dnsruby 1.37 → 1.38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -64,7 +64,7 @@ module Dnsruby
64
64
 
65
65
  def algorithm=(a)
66
66
  if (a.instance_of?String)
67
- if (a.length == 1)
67
+ if (a.to_i > 0)
68
68
  a = a.to_i
69
69
  end
70
70
  end
@@ -264,6 +264,8 @@ module Dnsruby
264
264
  def public_key
265
265
  if (!@public_key)
266
266
  if [Algorithms.RSASHA1,
267
+ Algorithms.RSASHA256,
268
+ Algorithms.RSASHA512,
267
269
  Algorithms.RSASHA1_NSEC3_SHA1].include?(@algorithm)
268
270
  @public_key = rsa_key
269
271
  elsif [Algorithms.DSA,
@@ -101,7 +101,7 @@ module Dnsruby
101
101
 
102
102
  def algorithm=(a)
103
103
  if (a.instance_of?String)
104
- if (a.length == 1)
104
+ if (a.to_i > 0)
105
105
  a = a.to_i
106
106
  end
107
107
  end
@@ -386,6 +386,8 @@ module Dnsruby
386
386
 
387
387
  if rdata
388
388
  rdata.gsub!(/\s+$/o, "")
389
+ rdata.gsub!("(", "")
390
+ rdata.gsub!(")", "")
389
391
  end
390
392
 
391
393
  # RFC3597 tweaks
@@ -146,11 +146,11 @@ module Dnsruby
146
146
  raise VerifyError.new("RRSET should have same type as RRSIG for verification")
147
147
  end
148
148
 
149
- # #Each RR in the RRset MUST have the TTL listed in the
150
- # #RRSIG Original TTL Field;
151
- # if (rrset.ttl != sigrec.original_ttl)
152
- # raise VerifyError.new("RRSET should have same ttl as RRSIG original_ttl for verification (should be #{sigrec.original_ttl} but was #{rrset.ttl}")
153
- # end
149
+ # #Each RR in the RRset MUST have the TTL listed in the
150
+ # #RRSIG Original TTL Field;
151
+ # if (rrset.ttl != sigrec.original_ttl)
152
+ # raise VerifyError.new("RRSET should have same ttl as RRSIG original_ttl for verification (should be #{sigrec.original_ttl} but was #{rrset.ttl}")
153
+ # end
154
154
 
155
155
  # Now check that we are in the validity period for the RRSIG
156
156
  now = Time.now.to_i
@@ -240,7 +240,7 @@ module Dnsruby
240
240
  # Return true if we can verify the whole message.
241
241
 
242
242
  msg.each_section do |section|
243
- # print "Checking section : #{section}\n"
243
+ # print "Checking section : #{section}\n"
244
244
  ds_rrsets = section.rrsets(Types.DS)
245
245
  if ((!ds_rrsets || ds_rrsets.length == 0) && (@verifier_type == VerifierType::DLV))
246
246
  ds_rrsets = section.rrsets(Types.DLV)
@@ -374,14 +374,14 @@ module Dnsruby
374
374
  return if (msg.rcode == RCode.NOERROR && ((qtype == Types.ANY) || (qtype == Types.NSEC) || (qtype == Types.NSEC3)))
375
375
  if ((msg.rrsets('NSEC').length > 0) || (msg.rrsets('NSEC3').length > 0))
376
376
  if (msg.rcode == RCode.NXDOMAIN)
377
- # print "Checking NSECs for Name Error\n"
377
+ # print "Checking NSECs for Name Error\n"
378
378
  #Name error - NSEC wil prove i) no exact match for <SNAME, SCLASS>, and ii) no RRSets that could match through wildcard expansion
379
379
  # - this may be proved in one or more NSECs (and associated RRSIGs)
380
380
  check_name_in_nsecs(msg)
381
381
  return check_no_wildcard_expansion(msg)
382
382
  elsif (msg.rcode == RCode.NOERROR)
383
383
  if (msg.answer.length > 0)
384
- # print "Checking NSECs for wildcard expansion\n"
384
+ # print "Checking NSECs for wildcard expansion\n"
385
385
  # wildcard expansion answer - check NSECs!
386
386
  # We want to make sure that the NSEC tells us that there is no closer match for this name
387
387
  # @TODO@ We need to make replace the RRSIG name with the wildcard name before we can verify it correctly.
@@ -395,7 +395,7 @@ module Dnsruby
395
395
  [msg.authority.rrsets('NSEC'), msg.authority.rrsets('NSEC3')].each {|nsec_rrsets|
396
396
  nsec_rrsets.each {|nsec_rrset|
397
397
  nsec_rrset.rrs.each {|nsec|
398
- # print "Checking nsec to see if wildcard : #{nsec}\n"
398
+ # print "Checking nsec to see if wildcard : #{nsec}\n"
399
399
  if (nsec.name.wild? ||(nsec.name.labels.length < msg.question()[0].qname.labels.length))
400
400
  isWildcardNoData = true
401
401
  end
@@ -404,14 +404,14 @@ module Dnsruby
404
404
  }
405
405
 
