control resolver appears to be failing..."
break
except:
print "Timeout; looping!"
continue
while True:
try:
experiment_data = generic_DNS_resolve(host_name, test_resolver)
break
except KeyboardInterrupt:
print "bailing out..."
exit()
except DNS.Base.DNSError:
print "experiment resolver appears to be failing..."
continue
except:
print "Timeout; looping!"
continue
print "Comparing control and experiment...",
tampering, conflicts = compare_control_with_experiment(known_http_block_pages, control_data, experiment_data)
if tampering:
tampering_list.append(conflicts)
print "Conflicts with " + str(host_name) + " : " + str(conflicts)
check_count = check_count + 1
host_list.close()
return tampering
def __init__(self):
DNS.ParseResolvConf()
self.req = DNS.Request(qtype="TXT")
