dnsruby 1.58.0 → 1.59.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 0542a8574fb4f542e8cdfac4b3efa08335954d76
-  data.tar.gz: 540ef10a9ec536cf6d19cfba946429ac30771c63
+  metadata.gz: 30959b577be6d8f64a67832ec6418fd157ece057
+  data.tar.gz: 94af23844c0a0f1d53b405b0720c9253364ad890
 SHA512:
-  metadata.gz: 793cd5fa6961776a89b2b1e508fe78573cbf6f52c64dd47b62afe2a4173c4448a9e5291be7a8e95837f862aa48a0b37dd710ba0490872d0db4b780468945df8f
-  data.tar.gz: 604d96ae611adce512eba2a95a93229603d0b85e4f234c3ce4f7d19e78842a8c76aeb70deefd502f2c577d28943e6de1cf6af5e8b5e3e034c4dee5915d8b5ab7
+  metadata.gz: 2237405083ea6ba078a24a172d681b8fde6f770d61fab1617cf4683f576ade793af97edadabe2e76fd649dc0d1eb868eb8bd931021b151ad64b8d0f3c99fc271
+  data.tar.gz: b7f1a0e23ca45cbe15410bd604754c26688ca835edb39dcc340ac4aece8d76c3e67d6ed06a9c2c3488caf2d56c6a5d526fca80f1c6933b43c4e3f0f1ff7a6bce

data/LICENSE

@@ -0,0 +1,11 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#     http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.

data/RELEASE_NOTES.md

@@ -1,5 +1,20 @@
 # Release Notes
 
+## v1.59.0
+
+* Add LICENSE file
+* Add Cache max_size (gihub issue 64)
+* Disable caching for SOA lookups in demo check_soa.rb
+* Fix for invalid nameserver in config
+* Fix encoding for OPT data (thanks Craig Despeaux)
+* Various test system fixes
+* OPT fixes
+* DNSSEC verification failure handling wrt lack of DS chain
+* DNSSEC validation policy name constants
+* Fix for BOGUS DLV chains
+* demo upgrades
+* Resolver hints improvements 
+
 
 ## v1.58.0
 

data/Rakefile

@@ -29,4 +29,5 @@ create_task(:test,         'test/ts_dnsruby.rb')
 create_task(:test_offline, 'test/ts_offline.rb')
 create_task(:test_online,  'test/ts_online.rb')
 create_task(:soak,         'test/tc_soak.rb')
-
+create_task(:message,      'test/tc_message.rb')
+create_task(:cache,         'test/tc_cache.rb')

data/demo/axfr.rb

@@ -1,6 +1,9 @@
+#! /usr/bin/env ruby
+
 # --
 # Copyright 2007 Nominet UK
 # 
+
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -59,9 +62,16 @@
 #      Michael Fuhr <mike@fuhr.org>
 # 
 
+unless (1..2).include?(ARGV.length)
+  puts "Usage: #{$0} [ -fqs ] [ -D directory ] [ @nameserver ] zone"
+  exit(-1)
+end
+
+
 require 'getoptLong'
 require 'dnsruby'
 
+
 # ------------------------------------------------------------------------------
 # Read any command-line options and check syntax.
 # ------------------------------------------------------------------------------
@@ -89,110 +99,99 @@ opts.each do |opt, arg|
   end
 end
 
-if (ARGV.length < 1) || (ARGV.length > 2)
-  print "Usage: #{$0} [ -fqs ] [ -D directory ] [ @nameserver ] zone\n"
-else
-  # ------------------------------------------------------------------------------
-  #  Get the nameserver (if specified) and set up the zone transfer directory
-  #  hierarchy.
-  # ------------------------------------------------------------------------------
-
-  nameserver = (ARGV[0] =~ /^@/) ? ARGV.shift : ""
-  nameserver = nameserver.sub(/^@/, "")
-  res = nil
-  if nameserver
-    res = Dnsruby::Resolver.new(nameserver)
-  else
-    res = Dnsruby::Resolver.new
-  end
+# ------------------------------------------------------------------------------
+#  Get the nameserver (if specified) and set up the zone transfer directory
+#  hierarchy.
+# ------------------------------------------------------------------------------
 
