diff --git a/addon.xml b/addon.xml
index d96f27ab..39a95ab2 100644
--- a/addon.xml
+++ b/addon.xml
@@ -3,6 +3,7 @@
+
video
diff --git a/channels/guardogratis.json b/channels/guardogratis.json
index 4ebedf28..9ef25c78 100644
--- a/channels/guardogratis.json
+++ b/channels/guardogratis.json
@@ -4,8 +4,8 @@
"active": true,
"adult": false,
"language": ["ita"],
- "thumbnail": "https:\/\/guardogratis.com\/wp-content\/uploads\/2018\/01\/Logo-4.png",
- "bannermenu": "https:\/\/guardogratis.com\/wp-content\/uploads\/2018\/01\/Logo-4.png",
+ "thumbnail": "http://guardogratis.it/wp-content/uploads/2018/01/Logo-4.png?x14918",
+ "bannermenu": "http://guardogratis.it/wp-content/uploads/2018/01/Logo-4.png?x14918",
"categories": ["movie","tvshow"],
"settings": [
{
diff --git a/core/httptools.py b/core/httptools.py
index f1d5cff8..97555358 100644
--- a/core/httptools.py
+++ b/core/httptools.py
@@ -10,6 +10,9 @@
# Fix desde la página: https://stackoverflow.com/questions/27835619/urllib-and-ssl-certificate-verify-failed-error
#-----------------------------------------------------------------------
import ssl
+
+from core import scrapertoolsV2
+
try:
_create_unverified_https_context = ssl._create_unverified_context
except AttributeError:
@@ -141,6 +144,22 @@ def downloadpage(url, post=None, headers=None, timeout=None, follow_redirects=Tr
response = {}
+ from lib.dns import resolver
+ my_resolver = resolver.Resolver()
+
+ # 8.8.8.8 is Google's public DNS server
+ my_resolver.nameservers = ['1.1.1.1']
+
+ protocol, domain = scrapertoolsV2.find_single_match(url, '(?:(https?)://)?(?:www\.)?([a-z.]+)/?')
+ headers = {'Host': domain}
+
+ answer = my_resolver.query(domain)
+ ip = scrapertoolsV2.find_single_match(str(answer.response),domain+'. [0-9]+ IN A (?!127\.0\.0\.1)([0-9.]+)')
+
+ url = "http://"+ip
+
+
+
# Headers por defecto, si no se especifica nada
request_headers = default_headers.copy()
diff --git a/lib/dns/__init__.py b/lib/dns/__init__.py
new file mode 100644
index 00000000..c1ce8e60
--- /dev/null
+++ b/lib/dns/__init__.py
@@ -0,0 +1,56 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009, 2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""dnspython DNS toolkit"""
+
+__all__ = [
+ 'dnssec',
+ 'e164',
+ 'edns',
+ 'entropy',
+ 'exception',
+ 'flags',
+ 'hash',
+ 'inet',
+ 'ipv4',
+ 'ipv6',
+ 'message',
+ 'name',
+ 'namedict',
+ 'node',
+ 'opcode',
+ 'query',
+ 'rcode',
+ 'rdata',
+ 'rdataclass',
+ 'rdataset',
+ 'rdatatype',
+ 'renderer',
+ 'resolver',
+ 'reversename',
+ 'rrset',
+ 'set',
+ 'tokenizer',
+ 'tsig',
+ 'tsigkeyring',
+ 'ttl',
+ 'rdtypes',
+ 'update',
+ 'version',
+ 'wiredata',
+ 'zone',
+]
diff --git a/lib/dns/_compat.py b/lib/dns/_compat.py
new file mode 100644
index 00000000..ca0931c2
--- /dev/null
+++ b/lib/dns/_compat.py
@@ -0,0 +1,59 @@
+import sys
+import decimal
+from decimal import Context
+
+PY3 = sys.version_info[0] == 3
+PY2 = sys.version_info[0] == 2
+
+
+if PY3:
+ long = int
+ xrange = range
+else:
+ long = long # pylint: disable=long-builtin
+ xrange = xrange # pylint: disable=xrange-builtin
+
+# unicode / binary types
+if PY3:
+ text_type = str
+ binary_type = bytes
+ string_types = (str,)
+ unichr = chr
+ def maybe_decode(x):
+ return x.decode()
+ def maybe_encode(x):
+ return x.encode()
+ def maybe_chr(x):
+ return x
+ def maybe_ord(x):
+ return x
+else:
+ text_type = unicode # pylint: disable=unicode-builtin, undefined-variable
+ binary_type = str
+ string_types = (
+ basestring, # pylint: disable=basestring-builtin, undefined-variable
+ )
+ unichr = unichr # pylint: disable=unichr-builtin
+ def maybe_decode(x):
+ return x
+ def maybe_encode(x):
+ return x
+ def maybe_chr(x):
+ return chr(x)
+ def maybe_ord(x):
+ return ord(x)
+
+
+def round_py2_compat(what):
+ """
+ Python 2 and Python 3 use different rounding strategies in round(). This
+ function ensures that results are python2/3 compatible and backward
+ compatible with previous py2 releases
+ :param what: float
+ :return: rounded long
+ """
+ d = Context(
+ prec=len(str(long(what))), # round to integer with max precision
+ rounding=decimal.ROUND_HALF_UP
+ ).create_decimal(str(what)) # str(): python 2.6 compat
+ return long(d)
diff --git a/lib/dns/dnssec.py b/lib/dns/dnssec.py
new file mode 100644
index 00000000..35da6b5a
--- /dev/null
+++ b/lib/dns/dnssec.py
@@ -0,0 +1,519 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""Common DNSSEC-related functions and constants."""
+
+from io import BytesIO
+import struct
+import time
+
+import dns.exception
+import dns.name
+import dns.node
+import dns.rdataset
+import dns.rdata
+import dns.rdatatype
+import dns.rdataclass
+from ._compat import string_types
+
+
+class UnsupportedAlgorithm(dns.exception.DNSException):
+ """The DNSSEC algorithm is not supported."""
+
+
+class ValidationFailure(dns.exception.DNSException):
+ """The DNSSEC signature is invalid."""
+
+
+#: RSAMD5
+RSAMD5 = 1
+#: DH
+DH = 2
+#: DSA
+DSA = 3
+#: ECC
+ECC = 4
+#: RSASHA1
+RSASHA1 = 5
+#: DSANSEC3SHA1
+DSANSEC3SHA1 = 6
+#: RSASHA1NSEC3SHA1
+RSASHA1NSEC3SHA1 = 7
+#: RSASHA256
+RSASHA256 = 8
+#: RSASHA512
+RSASHA512 = 10
+#: ECDSAP256SHA256
+ECDSAP256SHA256 = 13
+#: ECDSAP384SHA384
+ECDSAP384SHA384 = 14
+#: INDIRECT
+INDIRECT = 252
+#: PRIVATEDNS
+PRIVATEDNS = 253
+#: PRIVATEOID
+PRIVATEOID = 254
+
+_algorithm_by_text = {
+ 'RSAMD5': RSAMD5,
+ 'DH': DH,
+ 'DSA': DSA,
+ 'ECC': ECC,
+ 'RSASHA1': RSASHA1,
+ 'DSANSEC3SHA1': DSANSEC3SHA1,
+ 'RSASHA1NSEC3SHA1': RSASHA1NSEC3SHA1,
+ 'RSASHA256': RSASHA256,
+ 'RSASHA512': RSASHA512,
+ 'INDIRECT': INDIRECT,
+ 'ECDSAP256SHA256': ECDSAP256SHA256,
+ 'ECDSAP384SHA384': ECDSAP384SHA384,
+ 'PRIVATEDNS': PRIVATEDNS,
+ 'PRIVATEOID': PRIVATEOID,
+}
+
+# We construct the inverse mapping programmatically to ensure that we
+# cannot make any mistakes (e.g. omissions, cut-and-paste errors) that
+# would cause the mapping not to be true inverse.
+
+_algorithm_by_value = {y: x for x, y in _algorithm_by_text.items()}
+
+
+def algorithm_from_text(text):
+ """Convert text into a DNSSEC algorithm value.
+
+ Returns an ``int``.
+ """
+
+ value = _algorithm_by_text.get(text.upper())
+ if value is None:
+ value = int(text)
+ return value
+
+
+def algorithm_to_text(value):
+ """Convert a DNSSEC algorithm value to text
+
+ Returns a ``str``.
+ """
+
+ text = _algorithm_by_value.get(value)
+ if text is None:
+ text = str(value)
+ return text
+
+
+def _to_rdata(record, origin):
+ s = BytesIO()
+ record.to_wire(s, origin=origin)
+ return s.getvalue()
+
+
+def key_id(key, origin=None):
+ """Return the key id (a 16-bit number) for the specified key.
+
+ Note the *origin* parameter of this function is historical and
+ is not needed.
+
+ Returns an ``int`` between 0 and 65535.
+ """
+
+ rdata = _to_rdata(key, origin)
+ rdata = bytearray(rdata)
+ if key.algorithm == RSAMD5:
+ return (rdata[-3] << 8) + rdata[-2]
+ else:
+ total = 0
+ for i in range(len(rdata) // 2):
+ total += (rdata[2 * i] << 8) + \
+ rdata[2 * i + 1]
+ if len(rdata) % 2 != 0:
+ total += rdata[len(rdata) - 1] << 8
+ total += ((total >> 16) & 0xffff)
+ return total & 0xffff
+
+
+def make_ds(name, key, algorithm, origin=None):
+ """Create a DS record for a DNSSEC key.
+
+ *name* is the owner name of the DS record.
+
+ *key* is a ``dns.rdtypes.ANY.DNSKEY``.
+
+ *algorithm* is a string describing which hash algorithm to use. The
+ currently supported hashes are "SHA1" and "SHA256". Case does not
+ matter for these strings.
+
+ *origin* is a ``dns.name.Name`` and will be used as the origin
+ if *key* is a relative name.
+
+ Returns a ``dns.rdtypes.ANY.DS``.
