Exemplo n.º 1
0
    def run(self, context, suggested_tested, name, rdataset):

        tested = None
        result = None

        # Only run test for non-NSEC/RRSIG, non-delegated RRSets:
        if (rdataset.rdtype != dns.rdatatype.NSEC
            and rdataset.rdtype != dns.rdatatype.RRSIG
            and not context.is_delegated(name)):

            tested = suggested_tested

            # Make sure there's an NSEC for the rdataset name:
            nsec_rdataset = context.zone_obj.get_rdataset(name, 'NSEC')
            if not nsec_rdataset:
                result = 'No NSEC\'s found for name: %s' % (name)

            if not result:

                # Look in found nsec_rdataset for an NSEC that covers the
                # rdataset type:
                got_one = False
                for nsec in nsec_rdataset.items:
                    if nsecx.covers(nsec, rdataset.rdtype):
                        got_one = True
                        break

                if not got_one:
                    result = 'No NSEC that covers type=%s for name: %s' % (
                        dns.rdatatype.to_text(rdataset.rdtype), name)

        return (tested, result)
Exemplo n.º 2
0
    def run(self, context, suggested_tested, name, rdataset):

        tested = None
        result = None

        # Only run test if there's an NSEC3PARAM:
        nsec3param = (len(context.nsec3param_rdataset.items)
            and context.nsec3param_rdataset.items[0] or None)
        if nsec3param:

            # Only run test for non-NSEC3/RRSIG, non-delegated RRSets:
            if (rdataset.rdtype != dns.rdatatype.NSEC3
                and rdataset.rdtype != dns.rdatatype.RRSIG
                and not context.is_delegated(name)):

                tested = suggested_tested

                # Make sure there's an NSEC3 for the rdataset name:
                hashed_name = '%s.%s' % (
                    nsecx.hash_nsec3_name(
                        name,
                        nsec3param.salt,
                        nsec3param.algorithm,
                        nsec3param.iterations),
                    context.zone_name)
                nsec3_rdataset = context.zone_obj.get_rdataset(hashed_name, 'NSEC3')
                if not nsec3_rdataset:
                    result = 'No NSEC3\'s found for name: %s' % (hashed_name)

                if not result:

                    # Look in found nsec3_rdataset for an NSEC3 that covers the
                    # rdataset type:
                    got_one = False
                    for nsec3 in nsec3_rdataset.items:
                        if nsecx.covers(nsec3, rdataset.rdtype):
                            got_one = True
                            break

                    if not got_one:
                        result = 'No NSEC3 that covers type=%s for name: %s' % (
                            dns.rdatatype.to_text(rdataset.rdtype), hashed_name)

        return (tested, result)