dnsruby 1.53 → 1.54
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/Dnsruby/DNS.rb +4 -0
- data/lib/Dnsruby/PacketSender.rb +49 -29
- data/lib/Dnsruby/Resolver.rb +14 -3
- data/lib/Dnsruby/SingleResolver.rb +4 -4
- data/lib/Dnsruby/dnssec.rb +3 -3
- data/lib/Dnsruby/message.rb +5 -0
- data/lib/Dnsruby/resource/resource.rb +9 -4
- data/lib/Dnsruby/single_verifier.rb +11 -1
- data/lib/dnsruby.rb +1 -1
- data/test/tc_res_config.rb +33 -29
- data/test/tc_res_opt.rb +2 -0
- data/test/tc_rr-opt.rb +57 -2
- metadata +7 -10
data/lib/Dnsruby/DNS.rb
CHANGED
|
@@ -77,6 +77,8 @@ module Dnsruby
|
|
|
77
77
|
#* ftp://ftp.isi.edu/in-notes/iana/assignments/dns-parameters
|
|
78
78
|
#* etc.
|
|
79
79
|
class DNS
|
|
80
|
+
|
|
81
|
+
attr_accessor :do_caching
|
|
80
82
|
|
|
81
83
|
#Creates a new DNS resolver. See Resolv::DNS.new for argument details.
|
|
82
84
|
#
|
|
@@ -114,6 +116,7 @@ module Dnsruby
|
|
|
114
116
|
# :search => ['ruby-lang.org'],
|
|
115
117
|
# :ndots => 1})
|
|
116
118
|
def initialize(config_info=nil)
|
|
119
|
+
@do_caching = true
|
|
117
120
|
@config = Config.new()
|
|
118
121
|
@config.set_config_info(config_info)
|
|
119
122
|
@resolver = Resolver.new(@config)
|
|
@@ -284,6 +287,7 @@ module Dnsruby
|
|
|
284
287
|
msg.add_question(candidate, type, klass)
|
|
285
288
|
msg.do_validation = false
|
|
286
289
|
msg.header.cd = false
|
|
290
|
+
msg.do_caching = do_caching
|
|
287
291
|
@resolver.do_validation = false
|
|
288
292
|
@resolver.send_async(msg, q)
|
|
289
293
|
id, ret, exception = q.pop
|
data/lib/Dnsruby/PacketSender.rb
CHANGED
|
@@ -101,22 +101,18 @@ module Dnsruby
|
|
|
101
101
|
# dnssec defaults to ON
|
|
102
102
|
attr_reader :dnssec
|
|
103
103
|
|
|
104
|
+
# Set the source address. If the arg is nil, do nothing
|
|
105
|
+
def src_address6=(arg)
|
|
106
|
+
if (not arg.nil?)
|
|
107
|
+
@src_address6 = arg
|
|
108
|
+
end
|
|
109
|
+
end
|
|
110
|
+
|
|
104
111
|
# Set the source address. If the arg is nil, do nothing
|
|
105
112
|
def src_address=(arg)
|
|
106
113
|
if (not arg.nil?)
|
|
107
114
|
@src_address = arg
|
|
108
115
|
end
|
|
109
|
-
# Do some verification to make sure that the source address
|
|
110
|
-
# is of the same type as the server address
|
|
111
|
-
if (@server.nil?)
|
|
112
|
-
return
|
|
113
|
-
else
|
|
114
|
-
si = IPAddr.new(@src_address)
|
|
115
|
-
i = IPAddr.new(@server)
|
|
116
|
-
if (i.ipv4? and si.ipv6?) or (i.ipv6? and si.ipv4?)
|
|
117
|
-
raise ArgumentError.new("Invalid address specified (address family does not match)")
|
|
118
|
-
end
|
|
119
|
-
end
|
|
120
116
|
end
|
|
121
117
|
|
|
122
118
|
#Sets the TSIG to sign outgoing messages with.
