def test_extra_ns_backwards4():
cp = ConfigParser()
cp.parse_data({
'options': [
('instance', 'vpn.example.org'),
],
'vpn.example.org': [
('mname', 'dns.example.org'),
('rname', 'dns.example.org'),
('refresh', '1h'),
('retry', '2h'),
('expire', '3h'),
('minimum', '4h'),
('subnet4', '198.51.100.0/24'),
('status_file', 'tests/samples/empty.ovpn-status-v1'),
('add_entries', 'ns')
],
'ns': [
('@', 'NS dns-a.example.org'),
('@', 'NS dns-b.example.org')
]
})
c = ResolverChain(OpenVpnAuthorityHandler(cp))
d = c.query(dns.Query('100.51.198.in-addr.arpa', dns.NS, dns.IN))
for rr in d.result[0]:
assert rr.name.name == '100.51.198.in-addr.arpa'
assert rr.payload.__class__ == dns.Record_NS
assert set(map(lambda rr: rr.payload.name.name, d.result[0])) \
== set(('dns-a.example.org', 'dns-b.example.org'))
def test_ptr():
cp = ConfigParser()
cp.parse_data({
'options': [
('instance', 'vpn.example.org'),
],
'vpn.example.org': [
('mname', 'dns.example.org'),
('rname', 'dns.example.org'),
('refresh', '1h'),
('retry', '2h'),
('expire', '3h'),
('minimum', '4h'),
('subnet4', '198.51.100.0/24'),
('status_file', 'tests/samples/one.ovpn-status-v1')
]
})
c = ResolverChain(OpenVpnAuthorityHandler(cp))
reverse = '8.100.51.198.in-addr.arpa'
d = c.query(dns.Query(reverse, dns.PTR, dns.IN))
rr = d.result[0][0]
assert rr.name.name == reverse
payload = rr.payload
assert payload.__class__ == dns.Record_PTR
assert payload.name.name == 'one.vpn.example.org'
def test_suffix_at():
cp = ConfigParser()
cp.parse_data({
'options': [
('instance', 'vpn.example.org'),
],
'vpn.example.org': [
('mname', 'dns.example.org'),
('rname', 'dns.example.org'),
('refresh', '1h'),
('retry', '2h'),
('expire', '3h'),
('minimum', '4h'),
('suffix', '@'),
('status_file', 'tests/samples/no-fqdn.ovpn-status-v1'),
]
})
c = ResolverChain(OpenVpnAuthorityHandler(cp))
# query one:
d = c.query(dns.Query('one.vpn.example.org', dns.A, dns.IN))
rr = d.result[0][0]
assert rr.name.name == 'one.vpn.example.org'
assert rr.payload.__class__ == dns.Record_A
assert rr.payload.address == socket.inet_aton('198.51.100.8')
# query two:
d = c.query(dns.Query('one.two.vpn.example.org', dns.A, dns.IN))
rr = d.result[0][0]
assert rr.name.name == 'one.two.vpn.example.org'
assert rr.payload.__class__ == dns.Record_A
assert rr.payload.address == socket.inet_aton('198.51.100.12')
def test_soa():
cp = ConfigParser()
cp.parse_data({
'options': [
('instance', 'vpn.example.org'),
],
'vpn.example.org': [
('mname', 'dns.example.org'),
('rname', 'dns.example.org'),
('refresh', '1h'),
('retry', '2h'),
('expire', '3h'),
('minimum', '4h'),
('status_file', 'tests/samples/empty.ovpn-status-v1')
]
})
c = ResolverChain(OpenVpnAuthorityHandler(cp))
d = c.query(dns.Query('vpn.example.org', dns.SOA, dns.IN))
rr = d.result[0][0]
assert rr.name.name == 'vpn.example.org'
payload = rr.payload
assert payload.__class__ == dns.Record_SOA
assert payload.mname.name == 'dns.example.org'
assert payload.rname.name == 'dns.example.org'
assert payload.serial == int(os.path.getmtime(
'tests/samples/empty.ovpn-status-v1'))
assert payload.refresh == 3600
assert payload.retry == 2*3600
assert payload.expire == 3*3600
assert payload.minimum == 4*3600
def __init__(self, child_resolvers, maximumQueries=10,
reactor=None, resolverFactory=None):
"""
@param child_resolvers: List of resolvers that actually do
the queries
@type child_resolvers: L{list} of L{Resovler}
@param maximumQueries: An optional L{int} giving the maximum
number of queries which will be attempted to resolve a
single name.
