def tkey_trans(self): "Do a TKEY transaction and establish a gensec context" self.key_name = "%s.%s" % (uuid.uuid4(), self.get_dns_domain()) p = self.make_name_packet(dns.DNS_OPCODE_QUERY) q = self.make_name_question(self.key_name, dns.DNS_QTYPE_TKEY, dns.DNS_QCLASS_IN) questions = [] questions.append(q) self.finish_name_packet(p, questions) r = dns.res_rec() r.name = self.key_name r.rr_type = dns.DNS_QTYPE_TKEY r.rr_class = dns.DNS_QCLASS_IN r.ttl = 0 r.length = 0xffff rdata = dns.tkey_record() rdata.algorithm = "gss-tsig" rdata.inception = int(time.time()) rdata.expiration = int(time.time()) + 60 * 60 rdata.mode = dns.DNS_TKEY_MODE_GSSAPI rdata.error = 0 rdata.other_size = 0 self.g = gensec.Security.start_client(self.settings) self.g.set_credentials(self.creds) self.g.set_target_service("dns") self.g.set_target_hostname(self.server) self.g.want_feature(gensec.FEATURE_SIGN) self.g.start_mech_by_name("spnego") finished = False client_to_server = "" (finished, server_to_client) = self.g.update(client_to_server) self.assertFalse(finished) data = [ord(x) for x in list(server_to_client)] rdata.key_data = data rdata.key_size = len(data) r.rdata = rdata additional = [r] p.arcount = 1 p.additional = additional (response, response_packet) = self.dns_transaction_tcp(p, self.server_ip) self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK) tkey_record = response.answers[0].rdata data = [chr(x) for x in tkey_record.key_data] server_to_client = ''.join(data) (finished, client_to_server) = self.g.update(server_to_client) self.assertTrue(finished) self.verify_packet(response, response_packet)
def tkey_trans(self): "Do a TKEY transaction and establish a gensec context" self.key_name = "%s.%s" % (uuid.uuid4(), self.get_dns_domain()) p = self.make_name_packet(dns.DNS_OPCODE_QUERY) q = self.make_name_question(self.key_name, dns.DNS_QTYPE_TKEY, dns.DNS_QCLASS_IN) questions = [] questions.append(q) self.finish_name_packet(p, questions) r = dns.res_rec() r.name = self.key_name r.rr_type = dns.DNS_QTYPE_TKEY r.rr_class = dns.DNS_QCLASS_IN r.ttl = 0 r.length = 0xffff rdata = dns.tkey_record() rdata.algorithm = "gss-tsig" rdata.inception = int(time.time()) rdata.expiration = int(time.time()) + 60*60 rdata.mode = dns.DNS_TKEY_MODE_GSSAPI rdata.error = 0 rdata.other_size = 0 self.g = gensec.Security.start_client(self.settings) self.g.set_credentials(self.creds) self.g.set_target_service("dns") self.g.set_target_hostname(self.server) self.g.want_feature(gensec.FEATURE_SIGN) self.g.start_mech_by_name("spnego") finished = False client_to_server = "" (finished, server_to_client) = self.g.update(client_to_server) self.assertFalse(finished) data = [ord(x) for x in list(server_to_client)] rdata.key_data = data rdata.key_size = len(data) r.rdata = rdata additional = [r] p.arcount = 1 p.additional = additional (response, response_packet) = self.dns_transaction_tcp(p, self.server_ip) self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK) tkey_record = response.answers[0].rdata data = [chr(x) for x in tkey_record.key_data] server_to_client = ''.join(data) (finished, client_to_server) = self.g.update(server_to_client) self.assertTrue(finished) self.verify_packet(response, response_packet)