|
|
@@ -150,6 +146,7 @@ module Dnsruby
|
|
|
150
146
|
def server=(server)
|
|
151
147
|
Dnsruby.log.debug{"InternalResolver setting server to #{server}"}
|
|
152
148
|
@server=Config.resolve_server(server)
|
|
149
|
+
check_ipv6
|
|
153
150
|
end
|
|
154
151
|
|
|
155
152
|
# Can take a hash with the following optional keys :
|
|
@@ -160,6 +157,7 @@ module Dnsruby
|
|
|
160
157
|
# * :no_tcp
|
|
161
158
|
# * :ignore_truncation
|
|
162
159
|
# * :src_address
|
|
160
|
+
# * :src_address6
|
|
163
161
|
# * :src_port
|
|
164
162
|
# * :udp_size
|
|
165
163
|
# * :tsig
|
|
@@ -167,6 +165,7 @@ module Dnsruby
|
|
|
167
165
|
# * :recurse
|
|
168
166
|
def initialize(*args)
|
|
169
167
|
arg=args[0]
|
|
168
|
+
@ipv6 = false
|
|
170
169
|
@packet_timeout = Resolver::DefaultPacketTimeout
|
|
171
170
|
@port = Resolver::DefaultPort
|
|
172
171
|
@udp_size = Resolver::DefaultUDPSize
|
|
@@ -176,6 +175,7 @@ module Dnsruby
|
|
|
176
175
|
@tsig = nil
|
|
177
176
|
@ignore_truncation = false
|
|
178
177
|
@src_address = '0.0.0.0'
|
|
178
|
+
@src_address6 = '::'
|
|
179
179
|
@src_port = [0]
|
|
180
180
|
@recurse = true
|
|
181
181
|
|
|
@@ -190,7 +190,8 @@ module Dnsruby
|
|
|
190
190
|
elsif (arg.kind_of?Hash)
|
|
191
191
|
arg.keys.each do |attr|
|
|
192
192
|
begin
|
|
193
|
-
if ((attr.to_s == "src_address")
|
|
193
|
+
if (((attr.to_s == "src_address")||(attr.to_s == "src_address6")) &&
|
|
194
|
+
((arg[attr] == nil) || (arg[attr] == "")))
|
|
194
195
|
else
|
|
195
196
|
send(attr.to_s+"=", arg[attr])
|
|
196
197
|
end
|
|
@@ -203,18 +204,24 @@ module Dnsruby
|
|
|
203
204
|
#Check server is IP
|
|
204
205
|
@server=Config.resolve_server(@server)
|
|
205
206
|
|
|
207
|
+
check_ipv6
|
|
208
|
+
# ResolverRegister::register_single_resolver(self)
|
|
209
|
+
end
|
|
210
|
+
|
|
211
|
+
def check_ipv6
|
|
206
212
|
begin
|
|
207
213
|
i = IPv4.create(@server)
|
|
208
|
-
@src_address = '0.0.0.0'
|
|
214
|
+
# @src_address = '0.0.0.0'
|
|
215
|
+
@ipv6=false
|
|
209
216
|
rescue Exception
|
|
210
217
|
begin
|
|
211
218
|
i = IPv6.create(@server)
|
|
212
|
-
@
|
|
219
|
+
# @src_address6 = '::'
|
|
220
|
+
@ipv6=true
|
|
213
221
|
rescue Exception
|
|
214
222
|
Dnsruby.log.error{"Server is neither IPv4 or IPv6!\n"}
|
|
215
223
|
end
|
|
216
224
|
end
|
|
217
|
-
# ResolverRegister::register_single_resolver(self)
|
|
218
225
|
end
|
|
219
226
|
|
|
220
227
|
def close
|
|
@@ -346,16 +353,20 @@ module Dnsruby
|
|
|
346
353
|
socket = nil
|
|
347
354
|
runnextportloop = true
|
|
348
355
|
numtries = 0
|
|
356
|
+
src_address = @src_address
|
|
357
|
+
if (@ipv6)
|
|
358
|
+
src_address = @src_address6
|
|
359
|
+
end
|
|
349
360
|
while (runnextportloop)do
|
|
350
361
|
begin
|
|
351
362
|
numtries += 1
|
|
352
363
|
src_port = get_next_src_port
|
|
353
364
|
if (use_tcp)
|
|
354
365
|
begin
|
|
355
|
-
socket = TCPSocket.new(@server, @port,
|
|
366
|
+
socket = TCPSocket.new(@server, @port, src_address, src_port)
|
|
356
367
|
rescue Errno::EBADF, Errno::ENETUNREACH => e
|
|
357
368
|
# Can't create a connection
|
|
358
|
-
err=IOError.new("TCP connection error to #{@server}:#{@port} from #{
|
|
369
|
+
err=IOError.new("TCP connection error to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp}, exception = #{e.class}, #{e}")
|
|
359
370
|
Dnsruby.log.error{"#{err}"}
|
|
360
371
|
st.push_exception_to_select(client_query_id, client_queue, err, nil)
|
|
361
372
|
return
|
|
@@ -366,10 +377,10 @@ module Dnsruby
|
|
|
366
377
|
if (/java/ =~ RUBY_PLATFORM )
|
|
367
378
|
socket = UDPSocket.new()
|
|
368
379
|
else
|
|
369
|
-
ipv6 = @src_address =~ /:/
|
|
370
|
-
socket = UDPSocket.new(ipv6
|
|
380
|
+
# ipv6 = @src_address =~ /:/
|
|
381
|
+
socket = UDPSocket.new(@ipv6 ? Socket::AF_INET6 : Socket::AF_INET)
|
|
371
382
|
end
|
|
372
|
-
socket.bind(
|
|
383
|
+
socket.bind(src_address, src_port)
|
|
373
384
|
socket.connect(@server, @port)