-  zone = ARGV.shift
-  basedir = opt_d!=nil ? opt_d : (ENV["HOME"]!=nil ? ENV["HOME"] : "") + "/.dns-zones"
-  zonedir = zone.split(/\./).reverse.join("/")
-  zonefile = basedir + "/" + zonedir + "/axfr"
+nameserver = (ARGV[0] =~ /^@/) ? ARGV.shift : ''
+nameserver = nameserver.sub(/^@/, '')
+resolver = nameserver ? Dnsruby::Resolver.new(nameserver) : Dnsruby::Resolver.new
 
-  #  Don't worry about the 0777 permissions here - the current umask setting
-  #  will be applied.
-  if !(FileTest.directory?basedir)
-    Dir.mkdir(basedir, 0777) or raise RuntimeError, "can't mkdir #{basedir}: #{$!}\n"
-  end
+zone = ARGV.shift
+basedir = opt_d || File.join((ENV['HOME'] || ''), '.dns-zones')
+zonedir = zone.split(/\./).reverse.join("/")
+zonefile = File.join(basedir, zonedir, 'axfr')
 
-  dir = basedir
-  zonedir.split("/").each do |subdir|
-    dir += "/" + subdir
-    if (!FileTest.directory?dir)
-      Dir.mkdir(dir, 0777) or raise RuntimeError, "can't mkdir #{dir}: #{$!}\n"
-    end
-  end
+#  Don't worry about the 0777 permissions here - the current umask setting
+#  will be applied.
+# NOTE: mkdir will raise an error on failure so I don't think 'or' works here.
+unless FileTest.directory?(basedir)
+  Dir.mkdir(basedir, 0777) or raise RuntimeError, "can't mkdir #{basedir}: #{$!}\n"
+end
 
-  # ------------------------------------------------------------------------------
-  #  Get the zone.
-  # ------------------------------------------------------------------------------
+dir = basedir
+# NOTE: What are we doing here?  Could this be replaced by mkdir_p?
+zonedir.split('/').each do |subdir|
+  dir += '/' + subdir
+  unless FileTest.directory?(dir)
+    Dir.mkdir(dir, 0777) or raise RuntimeError, "can't mkdir #{dir}: #{$!}\n"
+  end
+end
 
-  zonearray = nil
+# ------------------------------------------------------------------------------
+#  Get the zone.
+# ------------------------------------------------------------------------------
 
-  if (FileTest.exist?(zonefile) && !opt_f)
-    zoneref = Marshal.load(File.open(zonefile))
-    if (zoneref==nil)
-      raise RuntimeError, "couldn't retrieve zone from #{zonefile}: #{$!}\n"
-    end
+if FileTest.exist?(zonefile) && !opt_f
+  zoneref = Marshal.load(File.open(zonefile))
+  if zoneref.nil?
+    raise RuntimeError, "couldn't retrieve zone from #{zonefile}: #{$!}\n"
+  end
 
-    # ----------------------------------------------------------------------
-    #  Check the SOA serial number if desired.
-    # ----------------------------------------------------------------------
+  # ----------------------------------------------------------------------
+  #  Check the SOA serial number if desired.
+  # ----------------------------------------------------------------------
 
-    if (opt_s)
-      serial_file, serial_zone = nil
+  if opt_s
+    serial_file = serial_zone = nil
 
-      zoneref.each do |rr|
-        if (rr.type == "SOA")
-          serial_file = rr.serial
-          break
-        end
-      end
-      if serial_file==nil
-        raise RuntimeError,  "no SOA in #{zonefile}\n"
+    zoneref.each do |rr|
+      if (rr.type == 'SOA')
+        serial_file = rr.serial
+        break
       end
+    end
+    if serial_file.nil?
+      raise RuntimeError,  "no SOA in #{zonefile}\n"
+    end
 
-      soa = res.query(zone, "SOA")
-      if soa==nil
-        raise RuntimeError, "couldn't get SOA for #{zone}: " + res.errorstring + "\n"
-      end
+    soa = resolver.query(zone, 'SOA')
+    if soa.nil?
+      raise RuntimeError, "couldn't get SOA for #{zone}: " + resolver.errorstring + "\n"
+    end
 
-      soa.answer.each do |rr|
-        if (rr.type == "SOA")
-          serial_zone = rr.serial
-          break
-        end
+    soa.answer.each do |rr|
+      if rr.type == 'SOA'
+        serial_zone = rr.serial
+        break
       end
+    end
 
-      if (serial_zone != serial_file)
-        opt_f = true
-      end
+    if serial_zone != serial_file
+      opt_f = true
     end
-  else
-    opt_f = true
   end
+else
+  opt_f = true
+end
 
