def fake_query(qname,
rdtype=rdatatype.A,
rdclass=rdataclass.IN,
count=1,
fake_txt=False):
"""Fake a DNS query, returning count responses to the request
Three kinds of lookups are faked:
1. A query for A records for a service will return the count
as requested in the test. This simulates lookups for the
ipa-ca A record. To force a difference in responses one can
vary the count.
2. AAAA records are not yet supported, return no answer
3. TXT queries will return the Kerberos realm
fake_txt will set an invalid Kerberos realm entry to provoke a
warning.
"""
m = message.Message()
if rdtype == rdatatype.A:
fqdn = DNSName(qname)
fqdn = fqdn.make_absolute()
answers = Answer(fqdn,
rdataclass.IN,
rdatatype.A,
m,
raise_on_no_answer=False)
rlist = rrset.from_text_list(fqdn, 86400, rdataclass.IN, rdatatype.A,
gen_addrs(count))
answers.rrset = rlist
elif rdtype == rdatatype.AAAA:
raise NoAnswer(response=Response('no AAAA'))
elif rdtype == rdatatype.TXT:
if fake_txt:
realm = 'FAKE_REALM'
else:
realm = m_api.env.realm
qname = DNSName('_kerberos.' + m_api.env.domain)
qname = qname.make_absolute()
answers = Answer(qname,
rdataclass.IN,
rdatatype.TXT,
m,
raise_on_no_answer=False)
rlist = rrset.from_text_list(qname, 86400, rdataclass.IN,
rdatatype.TXT, [realm])
answers.rrset = rlist
return answers
def verify_host_resolvable(fqdn, log):
"""
See if the hostname has a DNS A/AAAA record.
"""
if not isinstance(fqdn, DNSName):
fqdn = DNSName(fqdn)
fqdn = fqdn.make_absolute()
for rdtype in ('A', 'AAAA'):
try:
answers = resolver.query(fqdn, rdtype)
log.debug(
'IPA: found %d %s records for %s: %s' % (len(answers),
rdtype, fqdn, ' '.join(str(answer) for answer in answers))
)
except DNSException:
log.debug(
'IPA: DNS %s record lookup failed for %s' %
(rdtype, fqdn)
)
continue
else:
return
# dns lookup failed in both tries
raise errors.DNSNotARecordError()
def add_srv_records(qname, port_map, priority=0, weight=100):
rdlist = []
for name, port in port_map:
answerlist = []
for host in qname:
hostname = DNSName(host)
rd = rdata.from_text(
rdataclass.IN, rdatatype.SRV,
'{0} {1} {2} {3}'.format(priority, weight, port,
hostname.make_absolute()))
answerlist.append(rd)
rdlist.append(answerlist)
return rdlist
def query_uri(hosts):
"""
Return a list containing two answers, one for each uri type
"""
answers = []
if version.MAJOR < 2 or (version.MAJOR == 2 and version.MINOR == 0):
m = message.Message()
elif version.MAJOR == 2 and version.MINOR > 0:
m = message.QueryMessage() # pylint: disable=E1101
m = message.make_response(m) # pylint: disable=E1101
rdtype = rdatatype.URI
for name in ('_kerberos.', '_kpasswd.'):
qname = DNSName(name + m_api.env.domain)
qname = qname.make_absolute()
if version.MAJOR < 2:
# pylint: disable=unexpected-keyword-arg
answer = Answer(qname,
rdataclass.IN,
rdtype,
m,
raise_on_no_answer=False)
# pylint: enable=unexpected-keyword-arg
else:
if version.MAJOR == 2 and version.MINOR > 0:
question = rrset.RRset(qname, rdataclass.IN, rdtype)
m.question = [question]
answer = Answer(qname, rdataclass.IN, rdtype, m)
rl = []
for host in hosts:
rlist = rrset.from_text_list(
qname, 86400, rdataclass.IN, rdatatype.URI, [
'0 100 "krb5srv:m:tcp:%s."' % host,
'0 100 "krb5srv:m:udp:%s."' % host,
])
rl.extend(rlist)
answer.rrset = rl
answers.append(answer)
return answers
def fake_query(qname, rdtype=rdatatype.A, rdclass=rdataclass.IN, count=1,
fake_txt=False):
"""Fake a DNS query, returning count responses to the request
Three kinds of lookups are faked:
1. A query for A/AAAA records for a service will return the count
as requested in the test. This simulates lookups for the
ipa-ca A/AAAA record. To force a difference in responses one can
vary the count.
2. TXT queries will return the Kerberos realm
fake_txt will set an invalid Kerberos realm entry to provoke a
warning.
"""
if version.MAJOR < 2 or (version.MAJOR == 2 and version.MINOR == 0):
m = message.Message()
elif version.MAJOR == 2 and version.MINOR > 0:
m = message.QueryMessage()
m = message.make_response(m)
if rdtype in (rdatatype.A, rdatatype.AAAA):
fqdn = DNSName(qname)
fqdn = fqdn.make_absolute()
if version.MAJOR < 2:
# pylint: disable=unexpected-keyword-arg
answers = Answer(fqdn, rdataclass.IN, rdtype, m,
raise_on_no_answer=False)
# pylint: enable=unexpected-keyword-arg
else:
if version.MAJOR == 2 and version.MINOR > 0:
question = rrset.RRset(fqdn, rdataclass.IN, rdtype)
m.question = [question]
answers = Answer(fqdn, rdataclass.IN, rdtype, m)
rlist = rrset.from_text_list(fqdn, 86400, rdataclass.IN,
rdtype, gen_addrs(rdtype, count))
answers.rrset = rlist
elif rdtype == rdatatype.TXT:
if fake_txt:
realm = 'FAKE_REALM'
else:
realm = m_api.env.realm
qname = DNSName('_kerberos.' + m_api.env.domain)
qname = qname.make_absolute()
if version.MAJOR < 2:
# pylint: disable=unexpected-keyword-arg
answers = Answer(qname, rdataclass.IN, rdatatype.TXT, m,
raise_on_no_answer=False)
# pylint: enable=unexpected-keyword-arg
else:
if version.MAJOR == 2 and version.MINOR > 0:
question = rrset.RRset(qname, rdataclass.IN, rdtype)
m.question = [question]
answers = Answer(qname, rdataclass.IN, rdatatype.TXT, m)
rlist = rrset.from_text_list(qname, 86400, rdataclass.IN,
rdatatype.TXT, [realm])
answers.rrset = rlist
return answers