|
|
374
385
|
end
|
|
375
386
|
runnextportloop = false
|
|
@@ -384,7 +395,7 @@ module Dnsruby
|
|
|
384
395
|
# Maybe try a max number of times?
|
|
385
396
|
if ((e.class != Errno::EADDRINUSE) || (numtries > 50) ||
|
|
386
397
|
((e.class == Errno::EADDRINUSE) && (src_port == @src_port[0])))
|
|
387
|
-
err=IOError.new("dnsruby can't connect to #{@server}:#{@port} from #{
|
|
398
|
+
err=IOError.new("dnsruby can't connect to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp}, exception = #{e.class}, #{e}")
|
|
388
399
|
Dnsruby.log.error{"#{err}"}
|
|
389
400
|
st.push_exception_to_select(client_query_id, client_queue, err, nil)
|
|
390
401
|
return
|
|
@@ -392,27 +403,26 @@ module Dnsruby
|
|
|
392
403
|
end
|
|
393
404
|
end
|
|
394
405
|
if (socket==nil)
|
|
395
|
-
err=IOError.new("dnsruby can't connect to #{@server}:#{@port} from #{
|
|
406
|
+
err=IOError.new("dnsruby can't connect to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp}")
|
|
396
407
|
Dnsruby.log.error{"#{err}"}
|
|
397
408
|
st.push_exception_to_select(client_query_id, client_queue, err, nil)
|
|
398
409
|
return
|
|
399
410
|
end
|
|
400
|
-
Dnsruby.log.debug{"Sending packet to #{@server}:#{@port} from #{
|
|
411
|
+
Dnsruby.log.debug{"Sending packet to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp} : #{query.question()[0].qname}, #{query.question()[0].qtype}"}
|
|
401
412
|
# print "#{Time.now} : Sending packet to #{@server} : #{query.question()[0].qname}, #{query.question()[0].qtype}\n"
|
|
402
413
|
# Listen for the response before we send the packet (to avoid any race conditions)
|
|
403
414
|
query_settings = SelectThread::QuerySettings.new(query_bytes, query, @ignore_truncation, client_queue, client_query_id, socket, @server, @port, endtime, udp_packet_size, self)
|
|
404
|
-
# The select thread will now wait for the response and send that or a timeout
|
|
405
|
-
# back to the client_queue.
|
|
406
|
-
st.add_to_select(query_settings)
|
|
407
|
-
# Now that we're listening for the response, send the query!
|
|
408
415
|
begin
|
|
409
416
|
if (use_tcp)
|
|
410
417
|
lenmsg = [query_bytes.length].pack('n')
|
|
411
418
|
socket.send(lenmsg, 0)
|
|
412
419
|
end
|
|
413
420
|
socket.send(query_bytes, 0)
|
|
421
|
+
# The select thread will now wait for the response and send that or a timeout
|
|
422
|
+
# back to the client_queue.
|
|
423
|
+
st.add_to_select(query_settings)
|
|
414
424
|
rescue Exception => e
|
|
415
|
-
err=IOError.new("Send failed to #{@server}:#{@port} from #{
|
|
425
|
+
err=IOError.new("Send failed to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp}, exception : #{e}")
|
|
416
426
|
Dnsruby.log.error{"#{err}"}
|
|
417
427
|
st.push_exception_to_select(client_query_id, client_queue, err, nil)
|
|
418
428
|
begin
|
|
@@ -422,7 +432,7 @@ module Dnsruby
|
|
|
422
432
|
return
|
|
423
433
|
end
|
|
424
434
|
|
|
425
|
-
Dnsruby.log.debug{"Packet sent to #{@server}:#{@port} from #{
|
|
435
|
+
Dnsruby.log.debug{"Packet sent to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp} : #{query.question()[0].qname}, #{query.question()[0].qtype}"}
|
|
426
436
|
# print "Packet sent to #{@server}:#{@port} from #{@src_address}:#{src_port}, use_tcp=#{use_tcp} : #{query.question()[0].qname}, #{query.question()[0].qtype}\n"
|
|
427
437
|
end
|
|
428
438
|
|
|
@@ -521,6 +531,16 @@ module Dnsruby
|
|
|
521
531
|
end
|
|
522
532
|
end
|
|
523
533
|
end
|
|
534
|
+
# IF WE GET FORMERR BACK HERE (and we have EDNS0 on) THEN
|
|
535
|
+
# TRY AGAIN WITH NO OPT RECORDS! (rfc2671 section 5.3)
|
|
536
|
+
if ((response.header.get_header_rcode == RCode.FORMERR) &&
|
|
537
|
+
(query.header.arcount > 0))
|
|
538
|
+
# try resending the message with no OPT record
|
|
539
|
+
query.remove_additional
|
|
540
|
+
query.send_raw = true
|
|
541
|
+
send_async(query, client_queue, client_query_id, false)
|
|
542
|
+
return false
|
|
543
|
+
end
|
|
524
544
|
if (response.header.tc && !tcp && !@ignore_truncation)
|
|
525
545
|
if (@no_tcp)