406
406
  if (isWildcardNoData)
407
- # print "Checking NSECs for wildcard no data\n"
407
+ # print "Checking NSECs for wildcard no data\n"
408
408
  # Check NSECs -
409
409
  # i) NSEC proving no RRSets matching STYPE at wildcard owner name that matched <SNAME, SCLASS> via wildcard expansion
410
410
  check_name_not_in_wildcard_nsecs(msg)
411
411
  # ii) NSEC proving no RRSets in zone that would have been closer match for <SNAME, SCLASS>
412
412
  return check_name_in_and_type_not_in_nsecs(msg)
413
413
  else # (isNoData)
414
- # print "Checking NSECs for No data\n"
414
+ # print "Checking NSECs for No data\n"
415
415
  # Check NSEC types covered to make sure this type not present.
416
416
  return check_name_in_and_type_not_in_nsecs(msg)
417
417
  end
@@ -442,7 +442,7 @@ module Dnsruby
442
442
  [msg.authority.rrsets('NSEC'), msg.authority.rrsets('NSEC3')].each {|nsec_rrsets|
443
443
  nsec_rrsets.each {|nsecs|
444
444
  nsecs.rrs.each {|nsec|
445
- # print "Checking NSEC : #{nsec}\n"
445
+ # print "Checking NSEC : #{nsec}\n"
446
446
  next if (nsec.name.wild?)
447
447
  if (check_record_proves_no_wildcard(msg, nsec))
448
448
  proven_no_wildcards = true
@@ -451,7 +451,7 @@ module Dnsruby
451
451
  }
452
452
  }
453
453
  if (!proven_no_wildcards)
454
- # print "No proof that no RRSets could match through wildcard expansion\n"
454
+ # print "No proof that no RRSets could match through wildcard expansion\n"
455
455
  raise VerifyError.new("No proof that no RRSets could match through wildcard expansion")
456
456
  end
457
457
 
