def __init__(self, domain, rootfile='/tmp/db.root', timeout=5, ipv4=True, ipv6=False): self.domain = domain self.timeout = timeout self.SOA = {} self.NS = {} if ipv4: self.ipv4_delegation = DNSZoneDelegation( domain, rrtype='A', rootfile=rootfile, timeout=timeout ) else: self.ipv4_delegation = None if ipv6: self.ipv6_delegation = DNSZoneDelegation( domain, rrtype='AAAA', rootfile=rootfile, timeout=timeout ) else: self.ipv6_delegation = None
class AuthorizedZoneServers(object): """DNS zone authorized servers Parser for authorized servers for DNS domain """ def __init__(self, domain, rootfile='/tmp/db.root', timeout=5, ipv4=True, ipv6=False): self.domain = domain self.timeout = timeout self.SOA = {} self.NS = {} if ipv4: self.ipv4_delegation = DNSZoneDelegation( domain, rrtype='A', rootfile=rootfile, timeout=timeout ) else: self.ipv4_delegation = None if ipv6: self.ipv6_delegation = DNSZoneDelegation( domain, rrtype='AAAA', rootfile=rootfile, timeout=timeout ) else: self.ipv6_delegation = None def update_delegations(self): """Update zone delegations Query and update delegations for zone """ if self.ipv4_delegation is not None: self.ipv4_delegation.update_delegations() if self.ipv6_delegation is not None: self.ipv6_delegation.update_delegations() def query_server(self, server, rrtype): """Query RR for server Resolve this zone's RR from given server """ return resolve_records( query=self.domain, rrtype=rrtype, nameserver=server, timeout=self.timeout ) def validate_SOA(self): """Validate domain SOA Validate SOA record of a domain: this is only example stub right now! TODO - actually compare SOA records with each other """ if not self.ipv4_delegation and not self.ipv6_delegation: self.update_delegations() soa_records = {} if self.ipv4_delegation is not None: for delegation in self.ipv4_delegation: if delegation.name not in soa_records.keys(): soa_records[delegation.name] = delegation.soa if self.ipv6_delegation is not None: for server in self.ipv6_delegation: if delegation.name not in soa_records.keys(): soa_records[delegation.name] = delegation.soa for server, server_soa in soa_records.items(): for other, soa in soa_records.items(): if server == other: continue if server_soa != soa: raise DNSError('SOA records do not match: %s and %s' % (server, delegation.soa)) def validate_NS(self): """Validate zone NS records Validate NS records of a domain: this is only example stub right now! TODO - actually compare NS records with each other and TLD delegation """ if self.ipv4_delegation: for delegation in self.ipv4_delegation: if self.ipv4_delegation.delegated_servers != delegation.nameservers: raise DNSError('%s: servers from delegation and server differ: %s and %s' % ( delegation, ','.join('%s' % s for s in self.ipv4_delegation.delegated_servers), ','.join('%s' % s for s in delegation.nameservers) )) if self.ipv6_delegation: for delegation in self.ipv6_delegation: if self.ipv6_delegation.delegated_servers != delegation.nameservers: raise DNSError('%s: servers from delegation and server differ: %s and %s' % ( delegation, ','.join('%s' % s for s in self.ipv6_delegation.delegated_servers), ','.join('%s' % s for s in delegation.nameservers) ))