@type maximumQueries: L{int}
@param reactor: An optional L{IReactorTime} and L{IReactorUDP}
provider to use to bind UDP ports and manage timeouts.
@type reactor: L{IReactorTime} and L{IReactorUDP} provider
@param resolverFactory: An optional callable which accepts C{reactor}
and C{servers} arguments and returns an instance that provides a
C{queryUDP} method. Defaults to L{twisted.names.client.Resolver}.
@type resolverFactory: callable
"""
ResolverChain.__init__(self,child_resolvers)
self._maximumQueries = maximumQueries
self._reactor = reactor
if resolverFactory is None:
from twisted.names.client import Resolver as resolverFactory
self._resolverFactory = resolverFactory
def test_emptyResolversListLookupAllRecords(self):
"""
L{ResolverChain.lookupAllRecords} returns a L{DomainError}
failure if its C{resolvers} list is empty.
"""
r = ResolverChain([])
d = r.lookupAllRecords('www.example.com')
f = self.failureResultOf(d)
self.assertIs(f.trap(DomainError), DomainError)
def test_emptyResolversList(self):
"""
L{ResolverChain._lookup} returns a L{DomainError} failure if
its C{resolvers} list is empty.
"""
r = ResolverChain([])
d = r.lookupAddress("www.example.com")
f = self.failureResultOf(d)
self.assertIs(f.trap(DomainError), DomainError)
def test_emptyResolversListLookupAllRecords(self):
"""
L{ResolverChain.lookupAllRecords} returns a L{DomainError}
failure if its C{resolvers} list is empty.
"""
r = ResolverChain([])
d = r.lookupAllRecords('www.example.com')
f = self.failureResultOf(d)
self.assertIs(f.trap(DomainError), DomainError)
def test_aaaa():
cp = ConfigParser()
cp.parse_data({
'options': [
('instance', 'vpn.example.org'),
],
'vpn.example.org': [
('mname', 'dns.example.org'),
('rname', 'dns.example.org'),
('refresh', '1h'),
('retry', '2h'),
('expire', '3h'),
('minimum', '4h'),
('status_file', 'tests/samples/ipv6.ovpn-status-v1')
]
})
c = ResolverChain(OpenVpnAuthorityHandler(cp))
d = c.query(dns.Query('one.vpn.example.org', dns.AAAA, dns.IN))
rr = d.result[0][0]
assert rr.name.name == 'one.vpn.example.org'
payload = rr.payload
assert payload.__class__ == dns.Record_AAAA
assert IP(socket.inet_ntop(socket.AF_INET6, payload.address)) \
== IP('fddc:abcd:1234::1008')
def update_records(self):
resolvers = []
self._da = {}
for z,zd in self._data["zones"].items():
soa = dns.Record_SOA(
mname=zd["server_name"],
rname="root." + z, # what is this for?
serial=1, # must be int, fit in struct.pack("L") so 32-bits
refresh="1M",
retry="1M",
expire="1M",
minimum="1M",
)
ns = dns.Record_NS(zd["server_name"])
records = {
z: [soa, ns],
}
da = DynamicAuthority(z, soa, records)
resolvers.append(da)
self._authorities[z] = da
print(self._dns_server.resolver)
self._dns_server.resolver = ResolverChain(resolvers)