dnsruby 1.53 → 1.54
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/Dnsruby/DNS.rb +4 -0
- data/lib/Dnsruby/PacketSender.rb +49 -29
- data/lib/Dnsruby/Resolver.rb +14 -3
- data/lib/Dnsruby/SingleResolver.rb +4 -4
- data/lib/Dnsruby/dnssec.rb +3 -3
- data/lib/Dnsruby/message.rb +5 -0
- data/lib/Dnsruby/resource/resource.rb +9 -4
- data/lib/Dnsruby/single_verifier.rb +11 -1
- data/lib/dnsruby.rb +1 -1
- data/test/tc_res_config.rb +33 -29
- data/test/tc_res_opt.rb +2 -0
- data/test/tc_rr-opt.rb +57 -2
- metadata +7 -10
data/lib/Dnsruby/DNS.rb
CHANGED
|
@@ -77,6 +77,8 @@ module Dnsruby
|
|
|
77
77
|
#* ftp://ftp.isi.edu/in-notes/iana/assignments/dns-parameters
|
|
78
78
|
#* etc.
|
|
79
79
|
class DNS
|
|
80
|
+
|
|
81
|
+
attr_accessor :do_caching
|
|
80
82
|
|
|
81
83
|
#Creates a new DNS resolver. See Resolv::DNS.new for argument details.
|
|
82
84
|
#
|
|
@@ -114,6 +116,7 @@ module Dnsruby
|
|
|
114
116
|
# :search => ['ruby-lang.org'],
|
|
115
117
|
# :ndots => 1})
|
|
116
118
|
def initialize(config_info=nil)
|
|
119
|
+
@do_caching = true
|
|
117
120
|
@config = Config.new()
|
|
118
121
|
@config.set_config_info(config_info)
|
|
119
122
|
@resolver = Resolver.new(@config)
|
|
@@ -284,6 +287,7 @@ module Dnsruby
|
|
|
284
287
|
msg.add_question(candidate, type, klass)
|
|
285
288
|
msg.do_validation = false
|
|
286
289
|
msg.header.cd = false
|
|
290
|
+
msg.do_caching = do_caching
|
|
287
291
|
@resolver.do_validation = false
|
|
288
292
|
@resolver.send_async(msg, q)
|
|
289
293
|
id, ret, exception = q.pop
|
data/lib/Dnsruby/PacketSender.rb
CHANGED
|
@@ -101,22 +101,18 @@ module Dnsruby
|
|
|
101
101
|
# dnssec defaults to ON
|
|
102
102
|
attr_reader :dnssec
|
|
103
103
|
|
|
104
|
+
# Set the source address. If the arg is nil, do nothing
|
|
105
|
+
def src_address6=(arg)
|
|
106
|
+
if (not arg.nil?)
|
|
107
|
+
@src_address6 = arg
|
|
108
|
+
end
|
|
109
|
+
end
|
|
110
|
+
|
|
104
111
|
# Set the source address. If the arg is nil, do nothing
|
|
105
112
|
def src_address=(arg)
|
|
106
113
|
if (not arg.nil?)
|
|
107
114
|
@src_address = arg
|
|
108
115
|
end
|
|
109
|
-
# Do some verification to make sure that the source address
|
|
110
|
-
# is of the same type as the server address
|
|
111
|
-
if (@server.nil?)
|
|
112
|
-
return
|
|
113
|
-
else
|
|
114
|
-
si = IPAddr.new(@src_address)
|
|
115
|
-
i = IPAddr.new(@server)
|
|
116
|
-
if (i.ipv4? and si.ipv6?) or (i.ipv6? and si.ipv4?)
|
|
117
|
-
raise ArgumentError.new("Invalid address specified (address family does not match)")
|
|
118
|
-
end
|
|
119
|
-
end
|
|
120
116
|
end
|
|
121
117
|
|
|
122
118
|
#Sets the TSIG to sign outgoing messages with.