|
|
526
546
|
Dnsruby.log.debug{"Truncated response - not resending over TCP as no_tcp==true"}
|
data/lib/Dnsruby/Resolver.rb
CHANGED
|
@@ -92,9 +92,12 @@ module Dnsruby
|
|
|
92
92
|
# i.e. the TC bit is ignored and thus the resolver will not requery over TCP if TC is set
|
|
93
93
|
attr_reader :ignore_truncation
|
|
94
94
|
|
|
95
|
-
# The source address to send queries from
|
|
95
|
+
# The source address to send queries from for IPv4
|
|
96
96
|
attr_reader :src_address
|
|
97
97
|
|
|
98
|
+
# The source address to send queries from for IPv6
|
|
99
|
+
attr_reader :src_address6
|
|
100
|
+
|
|
98
101
|
# Should the Recursion Desired bit be set?
|
|
99
102
|
attr_reader :recurse
|
|
100
103
|
|
|
@@ -360,6 +363,7 @@ module Dnsruby
|
|
|
360
363
|
# * :tsig
|
|
361
364
|
# * :ignore_truncation
|
|
362
365
|
# * :src_address
|
|
366
|
+
# * :src_address6
|
|
363
367
|
# * :src_port
|
|
364
368
|
# * :recurse
|
|
365
369
|
# * :udp_size
|
|
@@ -374,6 +378,7 @@ module Dnsruby
|
|
|
374
378
|
# @TODO@ Should we allow :namesver to be an RRSet of NS records? Would then need to randomly order them?
|
|
375
379
|
@resolver_ruby = nil
|
|
376
380
|
@src_address = nil
|
|
381
|
+
@src_address6 = nil
|
|
377
382
|
@single_res_mutex = Mutex.new
|
|
378
383
|
@configured = false
|
|
379
384
|
@do_caching = true
|
|
@@ -425,7 +430,7 @@ module Dnsruby
|
|
|
425
430
|
res = PacketSender.new({:server=>ns, :dnssec=>@dnssec,
|
|
426
431
|
:use_tcp=>@use_tcp, :no_tcp=>@no_tcp, :packet_timeout=>@packet_timeout,
|
|
427
432
|
:tsig => @tsig, :ignore_truncation=>@ignore_truncation,
|
|
428
|
-
:src_address=>@src_address, :src_port=>@src_port,
|
|
433
|
+
:src_address=>@src_address, :src_address6=>@src_address6, :src_port=>@src_port,
|
|
429
434
|
:recurse=>@recurse, :udp_size=>@udp_size})
|
|
430
435
|
@single_resolvers.push(res) if res
|
|
431
436
|
end
|
|
@@ -472,6 +477,7 @@ module Dnsruby
|
|
|
472
477
|
@ignore_truncation = false
|
|
473
478
|
@config = Config.new()
|
|
474
479
|
@src_address = nil
|
|
480
|
+
@src_address6 = nil
|
|
475
481
|
@src_port = [0]
|
|
476
482
|
@recurse = true
|
|
477
483
|
@single_res_mutex.synchronize {
|
|
@@ -509,7 +515,7 @@ module Dnsruby
|
|
|
509
515
|
|
|
510
516
|
def update_internal_res(res)
|
|
511
517
|
[:port, :use_tcp, :no_tcp, :tsig, :ignore_truncation, :packet_timeout,
|
|
512
|
-
:src_address, :src_port, :recurse,
|
|
518
|
+
:src_address, :src_address6, :src_port, :recurse,
|
|
513
519
|
:udp_size, :dnssec].each do |param|
|
|
514
520
|
|
|
515
521
|
res.send(param.to_s+"=", instance_variable_get("@"+param.to_s))
|
|
@@ -695,6 +701,11 @@ module Dnsruby
|
|
|
695
701
|
update
|
|
696
702
|
end
|
|
697
703
|
|
|
704
|
+
def src_address6=(a)
|
|
705
|
+
@src_address6 = a
|
|
706
|
+
update
|
|
707
|
+
end
|
|
708
|
+
|
|
698
709
|
def port=(a)
|
|
699
710
|
@port = a
|
|
700
711
|
update
|
|
@@ -46,6 +46,7 @@ module Dnsruby
|
|
|
46
46
|
# * :no_tcp
|
|
47
47
|
# * :ignore_truncation
|
|
48
48
|
# * :src_address
|
|
49
|
+
# * :src_address6
|
|
49
50
|
# * :src_port
|
|
50
51
|
# * :udp_size
|
|
51
52
|
# * :persistent_tcp
|
|
@@ -66,6 +67,7 @@ module Dnsruby
|
|
|
66
67
|
@tsig = nil
|
|
67
68
|
@ignore_truncation = false
|
|
68
69
|
@src_address = nil
|
|
70
|
+
@src_address6 = nil
|
|
69
71
|
@src_port = [0]
|
|
70
72
|
@recurse = true
|
|
71
73
|
@persistent_udp = false
|
|
@@ -115,8 +117,7 @@ module Dnsruby
|
|
|
115
117
|