+ """
+
+ if algorithm.upper() == 'SHA1':
+ dsalg = 1
+ hash = SHA1.new()
+ elif algorithm.upper() == 'SHA256':
+ dsalg = 2
+ hash = SHA256.new()
+ else:
+ raise UnsupportedAlgorithm('unsupported algorithm "%s"' % algorithm)
+
+ if isinstance(name, string_types):
+ name = dns.name.from_text(name, origin)
+ hash.update(name.canonicalize().to_wire())
+ hash.update(_to_rdata(key, origin))
+ digest = hash.digest()
+
+ dsrdata = struct.pack("!HBB", key_id(key), key.algorithm, dsalg) + digest
+ return dns.rdata.from_wire(dns.rdataclass.IN, dns.rdatatype.DS, dsrdata, 0,
+ len(dsrdata))
+
+
+def _find_candidate_keys(keys, rrsig):
+ candidate_keys = []
+ value = keys.get(rrsig.signer)
+ if value is None:
+ return None
+ if isinstance(value, dns.node.Node):
+ try:
+ rdataset = value.find_rdataset(dns.rdataclass.IN,
+ dns.rdatatype.DNSKEY)
+ except KeyError:
+ return None
+ else:
+ rdataset = value
+ for rdata in rdataset:
+ if rdata.algorithm == rrsig.algorithm and \
+ key_id(rdata) == rrsig.key_tag:
+ candidate_keys.append(rdata)
+ return candidate_keys
+
+
+def _is_rsa(algorithm):
+ return algorithm in (RSAMD5, RSASHA1,
+ RSASHA1NSEC3SHA1, RSASHA256,
+ RSASHA512)
+
+
+def _is_dsa(algorithm):
+ return algorithm in (DSA, DSANSEC3SHA1)
+
+
+def _is_ecdsa(algorithm):
+ return _have_ecdsa and (algorithm in (ECDSAP256SHA256, ECDSAP384SHA384))
+
+
+def _is_md5(algorithm):
+ return algorithm == RSAMD5
+
+
+def _is_sha1(algorithm):
+ return algorithm in (DSA, RSASHA1,
+ DSANSEC3SHA1, RSASHA1NSEC3SHA1)
+
+
+def _is_sha256(algorithm):
+ return algorithm in (RSASHA256, ECDSAP256SHA256)
+
+
+def _is_sha384(algorithm):
+ return algorithm == ECDSAP384SHA384
+
+
+def _is_sha512(algorithm):
+ return algorithm == RSASHA512
+
+
+def _make_hash(algorithm):
+ if _is_md5(algorithm):
+ return MD5.new()
+ if _is_sha1(algorithm):
+ return SHA1.new()
+ if _is_sha256(algorithm):
+ return SHA256.new()
+ if _is_sha384(algorithm):
+ return SHA384.new()
+ if _is_sha512(algorithm):
+ return SHA512.new()
+ raise ValidationFailure('unknown hash for algorithm %u' % algorithm)
+
+
+def _make_algorithm_id(algorithm):
+ if _is_md5(algorithm):
+ oid = [0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05]
+ elif _is_sha1(algorithm):
+ oid = [0x2b, 0x0e, 0x03, 0x02, 0x1a]
+ elif _is_sha256(algorithm):
+ oid = [0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01]
+ elif _is_sha512(algorithm):
+ oid = [0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03]
+ else:
+ raise ValidationFailure('unknown algorithm %u' % algorithm)
+ olen = len(oid)
+ dlen = _make_hash(algorithm).digest_size
+ idbytes = [0x30] + [8 + olen + dlen] + \
+ [0x30, olen + 4] + [0x06, olen] + oid + \
+ [0x05, 0x00] + [0x04, dlen]
+ return struct.pack('!%dB' % len(idbytes), *idbytes)
+
+
+def _validate_rrsig(rrset, rrsig, keys, origin=None, now=None):
+ """Validate an RRset against a single signature rdata
+
+ The owner name of *rrsig* is assumed to be the same as the owner name
+ of *rrset*.
+
+ *rrset* is the RRset to validate. It can be a ``dns.rrset.RRset`` or
+ a ``(dns.name.Name, dns.rdataset.Rdataset)`` tuple.
+
+ *rrsig* is a ``dns.rdata.Rdata``, the signature to validate.
+
+ *keys* is the key dictionary, used to find the DNSKEY associated with
+ a given name. The dictionary is keyed by a ``dns.name.Name``, and has
+ ``dns.node.Node`` or ``dns.rdataset.Rdataset`` values.
+
+ *origin* is a ``dns.name.Name``, the origin to use for relative names.
+
+ *now* is an ``int``, the time to use when validating the signatures,
+ in seconds since the UNIX epoch. The default is the current time.
+ """
+
+ if isinstance(origin, string_types):
+ origin = dns.name.from_text(origin, dns.name.root)
+
+ candidate_keys = _find_candidate_keys(keys, rrsig)
+ if candidate_keys is None:
+ raise ValidationFailure('unknown key')
+
+ for candidate_key in candidate_keys:
+ # For convenience, allow the rrset to be specified as a (name,
+ # rdataset) tuple as well as a proper rrset
+ if isinstance(rrset, tuple):
+ rrname = rrset[0]
+ rdataset = rrset[1]
+ else:
+ rrname = rrset.name
+ rdataset = rrset
+
+ if now is None:
+ now = time.time()
+ if rrsig.expiration < now:
+ raise ValidationFailure('expired')
+ if rrsig.inception > now:
+ raise ValidationFailure('not yet valid')
+
+ hash = _make_hash(rrsig.algorithm)
+
+ if _is_rsa(rrsig.algorithm):
+ keyptr = candidate_key.key
+ (bytes_,) = struct.unpack('!B', keyptr[0:1])
+ keyptr = keyptr[1:]
+ if bytes_ == 0:
+ (bytes_,) = struct.unpack('!H', keyptr[0:2])
+ keyptr = keyptr[2:]
+ rsa_e = keyptr[0:bytes_]
+ rsa_n = keyptr[bytes_:]
+ try:
+ pubkey = CryptoRSA.construct(
+ (number.bytes_to_long(rsa_n),
+ number.bytes_to_long(rsa_e)))
+ except ValueError:
+ raise ValidationFailure('invalid public key')
+ sig = rrsig.signature
+ elif _is_dsa(rrsig.algorithm):
+ keyptr = candidate_key.key
+ (t,) = struct.unpack('!B', keyptr[0:1])
+ keyptr = keyptr[1:]
+ octets = 64 + t * 8
+ dsa_q = keyptr[0:20]
+ keyptr = keyptr[20:]
+ dsa_p = keyptr[0:octets]
+ keyptr = keyptr[octets:]
+ dsa_g = keyptr[0:octets]
+ keyptr = keyptr[octets:]
+ dsa_y = keyptr[0:octets]
+ pubkey = CryptoDSA.construct(
+ (number.bytes_to_long(dsa_y),
+ number.bytes_to_long(dsa_g),
+ number.bytes_to_long(dsa_p),
+ number.bytes_to_long(dsa_q)))
+ sig = rrsig.signature[1:]
+ elif _is_ecdsa(rrsig.algorithm):
+ # use ecdsa for NIST-384p -- not currently supported by pycryptodome
+
+ keyptr = candidate_key.key
+
+ if rrsig.algorithm == ECDSAP256SHA256:
+ curve = ecdsa.curves.NIST256p
+ key_len = 32
+ elif rrsig.algorithm == ECDSAP384SHA384:
+ curve = ecdsa.curves.NIST384p
+ key_len = 48
+
+ x = number.bytes_to_long(keyptr[0:key_len])
+ y = number.bytes_to_long(keyptr[key_len:key_len * 2])
+ if not ecdsa.ecdsa.point_is_valid(curve.generator, x, y):
+ raise ValidationFailure('invalid ECDSA key')
+ point = ecdsa.ellipticcurve.Point(curve.curve, x, y, curve.order)
+ verifying_key = ecdsa.keys.VerifyingKey.from_public_point(point,
+ curve)
+ pubkey = ECKeyWrapper(verifying_key, key_len)
+ r = rrsig.signature[:key_len]
+ s = rrsig.signature[key_len:]
+ sig = ecdsa.ecdsa.Signature(number.bytes_to_long(r),
+ number.bytes_to_long(s))
+
+ else:
+ raise ValidationFailure('unknown algorithm %u' % rrsig.algorithm)
+
+ hash.update(_to_rdata(rrsig, origin)[:18])
+ hash.update(rrsig.signer.to_digestable(origin))
+
+ if rrsig.labels < len(rrname) - 1:
+ suffix = rrname.split(rrsig.labels + 1)[1]
+ rrname = dns.name.from_text('*', suffix)
+ rrnamebuf = rrname.to_digestable(origin)
+ rrfixed = struct.pack('!HHI', rdataset.rdtype, rdataset.rdclass,
+ rrsig.original_ttl)
+ rrlist = sorted(rdataset)
+ for rr in rrlist:
+ hash.update(rrnamebuf)
+ hash.update(rrfixed)
+ rrdata = rr.to_digestable(origin)
+ rrlen = struct.pack('!H', len(rrdata))
+ hash.update(rrlen)
+ hash.update(rrdata)
+
+ try:
+ if _is_rsa(rrsig.algorithm):
+ verifier = pkcs1_15.new(pubkey)
+ # will raise ValueError if verify fails:
+ verifier.verify(hash, sig)
+ elif _is_dsa(rrsig.algorithm):
+ verifier = DSS.new(pubkey, 'fips-186-3')
+ verifier.verify(hash, sig)
+ elif _is_ecdsa(rrsig.algorithm):
+ digest = hash.digest()
+ if not pubkey.verify(digest, sig):
+ raise ValueError
+ else:
+ # Raise here for code clarity; this won't actually ever happen
+ # since if the algorithm is really unknown we'd already have
+ # raised an exception above
+ raise ValidationFailure('unknown algorithm %u' % rrsig.algorithm)
+ # If we got here, we successfully verified so we can return without error
+ return
+ except ValueError:
+ # this happens on an individual validation failure
+ continue
+ # nothing verified -- raise failure:
+ raise ValidationFailure('verify failure')
+
+
+def _validate(rrset, rrsigset, keys, origin=None, now=None):
+ """Validate an RRset.
+
+ *rrset* is the RRset to validate. It can be a ``dns.rrset.RRset`` or
+ a ``(dns.name.Name, dns.rdataset.Rdataset)`` tuple.
+
+ *rrsigset* is the signature RRset to be validated. It can be a
+ ``dns.rrset.RRset`` or a ``(dns.name.Name, dns.rdataset.Rdataset)`` tuple.
+
+ *keys* is the key dictionary, used to find the DNSKEY associated with
+ a given name. The dictionary is keyed by a ``dns.name.Name``, and has
+ ``dns.node.Node`` or ``dns.rdataset.Rdataset`` values.