|
|
@@ -150,6 +146,7 @@ module Dnsruby
|
|
|
150
146
|
def server=(server)
|
|
151
147
|
Dnsruby.log.debug{"InternalResolver setting server to #{server}"}
|
|
152
148
|
@server=Config.resolve_server(server)
|
|
149
|
+
check_ipv6
|
|
153
150
|
end
|
|
154
151
|
|
|
155
152
|
# Can take a hash with the following optional keys :
|
|
@@ -160,6 +157,7 @@ module Dnsruby
|
|
|
160
157
|
# * :no_tcp
|
|
161
158
|
# * :ignore_truncation
|
|
162
159
|
# * :src_address
|
|
160
|
+
# * :src_address6
|
|
163
161
|
# * :src_port
|
|
164
162
|
# * :udp_size
|
|
165
163
|
# * :tsig
|
|
@@ -167,6 +165,7 @@ module Dnsruby
|
|
|
167
165
|
# * :recurse
|
|
168
166
|
def initialize(*args)
|
|
169
167
|
arg=args[0]
|
|
168
|
+
@ipv6 = false
|
|
170
169
|
@packet_timeout = Resolver::DefaultPacketTimeout
|
|
171
170
|
@port = Resolver::DefaultPort
|
|
172
171
|
@udp_size = Resolver::DefaultUDPSize
|
|
@@ -176,6 +175,7 @@ module Dnsruby
|
|
|
176
175
|
@tsig = nil
|
|
177
176
|
@ignore_truncation = false
|
|
178
177
|
@src_address = '0.0.0.0'
|
|
178
|
+
@src_address6 = '::'
|
|
179
179
|
@src_port = [0]
|
|
180
180
|
@recurse = true
|
|
181
181
|
|
|
@@ -190,7 +190,8 @@ module Dnsruby
|
|
|
190
190
|
elsif (arg.kind_of?Hash)
|
|
191
191
|
arg.keys.each do |attr|
|
|
192
192
|
begin
|
|
193
|
-
if ((attr.to_s == "src_address")
|
|
193
|
+
if (((attr.to_s == "src_address")||(attr.to_s == "src_address6")) &&
|
|
194
|
+
((arg[attr] == nil) || (arg[attr] == "")))
|
|
194
195
|
else
|
|
195
196
|
send(attr.to_s+"=", arg[attr])
|
|
196
197
|
end
|
|
@@ -203,18 +204,24 @@ module Dnsruby
|
|
|
203
204
|
#Check server is IP
|
|
204
205
|
@server=Config.resolve_server(@server)
|
|
205
206
|
|
|
207
|
+
check_ipv6
|
|
208
|
+
# ResolverRegister::register_single_resolver(self)
|
|
209
|
+
end
|
|
210
|
+
|
|
211
|
+
def check_ipv6
|
|
206
212
|
begin
|
|
207
213
|
i = IPv4.create(@server)
|
|
208
|
-
@src_address = '0.0.0.0'
|
|
214
|
+
# @src_address = '0.0.0.0'
|
|
215
|
+
@ipv6=false
|
|
209
216
|
rescue Exception
|
|
210
217
|
begin
|
|
211
218
|
i = IPv6.create(@server)
|
|
212
|
-
@
|
|
219
|
+
# @src_address6 = '::'
|
|
220
|
+
@ipv6=true
|
|
213
221
|
rescue Exception
|
|
214
222
|
Dnsruby.log.error{"Server is neither IPv4 or IPv6!\n"}
|
|
215
223
|
end
|
|
216
224
|
end
|
|
217
|
-
# ResolverRegister::register_single_resolver(self)
|
|
218
225
|
end
|
|
219
226
|
|
|
220
227
|
def close
|
|
@@ -346,16 +353,20 @@ module Dnsruby
|
|
|
346
353
|
socket = nil
|
|
347
354
|
runnextportloop = true
|
|
348
355
|
numtries = 0
|
|
356
|
+
src_address = @src_address
|
|
357
|
+
if (@ipv6)
|
|
358
|
+
src_address = @src_address6
|
|
359
|
+
end
|
|
349
360
|
while (runnextportloop)do
|
|
350
361
|
begin
|
|
351
362
|
numtries += 1
|
|
352
363
|
src_port = get_next_src_port
|
|
353
364
|
if (use_tcp)
|
|
354
365
|
begin
|
|
355
|
-
socket = TCPSocket.new(@server, @port,
|
|
366
|
+
socket = TCPSocket.new(@server, @port, src_address, src_port)
|
|
356
367
|
rescue Errno::EBADF, Errno::ENETUNREACH => e
|
|
357
368
|
# Can't create a connection
|
|
358
|
-
err=IOError.new("TCP connection error to #{@server}:#{@port} from #{
|
|
369
|
+
err=IOError.new("TCP connection error to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp}, exception = #{e.class}, #{e}")
|
|
359
370
|
Dnsruby.log.error{"#{err}"}
|
|
360
371
|
st.push_exception_to_select(client_query_id, client_queue, err, nil)
|
|
361
372
|
return
|
|
@@ -366,10 +377,10 @@ module Dnsruby
|
|
|
366
377
|
if (/java/ =~ RUBY_PLATFORM )
|
|
367
378
|
socket = UDPSocket.new()
|
|
368
379
|
else
|
|
369
|
-
ipv6 = @src_address =~ /:/
|
|
370
|
-
socket = UDPSocket.new(ipv6
|
|
380
|
+
# ipv6 = @src_address =~ /:/
|
|
381
|
+
socket = UDPSocket.new(@ipv6 ? Socket::AF_INET6 : Socket::AF_INET)
|
|
371
382
|
end
|
|
372
|
-
socket.bind(
|
|
383
|
+
socket.bind(src_address, src_port)
|
|
373
384
|
socket.connect(@server, @port)