@@ -459,12 +459,12 @@ module Dnsruby
459
459
 
460
460
  def check_record_proves_no_wildcard(msg, nsec) # :nodoc:
461
461
  # Check that the NSEC goes from the SOA to a zone canonically after a wildcard
462
- # print "Checking wildcard proof for #{nsec.name}\n"
462
+ # print "Checking wildcard proof for #{nsec.name}\n"
463
463
  soa_rrset = msg.authority.rrset(nsec.name, 'SOA')
464
464
  if (soa_rrset.length > 0)
465
- # print "Found SOA for #{nsec.name}\n"
465
+ # print "Found SOA for #{nsec.name}\n"
466
466
  wildcard_name = Name.create("*." + nsec.name.to_s)
467
- # print "Checking #{wildcard_name}\n"
467
+ # print "Checking #{wildcard_name}\n"
468
468
  if (wildcard_name.canonically_before(nsec.next_domain))
469
469
  return true
470
470
  end
@@ -481,7 +481,7 @@ module Dnsruby
481
481
  [msg.authority.rrsets('NSEC'), msg.authority.rrsets('NSEC3')].each {|nsec_rrsets|
482
482
  nsec_rrsets.each {|nsecs|
483
483
  nsecs.rrs.each {|nsec|
484
- # print "Checking NSEC : #{nsec}\n"
484
+ # print "Checking NSEC : #{nsec}\n"
485
485
  next if (nsec.name.wild?)
486
486
  if nsec.check_name_in_range(name)
487
487
  proven_name_in_nsecs = true
@@ -491,7 +491,7 @@ module Dnsruby
491
491
  qtype_present = true
492
492
  end
493
493
  if (qtype_present != expected_qtype)
494
- # print "#{nsec.type} record #{nsec} does #{expected_qtype ? 'not ' : ''} include #{qtype} type\n"
494
+ # print "#{nsec.type} record #{nsec} does #{expected_qtype ? 'not ' : ''} include #{qtype} type\n"
495
495
  raise VerifyError.new("#{nsec.type} record #{nsec} does #{expected_qtype ? 'not ' : ''}include #{qtype} type")
496
496
  # return false
497
497
  end
@@ -502,11 +502,11 @@ module Dnsruby
502
502
  }
503
503
  }
504
504
  if (!proven_name_in_nsecs)
505
- # print "No proof for non-existence for #{name}\n"
505
+ # print "No proof for non-existence for #{name}\n"
506
506
  raise VerifyError.new("No proof for non-existence for #{name}")
507
507
  end
508
508
  if (qtype && !type_covered_checked)
509
- # print "Tyes covered wrong for #{name}\n"
509
+ # print "Tyes covered wrong for #{name}\n"
510
510
  raise VerifyError.new("Types covered wrong for #{name}")
511
511
  end
512
512
  end
@@ -522,18 +522,18 @@ module Dnsruby
522
522
  [msg.authority.rrsets('NSEC'), msg.authority.rrsets('NSEC3')].each {|nsec_rrsets|
523
523
  nsec_rrsets.each {|nsecs|
524
524
  nsecs.rrs.each {|nsec|
525
- # print "Checking NSEC : #{nsec}\n"
525
+ # print "Checking NSEC : #{nsec}\n"
526
526
  next if !nsec.name.wild?
527
527
  # Check the wildcard expansion
528
528
  # We want to see that the name is in the wildcard range, and that the type
529
529
  # is not in the types for the NSEC
530
530
  if nsec.check_name_in_wildcard_range(name)
531
- # print "Wildcard expansion in #{nsec} includes #{name}\n"
531
+ # print "Wildcard expansion in #{nsec} includes #{name}\n"
532
532
  raise VerifyError.new("Wildcard expansion in #{nsec} includes #{name}")
533
533
  # return false
534
534
  end
535
535
  if (nsec.types.include?qtype)
536
- # print "#{qtype} present in wildcard #{nsec}\n"
536
+ # print "#{qtype} present in wildcard #{nsec}\n"
537
537
  raise VerifyError.new("#{qtype} present in wildcard #{nsec}")
538
538
  # return false
539
539
  end
@@ -542,7 +542,7 @@ module Dnsruby
542
542
  }
543
543
  }
544
544
  return if done
545
- # print("Expected wildcard expansion in #{msg}\n")
545
+ # print("Expected wildcard expansion in #{msg}\n")
546
546
  raise VerifyError.new("Expected wildcard expansion in #{msg}")
547
547
  # return false
548
548
  end
@@ -658,7 +658,7 @@ module Dnsruby
658
658
 
659
659
  sigrecs.each {|sig|
660
660
  if ((key.key_tag == sig.key_tag) && (key.algorithm == sig.algorithm))
661
- # print "Found key #{key.key_tag}\n"
661
+ # print "Found key #{key.key_tag}\n"
662
662
  return key, sig
663
663
  end
664
664
  }
@@ -745,8 +745,10 @@ module Dnsruby
745
745
  if [Algorithms.RSASHA1,
746
746
  Algorithms.RSASHA1_NSEC3_SHA1].include?(sigrec.algorithm)
747
747
  verified = keyrec.public_key.verify(OpenSSL::Digest::SHA1.new, sigrec.signature, sig_data)
748
- # elsif (sigrec.algorithm == Algorithms.RSASHA256)
749
- # verified = keyrec.public_key.verify(Digest::SHA256.new, sigrec.signature, sig_data)
748
+ elsif (sigrec.algorithm == Algorithms.RSASHA256)
749
+ verified = keyrec.public_key.verify(OpenSSL::Digest::SHA256.new, sigrec.signature, sig_data)
750
+ elsif (sigrec.algorithm == Algorithms.RSASHA512)
751
+ verified = keyrec.public_key.verify(OpenSSL::Digest::SHA512.new, sigrec.signature, sig_data)
750
752
  elsif [Algorithms.DSA,
751
753
  Algorithms.DSA_NSEC3_SHA1].include?(sigrec.algorithm)
752
754
  # we are ignoring T for now
@@ -770,7 +772,7 @@ module Dnsruby
770
772
  expiration_diff = (sigrec.expiration.to_i - Time.now.to_i).abs
771
773
  rrset.ttl = ([rrset.ttl, sigrec.ttl, sigrec.original_ttl,
772
774
  expiration_diff].sort)[0]
773
- # print "VERIFIED OK\n"
775
+ # print "VERIFIED OK\n"
774
776
  return true
775
777
  end
776
778
 