+
+ *origin* is a ``dns.name.Name``, the origin to use for relative names.
+
+ *now* is an ``int``, the time to use when validating the signatures,
+ in seconds since the UNIX epoch. The default is the current time.
+ """
+
+ if isinstance(origin, string_types):
+ origin = dns.name.from_text(origin, dns.name.root)
+
+ if isinstance(rrset, tuple):
+ rrname = rrset[0]
+ else:
+ rrname = rrset.name
+
+ if isinstance(rrsigset, tuple):
+ rrsigname = rrsigset[0]
+ rrsigrdataset = rrsigset[1]
+ else:
+ rrsigname = rrsigset.name
+ rrsigrdataset = rrsigset
+
+ rrname = rrname.choose_relativity(origin)
+ rrsigname = rrsigname.choose_relativity(origin)
+ if rrname != rrsigname:
+ raise ValidationFailure("owner names do not match")
+
+ for rrsig in rrsigrdataset:
+ try:
+ _validate_rrsig(rrset, rrsig, keys, origin, now)
+ return
+ except ValidationFailure:
+ pass
+ raise ValidationFailure("no RRSIGs validated")
+
+
+def _need_pycrypto(*args, **kwargs):
+ raise NotImplementedError("DNSSEC validation requires pycryptodome/pycryptodomex")
+
+
+try:
+ try:
+ # test we're using pycryptodome, not pycrypto (which misses SHA1 for example)
+ from Crypto.Hash import MD5, SHA1, SHA256, SHA384, SHA512
+ from Crypto.PublicKey import RSA as CryptoRSA, DSA as CryptoDSA
+ from Crypto.Signature import pkcs1_15, DSS
+ from Crypto.Util import number
+ except ImportError:
+ from Cryptodome.Hash import MD5, SHA1, SHA256, SHA384, SHA512
+ from Cryptodome.PublicKey import RSA as CryptoRSA, DSA as CryptoDSA
+ from Cryptodome.Signature import pkcs1_15, DSS
+ from Cryptodome.Util import number
+except ImportError:
+ validate = _need_pycrypto
+ validate_rrsig = _need_pycrypto
+ _have_pycrypto = False
+ _have_ecdsa = False
+else:
+ validate = _validate
+ validate_rrsig = _validate_rrsig
+ _have_pycrypto = True
+
+ try:
+ import ecdsa
+ import ecdsa.ecdsa
+ import ecdsa.ellipticcurve
+ import ecdsa.keys
+ except ImportError:
+ _have_ecdsa = False
+ else:
+ _have_ecdsa = True
+
+ class ECKeyWrapper(object):
+
+ def __init__(self, key, key_len):
+ self.key = key
+ self.key_len = key_len
+
+ def verify(self, digest, sig):
+ diglong = number.bytes_to_long(digest)
+ return self.key.pubkey.verifies(diglong, sig)
diff --git a/lib/dns/e164.py b/lib/dns/e164.py
new file mode 100644
index 00000000..758c47a7
--- /dev/null
+++ b/lib/dns/e164.py
@@ -0,0 +1,105 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2006-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS E.164 helpers."""
+
+import dns.exception
+import dns.name
+import dns.resolver
+from ._compat import string_types, maybe_decode
+
+#: The public E.164 domain.
+public_enum_domain = dns.name.from_text('e164.arpa.')
+
+
+def from_e164(text, origin=public_enum_domain):
+ """Convert an E.164 number in textual form into a Name object whose
+ value is the ENUM domain name for that number.
+
+ Non-digits in the text are ignored, i.e. "16505551212",
+ "+1.650.555.1212" and "1 (650) 555-1212" are all the same.
+
+ *text*, a ``text``, is an E.164 number in textual form.
+
+ *origin*, a ``dns.name.Name``, the domain in which the number
+ should be constructed. The default is ``e164.arpa.``.
+
+ Returns a ``dns.name.Name``.
+ """
+
+ parts = [d for d in text if d.isdigit()]
+ parts.reverse()
+ return dns.name.from_text('.'.join(parts), origin=origin)
+
+
+def to_e164(name, origin=public_enum_domain, want_plus_prefix=True):
+ """Convert an ENUM domain name into an E.164 number.
+
+ Note that dnspython does not have any information about preferred
+ number formats within national numbering plans, so all numbers are
+ emitted as a simple string of digits, prefixed by a '+' (unless
+ *want_plus_prefix* is ``False``).
+
+ *name* is a ``dns.name.Name``, the ENUM domain name.
+
+ *origin* is a ``dns.name.Name``, a domain containing the ENUM
+ domain name. The name is relativized to this domain before being
+ converted to text. If ``None``, no relativization is done.
+
+ *want_plus_prefix* is a ``bool``. If True, add a '+' to the beginning of
+ the returned number.
+
+ Returns a ``text``.
+
+ """
+ if origin is not None:
+ name = name.relativize(origin)
+ dlabels = [d for d in name.labels if d.isdigit() and len(d) == 1]
+ if len(dlabels) != len(name.labels):
+ raise dns.exception.SyntaxError('non-digit labels in ENUM domain name')
+ dlabels.reverse()
+ text = b''.join(dlabels)
+ if want_plus_prefix:
+ text = b'+' + text
+ return maybe_decode(text)
+
+
+def query(number, domains, resolver=None):
+ """Look for NAPTR RRs for the specified number in the specified domains.
+
+ e.g. lookup('16505551212', ['e164.dnspython.org.', 'e164.arpa.'])
+
+ *number*, a ``text`` is the number to look for.
+
+ *domains* is an iterable containing ``dns.name.Name`` values.
+
+ *resolver*, a ``dns.resolver.Resolver``, is the resolver to use. If
+ ``None``, the default resolver is used.
+ """
+
+ if resolver is None:
+ resolver = dns.resolver.get_default_resolver()
+ e_nx = dns.resolver.NXDOMAIN()
+ for domain in domains:
+ if isinstance(domain, string_types):
+ domain = dns.name.from_text(domain)
+ qname = dns.e164.from_e164(number, domain)
+ try:
+ return resolver.query(qname, 'NAPTR')
+ except dns.resolver.NXDOMAIN as e:
+ e_nx += e
+ raise e_nx
diff --git a/lib/dns/edns.py b/lib/dns/edns.py
new file mode 100644
index 00000000..5660f7bb
--- /dev/null
+++ b/lib/dns/edns.py
@@ -0,0 +1,269 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2009-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""EDNS Options"""
+
+from __future__ import absolute_import
+
+import math
+import struct
+
+import dns.inet
+
+#: NSID
+NSID = 3
+#: DAU
+DAU = 5
+#: DHU
+DHU = 6
+#: N3U
+N3U = 7
+#: ECS (client-subnet)
+ECS = 8
+#: EXPIRE
+EXPIRE = 9
+#: COOKIE
+COOKIE = 10
+#: KEEPALIVE
+KEEPALIVE = 11
+#: PADDING
+PADDING = 12
+#: CHAIN
+CHAIN = 13
+
+class Option(object):
+
+ """Base class for all EDNS option types."""
+
+ def __init__(self, otype):
+ """Initialize an option.
+
+ *otype*, an ``int``, is the option type.
+ """
+ self.otype = otype
+
+ def to_wire(self, file):
+ """Convert an option to wire format.
+ """
+ raise NotImplementedError
+
+ @classmethod
+ def from_wire(cls, otype, wire, current, olen):
+ """Build an EDNS option object from wire format.
+
+ *otype*, an ``int``, is the option type.
+
+ *wire*, a ``binary``, is the wire-format message.
+
+ *current*, an ``int``, is the offset in *wire* of the beginning
+ of the rdata.
+
+ *olen*, an ``int``, is the length of the wire-format option data
+
+ Returns a ``dns.edns.Option``.
+ """
+
+ raise NotImplementedError
+
+ def _cmp(self, other):
+ """Compare an EDNS option with another option of the same type.
+
+ Returns < 0 if < *other*, 0 if == *other*, and > 0 if > *other*.
+ """
+ raise NotImplementedError
+
+ def __eq__(self, other):
+ if not isinstance(other, Option):
+ return False
+ if self.otype != other.otype:
+ return False
+ return self._cmp(other) == 0
+
+ def __ne__(self, other):
+ if not isinstance(other, Option):
+ return False
+ if self.otype != other.otype:
+ return False
+ return self._cmp(other) != 0
+
+ def __lt__(self, other):
+ if not isinstance(other, Option) or \
+ self.otype != other.otype:
+ return NotImplemented
+ return self._cmp(other) < 0
+
+ def __le__(self, other):
+ if not isinstance(other, Option) or \
+ self.otype != other.otype:
+ return NotImplemented
+ return self._cmp(other) <= 0
+
+ def __ge__(self, other):
+ if not isinstance(other, Option) or \
+ self.otype != other.otype:
+ return NotImplemented
+ return self._cmp(other) >= 0
+
+ def __gt__(self, other):
+ if not isinstance(other, Option) or \
+ self.otype != other.otype:
+ return NotImplemented
+ return self._cmp(other) > 0
+
+
+class GenericOption(Option):
+
+ """Generic Option Class
+
+ This class is used for EDNS option types for which we have no better
+ implementation.
+ """
+
+ def __init__(self, otype, data):
+ super(GenericOption, self).__init__(otype)
+ self.data = data
+
+ def to_wire(self, file):
+ file.write(self.data)
+
+ def to_text(self):
+ return "Generic %d" % self.otype
+
+ @classmethod
+ def from_wire(cls, otype, wire, current, olen):
+ return cls(otype, wire[current: current + olen])
+
+ def _cmp(self, other):
+ if self.data == other.data:
+ return 0
+ if self.data > other.data:
+ return 1
+ return -1
+
+
+class ECSOption(Option):
+ """EDNS Client Subnet (ECS, RFC7871)"""
+
+ def __init__(self, address, srclen=None, scopelen=0):
+ """*address*, a ``text``, is the client address information.
+
+ *srclen*, an ``int``, the source prefix length, which is the
+ leftmost number of bits of the address to be used for the
+ lookup. The default is 24 for IPv4 and 56 for IPv6.
+
+ *scopelen*, an ``int``, the scope prefix length. This value
+ must be 0 in queries, and should be set in responses.
