def check_forwarders(dns_forwarders, logger): print "Checking DNS forwarders, please wait ..." forwarders_dnssec_valid = True for forwarder in dns_forwarders: logger.debug("Checking DNS server: %s", forwarder) try: validate_dnssec_global_forwarder(forwarder, log=logger) except DNSSECSignatureMissingError as e: forwarders_dnssec_valid = False logger.warning("DNS server %s does not support DNSSEC: %s", forwarder, e) logger.warning("Please fix forwarder configuration to enable DNSSEC support.\n" "(For BIND 9 add directive \"dnssec-enable yes;\" to \"options {}\")") print "DNS server %s: %s" % (forwarder, e) print "Please fix forwarder configuration to enable DNSSEC support." print "(For BIND 9 add directive \"dnssec-enable yes;\" to \"options {}\")" except EDNS0UnsupportedError as e: forwarders_dnssec_valid = False logger.warning("DNS server %s does not support ENDS0 " "(RFC 6891): %s", forwarder, e) logger.warning("Please fix forwarder configuration. " "DNSSEC support cannot be enabled without EDNS0") print ("WARNING: DNS server %s does not support EDNS0 " "(RFC 6891): %s" % (forwarder, e)) except UnresolvableRecordError as e: logger.error("DNS server %s: %s", forwarder, e) raise RuntimeError("DNS server %s: %s" % (forwarder, e)) return forwarders_dnssec_valid
def check_forwarders(dns_forwarders, logger): print("Checking DNS forwarders, please wait ...") forwarders_dnssec_valid = True for forwarder in dns_forwarders: logger.debug("Checking DNS server: %s", forwarder) try: validate_dnssec_global_forwarder(forwarder, log=logger) except DNSSECSignatureMissingError as e: forwarders_dnssec_valid = False logger.warning("DNS server %s does not support DNSSEC: %s", forwarder, e) logger.warning( "Please fix forwarder configuration to enable DNSSEC support.\n" "(For BIND 9 add directive \"dnssec-enable yes;\" to \"options {}\")" ) print("DNS server %s: %s" % (forwarder, e)) print( "Please fix forwarder configuration to enable DNSSEC support.") print( "(For BIND 9 add directive \"dnssec-enable yes;\" to \"options {}\")" ) except EDNS0UnsupportedError as e: forwarders_dnssec_valid = False logger.warning( "DNS server %s does not support ENDS0 " "(RFC 6891): %s", forwarder, e) logger.warning("Please fix forwarder configuration. " "DNSSEC support cannot be enabled without EDNS0") print(("WARNING: DNS server %s does not support EDNS0 " "(RFC 6891): %s" % (forwarder, e))) except UnresolvableRecordError as e: logger.error("DNS server %s: %s", forwarder, e) raise RuntimeError("DNS server %s: %s" % (forwarder, e)) return forwarders_dnssec_valid