-  if (opt_f)
-    print "nameserver = #{nameserver}, zone=#{zone}"
-    zt = Dnsruby::ZoneTransfer.new
-    zt.server=(nameserver) if nameserver!=""
+if opt_f
+  print "nameserver = #{nameserver}, zone=#{zone}"
+  zt = Dnsruby::ZoneTransfer.new
+  zt.server = nameserver if nameserver != ''
 
-    zoneref = zt.transfer(zone)
-    if zoneref==nil
-      raise RuntimeError,  "couldn't transfer zone\n"
-    end
-    Marshal.dump(zoneref, File.open(zonefile, File::CREAT|File::RDWR))
+  zoneref = zt.transfer(zone)
+  if zoneref.nil?
+    raise RuntimeError,  "couldn't transfer zone\n"
   end
+  Marshal.dump(zoneref, File.open(zonefile, File::CREAT | File::RDWR))
+end
 
-  # ------------------------------------------------------------------------------
-  #  Print the records in the zone.
-  # ------------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
+#  Print the records in the zone.
+# ------------------------------------------------------------------------------
 
-  if (!opt_q)
-    zoneref.each do |z|
-      print z.to_s + "\n"
-    end
-  end
+unless opt_q
+  zoneref.each { |z| puts z }
 end

data/demo/check_soa.rb

@@ -1,3 +1,5 @@
+#! /usr/bin/env ruby
+
 # --
 # Copyright 2007 Nominet UK
 # 
@@ -35,7 +37,7 @@
 # The original Bourne Shell and C versions were printed in
 # "DNS and BIND" by Paul Albitz & Cricket Liu.
 # 
-# This Perl version was written by Michael Fuhr <mike@fuhr.org>.
+# The Perl version was written by Michael Fuhr <mike@fuhr.org>.
 # 
 # = SEE ALSO
 # 
@@ -43,116 +45,135 @@
 
 require 'dnsruby'
 
-# ------------------------------------------------------------------------------
-# Get the domain from the command line.
-# ------------------------------------------------------------------------------
+NO_DOMAIN_SPECIFIED = -1
+NO_NAMESERVERS      = -2
 
-if ARGV.length ==1
-  domain = ARGV[0]
 
-  # ------------------------------------------------------------------------------
-  #  Find all the nameservers for the domain.
-  # ------------------------------------------------------------------------------
+def fatal_error(message, exit_code)
+  puts message
+  exit(exit_code)
+end
 
-  res = Dnsruby::Resolver.new
 
-  #   res.defnames=(0)
-  res.retry_times=(2)
-  ns_req = nil
-  begin
-    ns_req = res.query(domain, "NS")
-  rescue Exception => e
-    print "Error : #{e}"
-    return
-  end
-  if (ns_req.header.ancount == 0)
-    print "No nameservers found for #{domain}\n"
-    return
-  end
+def usage
+  fatal_error("Usage: #{$0} domain", NO_DOMAIN_SPECIFIED)
+end
 
-  #  Send out non-recursive queries
-  res.recurse=(0)
 
+def create_resolver
+  resolver = Dnsruby::Resolver.new
+  resolver.retry_times = 2
+  resolver.recurse = 0  # Send out non-recursive queries
+  # disable caching otherwise SOA is cached from first nameserver queried
+  resolver.do_caching = false
+  resolver
+end
 
-  # ------------------------------------------------------------------------------
-  #  Check the SOA record on each nameserver.
-  # ------------------------------------------------------------------------------
 
-   (ns_req.answer.select {|r| r.type == "NS"}).each do |nsrr|
+def get_ns_response(resolver, domain)
+  ns_response = resolver.query(domain, 'NS')
+  if ns_response.header.ancount == 0
+    fatal_error("No nameservers found for #{domain}.", NO_NAMESERVERS)
+  end
+  ns_response
+end
 
-    # ----------------------------------------------------------------------
-    #  Set the resolver to query this nameserver.
-    # ----------------------------------------------------------------------
-    ns = nsrr.domainname
 
+# Finds all the nameserver domains for the domain.
+def get_ns_domains(resolver, domain)
+  ns_response = get_ns_response(resolver, domain)
+  ns_answers = ns_response.answer.select { |r| r.type == 'NS'}
+  ns_answers.map(&:domainname)
+end
+
+
+def process_ns_domain(resolver, domain, ns_domain)
+
+  a_response = begin
     #  In order to lookup the IP(s) of the nameserver, we need a Resolver
     #  object that is set to our local, recursive nameserver.  So we create
     #  a new object just to do that.
+    local_resolver = Dnsruby::Resolver.new
 
