def dname_check(self, res, domain, rdtype, target, count_rrsig):
ans_container = self.make_query(domain, rdtype, res, self.debug)
if not ans_container or not ans_container.response or not ans_container.response.answer:
self.add_reason("DNAME lookup failed")
return False
answer = ans_container.response.answer
if self.debug:
self.println(answer)
# log ad bit
ad = count_rrsig and (ans_container.response.flags & dns.flags.AD)
self.ad_add(ad)
cnt = len(answer)
if cnt <= 0:
self.add_reason("Empty DNAME Answer")
return False
name = self.Str_to_Name(domain)
if self.count_rr(answer, name, dns.rdatatype.DNAME) == 0:
self.add_reason("NO DNAME seen in answer")
return False
if count_rrsig:
source = RRSetSource(answer)
if cnt < 2:
#DNAME and target RRset are signed
self.add_reason("Not enoght records in DNAME answer")
return False
rrset = source.get_rrset(dns.rdatatype.DNAME)
if not source.find_covering_rrsigset(rrset):
self.add_reason("Missing RRSIG(DNAME)")
return False
last_rrset = answer[len(answer) - 1]
res_target = last_rrset.name.to_text()
if res_target != target:
self.addr_reason("DNAME name mismatch %s !+ %s" % (
target,
res_target,
))
return False
return True
def dname_check(self, res, domain, rdtype, target, count_rrsig):
ans_container = self.make_query(domain, rdtype, res, self.debug)
if not ans_container or not ans_container.response or not ans_container.response.answer:
self.add_reason( "DNAME lookup failed")
return False
answer = ans_container.response.answer
if self.debug:
self.println(answer)
# log ad bit
ad = count_rrsig and (ans_container.response.flags & dns.flags.AD)
self.ad_add(ad)
cnt = len(answer)
if cnt <= 0:
self.add_reason( "Empty DNAME Answer")
return False
name = self.Str_to_Name(domain)
if self.count_rr(answer, name, dns.rdatatype.DNAME) == 0:
self.add_reason("NO DNAME seen in answer")
return False
if count_rrsig:
source = RRSetSource(answer)
if cnt < 2:
#DNAME and target RRset are signed
self.add_reason("Not enoght records in DNAME answer")
return False
rrset = source.get_rrset(dns.rdatatype.DNAME)
if not source.find_covering_rrsigset(rrset):
self.add_reason("Missing RRSIG(DNAME)")
return False
last_rrset = answer[len(answer)-1]
res_target = last_rrset.name.to_text()
if res_target != target:
self.addr_reason("DNAME name mismatch %s !+ %s" % (target, res_target, ))
return False
return True
def compare(self, other, ttl_tolerance, verbose, side_by_side):
if not isinstance(other, ResultHolder):
self.report("can't compare %s to %s" % (self.__class__, other.__class__, ))
return
if type(self.summary()) != type(other.summary()):
self.report("different results: %s != %s" % (type(self.summary()), type(other.summary()), ))
return
if isinstance(self.summary(), DNSException):
#exceptions match
self.report("Equal")
return
elif isinstance(self.summary(), Message):
my_response = self.result.response
other_response = other.result.response
my_rcode = my_response.rcode()
other_rcode = other_response.rcode()
if my_rcode != other_rcode:
self.report("Different rcodes: %d != %d" % (my_rcode, other_rcode, ))
return
my_answ = RRSetSource(my_response.answer)
my_answ_rrsets = my_answ.list_rrsets()
other_answ = RRSetSource(other_response.answer)
other_answ_rrsets = other_answ.list_rrsets()
#if at least one result has an answer section, ...
if len(my_answ_rrsets) != 0 or len(other_answ_rrsets) != 0:
# compare the answer sections
return self.compare_section(other, my_answ_rrsets, other_answ_rrsets, ttl_tolerance, verbose, side_by_side)
else:
#otherwise, compare the authority sections
my_auth = RRSetSource(my_response.authority)
my_auth_rrsets = my_auth.list_rrsets()
other_auth = RRSetSource(other_response.authority)
other_auth_rrsets = other_auth.list_rrsets()
return self.compare_section(other, my_auth_rrsets, other_auth_rrsets, ttl_tolerance, verbose, side_by_side)
else:
raise ValueError("oops-program error...")
def count_rr(self, section, name, rdtype):
source = RRSetSource(section)
return source.count(rdtype)
def count_rr(self, section, name, rdtype):
source = RRSetSource(section)
return source.count(rdtype)