|
|
374
385
|
end
|
|
375
386
|
runnextportloop = false
|
|
@@ -384,7 +395,7 @@ module Dnsruby
|
|
|
384
395
|
# Maybe try a max number of times?
|
|
385
396
|
if ((e.class != Errno::EADDRINUSE) || (numtries > 50) ||
|
|
386
397
|
((e.class == Errno::EADDRINUSE) && (src_port == @src_port[0])))
|
|
387
|
-
err=IOError.new("dnsruby can't connect to #{@server}:#{@port} from #{
|
|
398
|
+
err=IOError.new("dnsruby can't connect to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp}, exception = #{e.class}, #{e}")
|
|
388
399
|
Dnsruby.log.error{"#{err}"}
|
|
389
400
|
st.push_exception_to_select(client_query_id, client_queue, err, nil)
|
|
390
401
|
return
|
|
@@ -392,27 +403,26 @@ module Dnsruby
|
|
|
392
403
|
end
|
|
393
404
|
end
|
|
394
405
|
if (socket==nil)
|
|
395
|
-
err=IOError.new("dnsruby can't connect to #{@server}:#{@port} from #{
|
|
406
|
+
err=IOError.new("dnsruby can't connect to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp}")
|
|
396
407
|
Dnsruby.log.error{"#{err}"}
|
|
397
408
|
st.push_exception_to_select(client_query_id, client_queue, err, nil)
|
|
398
409
|
return
|
|
399
410
|
end
|
|
400
|
-
Dnsruby.log.debug{"Sending packet to #{@server}:#{@port} from #{
|
|
411
|
+
Dnsruby.log.debug{"Sending packet to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp} : #{query.question()[0].qname}, #{query.question()[0].qtype}"}
|
|
401
412
|
# print "#{Time.now} : Sending packet to #{@server} : #{query.question()[0].qname}, #{query.question()[0].qtype}\n"
|
|
402
413
|
# Listen for the response before we send the packet (to avoid any race conditions)
|
|
403
414
|
query_settings = SelectThread::QuerySettings.new(query_bytes, query, @ignore_truncation, client_queue, client_query_id, socket, @server, @port, endtime, udp_packet_size, self)
|
|
404
|
-
# The select thread will now wait for the response and send that or a timeout
|
|
405
|
-
# back to the client_queue.
|
|
406
|
-
st.add_to_select(query_settings)
|
|
407
|
-
# Now that we're listening for the response, send the query!
|
|
408
415
|
begin
|
|
409
416
|
if (use_tcp)
|
|
410
417
|
lenmsg = [query_bytes.length].pack('n')
|
|
411
418
|
socket.send(lenmsg, 0)
|
|
412
419
|
end
|
|
413
420
|
socket.send(query_bytes, 0)
|
|
421
|
+
# The select thread will now wait for the response and send that or a timeout
|
|
422
|
+
# back to the client_queue.
|
|
423
|
+
st.add_to_select(query_settings)
|
|
414
424
|
rescue Exception => e
|
|
415
|
-
err=IOError.new("Send failed to #{@server}:#{@port} from #{
|
|
425
|
+
err=IOError.new("Send failed to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp}, exception : #{e}")
|
|
416
426
|
Dnsruby.log.error{"#{err}"}
|
|
417
427
|
st.push_exception_to_select(client_query_id, client_queue, err, nil)
|
|
418
428
|
begin
|
|
@@ -422,7 +432,7 @@ module Dnsruby
|
|
|
422
432
|
return
|
|
423
433
|
end
|
|
424
434
|
|
|
425
|
-
Dnsruby.log.debug{"Packet sent to #{@server}:#{@port} from #{
|
|
435
|
+
Dnsruby.log.debug{"Packet sent to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp} : #{query.question()[0].qname}, #{query.question()[0].qtype}"}
|
|
426
436
|
# print "Packet sent to #{@server}:#{@port} from #{@src_address}:#{src_port}, use_tcp=#{use_tcp} : #{query.question()[0].qname}, #{query.question()[0].qtype}\n"
|
|
427
437
|
end
|
|
428
438
|
|
|
@@ -521,6 +531,16 @@ module Dnsruby
|
|
|
521
531
|
end
|
|
522
532
|
end
|
|
523
533
|
end
|
|
534
|
+
# IF WE GET FORMERR BACK HERE (and we have EDNS0 on) THEN
|
|
535
|
+
# TRY AGAIN WITH NO OPT RECORDS! (rfc2671 section 5.3)
|
|
536
|
+
if ((response.header.get_header_rcode == RCode.FORMERR) &&
|
|
537
|
+
(query.header.arcount > 0))
|
|
538
|
+
# try resending the message with no OPT record
|
|
539
|
+
query.remove_additional
|
|
540
|
+
query.send_raw = true
|
|
541
|
+
send_async(query, client_queue, client_query_id, false)
|
|
542
|
+
return false
|
|
543
|
+
end
|
|
524
544
|
if (response.header.tc && !tcp && !@ignore_truncation)
|
|
525
545
|
if (@no_tcp)