isr = PacketSender.new({:server=>@server, :dnssec=>@dnssec,
|
|
116
118
|
:use_tcp=>@use_tcp, :no_tcp=>@no_tcp, :packet_timeout=>@packet_timeout,
|
|
117
119
|
:tsig => @tsig, :ignore_truncation=>@ignore_truncation,
|
|
118
|
-
:src_address=>@src_address, :src_port=>@src_port,
|
|
119
|
-
:do_caching=>@do_caching,
|
|
120
|
+
:src_address=>@src_address, :src_address6=>@src_address6, :src_port=>@src_port,
|
|
120
121
|
:recurse=>@recurse, :udp_size=>@udp_size})
|
|
121
122
|
|
|
122
123
|
@single_resolvers = [isr]
|
|
@@ -132,8 +133,7 @@ module Dnsruby
|
|
|
132
133
|
isr = PacketSender.new({:server=>@server, :dnssec=>@dnssec,
|
|
133
134
|
:use_tcp=>@use_tcp, :no_tcp=>@no_tcp, :packet_timeout=>@packet_timeout,
|
|
134
135
|
:tsig => @tsig, :ignore_truncation=>@ignore_truncation,
|
|
135
|
-
:src_address=>@src_address, :src_port=>@src_port,
|
|
136
|
-
:do_caching=>@do_caching,
|
|
136
|
+
:src_address=>@src_address, :src_address6=>@src_address6, :src_port=>@src_port,
|
|
137
137
|
:recurse=>@recurse, :udp_size=>@udp_size})
|
|
138
138
|
|
|
139
139
|
@single_res_mutex.synchronize {
|
data/lib/Dnsruby/dnssec.rb
CHANGED
|
@@ -281,12 +281,12 @@ module Dnsruby
|
|
|
281
281
|
|
|
282
282
|
def self.verify(msg, keys=nil)
|
|
283
283
|
begin
|
|
284
|
-
return true if @@anchor_verifier.verify(msg, keys
|
|
284
|
+
return true if @@anchor_verifier.verify(msg, keys)
|
|
285
285
|
rescue VerifyError
|
|
286
286
|
begin
|
|
287
|
-
return true if @@root_verifier.verify(msg, keys
|
|
287
|
+
return true if @@root_verifier.verify(msg, keys)
|
|
288
288
|
rescue VerifyError
|
|
289
|
-
return true if @@dlv_verifier.verify(msg, keys
|
|
289
|
+
return true if @@dlv_verifier.verify(msg, keys) # Will carry error to client
|
|
290
290
|
end
|
|
291
291
|
end
|
|
292
292
|
end
|
data/lib/Dnsruby/message.rb
CHANGED
|
@@ -314,6 +314,11 @@ module Dnsruby
|
|
|
314
314
|
return ret
|
|
315
315
|
end
|
|
316
316
|
|
|
317
|
+
def remove_additional
|
|
318
|
+
@additional = Section.new(self)
|
|
319
|
+
@header.arcount = 0
|
|
320
|
+
end
|
|
321
|
+
|
|
317
322
|
# Return the first rrset of the specified attributes in the message
|
|
318
323
|
def rrset(name, type, klass = Classes::IN)
|
|
319
324
|
[@answer, @authority, @additional].each do |section|
|
|
@@ -34,7 +34,12 @@ module Dnsruby
|
|
|
34
34
|
@num_sigs = 0
|
|
35
35
|
rrs.each {|rr| add(rr)}
|
|
36
36
|
end
|
|
37
|
-
|
|
37
|
+
def self.new_from_string(string)
|
|
38
|
+
rr_strings = string.split("\n")
|
|
39
|
+
rrs = rr_strings.map { |s| Dnsruby::RR.new_from_string(s) }
|
|
40
|
+
|
|
41
|
+
Dnsruby::RRSet.new(rrs)
|
|
42
|
+
end # The RRSIGs stored with this RRSet
|
|
38
43
|
def sigs
|
|
39
44
|
return @rrs[@rrs.length-@num_sigs, @num_sigs]
|
|
40
45
|
end
|
|
@@ -106,10 +111,10 @@ module Dnsruby
|
|
|
106
111
|
def <=>(other)
|
|
107
112
|
# return 1 if ((!other) || !(other.name) || !(other.type))
|
|
108
113
|
# return -1 if (!@name)
|
|
109
|
-
if (
|
|
110
|
-
return
|
|
114
|
+
if (name.canonical == other.name.canonical)
|
|
115
|
+
return type.code <=> other.type.code
|
|
111
116
|
else
|
|
112
|
-
return
|
|
117
|
+
return name <=> other.name
|
|
113
118
|
end
|
|
114
119
|
end
|
|
115
120
|
|
|
@@ -680,8 +680,9 @@ module Dnsruby
|
|
|
680
680
|
end
|
|
681
681
|
|
|
682
682
|
sigrecs.each {|sig|
|
|
683
|
+
# print "Looking at #{sig.key_tag} on sig, #{key.key_tag} on key\n"
|
|
683
684
|
if ((key.key_tag == sig.key_tag) && (key.algorithm == sig.algorithm))