+ """
+
+ super(ECSOption, self).__init__(ECS)
+ af = dns.inet.af_for_address(address)
+
+ if af == dns.inet.AF_INET6:
+ self.family = 2
+ if srclen is None:
+ srclen = 56
+ elif af == dns.inet.AF_INET:
+ self.family = 1
+ if srclen is None:
+ srclen = 24
+ else:
+ raise ValueError('Bad ip family')
+
+ self.address = address
+ self.srclen = srclen
+ self.scopelen = scopelen
+
+ addrdata = dns.inet.inet_pton(af, address)
+ nbytes = int(math.ceil(srclen/8.0))
+
+ # Truncate to srclen and pad to the end of the last octet needed
+ # See RFC section 6
+ self.addrdata = addrdata[:nbytes]
+ nbits = srclen % 8
+ if nbits != 0:
+ last = struct.pack('B', ord(self.addrdata[-1:]) & (0xff << nbits))
+ self.addrdata = self.addrdata[:-1] + last
+
+ def to_text(self):
+ return "ECS {}/{} scope/{}".format(self.address, self.srclen,
+ self.scopelen)
+
+ def to_wire(self, file):
+ file.write(struct.pack('!H', self.family))
+ file.write(struct.pack('!BB', self.srclen, self.scopelen))
+ file.write(self.addrdata)
+
+ @classmethod
+ def from_wire(cls, otype, wire, cur, olen):
+ family, src, scope = struct.unpack('!HBB', wire[cur:cur+4])
+ cur += 4
+
+ addrlen = int(math.ceil(src/8.0))
+
+ if family == 1:
+ af = dns.inet.AF_INET
+ pad = 4 - addrlen
+ elif family == 2:
+ af = dns.inet.AF_INET6
+ pad = 16 - addrlen
+ else:
+ raise ValueError('unsupported family')
+
+ addr = dns.inet.inet_ntop(af, wire[cur:cur+addrlen] + b'\x00' * pad)
+ return cls(addr, src, scope)
+
+ def _cmp(self, other):
+ if self.addrdata == other.addrdata:
+ return 0
+ if self.addrdata > other.addrdata:
+ return 1
+ return -1
+
+_type_to_class = {
+ ECS: ECSOption
+}
+
+def get_option_class(otype):
+ """Return the class for the specified option type.
+
+ The GenericOption class is used if a more specific class is not
+ known.
+ """
+
+ cls = _type_to_class.get(otype)
+ if cls is None:
+ cls = GenericOption
+ return cls
+
+
+def option_from_wire(otype, wire, current, olen):
+ """Build an EDNS option object from wire format.
+
+ *otype*, an ``int``, is the option type.
+
+ *wire*, a ``binary``, is the wire-format message.
+
+ *current*, an ``int``, is the offset in *wire* of the beginning
+ of the rdata.
+
+ *olen*, an ``int``, is the length of the wire-format option data
+
+ Returns an instance of a subclass of ``dns.edns.Option``.
+ """
+
+ cls = get_option_class(otype)
+ return cls.from_wire(otype, wire, current, olen)
diff --git a/lib/dns/entropy.py b/lib/dns/entropy.py
new file mode 100644
index 00000000..00c6a4b3
--- /dev/null
+++ b/lib/dns/entropy.py
@@ -0,0 +1,148 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2009-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import os
+import random
+import time
+from ._compat import long, binary_type
+try:
+ import threading as _threading
+except ImportError:
+ import dummy_threading as _threading
+
+
+class EntropyPool(object):
+
+ # This is an entropy pool for Python implementations that do not
+ # have a working SystemRandom. I'm not sure there are any, but
+ # leaving this code doesn't hurt anything as the library code
+ # is used if present.
+
+ def __init__(self, seed=None):
+ self.pool_index = 0
+ self.digest = None
+ self.next_byte = 0
+ self.lock = _threading.Lock()
+ try:
+ import hashlib
+ self.hash = hashlib.sha1()
+ self.hash_len = 20
+ except ImportError:
+ try:
+ import sha
+ self.hash = sha.new()
+ self.hash_len = 20
+ except ImportError:
+ import md5 # pylint: disable=import-error
+ self.hash = md5.new()
+ self.hash_len = 16
+ self.pool = bytearray(b'\0' * self.hash_len)
+ if seed is not None:
+ self.stir(bytearray(seed))
+ self.seeded = True
+ self.seed_pid = os.getpid()
+ else:
+ self.seeded = False
+ self.seed_pid = 0
+
+ def stir(self, entropy, already_locked=False):
+ if not already_locked:
+ self.lock.acquire()
+ try:
+ for c in entropy:
+ if self.pool_index == self.hash_len:
+ self.pool_index = 0
+ b = c & 0xff
+ self.pool[self.pool_index] ^= b
+ self.pool_index += 1
+ finally:
+ if not already_locked:
+ self.lock.release()
+
+ def _maybe_seed(self):
+ if not self.seeded or self.seed_pid != os.getpid():
+ try:
+ seed = os.urandom(16)
+ except Exception:
+ try:
+ r = open('/dev/urandom', 'rb', 0)
+ try:
+ seed = r.read(16)
+ finally:
+ r.close()
+ except Exception:
+ seed = str(time.time())
+ self.seeded = True
+ self.seed_pid = os.getpid()
+ self.digest = None
+ seed = bytearray(seed)
+ self.stir(seed, True)
+
+ def random_8(self):
+ self.lock.acquire()
+ try:
+ self._maybe_seed()
+ if self.digest is None or self.next_byte == self.hash_len:
+ self.hash.update(binary_type(self.pool))
+ self.digest = bytearray(self.hash.digest())
+ self.stir(self.digest, True)
+ self.next_byte = 0
+ value = self.digest[self.next_byte]
+ self.next_byte += 1
+ finally:
+ self.lock.release()
+ return value
+
+ def random_16(self):
+ return self.random_8() * 256 + self.random_8()
+
+ def random_32(self):
+ return self.random_16() * 65536 + self.random_16()
+
+ def random_between(self, first, last):
+ size = last - first + 1
+ if size > long(4294967296):
+ raise ValueError('too big')
+ if size > 65536:
+ rand = self.random_32
+ max = long(4294967295)
+ elif size > 256:
+ rand = self.random_16
+ max = 65535
+ else:
+ rand = self.random_8
+ max = 255
+ return first + size * rand() // (max + 1)
+
+pool = EntropyPool()
+
+try:
+ system_random = random.SystemRandom()
+except Exception:
+ system_random = None
+
+def random_16():
+ if system_random is not None:
+ return system_random.randrange(0, 65536)
+ else:
+ return pool.random_16()
+
+def between(first, last):
+ if system_random is not None:
+ return system_random.randrange(first, last + 1)
+ else:
+ return pool.random_between(first, last)
diff --git a/lib/dns/exception.py b/lib/dns/exception.py
new file mode 100644
index 00000000..71ff04f1
--- /dev/null
+++ b/lib/dns/exception.py
@@ -0,0 +1,128 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""Common DNS Exceptions.
+
+Dnspython modules may also define their own exceptions, which will
+always be subclasses of ``DNSException``.
+"""
+
+class DNSException(Exception):
+ """Abstract base class shared by all dnspython exceptions.
+
+ It supports two basic modes of operation:
+
+ a) Old/compatible mode is used if ``__init__`` was called with
+ empty *kwargs*. In compatible mode all *args* are passed
+ to the standard Python Exception class as before and all *args* are
+ printed by the standard ``__str__`` implementation. Class variable
+ ``msg`` (or doc string if ``msg`` is ``None``) is returned from ``str()``
+ if *args* is empty.
+
+ b) New/parametrized mode is used if ``__init__`` was called with
+ non-empty *kwargs*.
+ In the new mode *args* must be empty and all kwargs must match
+ those set in class variable ``supp_kwargs``. All kwargs are stored inside
+ ``self.kwargs`` and used in a new ``__str__`` implementation to construct
+ a formatted message based on the ``fmt`` class variable, a ``string``.
+
+ In the simplest case it is enough to override the ``supp_kwargs``
+ and ``fmt`` class variables to get nice parametrized messages.
+ """
+
+ msg = None # non-parametrized message
+ supp_kwargs = set() # accepted parameters for _fmt_kwargs (sanity check)
+ fmt = None # message parametrized with results from _fmt_kwargs
+
+ def __init__(self, *args, **kwargs):
+ self._check_params(*args, **kwargs)
+ if kwargs:
+ self.kwargs = self._check_kwargs(**kwargs)
+ self.msg = str(self)
+ else:
+ self.kwargs = dict() # defined but empty for old mode exceptions
+ if self.msg is None:
+ # doc string is better implicit message than empty string
+ self.msg = self.__doc__
+ if args:
+ super(DNSException, self).__init__(*args)
+ else:
+ super(DNSException, self).__init__(self.msg)
+
+ def _check_params(self, *args, **kwargs):
+ """Old exceptions supported only args and not kwargs.
+
+ For sanity we do not allow to mix old and new behavior."""
+ if args or kwargs:
+ assert bool(args) != bool(kwargs), \
+ 'keyword arguments are mutually exclusive with positional args'
+
+ def _check_kwargs(self, **kwargs):
+ if kwargs:
+ assert set(kwargs.keys()) == self.supp_kwargs, \
+ 'following set of keyword args is required: %s' % (
+ self.supp_kwargs)
+ return kwargs
+
+ def _fmt_kwargs(self, **kwargs):
+ """Format kwargs before printing them.
+
+ Resulting dictionary has to have keys necessary for str.format call
+ on fmt class variable.
+ """
+ fmtargs = {}
+ for kw, data in kwargs.items():
+ if isinstance(data, (list, set)):
+ # convert list of to list of str()
+ fmtargs[kw] = list(map(str, data))
+ if len(fmtargs[kw]) == 1:
+ # remove list brackets [] from single-item lists
+ fmtargs[kw] = fmtargs[kw].pop()
+ else:
+ fmtargs[kw] = data
+ return fmtargs
+
+ def __str__(self):
+ if self.kwargs and self.fmt:
+ # provide custom message constructed from keyword arguments
+ fmtargs = self._fmt_kwargs(**self.kwargs)
+ return self.fmt.format(**fmtargs)
+ else:
+ # print *args directly in the same way as old DNSException
+ return super(DNSException, self).__str__()
+
+
+class FormError(DNSException):
+ """DNS message is malformed."""
+
+
+class SyntaxError(DNSException):
+ """Text input is malformed."""
+
+
+class UnexpectedEnd(SyntaxError):
+ """Text input ended unexpectedly."""
+
+
+class TooBig(DNSException):
+ """The DNS message is too big."""