|
|
526
546
|
Dnsruby.log.debug{"Truncated response - not resending over TCP as no_tcp==true"}
|
data/lib/Dnsruby/Resolver.rb
CHANGED
|
@@ -92,9 +92,12 @@ module Dnsruby
|
|
|
92
92
|
# i.e. the TC bit is ignored and thus the resolver will not requery over TCP if TC is set
|
|
93
93
|
attr_reader :ignore_truncation
|
|
94
94
|
|
|
95
|
-
# The source address to send queries from
|
|
95
|
+
# The source address to send queries from for IPv4
|
|
96
96
|
attr_reader :src_address
|
|
97
97
|
|
|
98
|
+
# The source address to send queries from for IPv6
|
|
99
|
+
attr_reader :src_address6
|
|
100
|
+
|
|
98
101
|
# Should the Recursion Desired bit be set?
|
|
99
102
|
attr_reader :recurse
|
|
100
103
|
|
|
@@ -360,6 +363,7 @@ module Dnsruby
|
|
|
360
363
|
# * :tsig
|
|
361
364
|
# * :ignore_truncation
|
|
362
365
|
# * :src_address
|
|
366
|
+
# * :src_address6
|
|
363
367
|
# * :src_port
|
|
364
368
|
# * :recurse
|
|
365
369
|
# * :udp_size
|
|
@@ -374,6 +378,7 @@ module Dnsruby
|
|
|
374
378
|
# @TODO@ Should we allow :namesver to be an RRSet of NS records? Would then need to randomly order them?
|
|
375
379
|
@resolver_ruby = nil
|
|
376
380
|
@src_address = nil
|
|
381
|
+
@src_address6 = nil
|
|
377
382
|
@single_res_mutex = Mutex.new
|
|
378
383
|
@configured = false
|
|
379
384
|
@do_caching = true
|
|
@@ -425,7 +430,7 @@ module Dnsruby
|
|
|
425
430
|
res = PacketSender.new({:server=>ns, :dnssec=>@dnssec,
|
|
426
431
|
:use_tcp=>@use_tcp, :no_tcp=>@no_tcp, :packet_timeout=>@packet_timeout,
|
|
427
432
|
:tsig => @tsig, :ignore_truncation=>@ignore_truncation,
|
|
428
|
-
:src_address=>@src_address, :src_port=>@src_port,
|
|
433
|
+
:src_address=>@src_address, :src_address6=>@src_address6, :src_port=>@src_port,
|
|
429
434
|
:recurse=>@recurse, :udp_size=>@udp_size})
|
|
430
435
|
@single_resolvers.push(res) if res
|
|
431
436
|
end
|
|
@@ -472,6 +477,7 @@ module Dnsruby
|
|
|
472
477
|
@ignore_truncation = false
|
|
473
478
|
@config = Config.new()
|
|
474
479
|
@src_address = nil
|
|
480
|
+
@src_address6 = nil
|
|
475
481
|
@src_port = [0]
|
|
476
482
|
@recurse = true
|
|
477
483
|
@single_res_mutex.synchronize {
|
|
@@ -509,7 +515,7 @@ module Dnsruby
|
|
|
509
515
|
|
|
510
516
|
def update_internal_res(res)
|
|
511
517
|
[:port, :use_tcp, :no_tcp, :tsig, :ignore_truncation, :packet_timeout,
|
|
512
|
-
:src_address, :src_port, :recurse,
|
|
518
|
+
:src_address, :src_address6, :src_port, :recurse,
|
|
513
519
|
:udp_size, :dnssec].each do |param|
|
|
514
520
|
|
|
515
521
|
res.send(param.to_s+"=", instance_variable_get("@"+param.to_s))
|
|
@@ -695,6 +701,11 @@ module Dnsruby
|
|
|
695
701
|
update
|
|
696
702
|
end
|
|
697
703
|
|
|
704
|
+
def src_address6=(a)
|
|
705
|
+
@src_address6 = a
|
|
706
|
+
update
|
|
707
|
+
end
|
|
708
|
+
|
|
698
709
|
def port=(a)
|
|
699
710
|
@port = a
|
|
700
711
|
update
|
|
@@ -46,6 +46,7 @@ module Dnsruby
|
|
|
46
46
|
# * :no_tcp
|
|
47
47
|
# * :ignore_truncation
|
|
48
48
|
# * :src_address
|
|
49
|
+
# * :src_address6
|
|
49
50
|
# * :src_port
|
|
50
51
|
# * :udp_size
|
|
51
52
|
# * :persistent_tcp
|
|
@@ -66,6 +67,7 @@ module Dnsruby
|
|
|
66
67
|
@tsig = nil
|
|
67
68
|
@ignore_truncation = false
|
|
68
69
|
@src_address = nil
|
|
70
|
+
@src_address6 = nil
|
|
69
71
|
@src_port = [0]
|
|
70
72
|
@recurse = true
|
|
71
73
|
@persistent_udp = false
|
|
@@ -115,8 +117,7 @@ module Dnsruby
|
|
|
115
117
|