@@ -1102,7 +1104,7 @@ module Dnsruby
1102
1104
  if (Dnssec.default_resolver)
1103
1105
  return Dnssec.default_resolver
1104
1106
  else
1105
- return Resolver.new
1107
+ return Resolver.new
1106
1108
  end
1107
1109
  end
1108
1110
  end
@@ -1172,22 +1174,22 @@ module Dnsruby
1172
1174
  end
1173
1175
 
1174
1176
  def validate_no_rrsigs(msg) # :nodoc:
1175
- # print "Validating unsigned response\n"
1177
+ # print "Validating unsigned response\n"
1176
1178
  # WHAT IF THERE ARE NO RRSIGS IN MSG?
1177
1179
  # Then we need to check that we do not expect any RRSIGs
1178
1180
  if (!msg.question()[0] && msg.answer.length == 0)
1179
- # print "Returning Message insecure OK\n"
1181
+ # print "Returning Message insecure OK\n"
1180
1182
  msg.security_level = Message::SecurityLevel.INSECURE
1181
1183
  return true
1182
1184
  end
1183
1185
  qname = msg.question()[0].qname
1184
1186
  closest_anchor = find_closest_anchor_for(qname)
1185
- # print "Found closest anchor :#{closest_anchor}\n"
1187
+ # print "Found closest anchor :#{closest_anchor}\n"
1186
1188
  if (closest_anchor)
1187
1189
  actual_anchor = follow_chain(closest_anchor, qname)
1188
- # print "Actual anchor : #{actual_anchor}\n"
1190
+ # print "Actual anchor : #{actual_anchor}\n"
1189
1191
  if (actual_anchor)
1190
- # print("Anchor exists for #{qname}, but no signatures in #{msg}\n")
1192
+ # print("Anchor exists for #{qname}, but no signatures in #{msg}\n")
1191
1193
  TheLog.error("Anchor exists for #{qname}, but no signatures in #{msg}")
1192
1194
  msg.security_level = Message::SecurityLevel.BOGUS
1193
1195
  return false
@@ -1196,14 +1198,14 @@ module Dnsruby
1196
1198
  if ((@verifier_type == VerifierType::DLV) &&
1197
1199
  @added_dlv_key)
1198
1200
  # Remember to check DLV registry as well (if appropriate!)
1199
- # print "Checking DLV for closest anchor\n"
1201
+ # print "Checking DLV for closest anchor\n"
1200
1202
  dlv_anchor = find_closest_dlv_anchor_for(qname)
1201
- # print "Found DLV closest anchor :#{dlv_anchor}\n"
1203
+ # print "Found DLV closest anchor :#{dlv_anchor}\n"
1202
1204
  if (dlv_anchor)
1203
1205
  actual_anchor = follow_chain(dlv_anchor, qname)
1204
- # print "Actual anchor : #{actual_anchor}\n"
1206
+ # print "Actual anchor : #{actual_anchor}\n"
1205
1207
  if (actual_anchor)
1206
- # print("DLV Anchor exists for #{qname}, but no signatures in #{msg}\n")
1208
+ # print("DLV Anchor exists for #{qname}, but no signatures in #{msg}\n")
1207
1209
  TheLog.error("DLV Anchor exists for #{qname}, but no signatures in #{msg}")
1208
1210
  msg.security_level = Message::SecurityLevel.BOGUS
1209
1211
  return false
@@ -1211,7 +1213,7 @@ module Dnsruby
1211
1213
 