+
+
+class Timeout(DNSException):
+ """The DNS operation timed out."""
+ supp_kwargs = {'timeout'}
+ fmt = "The DNS operation timed out after {timeout} seconds"
diff --git a/lib/dns/flags.py b/lib/dns/flags.py
new file mode 100644
index 00000000..0119dec7
--- /dev/null
+++ b/lib/dns/flags.py
@@ -0,0 +1,130 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2001-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS Message Flags."""
+
+# Standard DNS flags
+
+#: Query Response
+QR = 0x8000
+#: Authoritative Answer
+AA = 0x0400
+#: Truncated Response
+TC = 0x0200
+#: Recursion Desired
+RD = 0x0100
+#: Recursion Available
+RA = 0x0080
+#: Authentic Data
+AD = 0x0020
+#: Checking Disabled
+CD = 0x0010
+
+# EDNS flags
+
+#: DNSSEC answer OK
+DO = 0x8000
+
+_by_text = {
+ 'QR': QR,
+ 'AA': AA,
+ 'TC': TC,
+ 'RD': RD,
+ 'RA': RA,
+ 'AD': AD,
+ 'CD': CD
+}
+
+_edns_by_text = {
+ 'DO': DO
+}
+
+
+# We construct the inverse mappings programmatically to ensure that we
+# cannot make any mistakes (e.g. omissions, cut-and-paste errors) that
+# would cause the mappings not to be true inverses.
+
+_by_value = {y: x for x, y in _by_text.items()}
+
+_edns_by_value = {y: x for x, y in _edns_by_text.items()}
+
+
+def _order_flags(table):
+ order = list(table.items())
+ order.sort()
+ order.reverse()
+ return order
+
+_flags_order = _order_flags(_by_value)
+
+_edns_flags_order = _order_flags(_edns_by_value)
+
+
+def _from_text(text, table):
+ flags = 0
+ tokens = text.split()
+ for t in tokens:
+ flags = flags | table[t.upper()]
+ return flags
+
+
+def _to_text(flags, table, order):
+ text_flags = []
+ for k, v in order:
+ if flags & k != 0:
+ text_flags.append(v)
+ return ' '.join(text_flags)
+
+
+def from_text(text):
+ """Convert a space-separated list of flag text values into a flags
+ value.
+
+ Returns an ``int``
+ """
+
+ return _from_text(text, _by_text)
+
+
+def to_text(flags):
+ """Convert a flags value into a space-separated list of flag text
+ values.
+
+ Returns a ``text``.
+ """
+
+ return _to_text(flags, _by_value, _flags_order)
+
+
+def edns_from_text(text):
+ """Convert a space-separated list of EDNS flag text values into a EDNS
+ flags value.
+
+ Returns an ``int``
+ """
+
+ return _from_text(text, _edns_by_text)
+
+
+def edns_to_text(flags):
+ """Convert an EDNS flags value into a space-separated list of EDNS flag
+ text values.
+
+ Returns a ``text``.
+ """
+
+ return _to_text(flags, _edns_by_value, _edns_flags_order)
diff --git a/lib/dns/grange.py b/lib/dns/grange.py
new file mode 100644
index 00000000..ffe8be7c
--- /dev/null
+++ b/lib/dns/grange.py
@@ -0,0 +1,69 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2012-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS GENERATE range conversion."""
+
+import dns
+
+def from_text(text):
+ """Convert the text form of a range in a ``$GENERATE`` statement to an
+ integer.
+
+ *text*, a ``str``, the textual range in ``$GENERATE`` form.
+
+ Returns a tuple of three ``int`` values ``(start, stop, step)``.
+ """
+
+ # TODO, figure out the bounds on start, stop and step.
+ step = 1
+ cur = ''
+ state = 0
+ # state 0 1 2 3 4
+ # x - y / z
+
+ if text and text[0] == '-':
+ raise dns.exception.SyntaxError("Start cannot be a negative number")
+
+ for c in text:
+ if c == '-' and state == 0:
+ start = int(cur)
+ cur = ''
+ state = 2
+ elif c == '/':
+ stop = int(cur)
+ cur = ''
+ state = 4
+ elif c.isdigit():
+ cur += c
+ else:
+ raise dns.exception.SyntaxError("Could not parse %s" % (c))
+
+ if state in (1, 3):
+ raise dns.exception.SyntaxError()
+
+ if state == 2:
+ stop = int(cur)
+
+ if state == 4:
+ step = int(cur)
+
+ assert step >= 1
+ assert start >= 0
+ assert start <= stop
+ # TODO, can start == stop?
+
+ return (start, stop, step)
diff --git a/lib/dns/hash.py b/lib/dns/hash.py
new file mode 100644
index 00000000..1713e628
--- /dev/null
+++ b/lib/dns/hash.py
@@ -0,0 +1,37 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""Hashing backwards compatibility wrapper"""
+
+import hashlib
+import warnings
+
+warnings.warn(
+ "dns.hash module will be removed in future versions. Please use hashlib instead.",
+ DeprecationWarning)
+
+hashes = {}
+hashes['MD5'] = hashlib.md5
+hashes['SHA1'] = hashlib.sha1
+hashes['SHA224'] = hashlib.sha224
+hashes['SHA256'] = hashlib.sha256
+hashes['SHA384'] = hashlib.sha384
+hashes['SHA512'] = hashlib.sha512
+
+
+def get(algorithm):
+ return hashes[algorithm.upper()]
diff --git a/lib/dns/inet.py b/lib/dns/inet.py
new file mode 100644
index 00000000..c8d7c1b4
--- /dev/null
+++ b/lib/dns/inet.py
@@ -0,0 +1,124 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""Generic Internet address helper functions."""
+
+import socket
+
+import dns.ipv4
+import dns.ipv6
+
+from ._compat import maybe_ord
+
+# We assume that AF_INET is always defined.
+
+AF_INET = socket.AF_INET
+
+# AF_INET6 might not be defined in the socket module, but we need it.
+# We'll try to use the socket module's value, and if it doesn't work,
+# we'll use our own value.
+
+try:
+ AF_INET6 = socket.AF_INET6
+except AttributeError:
+ AF_INET6 = 9999
+
+
+def inet_pton(family, text):
+ """Convert the textual form of a network address into its binary form.
+
+ *family* is an ``int``, the address family.
+
+ *text* is a ``text``, the textual address.
+
+ Raises ``NotImplementedError`` if the address family specified is not
+ implemented.
+
+ Returns a ``binary``.
+ """
+
+ if family == AF_INET:
+ return dns.ipv4.inet_aton(text)
+ elif family == AF_INET6:
+ return dns.ipv6.inet_aton(text)
+ else:
+ raise NotImplementedError
+
+
+def inet_ntop(family, address):
+ """Convert the binary form of a network address into its textual form.
+
+ *family* is an ``int``, the address family.
+
+ *address* is a ``binary``, the network address in binary form.
+
+ Raises ``NotImplementedError`` if the address family specified is not
+ implemented.
+
+ Returns a ``text``.
+ """
+
+ if family == AF_INET:
+ return dns.ipv4.inet_ntoa(address)
+ elif family == AF_INET6:
+ return dns.ipv6.inet_ntoa(address)
+ else:
+ raise NotImplementedError
+
+
+def af_for_address(text):
+ """Determine the address family of a textual-form network address.
+
+ *text*, a ``text``, the textual address.
+
+ Raises ``ValueError`` if the address family cannot be determined
+ from the input.
+
+ Returns an ``int``.
+ """
+
+ try:
+ dns.ipv4.inet_aton(text)
+ return AF_INET
+ except Exception:
+ try:
+ dns.ipv6.inet_aton(text)
+ return AF_INET6
+ except:
+ raise ValueError
+
+
+def is_multicast(text):
+ """Is the textual-form network address a multicast address?
+
+ *text*, a ``text``, the textual address.
+
+ Raises ``ValueError`` if the address family cannot be determined
+ from the input.
+
+ Returns a ``bool``.
+ """
+
+ try:
+ first = maybe_ord(dns.ipv4.inet_aton(text)[0])
+ return first >= 224 and first <= 239
+ except Exception:
+ try:
+ first = maybe_ord(dns.ipv6.inet_aton(text)[0])
+ return first == 255
+ except Exception:
+ raise ValueError
diff --git a/lib/dns/ipv4.py b/lib/dns/ipv4.py
new file mode 100644
index 00000000..8fc4f7dc
--- /dev/null
+++ b/lib/dns/ipv4.py
@@ -0,0 +1,63 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""IPv4 helper functions."""
+
+import struct
+
+import dns.exception
+from ._compat import binary_type
+
+def inet_ntoa(address):
+ """Convert an IPv4 address in binary form to text form.
+
+ *address*, a ``binary``, the IPv4 address in binary form.
+
+ Returns a ``text``.
+ """
+
+ if len(address) != 4:
+ raise dns.exception.SyntaxError
+ if not isinstance(address, bytearray):
+ address = bytearray(address)
+ return ('%u.%u.%u.%u' % (address[0], address[1],
+ address[2], address[3]))
+
+def inet_aton(text):
+ """Convert an IPv4 address in text form to binary form.
+
+ *text*, a ``text``, the IPv4 address in textual form.
+
+ Returns a ``binary``.
+ """
+
+ if not isinstance(text, binary_type):
+ text = text.encode()
+ parts = text.split(b'.')
+ if len(parts) != 4:
+ raise dns.exception.SyntaxError
+ for part in parts:
+ if not part.isdigit():
+ raise dns.exception.SyntaxError
+ if len(part) > 1 and part[0] == '0':
+ # No leading zeros
+ raise dns.exception.SyntaxError
+ try:
+ bytes = [int(part) for part in parts]
+ return struct.pack('BBBB', *bytes)
+ except:
+ raise dns.exception.SyntaxError
diff --git a/lib/dns/ipv6.py b/lib/dns/ipv6.py
new file mode 100644
index 00000000..128e56c8
--- /dev/null
+++ b/lib/dns/ipv6.py
@@ -0,0 +1,181 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""IPv6 helper functions."""
+
+import re
+import binascii
+
+import dns.exception
+import dns.ipv4
+from ._compat import xrange, binary_type, maybe_decode
+
+_leading_zero = re.compile(r'0+([0-9a-f]+)')
+
+def inet_ntoa(address):
+ """Convert an IPv6 address in binary form to text form.
+
+ *address*, a ``binary``, the IPv6 address in binary form.
+
+ Raises ``ValueError`` if the address isn't 16 bytes long.