isr = PacketSender.new({:server=>@server, :dnssec=>@dnssec,
|
|
116
118
|
:use_tcp=>@use_tcp, :no_tcp=>@no_tcp, :packet_timeout=>@packet_timeout,
|
|
117
119
|
:tsig => @tsig, :ignore_truncation=>@ignore_truncation,
|
|
118
|
-
:src_address=>@src_address, :src_port=>@src_port,
|
|
119
|
-
:do_caching=>@do_caching,
|
|
120
|
+
:src_address=>@src_address, :src_address6=>@src_address6, :src_port=>@src_port,
|
|
120
121
|
:recurse=>@recurse, :udp_size=>@udp_size})
|
|
121
122
|
|
|
122
123
|
@single_resolvers = [isr]
|
|
@@ -132,8 +133,7 @@ module Dnsruby
|
|
|
132
133
|
isr = PacketSender.new({:server=>@server, :dnssec=>@dnssec,
|
|
133
134
|
:use_tcp=>@use_tcp, :no_tcp=>@no_tcp, :packet_timeout=>@packet_timeout,
|
|
134
135
|
:tsig => @tsig, :ignore_truncation=>@ignore_truncation,
|
|
135
|
-
:src_address=>@src_address, :src_port=>@src_port,
|
|
136
|
-
:do_caching=>@do_caching,
|
|
136
|
+
:src_address=>@src_address, :src_address6=>@src_address6, :src_port=>@src_port,
|
|
137
137
|
:recurse=>@recurse, :udp_size=>@udp_size})
|
|
138
138
|
|
|
139
139
|
@single_res_mutex.synchronize {
|
data/lib/Dnsruby/dnssec.rb
CHANGED
|
@@ -281,12 +281,12 @@ module Dnsruby
|
|
|
281
281
|
|
|
282
282
|
def self.verify(msg, keys=nil)
|
|
283
283
|
begin
|
|
284
|
-
return true if @@anchor_verifier.verify(msg, keys
|
|
284
|
+
return true if @@anchor_verifier.verify(msg, keys)
|
|
285
285
|
rescue VerifyError
|
|
286
286
|
begin
|
|
287
|
-
return true if @@root_verifier.verify(msg, keys
|
|
287
|
+
return true if @@root_verifier.verify(msg, keys)
|
|
288
288
|
rescue VerifyError
|
|
289
|
-
return true if @@dlv_verifier.verify(msg, keys
|
|
289
|
+
return true if @@dlv_verifier.verify(msg, keys) # Will carry error to client
|
|
290
290
|
end
|
|
291
291
|
end
|
|
292
292
|
end
|
data/lib/Dnsruby/message.rb
CHANGED
|
@@ -314,6 +314,11 @@ module Dnsruby
|
|
|
314
314
|
return ret
|
|
315
315
|
end
|
|
316
316
|
|
|
317
|
+
def remove_additional
|
|
318
|
+
@additional = Section.new(self)
|
|
319
|
+
@header.arcount = 0
|
|
320
|
+
end
|
|
321
|
+
|
|
317
322
|
# Return the first rrset of the specified attributes in the message
|
|
318
323
|
def rrset(name, type, klass = Classes::IN)
|
|
319
324
|
[@answer, @authority, @additional].each do |section|
|
|
@@ -34,7 +34,12 @@ module Dnsruby
|
|
|
34
34
|
@num_sigs = 0
|
|
35
35
|
rrs.each {|rr| add(rr)}
|
|
36
36
|
end
|
|
37
|
-
|
|
37
|
+
def self.new_from_string(string)
|
|
38
|
+
rr_strings = string.split("\n")
|
|
39
|
+
rrs = rr_strings.map { |s| Dnsruby::RR.new_from_string(s) }
|
|
40
|
+
|
|
41
|
+
Dnsruby::RRSet.new(rrs)
|
|
42
|
+
end # The RRSIGs stored with this RRSet
|
|
38
43
|
def sigs
|
|
39
44
|
return @rrs[@rrs.length-@num_sigs, @num_sigs]
|
|
40
45
|
end
|
|
@@ -106,10 +111,10 @@ module Dnsruby
|
|
|
106
111
|
def <=>(other)
|
|
107
112
|
# return 1 if ((!other) || !(other.name) || !(other.type))
|
|
108
113
|
# return -1 if (!@name)
|
|
109
|
-
if (
|
|
110
|
-
return
|
|
114
|
+
if (name.canonical == other.name.canonical)
|
|
115
|
+
return type.code <=> other.type.code
|
|
111
116
|
else
|
|
112
|
-
return
|
|
117
|
+
return name <=> other.name
|
|
113
118
|
end
|
|
114
119
|
end
|
|
115
120
|
|
|
@@ -680,8 +680,9 @@ module Dnsruby
|
|
|
680
680
|
end
|
|
681
681
|
|
|
682
682
|
sigrecs.each {|sig|
|
|
683
|
+
# print "Looking at #{sig.key_tag} on sig, #{key.key_tag} on key\n"
|
|
683
684
|
if ((key.key_tag == sig.key_tag) && (key.algorithm == sig.algorithm))