1212
1214
  end
1213
1215
  end
1214
- # print "Returning Message insecure OK\n"
1216
+ # print "Returning Message insecure OK\n"
1215
1217
  msg.security_level = Message::SecurityLevel.INSECURE
1216
1218
  return true
1217
1219
  end
data/lib/dnsruby.rb CHANGED
@@ -377,7 +377,8 @@ module Dnsruby
377
377
  DSA = 3
378
378
  ECC = 4
379
379
  RSASHA1 = 5
380
- # RSASHA256 =
380
+ RSASHA256 = 8
381
+ RSASHA512 = 10
381
382
  INDIRECT = 252
382
383
  PRIVATEDNS = 253
383
384
  PRIVATEOID = 254
data/test/tc_verifier.rb CHANGED
@@ -18,12 +18,92 @@ require 'test/unit'
18
18
  require 'dnsruby'
19
19
 
20
20
  class VerifierTest < Test::Unit::TestCase
21
+
22
+ def test_sha256
23
+ key256 = Dnsruby::RR.create("example.net. 3600 IN DNSKEY (256 3 8 AwEAAcFcGsaxxdgiuuGmCkVI
24
+ my4h99CqT7jwY3pexPGcnUFtR2Fh36BponcwtkZ4cAgtvd4Qs8P
25
+ kxUdp6p/DlUmObdk= );{id = 9033 (zsk), size = 512b}")
26
+ a = Dnsruby::RR.create("www.example.net. 3600 IN A 192.0.2.91")
27
+ sig = Dnsruby::RR.create("www.example.net. 3600 IN RRSIG (A 8 3 3600 20300101000000
28
+ 20000101000000 9033 example.net. kRCOH6u7l0QGy9qpC9
29
+ l1sLncJcOKFLJ7GhiUOibu4teYp5VE9RncriShZNz85mwlMgNEa
30
+ cFYK/lPtPiVYP4bwg==) ;{id = 9033}")
31
+ rrset = Dnsruby::RRSet.new(a)
32
+ rrset.add(sig)
33
+ verifier = Dnsruby::SingleVerifier.new(nil)
34
+ verifier.verify_rrset(rrset, key256)
35
+ end
36
+
37
+ def test_sha512
38
+ key512 = Dnsruby::RR.create("example.net. 3600 IN DNSKEY (256 3 10 AwEAAdHoNTOW+et86KuJOWRD
39
+ p1pndvwb6Y83nSVXXyLA3DLroROUkN6X0O6pnWnjJQujX/AyhqFD
40
+ xj13tOnD9u/1kTg7cV6rklMrZDtJCQ5PCl/D7QNPsgVsMu1J2Q8g
41
+ pMpztNFLpPBz1bWXjDtaR7ZQBlZ3PFY12ZTSncorffcGmhOL
42
+ );{id = 3740 (zsk), size = 1024b}")
43
+ a = Dnsruby::RR.create("www.example.net. 3600 IN A 192.0.2.91")
44
+ sig = Dnsruby::RR.create("www.example.net. 3600 IN RRSIG (A 10 3 3600 20300101000000
45
+ 20000101000000 3740 example.net. tsb4wnjRUDnB1BUi+t
46
+ 6TMTXThjVnG+eCkWqjvvjhzQL1d0YRoOe0CbxrVDYd0xDtsuJRa
47
+ eUw1ep94PzEWzr0iGYgZBWm/zpq+9fOuagYJRfDqfReKBzMweOL
48
+ DiNa8iP5g9vMhpuv6OPlvpXwm9Sa9ZXIbNl1MBGk0fthPgxdDLw
49
+ =);{id = 3740}")
50
+ rrset = Dnsruby::RRSet.new(a)
51
+ rrset.add(sig)
52
+ verifier = Dnsruby::SingleVerifier.new(nil)
53
+ verifier.verify_rrset(rrset, key512)
54
+ end
55
+
56
+ def test_sha2_zone
57
+ key1 = Dnsruby::RR.create("example.com. 3600 IN DNSKEY 256 3 8 AwEAAeTXG9RkEnPqrs1gTA