+ Returns a ``text``.
+ """
+
+ if len(address) != 16:
+ raise ValueError("IPv6 addresses are 16 bytes long")
+ hex = binascii.hexlify(address)
+ chunks = []
+ i = 0
+ l = len(hex)
+ while i < l:
+ chunk = maybe_decode(hex[i : i + 4])
+ # strip leading zeros. we do this with an re instead of
+ # with lstrip() because lstrip() didn't support chars until
+ # python 2.2.2
+ m = _leading_zero.match(chunk)
+ if not m is None:
+ chunk = m.group(1)
+ chunks.append(chunk)
+ i += 4
+ #
+ # Compress the longest subsequence of 0-value chunks to ::
+ #
+ best_start = 0
+ best_len = 0
+ start = -1
+ last_was_zero = False
+ for i in xrange(8):
+ if chunks[i] != '0':
+ if last_was_zero:
+ end = i
+ current_len = end - start
+ if current_len > best_len:
+ best_start = start
+ best_len = current_len
+ last_was_zero = False
+ elif not last_was_zero:
+ start = i
+ last_was_zero = True
+ if last_was_zero:
+ end = 8
+ current_len = end - start
+ if current_len > best_len:
+ best_start = start
+ best_len = current_len
+ if best_len > 1:
+ if best_start == 0 and \
+ (best_len == 6 or
+ best_len == 5 and chunks[5] == 'ffff'):
+ # We have an embedded IPv4 address
+ if best_len == 6:
+ prefix = '::'
+ else:
+ prefix = '::ffff:'
+ hex = prefix + dns.ipv4.inet_ntoa(address[12:])
+ else:
+ hex = ':'.join(chunks[:best_start]) + '::' + \
+ ':'.join(chunks[best_start + best_len:])
+ else:
+ hex = ':'.join(chunks)
+ return hex
+
+_v4_ending = re.compile(br'(.*):(\d+\.\d+\.\d+\.\d+)$')
+_colon_colon_start = re.compile(br'::.*')
+_colon_colon_end = re.compile(br'.*::$')
+
+def inet_aton(text):
+ """Convert an IPv6 address in text form to binary form.
+
+ *text*, a ``text``, the IPv6 address in textual form.
+
+ Returns a ``binary``.
+ """
+
+ #
+ # Our aim here is not something fast; we just want something that works.
+ #
+ if not isinstance(text, binary_type):
+ text = text.encode()
+
+ if text == b'::':
+ text = b'0::'
+ #
+ # Get rid of the icky dot-quad syntax if we have it.
+ #
+ m = _v4_ending.match(text)
+ if not m is None:
+ b = bytearray(dns.ipv4.inet_aton(m.group(2)))
+ text = (u"{}:{:02x}{:02x}:{:02x}{:02x}".format(m.group(1).decode(),
+ b[0], b[1], b[2],
+ b[3])).encode()
+ #
+ # Try to turn '::' into ':'; if no match try to
+ # turn '::' into ':'
+ #
+ m = _colon_colon_start.match(text)
+ if not m is None:
+ text = text[1:]
+ else:
+ m = _colon_colon_end.match(text)
+ if not m is None:
+ text = text[:-1]
+ #
+ # Now canonicalize into 8 chunks of 4 hex digits each
+ #
+ chunks = text.split(b':')
+ l = len(chunks)
+ if l > 8:
+ raise dns.exception.SyntaxError
+ seen_empty = False
+ canonical = []
+ for c in chunks:
+ if c == b'':
+ if seen_empty:
+ raise dns.exception.SyntaxError
+ seen_empty = True
+ for i in xrange(0, 8 - l + 1):
+ canonical.append(b'0000')
+ else:
+ lc = len(c)
+ if lc > 4:
+ raise dns.exception.SyntaxError
+ if lc != 4:
+ c = (b'0' * (4 - lc)) + c
+ canonical.append(c)
+ if l < 8 and not seen_empty:
+ raise dns.exception.SyntaxError
+ text = b''.join(canonical)
+
+ #
+ # Finally we can go to binary.
+ #
+ try:
+ return binascii.unhexlify(text)
+ except (binascii.Error, TypeError):
+ raise dns.exception.SyntaxError
+
+_mapped_prefix = b'\x00' * 10 + b'\xff\xff'
+
+def is_mapped(address):
+ """Is the specified address a mapped IPv4 address?
+
+ *address*, a ``binary`` is an IPv6 address in binary form.
+
+ Returns a ``bool``.
+ """
+
+ return address.startswith(_mapped_prefix)
diff --git a/lib/dns/message.py b/lib/dns/message.py
new file mode 100644
index 00000000..9d2b2f43
--- /dev/null
+++ b/lib/dns/message.py
@@ -0,0 +1,1175 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2001-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS Messages"""
+
+from __future__ import absolute_import
+
+from io import StringIO
+import struct
+import time
+
+import dns.edns
+import dns.exception
+import dns.flags
+import dns.name
+import dns.opcode
+import dns.entropy
+import dns.rcode
+import dns.rdata
+import dns.rdataclass
+import dns.rdatatype
+import dns.rrset
+import dns.renderer
+import dns.tsig
+import dns.wiredata
+
+from ._compat import long, xrange, string_types
+
+
+class ShortHeader(dns.exception.FormError):
+ """The DNS packet passed to from_wire() is too short."""
+
+
+class TrailingJunk(dns.exception.FormError):
+ """The DNS packet passed to from_wire() has extra junk at the end of it."""
+
+
+class UnknownHeaderField(dns.exception.DNSException):
+ """The header field name was not recognized when converting from text
+ into a message."""
+
+
+class BadEDNS(dns.exception.FormError):
+ """An OPT record occurred somewhere other than the start of
+ the additional data section."""
+
+
+class BadTSIG(dns.exception.FormError):
+ """A TSIG record occurred somewhere other than the end of
+ the additional data section."""
+
+
+class UnknownTSIGKey(dns.exception.DNSException):
+ """A TSIG with an unknown key was received."""
+
+
+#: The question section number
+QUESTION = 0
+
+#: The answer section number
+ANSWER = 1
+
+#: The authority section number
+AUTHORITY = 2
+
+#: The additional section number
+ADDITIONAL = 3
+
+class Message(object):
+ """A DNS message."""
+
+ def __init__(self, id=None):
+ if id is None:
+ self.id = dns.entropy.random_16()
+ else:
+ self.id = id
+ self.flags = 0
+ self.question = []
+ self.answer = []
+ self.authority = []
+ self.additional = []
+ self.edns = -1
+ self.ednsflags = 0
+ self.payload = 0
+ self.options = []
+ self.request_payload = 0
+ self.keyring = None
+ self.keyname = None
+ self.keyalgorithm = dns.tsig.default_algorithm
+ self.request_mac = b''
+ self.other_data = b''
+ self.tsig_error = 0
+ self.fudge = 300
+ self.original_id = self.id
+ self.mac = b''
+ self.xfr = False
+ self.origin = None
+ self.tsig_ctx = None
+ self.had_tsig = False
+ self.multi = False
+ self.first = True
+ self.index = {}
+
+ def __repr__(self):
+ return ''
+
+ def __str__(self):
+ return self.to_text()
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ """Convert the message to text.
+
+ The *origin*, *relativize*, and any other keyword
+ arguments are passed to the RRset ``to_wire()`` method.
+
+ Returns a ``text``.
+ """
+
+ s = StringIO()
+ s.write(u'id %d\n' % self.id)
+ s.write(u'opcode %s\n' %
+ dns.opcode.to_text(dns.opcode.from_flags(self.flags)))
+ rc = dns.rcode.from_flags(self.flags, self.ednsflags)
+ s.write(u'rcode %s\n' % dns.rcode.to_text(rc))
+ s.write(u'flags %s\n' % dns.flags.to_text(self.flags))
+ if self.edns >= 0:
+ s.write(u'edns %s\n' % self.edns)
+ if self.ednsflags != 0:
+ s.write(u'eflags %s\n' %
+ dns.flags.edns_to_text(self.ednsflags))
+ s.write(u'payload %d\n' % self.payload)
+ for opt in self.options:
+ s.write(u'option %s\n' % opt.to_text())
+ is_update = dns.opcode.is_update(self.flags)
+ if is_update:
+ s.write(u';ZONE\n')
+ else:
+ s.write(u';QUESTION\n')
+ for rrset in self.question:
+ s.write(rrset.to_text(origin, relativize, **kw))
+ s.write(u'\n')
+ if is_update:
+ s.write(u';PREREQ\n')
+ else:
+ s.write(u';ANSWER\n')
+ for rrset in self.answer:
+ s.write(rrset.to_text(origin, relativize, **kw))
+ s.write(u'\n')
+ if is_update:
+ s.write(u';UPDATE\n')
+ else:
+ s.write(u';AUTHORITY\n')
+ for rrset in self.authority:
+ s.write(rrset.to_text(origin, relativize, **kw))
+ s.write(u'\n')
+ s.write(u';ADDITIONAL\n')
+ for rrset in self.additional:
+ s.write(rrset.to_text(origin, relativize, **kw))
+ s.write(u'\n')
+ #
+ # We strip off the final \n so the caller can print the result without
+ # doing weird things to get around eccentricities in Python print
+ # formatting
+ #
+ return s.getvalue()[:-1]
+
+ def __eq__(self, other):
+ """Two messages are equal if they have the same content in the
+ header, question, answer, and authority sections.
+
+ Returns a ``bool``.
+ """
+
+ if not isinstance(other, Message):
+ return False
+ if self.id != other.id:
+ return False
+ if self.flags != other.flags:
+ return False
+ for n in self.question:
+ if n not in other.question:
+ return False
+ for n in other.question:
+ if n not in self.question:
+ return False
+ for n in self.answer:
+ if n not in other.answer:
+ return False
+ for n in other.answer:
+ if n not in self.answer:
+ return False
+ for n in self.authority:
+ if n not in other.authority:
+ return False
+ for n in other.authority:
+ if n not in self.authority:
+ return False
+ return True
+
+ def __ne__(self, other):
+ return not self.__eq__(other)
+
+ def is_response(self, other):
+ """Is this message a response to *other*?
+
+ Returns a ``bool``.