|
|
684
|
-
|
|
685
|
+
# print "Found key #{key.key_tag}\n"
|
|
685
686
|
return key, sig
|
|
686
687
|
end
|
|
687
688
|
}
|
|
@@ -695,6 +696,12 @@ module Dnsruby
|
|
|
695
696
|
# Returns true if the RRSet verified, false otherwise.
|
|
696
697
|
def verify_rrset(rrset, keys = nil)
|
|
697
698
|
# print "Verify_rrset #{rrset.name}, #{rrset.type}\n"
|
|
699
|
+
# print "ABOUT TO VERIFY WITH #{keys == nil ? '0' : keys.length} keys\n"
|
|
700
|
+
# if (keys != nil)
|
|
701
|
+
# if (keys.length > 0)
|
|
702
|
+
# print "KEY TAG : #{keys[0].key_tag}\n"
|
|
703
|
+
# end
|
|
704
|
+
# end
|
|
698
705
|
sigrecs = rrset.sigs
|
|
699
706
|
if (rrset.rrs.length == 0)
|
|
700
707
|
raise VerifyError.new("No RRSet to verify")
|
|
@@ -744,6 +751,9 @@ module Dnsruby
|
|
|
744
751
|
raise VerifyError.new("DNSKEY with SEP flag set and Zone Key flag not set")
|
|
745
752
|
end
|
|
746
753
|
|
|
754
|
+
|
|
755
|
+
# print "VERIFY KEY FOUND - doing verification\n"
|
|
756
|
+
|
|
747
757
|
#Any DNS names in the RDATA field of each RR MUST be in
|
|
748
758
|
#canonical form; and
|
|
749
759
|
#The RRset MUST be sorted in canonical order.
|
data/lib/dnsruby.rb
CHANGED
data/test/tc_res_config.rb
CHANGED
|
@@ -14,48 +14,50 @@
|
|
|
14
14
|
#limitations under the License.
|
|
15
15
|
#++
|
|
16
16
|
begin
|
|
17
|
-
require 'rubygems'
|
|
17
|
+
require 'rubygems'
|
|
18
18
|
rescue LoadError
|
|
19
19
|
end
|
|
20
20
|
require 'test/unit'
|
|
21
21
|
require 'dnsruby'
|
|
22
22
|
class TestResolverConfig < Test::Unit::TestCase
|
|
23
|
-
def setup
|
|
24
|
-
Dnsruby::Config.reset
|
|
25
|
-
end
|
|
26
23
|
|
|
27
24
|
GoodInput = {
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
25
|
+
"port" => 54,
|
|
26
|
+
"src_address" => '10.1.0.1',
|
|
27
|
+
"src_address6" => 'fc00::1:2:3',
|
|
28
|
+
"src_port" => 56453,
|
|
29
|
+
"use_tcp" => true,
|
|
32
30
|
# "stayopen" => 1,
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
31
|
+
"ignore_truncation" => true,
|
|
32
|
+
"recurse" => false,
|
|
33
|
+
"packet_timeout" => 5,
|
|
36
34
|
# "dnssec" => 1,
|
|
37
35
|
# "force_v4" => 1,
|
|
38
36
|
};
|
|
39
37
|
|
|
40
38
|
ExtendedInput={
|
|
41
39
|
"query_timeout" => 30,
|
|
42
|
-
|
|
43
|
-
|
|
40
|
+
"retry_delay" => 6,
|
|
41
|
+
"retry_times" => 5,
|
|
44
42
|
}
|
|
45
43
|
|
|
46
44
|
LookupInput={
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
45
|
+
"domain" => 'dnsruby.rubyforge.org',
|
|
46
|
+
"apply_search_list" => false,
|
|
47
|
+
"ndots" => 4 ,
|
|
48
|
+
"apply_domain" => false
|
|
51
49
|
}
|
|
52
50
|
|
|
51
|
+
def setup
|
|
52
|
+
Dnsruby::Config.reset
|
|
53
|
+
end
|
|
54
|
+
|
|
53
55
|
def test_multiple_resolver
|
|
54
|
-
res = Dnsruby::Resolver.new();
|
|
56
|
+
res = Dnsruby::Resolver.new({:nameserver => ["127.0.0.1", "::1"]});
|
|
55
57
|
assert(res, "new returned something");
|
|
56
58
|
assert_instance_of(Dnsruby::Resolver, res, "new() returns an object of the correct class.");
|
|
57
|
-
|
|
58
|
-
# assert(res.config.nameserver, 'nameserver() works');
|
|
59
|
+
|
|
60
|
+
# assert(res.config.nameserver, 'nameserver() works');
|
|
59
61
|
|
|
60
62
|
searchlist = ["t.dnsruby.validation-test-servers.nominet.org.uk", "t2.dnsruby.validation-test-servers.nominet.org.uk"];
|
|
61
63
|
assert_equal(res.config.search=searchlist, searchlist, 'setting searchlist returns correctly.');
|
|
@@ -64,8 +66,8 @@ class TestResolverConfig < Test::Unit::TestCase
|
|
|
64
66
|
|
|
65
67
|
#~ #diag "\n\nIf you do not have Net::DNS::SEC installed you will see a warning.\n";
|
|
66
68
|
#~ #diag "It is safe to ignore this\n";
|
|
67
|
-
|
|
68
|
-
|
|
69
|
+
|
|
70
|
+
(GoodInput.merge(ExtendedInput)).each do | param, value |
|
|
69
71
|