-    local_res = Dnsruby::Resolver.new
-    a_req=nil
-    begin
-      a_req = local_res.query(ns, 'A')
+    local_resolver.query(ns_domain, 'A')
+  rescue Exception => e
+    puts "Cannot find address for #{ns_domain}: #{e}"
+    return
+  end
+
+  a_answers = a_response.answer.select {|r| r.type == 'A'}
+  a_answers.each do |a_answer|
+
+    # ----------------------------------------------------------------------
+    #  Ask this IP.
+    # ----------------------------------------------------------------------
+    ip_address = a_answer.address
+    resolver.nameserver = ip_address.to_s
+    print "#{ns_domain} (#{ip_address}): "
+
+    # ----------------------------------------------------------------------
+    #  Get the SOA record.
+    # ----------------------------------------------------------------------
+    soa_response = begin
+      resolver.query(domain, 'SOA', 'IN')
     rescue Exception => e
-      print "Can not find address for #{ns}: #{e}\n"
-      next
+      puts "Error : #{e}"
+      return
+    end
+
+    # ----------------------------------------------------------------------
+    #  Is this nameserver authoritative for the domain?
+    # ----------------------------------------------------------------------
+
+    unless soa_response.header.aa
+      print "isn't authoritative for #{domain}\n"
+      return
+    end
+
+    # ----------------------------------------------------------------------
+    #  We should have received exactly one answer.
+    # ----------------------------------------------------------------------
+
+    unless soa_response.header.ancount == 1
+      puts "expected 1 answer, got #{soa_response.header.ancount}."
+      return
     end
 
-     (a_req.answer.select {|r| r.type == 'A'}).each do |r|
-      ip = r.address
-      # ----------------------------------------------------------------------
-      #  Ask this IP.
-      # ----------------------------------------------------------------------
-
-      res.nameserver=(ip.to_s)
-
-      print "#{ns} (#{ip}): "
-
-      # ----------------------------------------------------------------------
-      #  Get the SOA record.
-      # ----------------------------------------------------------------------
-      soa_req=nil
-      begin
-        soa_req = res.query(domain, 'SOA', 'IN')
-      rescue Exception => e
-        print "Error : #{e}\n"
-        next
-      end
-
-      # ----------------------------------------------------------------------
-      #  Is this nameserver authoritative for the domain?
-      # ----------------------------------------------------------------------
-
-      unless (soa_req.header.aa)
-        print "isn't authoritative for #{domain}\n"
-        next
-      end
-
-      # ----------------------------------------------------------------------
-      #  We should have received exactly one answer.
-      # ----------------------------------------------------------------------
-
-      unless (soa_req.header.ancount == 1)
-        print "expected 1 answer, got ", soa_req.header.ancount, "\n"
-        next
-      end
-
-      # ----------------------------------------------------------------------
-      #  Did we receive an SOA record?
-      # ----------------------------------------------------------------------
-
-      unless ((soa_req.answer)[0].type == "SOA")
-        print "expected SOA, got ", (soa_req.answer)[0].type, "\n"
-        next
-      end
-
-      # ----------------------------------------------------------------------
-      #  Print the serial number.
-      # ----------------------------------------------------------------------
-
-      print "has serial number ", (soa_req.answer)[0].serial, "\n"
+    # ----------------------------------------------------------------------
+    #  Did we receive an SOA record?
+    # ----------------------------------------------------------------------
+
+    answer_type = soa_response.answer[0].type
+    unless answer_type == 'SOA'
+      puts "expected SOA, got #{answer_type}"
+      return
     end
+
+    # ----------------------------------------------------------------------
+    #  Print the serial number.
+    # ----------------------------------------------------------------------
+
+    puts "has serial number #{soa_response.answer[0].serial}"
   end
-else
-  print "Usage: #{$0} domain\n"
 end
+
+
+def main
+
+  # Get domain from command line, printing usage and exiting if none provided:
+  domain = ARGV.fetch(0) { usage }
+
+  resolver = create_resolver
+
+  ns_domains = get_ns_domains(resolver, domain)
+
+  # ------------------------------------------------------------------------------
+  #  Check the SOA record on each nameserver.
+  # ------------------------------------------------------------------------------
+  ns_domains.each do |ns_domain_name|
+    process_ns_domain(resolver, domain, ns_domain_name)
+  end
+end
+
+
+main