def test_calc_node_names(): tests = [ ('', False, [], []), ('', False, [''], ['']), ('', False, ['a'], ['a']), ('', False, ['d.c.b.a'], ['d.c.b.a']), ('', False, ['*.a'], ['*.a']), ('', False, ['a', '*.a'], ['a', '*.a']), ('', False, ['b.a', '*.a'], ['*.a', 'b.a']), ('', False, ['c.b.a', '*.a'], ['*.a', 'c.b.a']), ('', False, ['d.c.b.a', '*.a'], ['*.a', 'd.c.b.a']), ('', False, ['d.c.b.a', '*.*.a'], ['*.*.a', 'd.c.b.a']), ('', False, ['d.c.b.a', '*.a', '*.*.a'], ['*.a', '*.*.a', 'd.c.b.a']), ('a', True, [], []), ('a', True, [''], ['']), ('a', True, ['a'], ['a']), ('a', True, ['d.c.b.a'], ['a', 'b.a', 'c.b.a', 'd.c.b.a']), ('a', True, ['*.a'], ['a', '*.a']), ('a', True, ['a', '*.a'], ['a', '*.a']), ('a', True, ['b.a', '*.a'], ['a', '*.a', 'b.a']), ('a', True, ['c.b.a', '*.a'], ['a', '*.a', 'b.a', 'c.b.a']), ('a', True, ['d.c.b.a', '*.a'], ['a', '*.a', 'b.a', 'c.b.a', 'd.c.b.a']), ('a', True, ['d.c.b.a', '*.*.a'], ['a', '*.a', '*.*.a', 'b.a', 'c.b.a', 'd.c.b.a']), ('a', True, ['d.c.b.a', '*.a', '*.*.a'], ['a', '*.a', '*.*.a', 'b.a', 'c.b.a', 'd.c.b.a']), ('example', True, ['example', 'a.example', 'ns1.a.example', 'ns2.a.example', 'ai.example', 'c.example', 'ns1.c.example', 'ns2.c.example', 'ns1.example', 'ns2.example', '*.w.example', 'x.w.example', 'x.y.w.example', 'xx.example'], ['example', 'a.example', 'ns1.a.example', 'ns2.a.example', 'ai.example', 'c.example', 'ns1.c.example', 'ns2.c.example', 'ns1.example', 'ns2.example', 'w.example', '*.w.example', 'x.w.example', 'y.w.example', 'x.y.w.example', 'xx.example'])] for test in tests: ents_too = test[1] zname = ents_too and dns.name.from_text(test[0]) or None ins = [dns.name.from_text(s) for s in test[2]] outs = [dns.name.from_text(s) for s in test[3]] actual = dns_utils.calc_node_names(ins, ents_too, zname) #print zname, ents_too, ins, outs, actual assert actual == outs
def __init__(self, args, zone_obj): ''' Ctor. :param obj args: The application arguments. :param obj zone_obj: The dns.zone.Zone instance. ''' self.zone_name = dns.name.from_text(args.zone) self.zone_obj = zone_obj # Get SOA if available: self.soa_rdataset = self.zone_obj.get_rdataset( self.zone_name, dns.rdatatype.SOA) # Get DNSKEY(s) if available: self.dnskey_rdataset = self.zone_obj.get_rdataset( self.zone_name, dns.rdatatype.DNSKEY) # Get NSEC3PARAM(s) if available: self.nsec3param_rdataset = self.zone_obj.get_rdataset( self.zone_name, dns.rdatatype.NSEC3PARAM) # Get delegated zones if any: self.delegated_names = [ name for (name, _) in self.zone_obj.iterate_rdatasets('NS') if name != self.zone_name] # Force or detect zone's DNSSEC type: if args.force_dnssec_type != 'detect': self.dnssec_type = args.force_dnssec_type else: # See if there are any NSEC or NSEC3's: has_nsec = next(self.zone_obj.iterate_rdatasets(dns.rdatatype.NSEC), None) has_nsec3 = (self.nsec3param_rdataset or next(self.zone_obj.iterate_rdatasets(dns.rdatatype.NSEC3), None)) # See if this appears to be a signed zone (note: can't seem to # practically check all RRSIG's since they "cover" other records, # which would require us to iterate all possible "covers" values, # so just try a few obvious ones): seems_signed = ( self.dnskey_rdataset or has_nsec or has_nsec3 or next(self.zone_obj.iterate_rdatasets( dns.rdatatype.DS), None) or next(self.zone_obj.iterate_rdatasets( dns.rdatatype.RRSIG, dns.rdatatype.SOA), None) or next(self.zone_obj.iterate_rdatasets( dns.rdatatype.RRSIG, dns.rdatatype.NS), None) or next(self.zone_obj.iterate_rdatasets( dns.rdatatype.RRSIG, dns.rdatatype.A), None) or next(self.zone_obj.iterate_rdatasets( dns.rdatatype.RRSIG, dns.rdatatype.AAAA), None)) self.dnssec_type = ( has_nsec3 and 'NSEC3' or has_nsec and 'NSEC' or seems_signed and 'NSEC3' or # assume NSEC3-type 'unsigned') # Get DNSSEC-ordered list of names in zone (including any Empty Non- # Terminals if NSEC3-style zone): self.node_names = dns_utils.calc_node_names( zone_obj.nodes.keys(), self.dnssec_type == 'NSEC3', self.zone_name)