|
|
684
|
-
|
|
685
|
+
# print "Found key #{key.key_tag}\n"
|
|
685
686
|
return key, sig
|
|
686
687
|
end
|
|
687
688
|
}
|
|
@@ -695,6 +696,12 @@ module Dnsruby
|
|
|
695
696
|
# Returns true if the RRSet verified, false otherwise.
|
|
696
697
|
def verify_rrset(rrset, keys = nil)
|
|
697
698
|
# print "Verify_rrset #{rrset.name}, #{rrset.type}\n"
|
|
699
|
+
# print "ABOUT TO VERIFY WITH #{keys == nil ? '0' : keys.length} keys\n"
|
|
700
|
+
# if (keys != nil)
|
|
701
|
+
# if (keys.length > 0)
|
|
702
|
+
# print "KEY TAG : #{keys[0].key_tag}\n"
|
|
703
|
+
# end
|
|
704
|
+
# end
|
|
698
705
|
sigrecs = rrset.sigs
|
|
699
706
|
if (rrset.rrs.length == 0)
|
|
700
707
|
raise VerifyError.new("No RRSet to verify")
|
|
@@ -744,6 +751,9 @@ module Dnsruby
|
|
|
744
751
|
raise VerifyError.new("DNSKEY with SEP flag set and Zone Key flag not set")
|
|
745
752
|
end
|
|
746
753
|
|
|
754
|
+
|
|
755
|
+
# print "VERIFY KEY FOUND - doing verification\n"
|
|
756
|
+
|
|
747
757
|
#Any DNS names in the RDATA field of each RR MUST be in
|
|
748
758
|
#canonical form; and
|
|
749
759
|
#The RRset MUST be sorted in canonical order.
|
data/lib/dnsruby.rb
CHANGED
data/test/tc_res_config.rb
CHANGED
|
@@ -14,48 +14,50 @@
|
|
|
14
14
|
#limitations under the License.
|
|
15
15
|
#++
|
|
16
16
|
begin
|
|
17
|
-
require 'rubygems'
|
|
17
|
+
require 'rubygems'
|
|
18
18
|
rescue LoadError
|
|
19
19
|
end
|
|
20
20
|
require 'test/unit'
|
|
21
21
|
require 'dnsruby'
|
|
22
22
|
class TestResolverConfig < Test::Unit::TestCase
|
|
23
|
-
def setup
|
|
24
|
-
Dnsruby::Config.reset
|
|
25
|
-
end
|
|
26
23
|
|
|
27
24
|
GoodInput = {
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
25
|
+
"port" => 54,
|
|
26
|
+
"src_address" => '10.1.0.1',
|
|
27
|
+
"src_address6" => 'fc00::1:2:3',
|
|
28
|
+
"src_port" => 56453,
|
|
29
|
+
"use_tcp" => true,
|
|
32
30
|
# "stayopen" => 1,
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
31
|
+
"ignore_truncation" => true,
|
|
32
|
+
"recurse" => false,
|
|
33
|
+
"packet_timeout" => 5,
|
|
36
34
|
# "dnssec" => 1,
|
|
37
35
|
# "force_v4" => 1,
|
|
38
36
|
};
|
|
39
37
|
|
|
40
38
|
ExtendedInput={
|
|
41
39
|
"query_timeout" => 30,
|
|
42
|
-
|
|
43
|
-
|
|
40
|
+
"retry_delay" => 6,
|
|
41
|
+
"retry_times" => 5,
|
|
44
42
|
}
|
|
45
43
|
|
|
46
44
|
LookupInput={
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
45
|
+
"domain" => 'dnsruby.rubyforge.org',
|
|
46
|
+
"apply_search_list" => false,
|
|
47
|
+
"ndots" => 4 ,
|
|
48
|
+
"apply_domain" => false
|
|
51
49
|
}
|
|
52
50
|
|
|
51
|
+
def setup
|
|
52
|
+
Dnsruby::Config.reset
|
|
53
|
+
end
|
|
54
|
+
|
|
53
55
|
def test_multiple_resolver
|
|
54
|
-
res = Dnsruby::Resolver.new();
|
|
56
|
+
res = Dnsruby::Resolver.new({:nameserver => ["127.0.0.1", "::1"]});
|
|
55
57
|
assert(res, "new returned something");
|
|
56
58
|
assert_instance_of(Dnsruby::Resolver, res, "new() returns an object of the correct class.");
|
|
57
|
-
|
|
58
|
-
# assert(res.config.nameserver, 'nameserver() works');
|
|
59
|
+
|
|
60
|
+
# assert(res.config.nameserver, 'nameserver() works');
|
|
59
61
|
|
|
60
62
|
searchlist = ["t.dnsruby.validation-test-servers.nominet.org.uk", "t2.dnsruby.validation-test-servers.nominet.org.uk"];
|
|
61
63
|
assert_equal(res.config.search=searchlist, searchlist, 'setting searchlist returns correctly.');
|
|
@@ -64,8 +66,8 @@ class TestResolverConfig < Test::Unit::TestCase
|
|
|
64
66
|
|
|
65
67
|
#~ #diag "\n\nIf you do not have Net::DNS::SEC installed you will see a warning.\n";
|
|
66
68
|
#~ #diag "It is safe to ignore this\n";
|
|
67
|
-
|
|
68
|
-
|
|
69
|
+
|
|
70
|
+
(GoodInput.merge(ExtendedInput)).each do | param, value |
|
|
69
71
|