+ """
+
+ if other.flags & dns.flags.QR == 0 or \
+ self.id != other.id or \
+ dns.opcode.from_flags(self.flags) != \
+ dns.opcode.from_flags(other.flags):
+ return False
+ if dns.rcode.from_flags(other.flags, other.ednsflags) != \
+ dns.rcode.NOERROR:
+ return True
+ if dns.opcode.is_update(self.flags):
+ return True
+ for n in self.question:
+ if n not in other.question:
+ return False
+ for n in other.question:
+ if n not in self.question:
+ return False
+ return True
+
+ def section_number(self, section):
+ """Return the "section number" of the specified section for use
+ in indexing. The question section is 0, the answer section is 1,
+ the authority section is 2, and the additional section is 3.
+
+ *section* is one of the section attributes of this message.
+
+ Raises ``ValueError`` if the section isn't known.
+
+ Returns an ``int``.
+ """
+
+ if section is self.question:
+ return QUESTION
+ elif section is self.answer:
+ return ANSWER
+ elif section is self.authority:
+ return AUTHORITY
+ elif section is self.additional:
+ return ADDITIONAL
+ else:
+ raise ValueError('unknown section')
+
+ def section_from_number(self, number):
+ """Return the "section number" of the specified section for use
+ in indexing. The question section is 0, the answer section is 1,
+ the authority section is 2, and the additional section is 3.
+
+ *section* is one of the section attributes of this message.
+
+ Raises ``ValueError`` if the section isn't known.
+
+ Returns an ``int``.
+ """
+
+ if number == QUESTION:
+ return self.question
+ elif number == ANSWER:
+ return self.answer
+ elif number == AUTHORITY:
+ return self.authority
+ elif number == ADDITIONAL:
+ return self.additional
+ else:
+ raise ValueError('unknown section')
+
+ def find_rrset(self, section, name, rdclass, rdtype,
+ covers=dns.rdatatype.NONE, deleting=None, create=False,
+ force_unique=False):
+ """Find the RRset with the given attributes in the specified section.
+
+ *section*, an ``int`` section number, or one of the section
+ attributes of this message. This specifies the
+ the section of the message to search. For example::
+
+ my_message.find_rrset(my_message.answer, name, rdclass, rdtype)
+ my_message.find_rrset(dns.message.ANSWER, name, rdclass, rdtype)
+
+ *name*, a ``dns.name.Name``, the name of the RRset.
+
+ *rdclass*, an ``int``, the class of the RRset.
+
+ *rdtype*, an ``int``, the type of the RRset.
+
+ *covers*, an ``int`` or ``None``, the covers value of the RRset.
+ The default is ``None``.
+
+ *deleting*, an ``int`` or ``None``, the deleting value of the RRset.
+ The default is ``None``.
+
+ *create*, a ``bool``. If ``True``, create the RRset if it is not found.
+ The created RRset is appended to *section*.
+
+ *force_unique*, a ``bool``. If ``True`` and *create* is also ``True``,
+ create a new RRset regardless of whether a matching RRset exists
+ already. The default is ``False``. This is useful when creating
+ DDNS Update messages, as order matters for them.
+
+ Raises ``KeyError`` if the RRset was not found and create was
+ ``False``.
+
+ Returns a ``dns.rrset.RRset object``.
+ """
+
+ if isinstance(section, int):
+ section_number = section
+ section = self.section_from_number(section_number)
+ else:
+ section_number = self.section_number(section)
+ key = (section_number, name, rdclass, rdtype, covers, deleting)
+ if not force_unique:
+ if self.index is not None:
+ rrset = self.index.get(key)
+ if rrset is not None:
+ return rrset
+ else:
+ for rrset in section:
+ if rrset.match(name, rdclass, rdtype, covers, deleting):
+ return rrset
+ if not create:
+ raise KeyError
+ rrset = dns.rrset.RRset(name, rdclass, rdtype, covers, deleting)
+ section.append(rrset)
+ if self.index is not None:
+ self.index[key] = rrset
+ return rrset
+
+ def get_rrset(self, section, name, rdclass, rdtype,
+ covers=dns.rdatatype.NONE, deleting=None, create=False,
+ force_unique=False):
+ """Get the RRset with the given attributes in the specified section.
+
+ If the RRset is not found, None is returned.
+
+ *section*, an ``int`` section number, or one of the section
+ attributes of this message. This specifies the
+ the section of the message to search. For example::
+
+ my_message.get_rrset(my_message.answer, name, rdclass, rdtype)
+ my_message.get_rrset(dns.message.ANSWER, name, rdclass, rdtype)
+
+ *name*, a ``dns.name.Name``, the name of the RRset.
+
+ *rdclass*, an ``int``, the class of the RRset.
+
+ *rdtype*, an ``int``, the type of the RRset.
+
+ *covers*, an ``int`` or ``None``, the covers value of the RRset.
+ The default is ``None``.
+
+ *deleting*, an ``int`` or ``None``, the deleting value of the RRset.
+ The default is ``None``.
+
+ *create*, a ``bool``. If ``True``, create the RRset if it is not found.
+ The created RRset is appended to *section*.
+
+ *force_unique*, a ``bool``. If ``True`` and *create* is also ``True``,
+ create a new RRset regardless of whether a matching RRset exists
+ already. The default is ``False``. This is useful when creating
+ DDNS Update messages, as order matters for them.
+
+ Returns a ``dns.rrset.RRset object`` or ``None``.
+ """
+
+ try:
+ rrset = self.find_rrset(section, name, rdclass, rdtype, covers,
+ deleting, create, force_unique)
+ except KeyError:
+ rrset = None
+ return rrset
+
+ def to_wire(self, origin=None, max_size=0, **kw):
+ """Return a string containing the message in DNS compressed wire
+ format.
+
+ Additional keyword arguments are passed to the RRset ``to_wire()``
+ method.
+
+ *origin*, a ``dns.name.Name`` or ``None``, the origin to be appended
+ to any relative names.
+
+ *max_size*, an ``int``, the maximum size of the wire format
+ output; default is 0, which means "the message's request
+ payload, if nonzero, or 65535".
+
+ Raises ``dns.exception.TooBig`` if *max_size* was exceeded.
+
+ Returns a ``binary``.
+ """
+
+ if max_size == 0:
+ if self.request_payload != 0:
+ max_size = self.request_payload
+ else:
+ max_size = 65535
+ if max_size < 512:
+ max_size = 512
+ elif max_size > 65535:
+ max_size = 65535
+ r = dns.renderer.Renderer(self.id, self.flags, max_size, origin)
+ for rrset in self.question:
+ r.add_question(rrset.name, rrset.rdtype, rrset.rdclass)
+ for rrset in self.answer:
+ r.add_rrset(dns.renderer.ANSWER, rrset, **kw)
+ for rrset in self.authority:
+ r.add_rrset(dns.renderer.AUTHORITY, rrset, **kw)
+ if self.edns >= 0:
+ r.add_edns(self.edns, self.ednsflags, self.payload, self.options)
+ for rrset in self.additional:
+ r.add_rrset(dns.renderer.ADDITIONAL, rrset, **kw)
+ r.write_header()
+ if self.keyname is not None:
+ r.add_tsig(self.keyname, self.keyring[self.keyname],
+ self.fudge, self.original_id, self.tsig_error,
+ self.other_data, self.request_mac,
+ self.keyalgorithm)
+ self.mac = r.mac
+ return r.get_wire()
+
+ def use_tsig(self, keyring, keyname=None, fudge=300,
+ original_id=None, tsig_error=0, other_data=b'',
+ algorithm=dns.tsig.default_algorithm):
+ """When sending, a TSIG signature using the specified keyring
+ and keyname should be added.
+
+ See the documentation of the Message class for a complete
+ description of the keyring dictionary.
+
+ *keyring*, a ``dict``, the TSIG keyring to use. If a
+ *keyring* is specified but a *keyname* is not, then the key
+ used will be the first key in the *keyring*. Note that the
+ order of keys in a dictionary is not defined, so applications
+ should supply a keyname when a keyring is used, unless they
+ know the keyring contains only one key.
+
+ *keyname*, a ``dns.name.Name`` or ``None``, the name of the TSIG key
+ to use; defaults to ``None``. The key must be defined in the keyring.
+
+ *fudge*, an ``int``, the TSIG time fudge.
+
+ *original_id*, an ``int``, the TSIG original id. If ``None``,
+ the message's id is used.
+
+ *tsig_error*, an ``int``, the TSIG error code.
+
+ *other_data*, a ``binary``, the TSIG other data.
+
+ *algorithm*, a ``dns.name.Name``, the TSIG algorithm to use.
+ """
+
+ self.keyring = keyring
+ if keyname is None:
+ self.keyname = list(self.keyring.keys())[0]
+ else:
+ if isinstance(keyname, string_types):
+ keyname = dns.name.from_text(keyname)
+ self.keyname = keyname
+ self.keyalgorithm = algorithm
+ self.fudge = fudge
+ if original_id is None:
+ self.original_id = self.id
+ else:
+ self.original_id = original_id
+ self.tsig_error = tsig_error
+ self.other_data = other_data
+
+ def use_edns(self, edns=0, ednsflags=0, payload=1280, request_payload=None,
+ options=None):
+ """Configure EDNS behavior.
+
+ *edns*, an ``int``, is the EDNS level to use. Specifying
+ ``None``, ``False``, or ``-1`` means "do not use EDNS", and in this case
+ the other parameters are ignored. Specifying ``True`` is
+ equivalent to specifying 0, i.e. "use EDNS0".
+
+ *ednsflags*, an ``int``, the EDNS flag values.
+
+ *payload*, an ``int``, is the EDNS sender's payload field, which is the
+ maximum size of UDP datagram the sender can handle. I.e. how big
+ a response to this message can be.
+
+ *request_payload*, an ``int``, is the EDNS payload size to use when
+ sending this message. If not specified, defaults to the value of
+ *payload*.
+
+ *options*, a list of ``dns.edns.Option`` objects or ``None``, the EDNS
+ options.
+ """
+
+ if edns is None or edns is False:
+ edns = -1
+ if edns is True:
+ edns = 0
+ if request_payload is None:
+ request_payload = payload
+ if edns < 0:
+ ednsflags = 0
+ payload = 0
+ request_payload = 0
+ options = []
+ else:
+ # make sure the EDNS version in ednsflags agrees with edns
+ ednsflags &= long(0xFF00FFFF)
+ ednsflags |= (edns << 16)
+ if options is None:
+ options = []
+ self.edns = edns
+ self.ednsflags = ednsflags
+ self.payload = payload
+ self.options = options
+ self.request_payload = request_payload
+
+ def want_dnssec(self, wanted=True):
+ """Enable or disable 'DNSSEC desired' flag in requests.