58
+ +7R2YdovW5HrObuMcsgIjfgAupTXX7NHBVUVX0oF2x8fJIeYt9pTuogTuUhw9/
59
+ kJrCI43VWa7xbsMkTbyj1/
60
+ wrfZB25nZnt4DQiqpYm8AZ3XmRBilibsGubVvrzWiQLC1gGXKUJ7JyQyL98G9ODUH2bmnb
61
+ ;{id = 43938 (zsk), size = 1024b}")
62
+ key2 = Dnsruby::RR.create("example.com. 3600 IN DNSKEY 257 3 8
63
+ AwEAAeLAE37+XYbieMtOqPRMbimhCjcyc/bSTbMQtKioxzjzgBPu/gVgHTeITJa
64
+ +IBFOD763HkzmG6ZIEcNAagCLg6+xeTnp017CBWWgnU+ksXdjgQ5KLfM/g4d2TL/Xf/BZJP
65
+ +JcIYqx3BNDT//bJpuwXqk6WkMtHGDSfSugel26TvgxG9X9xTaJh0u/
66
+ QMFpm9H4IyQ8557cYAG04z8Yx3PszE5niE6JGho7Qpv2YhpsuLh7dneUTtdqFajdyqU0lZ3iDHnrfm7ve75LorIMPB0FqIo8Q
67
+ +hqV/U44QB/gTuXiBPjxje6D6WLWJdisIKflYZjUBD0FxuOXZQ5+RFVMV5RSc= ;{id =
68
+ 18976 (ksk), size = 2048b}")
69
+ rrset = Dnsruby::RRSet.new(key1)
70
+ rrset.add(key2)
71
+ sig2 = Dnsruby::RR.create("example.com. 3600 IN RRSIG DNSKEY 8 2 3600 20091109083537
72
+ 20091012083537 18976 example.com. 0S/8cNh9otTenbcqQ2C5fxglGLrkI/EHp/
73
+ 8Y3NDbJ5M50xUzrXd91wjDCE2X/z7UNGeBtyFRqm2ZeId4MygBIBsFaqOr98X8qQo3qpZ/
74
+ ZtudmSSlk8X77bnKzsBxdLQgtE/REiT6j556zJJ9LtQ/
75
+ yHgdMmJa5BNPYbQDpJdzJGIYLe1Gx8edOqcPt0LAc3FmjB096Gmlt7JpIWJXrh2Q82eDTkLiEpv7ePAimduKh14
76
+ +ERi6mLKFDaQjnfkwZ7/zjw6Ekp3a7L9Pa4S/OKUis/TarEQJf
77
+ +w9yAVKKL8HCIFKOXfn1rOWZ8LIEzlmUmOVOV03F1Paww+9fJaG+WDhpQ== ;{id =
78
+ 18976}")
79
+ rrset.add(sig2)
80
+ verifier = Dnsruby::SingleVerifier.new(nil)
81
+ verifier.verify_rrset(rrset, key2)
82
+ sig = Dnsruby::RR.create("example.com. 3600 IN RRSIG DNSKEY 8 2 3600 20091109083537
83
+ 20091012083537 43938 example.com. TXaNGZ4QklUIlPtXaGhNegER
84
+ +uwJAvM9fSmnSt55FiMrMgkJDb6b/
85
+ GTyOF6INgKopO1wZRZI0iWaPUI0SRow6
86
+ +X8Idpk05uG7Two5R9uMGX0hu8PWc8BzuAxgeyawCYkXwXQ6Ah0PF9xkc/
87
+ Xlieo6T34XsoeHmKjmjMWs1KdFkU= ;{id = 43938}")
88
+ rrset.add(sig)
89
+ verifier.verify_rrset(rrset, key1)
90
+ txt = Dnsruby::RR.create('example.com. 86400 IN TXT "v=spf1 -all"')
91
+ rrset = Dnsruby::RRSet.new(txt)
92
+ txt_sig = Dnsruby::RR.create("example.com. 86400 IN RRSIG TXT 8 2 86400 20091109083536
93
+ 20091012083536 43938 example.com. rZcuxDZ7QO1oBSqwlV
94
+ +1ar7RTvwWOCYpgZy6oxXQMWkxONXnHVQO32yl
95
+ +3WzROW4tYHfFpsdyvo1BCT1PRRXLcLFGJd/
96
+ T3Y6ciiq5ZzsesfYV0aChOUhseX7MnMjsaLGbmDDVmGqW78nsoBjv9g
97
+ +0YshQa7E1ctz2aQ2sorWN+E= ;{id = 43938}")
98
+ rrset.add(txt_sig)
99
+ verifier.verify_rrset(rrset, key1)
100
+ end
21
101
 