# puts("Setting " + param);
|
|
70
72
|
res.send(param+"=", value)
|
|
71
73
|
assert_equal(res.send(param), value, "setting #param sticks");
|
|
@@ -74,12 +76,14 @@ class TestResolverConfig < Test::Unit::TestCase
|
|
|
74
76
|
end
|
|
75
77
|
|
|
76
78
|
def test_single_resolver
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
79
|
+
[Dnsruby::SingleResolver.new({:nameserver => ["127.0.0.1"]}),
|
|
80
|
+
Dnsruby::SingleResolver.new({:nameserver => ["::1"]})].each {|res|
|
|
81
|
+
GoodInput.each do | param, value |
|
|
82
|
+
# puts("Setting " + param);
|
|
83
|
+
res.send(param+"=", value)
|
|
84
|
+
assert_equal(res.send(param), value, "setting #param sticks");
|
|
85
|
+
end;
|
|
86
|
+
}
|
|
83
87
|
end
|
|
84
88
|
|
|
85
89
|
def test_dns
|
|
@@ -87,7 +91,7 @@ class TestResolverConfig < Test::Unit::TestCase
|
|
|
87
91
|
LookupInput.each do | param, value |
|
|
88
92
|
res.config.send(param+"=", value)
|
|
89
93
|
assert_equal(res.config.send(param), value, "setting #param sticks");
|
|
90
|
-
end;
|
|
94
|
+
end;
|
|
91
95
|
end
|
|
92
96
|
|
|
93
97
|
end
|
data/test/tc_res_opt.rb
CHANGED
|
@@ -72,6 +72,7 @@ class TestResOpt < Test::Unit::TestCase
|
|
|
72
72
|
:server => '10.0.0.1',
|
|
73
73
|
:port => 54, # SingleResolver and Multi-Resolver
|
|
74
74
|
:src_address => '10.1.0.1', # SingleResolver and Multi-Resolver
|
|
75
|
+
:src_address6 => 'fc00::1:2:3', # SingleResolver and Multi-Resolver
|
|
75
76
|
:src_port => 56353, # SingleResolver and Multi-Resolver
|
|
76
77
|
:use_tcp => true, # SingleResolver and Multi-Resolver
|
|
77
78
|
:ignore_truncation => true, # SingleResolver and Multi-Resolver
|
|
@@ -94,6 +95,7 @@ class TestResOpt < Test::Unit::TestCase
|
|
|
94
95
|
:nameserver => ['10.0.0.1', '10.0.0.2'], # for Multi-Resolver & DNS
|
|
95
96
|
:port => 54, # SingleResolver and Multi-Resolver
|
|
96
97
|
:src_address => '10.1.0.1', # SingleResolver and Multi-Resolver
|
|
98
|
+
:src_address6 => 'fc00::1:2:3', # SingleResolver and Multi-Resolver
|
|
97
99
|
:src_port => 56753, # SingleResolver and Multi-Resolver
|
|
98
100
|
:retry_delay => 6, # DNS and Multi-Resolver
|
|
99
101
|
:retry_times => 5, # DNSand Multi-Resolver
|
data/test/tc_rr-opt.rb
CHANGED
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
#limitations under the License.
|
|
15
15
|
#++
|
|
16
16
|
begin
|
|
17
|
-
require 'rubygems'
|
|
17
|
+
require 'rubygems'
|
|
18
18
|
rescue LoadError
|
|
19
19
|
end
|
|
20
20
|
require 'test/unit'
|
|
@@ -42,7 +42,7 @@ class TestRrOpt < Test::Unit::TestCase
|
|
|
42
42
|
end
|
|
43
43
|
|
|
44
44
|
def test_resolver_opt_application
|
|
45
|
-
|
|
45
|
+
return if (/java/ =~ RUBY_PLATFORM) # @TODO@ Check if this is fixed with JRuby yet
|
|
46
46
|
# Set up a server running on localhost. Get the resolver to send a
|
|
47
47
|
# query to it with the UDP size set to 4096. Make sure that it is received
|
|
48
48
|
# correctly.
|
|
@@ -102,4 +102,59 @@ class TestRrOpt < Test::Unit::TestCase
|
|
|
102
102
|
# Make sure there is an OPT RR there
|
|
103
103
|
assert(m2.rcode == RCode.NOERROR )
|
|
104
104
|
end
|
|
105
|
+
|
|
106
|
+
def test_formerr_response
|
|
107
|
+
# If we get a FORMERR back from the remote resolver, we should retry with no OPT record
|
|
108
|
+
# So, we need a server which sends back FORMERR for OPT records, and is OK without them.
|
|
109
|
+
# Then, we need to get a client to send a request to it (by default adorned with EDNS0),
|
|
110
|
+
# and make sure that the response is returned to the client OK.
|
|
111
|
+
# We should then check that the server only received one message with EDNS0, and one message
|
|
112
|
+
# without.
|
|
113
|
+
return if (/java/ =~ RUBY_PLATFORM) # @TODO@ Check if this is fixed with JRuby yet
