def resolve_with_dnssec(nameserver, query, rtype="SOA"): res = DNSResolver() res.nameservers = [nameserver] res.lifetime = 10 # wait max 10 seconds for reply # enable Authenticated Data + Checking Disabled flags res.set_flags(dns.flags.AD | dns.flags.CD) # enable EDNS v0 + enable DNSSEC-Ok flag res.use_edns(0, dns.flags.DO, 0) ans = res.resolve(query, rtype) return ans
def resolve_records_from_server(rname, rtype, nameserver): error = None res = DNSResolver() res.nameservers = [nameserver] res.lifetime = 30 logger.info("Query: %s %s, nameserver %s", rname, rtype, nameserver) # lets try to query 3x for _i in range(3): try: ans = res.resolve(rname, rtype) logger.info("Answer: %s", ans.rrset) return ans.rrset except (dns.resolver.NXDOMAIN, dns.resolver.Timeout) as e: error = e time.sleep(10) pytest.fail("Query: {} {}, nameserver {} failed due to {}".format( rname, rtype, nameserver, error))
def _resolve_record(owner, rtype, nameserver_ip=None, edns0=False, dnssec=False, flag_cd=False, timeout=10): """ :param nameserver_ip: if None, default resolvers will be used :param edns0: enables EDNS0 :param dnssec: enabled EDNS0, flags: DO :param flag_cd: requires dnssec=True, adds flag CD :raise DNSException: if error occurs """ assert isinstance(nameserver_ip, str) or nameserver_ip is None assert isinstance(rtype, str) res = DNSResolver() if nameserver_ip: res.nameservers = [nameserver_ip] res.lifetime = timeout # Recursion Desired, # this option prevents to get answers in authority section instead of answer res.set_flags(dns.flags.RD) if dnssec: res.use_edns(0, dns.flags.DO, 4096) flags = dns.flags.RD if flag_cd: flags = flags | dns.flags.CD res.set_flags(flags) elif edns0: res.use_edns(0, 0, 4096) return res.resolve(owner, rtype)