22
102
  def test_se_query
23
103
  # Run some queries on the .se zone
24
104
  Dnsruby::Dnssec.clear_trusted_keys
25
105
  Dnsruby::Dnssec.clear_trust_anchors
26
- res = Dnsruby::Resolver.new("a.ns.se")
106
+ res = Dnsruby::Resolver.new(Dnsruby::Resolv.getaddress("a.ns.se"))
27
107
  res.dnssec = true
28
108
  r = res.query("se", Dnsruby::Types.ANY)
29
109
  # See comment below
@@ -36,7 +116,7 @@ class VerifierTest < Test::Unit::TestCase
36
116
  def test_verify_message
37
117
  Dnsruby::Dnssec.clear_trusted_keys
38
118
  Dnsruby::Dnssec.clear_trust_anchors
39
- res = Dnsruby::Resolver.new("a.ns.se")
119
+ res = Dnsruby::Resolver.new(Dnsruby::Resolv.getaddress("a.ns.se"))
40
120
  res.udp_size = 5000
41
121
  r = res.query("se", Dnsruby::Types.DNSKEY)
42
122
  # This shouldn't be in the code - but the key is rotated by the .se registry
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dnsruby
3
3
  version: !ruby/object:Gem::Version
4
- version: "1.37"
4
+ version: "1.38"
5
5
  platform: ruby
6
6
  authors:
7
7
  - AlexD
@@ -9,7 +9,7 @@ autorequire: dnsruby
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2009-09-10 00:00:00 +01:00
12
+ date: 2009-10-12 00:00:00 +01:00
13
13
  default_executable:
14
14
  dependencies: []
15
15
 
@@ -27,7 +27,6 @@ extra_rdoc_files:
27
27
  files:
28
28
  - test/custom.txt
29
29
  - test/resolv.conf
30
- - test/tc_auth.rb
31
30
  - test/tc_axfr.rb
32
31
  - test/tc_cache.rb
33
32
  - test/tc_dlv.rb
@@ -71,7 +70,6 @@ files:
71
70
  - test/ts_dnsruby.rb
72
71
  - test/ts_offline.rb
73
72
  - test/ts_online.rb
74
- - test/ts_queue.rb
75
73
  - lib/Dnsruby
76
74
  - lib/Dnsruby/Cache.rb
77
75
  - lib/Dnsruby/code_mapper.rb
@@ -93,7 +91,6 @@ files:
93
91
  - lib/Dnsruby/resource/AAAA.rb
94
92
  - lib/Dnsruby/resource/AFSDB.rb
95
93
  - lib/Dnsruby/resource/CERT.rb
96
- - lib/Dnsruby/resource/delete_me.rhtml
97
94
  - lib/Dnsruby/resource/DLV.rb
98
95
  - lib/Dnsruby/resource/DNSKEY.rb
99
96
  - lib/Dnsruby/resource/domain_name.rb
@@ -124,7 +121,6 @@ files:
124
121
  - lib/Dnsruby/resource/TXT.rb
125
122
  - lib/Dnsruby/resource/X25.rb
126
123
  - lib/Dnsruby/select_thread.rb
127
- - lib/Dnsruby/select_thread.rb.michael.rb
128
124
  - lib/Dnsruby/single_verifier.rb
129
125
  - lib/Dnsruby/SingleResolver.rb
130
126
  - lib/Dnsruby/TheLog.rb
@@ -132,19 +128,11 @@ files:
132
128
  - lib/Dnsruby/validator_thread.rb
133
129
  - lib/Dnsruby/zone_transfer.rb
134
130
  - lib/dnsruby.rb
135
- - html/classes
136
- - html/created.rid
137
- - html/files
138
- - html/fr_class_index.html
139
- - html/fr_file_index.html
140
- - html/fr_method_index.html
141
- - html/index.html
142
131
  - demo/axfr.rb
143
132
  - demo/check_soa.rb
144
133
  - demo/check_zone.rb
145
134
  - demo/digdlv.rb
146
135
  - demo/digitar.rb
147
- - demo/digroot.rb
148
136
  - demo/example_recurse.rb
149
137
  - demo/mresolv.rb
150
138
  - demo/mx.rb
@@ -177,7 +165,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
177
165
  requirements: []
178
166
 
179
167
  rubyforge_project: dnsruby
180
- rubygems_version: 1.0.1
168
+ rubygems_version: 1.3.1
181
169
  signing_key:
182
170
  specification_version: 2
183
171
  summary: Ruby DNS implementation