|
|
114
|
+
# Set up a server running on localhost. Get the resolver to send a
|
|
115
|
+
# query to it with the UDP size set to 4096. Make sure that it is received
|
|
116
|
+
# correctly.
|
|
117
|
+
Dnsruby::PacketSender.clear_caches
|
|
118
|
+
socket = UDPSocket.new
|
|
119
|
+
socket.bind("127.0.0.1", 0)
|
|
120
|
+
port = socket.addr[1]
|
|
121
|
+
q = Queue.new
|
|
122
|
+
Thread.new {
|
|
123
|
+
2.times {
|
|
124
|
+
s = socket.recvfrom(65536)
|
|
125
|
+
received_query = s[0]
|
|
126
|
+
m = Message.decode(received_query)
|
|
127
|
+
q.push(m)
|
|
128
|
+
if (m.header.arcount > 0)
|
|
129
|
+
# send back FORMERR
|
|
130
|
+
m.header.rcode = RCode.FORMERR
|
|
131
|
+
socket.send(m.encode,0,s[1][2], s[1][1])
|
|
132
|
+
else
|
|
133
|
+
socket.send(received_query,0,s[1][2], s[1][1]) # @TODO@ FORMERR if edns
|
|
134
|
+
end
|
|
135
|
+
}
|
|
136
|
+
|
|
137
|
+
}
|
|
138
|
+
# Now send query
|
|
139
|
+
res = Resolver.new("127.0.0.1")
|
|
140
|
+
res.port = port
|
|
141
|
+
res.udp_size = 4096
|
|
142
|
+
assert(res.udp_size == 4096)
|
|
143
|
+
ret = res.query("example.com")
|
|
144
|
+
assert(ret.header.get_header_rcode == RCode.NOERROR)
|
|
145
|
+
assert(ret.header.arcount == 0)
|
|
146
|
+
|
|
147
|
+
# Now get received query from the server
|
|
148
|
+
p = q.pop
|
|
149
|
+
# Now check the query was what we expected
|
|
150
|
+
assert(p.header.arcount == 1)
|
|
151
|
+
assert(p.additional()[0].type = Types.OPT)
|
|
152
|
+
assert(p.additional()[0].klass.code == 4096)
|
|
153
|
+
|
|
154
|
+
# Now check the second message
|
|
155
|
+
assert (!(q.empty?))
|
|
156
|
+
p2 = q.pop
|
|
157
|
+
assert (p2)
|
|
158
|
+
assert(p2.header.arcount == 0)
|
|
159
|
+
end
|
|
105
160
|
end
|
metadata
CHANGED
|
@@ -1,12 +1,11 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dnsruby
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
|
|
5
|
-
prerelease:
|
|
4
|
+
prerelease: false
|
|
6
5
|
segments:
|
|
7
6
|
- 1
|
|
8
|
-
-
|
|
9
|
-
version: "1.
|
|
7
|
+
- 54
|
|
8
|
+
version: "1.54"
|
|
10
9
|
platform: ruby
|
|
11
10
|
authors:
|
|
12
11
|
- AlexD
|
|
@@ -14,7 +13,8 @@ autorequire: dnsruby
|
|
|
14
13
|
bindir: bin
|
|
15
14
|
cert_chain: []
|
|
16
15
|
|
|
17
|
-
date:
|
|
16
|
+
date: 2013-06-12 00:00:00 +01:00
|
|
17
|
+
default_executable:
|
|
18
18
|
dependencies: []
|
|
19
19
|
|
|
20
20
|
description:
|
|
@@ -154,6 +154,7 @@ files:
|
|
|
154
154
|
- EXAMPLES
|
|
155
155
|
- README
|
|
156
156
|
- EVENTMACHINE
|
|
157
|
+
has_rdoc: true
|
|
157
158
|
homepage: http://rubyforge.org/projects/dnsruby/
|
|
158
159
|
licenses: []
|
|
159
160
|
|
|
@@ -163,27 +164,23 @@ rdoc_options: []
|
|
|
163
164
|
require_paths:
|
|
164
165
|
- lib
|
|
165
166
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
166
|
-
none: false
|
|
167
167
|
requirements:
|
|
168
168
|
- - ">="
|
|
169
169
|
- !ruby/object:Gem::Version
|
|
170
|
-
hash: 3
|
|
171
170
|
segments:
|
|
172
171
|
- 0
|
|
173
172
|
version: "0"
|
|
174
173
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
175
|
-
none: false
|
|
176
174
|
requirements:
|
|
177
175
|
- - ">="
|
|
178
176
|
- !ruby/object:Gem::Version
|
|
179
|
-
hash: 3
|
|
180
177
|
segments:
|
|
181
178
|
- 0
|
|
182
179
|
version: "0"
|
|
183
180
|
requirements: []
|
|
184
181
|
|
|
185
182
|
rubyforge_project: dnsruby
|
|
186
|
-
rubygems_version: 1.
|
|
183
|
+
rubygems_version: 1.3.6
|
|
187
184
|
signing_key:
|
|
188
185
|
specification_version: 3
|
|
189
186
|
summary: Ruby DNS(SEC) implementation
|