# puts("Setting " + param);
|
|
70
72
|
res.send(param+"=", value)
|
|
71
73
|
assert_equal(res.send(param), value, "setting #param sticks");
|
|
@@ -74,12 +76,14 @@ class TestResolverConfig < Test::Unit::TestCase
|
|
|
74
76
|
end
|
|
75
77
|
|
|
76
78
|
def test_single_resolver
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
79
|
+
[Dnsruby::SingleResolver.new({:nameserver => ["127.0.0.1"]}),
|
|
80
|
+
Dnsruby::SingleResolver.new({:nameserver => ["::1"]})].each {|res|
|
|
81
|
+
GoodInput.each do | param, value |
|
|
82
|
+
# puts("Setting " + param);
|
|
83
|
+
res.send(param+"=", value)
|
|
84
|
+
assert_equal(res.send(param), value, "setting #param sticks");
|
|
85
|
+
end;
|
|
86
|
+
}
|
|
83
87
|
end
|
|
84
88
|
|
|
85
89
|
def test_dns
|
|
@@ -87,7 +91,7 @@ class TestResolverConfig < Test::Unit::TestCase
|
|
|
87
91
|
LookupInput.each do | param, value |
|
|
88
92
|
res.config.send(param+"=", value)
|
|
89
93
|
assert_equal(res.config.send(param), value, "setting #param sticks");
|
|
90
|
-
end;
|
|
94
|
+
end;
|
|
91
95
|
end
|
|
92
96
|
|
|
93
97
|
end
|
data/test/tc_res_opt.rb
CHANGED
|
@@ -72,6 +72,7 @@ class TestResOpt < Test::Unit::TestCase
|
|
|
72
72
|
:server => '10.0.0.1',
|
|
73
73
|
:port => 54, # SingleResolver and Multi-Resolver
|
|
74
74
|
:src_address => '10.1.0.1', # SingleResolver and Multi-Resolver
|
|
75
|
+
:src_address6 => 'fc00::1:2:3', # SingleResolver and Multi-Resolver
|
|
75
76
|
:src_port => 56353, # SingleResolver and Multi-Resolver
|
|
76
77
|
:use_tcp => true, # SingleResolver and Multi-Resolver
|
|
77
78
|
:ignore_truncation => true, # SingleResolver and Multi-Resolver
|
|
@@ -94,6 +95,7 @@ class TestResOpt < Test::Unit::TestCase
|
|
|
94
95
|
:nameserver => ['10.0.0.1', '10.0.0.2'], # for Multi-Resolver & DNS
|
|
95
96
|
:port => 54, # SingleResolver and Multi-Resolver
|
|
96
97
|
:src_address => '10.1.0.1', # SingleResolver and Multi-Resolver
|
|
98
|
+
:src_address6 => 'fc00::1:2:3', # SingleResolver and Multi-Resolver
|
|
97
99
|
:src_port => 56753, # SingleResolver and Multi-Resolver
|
|
98
100
|
:retry_delay => 6, # DNS and Multi-Resolver
|
|
99
101
|
:retry_times => 5, # DNSand Multi-Resolver
|
data/test/tc_rr-opt.rb
CHANGED
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
#limitations under the License.
|
|
15
15
|
#++
|
|
16
16
|
begin
|
|
17
|
-
require 'rubygems'
|
|
17
|
+
require 'rubygems'
|
|
18
18
|
rescue LoadError
|
|
19
19
|
end
|
|
20
20
|
require 'test/unit'
|
|
@@ -42,7 +42,7 @@ class TestRrOpt < Test::Unit::TestCase
|
|
|
42
42
|
end
|
|
43
43
|
|
|
44
44
|
def test_resolver_opt_application
|
|
45
|
-
|
|
45
|
+
return if (/java/ =~ RUBY_PLATFORM) # @TODO@ Check if this is fixed with JRuby yet
|
|
46
46
|
# Set up a server running on localhost. Get the resolver to send a
|
|
47
47
|
# query to it with the UDP size set to 4096. Make sure that it is received
|
|
48
48
|
# correctly.
|
|
@@ -102,4 +102,59 @@ class TestRrOpt < Test::Unit::TestCase
|
|
|
102
102
|
# Make sure there is an OPT RR there
|
|
103
103
|
assert(m2.rcode == RCode.NOERROR )
|
|
104
104
|
end
|
|
105
|
+
|
|
106
|
+
def test_formerr_response
|
|
107
|
+
# If we get a FORMERR back from the remote resolver, we should retry with no OPT record
|
|
108
|
+
# So, we need a server which sends back FORMERR for OPT records, and is OK without them.
|
|
109
|
+
# Then, we need to get a client to send a request to it (by default adorned with EDNS0),
|
|
110
|
+
# and make sure that the response is returned to the client OK.
|
|
111
|
+
# We should then check that the server only received one message with EDNS0, and one message
|
|
112
|
+
# without.
|
|
113
|
+
return if (/java/ =~ RUBY_PLATFORM) # @TODO@ Check if this is fixed with JRuby yet
|
|
114
|
+
# Set up a server running on localhost. Get the resolver to send a
|
|
115
|
+
# query to it with the UDP size set to 4096. Make sure that it is received
|
|
116
|
+
# correctly.
|
|
117
|
+
Dnsruby::PacketSender.clear_caches
|
|
118
|
+
socket = UDPSocket.new
|
|
119
|
+
socket.bind("127.0.0.1", 0)
|
|
120
|
+
port = socket.addr[1]
|
|
121
|
+
q = Queue.new
|
|
122
|
+
Thread.new {
|
|
123
|
+
2.times {
|
|
124
|
+
s = socket.recvfrom(65536)
|
|
125
|
+
received_query = s[0]
|
|
126
|
+
m = Message.decode(received_query)
|
|
127
|
+
q.push(m)
|
|
128
|
+
if (m.header.arcount > 0)
|
|
129
|
+
# send back FORMERR
|
|
130
|
+
m.header.rcode = RCode.FORMERR
|
|
131
|
+
socket.send(m.encode,0,s[1][2], s[1][1])
|
|
132
|
+
else
|
|
133
|
+
socket.send(received_query,0,s[1][2], s[1][1]) # @TODO@ FORMERR if edns
|
|
134
|
+
end
|
|
135
|
+
}
|
|
136
|
+
|
|
137
|
+
}
|
|
138
|
+
# Now send query
|
|
139
|
+
res = Resolver.new("127.0.0.1")
|
|
140
|
+
res.port = port
|
|
141
|
+
res.udp_size = 4096
|
|
142
|
+
assert(res.udp_size == 4096)
|
|
143
|
+
ret = res.query("example.com")
|
|
144
|
+
assert(ret.header.get_header_rcode == RCode.NOERROR)
|
|
145
|
+
assert(ret.header.arcount == 0)
|
|
146
|
+
|
|
147
|
+
# Now get received query from the server
|
|
148
|
+
p = q.pop
|
|
149
|
+
# Now check the query was what we expected
|
|
150
|
+
assert(p.header.arcount == 1)
|
|
151
|
+
assert(p.additional()[0].type = Types.OPT)
|
|
152
|
+
assert(p.additional()[0].klass.code == 4096)
|
|
153
|
+
|
|
154
|
+
# Now check the second message
|
|
155
|
+
assert (!(q.empty?))
|
|
156
|
+
p2 = q.pop
|
|
157
|
+
assert (p2)
|
|
158
|
+
assert(p2.header.arcount == 0)
|
|
159
|
+
end
|
|
105
160
|
end
|
metadata
CHANGED
|
@@ -1,12 +1,11 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dnsruby
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
|
|
5
|
-
prerelease:
|
|
4
|
+
prerelease: false
|
|
6
5
|
segments:
|
|
7
6
|
- 1
|
|
8
|
-
-
|
|
9
|
-
version: "1.
|
|
7
|
+
- 54
|
|
8
|
+
version: "1.54"
|
|
10
9
|
platform: ruby
|
|
11
10
|
authors:
|
|
12
11
|
- AlexD
|
|
@@ -14,7 +13,8 @@ autorequire: dnsruby
|
|
|
14
13
|
bindir: bin
|
|
15
14
|
cert_chain: []
|
|
16
15
|
|
|
17
|
-
date:
|
|
16
|
+
date: 2013-06-12 00:00:00 +01:00
|
|
17
|
+
default_executable:
|
|
18
18
|
dependencies: []
|
|
19
19
|
|
|
20
20
|
description:
|
|
@@ -154,6 +154,7 @@ files:
|
|
|
154
154
|
- EXAMPLES
|
|
155
155
|
- README
|
|
156
156
|
- EVENTMACHINE
|
|
157
|
+
has_rdoc: true
|
|
157
158
|
homepage: http://rubyforge.org/projects/dnsruby/
|
|
158
159
|
licenses: []
|
|
159
160
|
|
|
@@ -163,27 +164,23 @@ rdoc_options: []
|
|
|
163
164
|
require_paths:
|
|
164
165
|
- lib
|
|
165
166
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
166
|
-
none: false
|
|
167
167
|
requirements:
|
|
168
168
|
- - ">="
|
|
169
169
|
- !ruby/object:Gem::Version
|
|
170
|
-
hash: 3
|
|
171
170
|
segments:
|
|
172
171
|
- 0
|
|
173
172
|
version: "0"
|
|
174
173
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
175
|
-
none: false
|
|
176
174
|
requirements:
|
|
177
175
|
- - ">="
|
|
178
176
|
- !ruby/object:Gem::Version
|
|
179
|
-
hash: 3
|
|
180
177
|
segments:
|
|
181
178
|
- 0
|
|
182
179
|
version: "0"
|
|
183
180
|
requirements: []
|
|
184
181
|
|
|
185
182
|
rubyforge_project: dnsruby
|
|
186
|
-
rubygems_version: 1.
|
|
183
|
+
rubygems_version: 1.3.6
|
|
187
184
|
signing_key:
|
|
188
185
|
specification_version: 3
|
|
189
186
|
summary: Ruby DNS(SEC) implementation
|