+
+ *wanted*, a ``bool``. If ``True``, then DNSSEC data is
+ desired in the response, EDNS is enabled if required, and then
+ the DO bit is set. If ``False``, the DO bit is cleared if
+ EDNS is enabled.
+ """
+
+ if wanted:
+ if self.edns < 0:
+ self.use_edns()
+ self.ednsflags |= dns.flags.DO
+ elif self.edns >= 0:
+ self.ednsflags &= ~dns.flags.DO
+
+ def rcode(self):
+ """Return the rcode.
+
+ Returns an ``int``.
+ """
+ return dns.rcode.from_flags(self.flags, self.ednsflags)
+
+ def set_rcode(self, rcode):
+ """Set the rcode.
+
+ *rcode*, an ``int``, is the rcode to set.
+ """
+ (value, evalue) = dns.rcode.to_flags(rcode)
+ self.flags &= 0xFFF0
+ self.flags |= value
+ self.ednsflags &= long(0x00FFFFFF)
+ self.ednsflags |= evalue
+ if self.ednsflags != 0 and self.edns < 0:
+ self.edns = 0
+
+ def opcode(self):
+ """Return the opcode.
+
+ Returns an ``int``.
+ """
+ return dns.opcode.from_flags(self.flags)
+
+ def set_opcode(self, opcode):
+ """Set the opcode.
+
+ *opcode*, an ``int``, is the opcode to set.
+ """
+ self.flags &= 0x87FF
+ self.flags |= dns.opcode.to_flags(opcode)
+
+
+class _WireReader(object):
+
+ """Wire format reader.
+
+ wire: a binary, is the wire-format message.
+ message: The message object being built
+ current: When building a message object from wire format, this
+ variable contains the offset from the beginning of wire of the next octet
+ to be read.
+ updating: Is the message a dynamic update?
+ one_rr_per_rrset: Put each RR into its own RRset?
+ ignore_trailing: Ignore trailing junk at end of request?
+ zone_rdclass: The class of the zone in messages which are
+ DNS dynamic updates.
+ """
+
+ def __init__(self, wire, message, question_only=False,
+ one_rr_per_rrset=False, ignore_trailing=False):
+ self.wire = dns.wiredata.maybe_wrap(wire)
+ self.message = message
+ self.current = 0
+ self.updating = False
+ self.zone_rdclass = dns.rdataclass.IN
+ self.question_only = question_only
+ self.one_rr_per_rrset = one_rr_per_rrset
+ self.ignore_trailing = ignore_trailing
+
+ def _get_question(self, qcount):
+ """Read the next *qcount* records from the wire data and add them to
+ the question section.
+ """
+
+ if self.updating and qcount > 1:
+ raise dns.exception.FormError
+
+ for i in xrange(0, qcount):
+ (qname, used) = dns.name.from_wire(self.wire, self.current)
+ if self.message.origin is not None:
+ qname = qname.relativize(self.message.origin)
+ self.current = self.current + used
+ (rdtype, rdclass) = \
+ struct.unpack('!HH',
+ self.wire[self.current:self.current + 4])
+ self.current = self.current + 4
+ self.message.find_rrset(self.message.question, qname,
+ rdclass, rdtype, create=True,
+ force_unique=True)
+ if self.updating:
+ self.zone_rdclass = rdclass
+
+ def _get_section(self, section, count):
+ """Read the next I{count} records from the wire data and add them to
+ the specified section.
+
+ section: the section of the message to which to add records
+ count: the number of records to read
+ """
+
+ if self.updating or self.one_rr_per_rrset:
+ force_unique = True
+ else:
+ force_unique = False
+ seen_opt = False
+ for i in xrange(0, count):
+ rr_start = self.current
+ (name, used) = dns.name.from_wire(self.wire, self.current)
+ absolute_name = name
+ if self.message.origin is not None:
+ name = name.relativize(self.message.origin)
+ self.current = self.current + used
+ (rdtype, rdclass, ttl, rdlen) = \
+ struct.unpack('!HHIH',
+ self.wire[self.current:self.current + 10])
+ self.current = self.current + 10
+ if rdtype == dns.rdatatype.OPT:
+ if section is not self.message.additional or seen_opt:
+ raise BadEDNS
+ self.message.payload = rdclass
+ self.message.ednsflags = ttl
+ self.message.edns = (ttl & 0xff0000) >> 16
+ self.message.options = []
+ current = self.current
+ optslen = rdlen
+ while optslen > 0:
+ (otype, olen) = \
+ struct.unpack('!HH',
+ self.wire[current:current + 4])
+ current = current + 4
+ opt = dns.edns.option_from_wire(
+ otype, self.wire, current, olen)
+ self.message.options.append(opt)
+ current = current + olen
+ optslen = optslen - 4 - olen
+ seen_opt = True
+ elif rdtype == dns.rdatatype.TSIG:
+ if not (section is self.message.additional and
+ i == (count - 1)):
+ raise BadTSIG
+ if self.message.keyring is None:
+ raise UnknownTSIGKey('got signed message without keyring')
+ secret = self.message.keyring.get(absolute_name)
+ if secret is None:
+ raise UnknownTSIGKey("key '%s' unknown" % name)
+ self.message.keyname = absolute_name
+ (self.message.keyalgorithm, self.message.mac) = \
+ dns.tsig.get_algorithm_and_mac(self.wire, self.current,
+ rdlen)
+ self.message.tsig_ctx = \
+ dns.tsig.validate(self.wire,
+ absolute_name,
+ secret,
+ int(time.time()),
+ self.message.request_mac,
+ rr_start,
+ self.current,
+ rdlen,
+ self.message.tsig_ctx,
+ self.message.multi,
+ self.message.first)
+ self.message.had_tsig = True
+ else:
+ if ttl < 0:
+ ttl = 0
+ if self.updating and \
+ (rdclass == dns.rdataclass.ANY or
+ rdclass == dns.rdataclass.NONE):
+ deleting = rdclass
+ rdclass = self.zone_rdclass
+ else:
+ deleting = None
+ if deleting == dns.rdataclass.ANY or \
+ (deleting == dns.rdataclass.NONE and
+ section is self.message.answer):
+ covers = dns.rdatatype.NONE
+ rd = None
+ else:
+ rd = dns.rdata.from_wire(rdclass, rdtype, self.wire,
+ self.current, rdlen,
+ self.message.origin)
+ covers = rd.covers()
+ if self.message.xfr and rdtype == dns.rdatatype.SOA:
+ force_unique = True
+ rrset = self.message.find_rrset(section, name,
+ rdclass, rdtype, covers,
+ deleting, True, force_unique)
+ if rd is not None:
+ rrset.add(rd, ttl)
+ self.current = self.current + rdlen
+
+ def read(self):
+ """Read a wire format DNS message and build a dns.message.Message
+ object."""
+
+ l = len(self.wire)
+ if l < 12:
+ raise ShortHeader
+ (self.message.id, self.message.flags, qcount, ancount,
+ aucount, adcount) = struct.unpack('!HHHHHH', self.wire[:12])
+ self.current = 12
+ if dns.opcode.is_update(self.message.flags):
+ self.updating = True
+ self._get_question(qcount)
+ if self.question_only:
+ return
+ self._get_section(self.message.answer, ancount)
+ self._get_section(self.message.authority, aucount)
+ self._get_section(self.message.additional, adcount)
+ if not self.ignore_trailing and self.current != l:
+ raise TrailingJunk
+ if self.message.multi and self.message.tsig_ctx and \
+ not self.message.had_tsig:
+ self.message.tsig_ctx.update(self.wire)
+
+
+def from_wire(wire, keyring=None, request_mac=b'', xfr=False, origin=None,
+ tsig_ctx=None, multi=False, first=True,
+ question_only=False, one_rr_per_rrset=False,
+ ignore_trailing=False):
+ """Convert a DNS wire format message into a message
+ object.
+
+ *keyring*, a ``dict``, the keyring to use if the message is signed.
+
+ *request_mac*, a ``binary``. If the message is a response to a
+ TSIG-signed request, *request_mac* should be set to the MAC of
+ that request.
+
+ *xfr*, a ``bool``, should be set to ``True`` if this message is part of
+ a zone transfer.
+
+ *origin*, a ``dns.name.Name`` or ``None``. If the message is part
+ of a zone transfer, *origin* should be the origin name of the
+ zone.
+
+ *tsig_ctx*, a ``hmac.HMAC`` objext, the ongoing TSIG context, used
+ when validating zone transfers.
+
+ *multi*, a ``bool``, should be set to ``True`` if this message
+ part of a multiple message sequence.
+
+ *first*, a ``bool``, should be set to ``True`` if this message is
+ stand-alone, or the first message in a multi-message sequence.
+
+ *question_only*, a ``bool``. If ``True``, read only up to
+ the end of the question section.
+
+ *one_rr_per_rrset*, a ``bool``. If ``True``, put each RR into its
+ own RRset.
+
+ *ignore_trailing*, a ``bool``. If ``True``, ignore trailing
+ junk at end of the message.
+
+ Raises ``dns.message.ShortHeader`` if the message is less than 12 octets
+ long.
+
+ Raises ``dns.messaage.TrailingJunk`` if there were octets in the message
+ past the end of the proper DNS message, and *ignore_trailing* is ``False``.
+
+ Raises ``dns.message.BadEDNS`` if an OPT record was in the
+ wrong section, or occurred more than once.
+
+ Raises ``dns.message.BadTSIG`` if a TSIG record was not the last
+ record of the additional data section.
+
+ Returns a ``dns.message.Message``.
+ """
+
+ m = Message(id=0)
+ m.keyring = keyring
+ m.request_mac = request_mac
+ m.xfr = xfr
+ m.origin = origin
+ m.tsig_ctx = tsig_ctx
+ m.multi = multi
+ m.first = first
+
+ reader = _WireReader(wire, m, question_only, one_rr_per_rrset,
+ ignore_trailing)
+ reader.read()
+
+ return m
+
+
+class _TextReader(object):
+
+ """Text format reader.
+
+ tok: the tokenizer.
+ message: The message object being built.
+ updating: Is the message a dynamic update?
+ zone_rdclass: The class of the zone in messages which are
+ DNS dynamic updates.
+ last_name: The most recently read name when building a message object.
+ """
+
+ def __init__(self, text, message):
+ self.message = message
+ self.tok = dns.tokenizer.Tokenizer(text)
+ self.last_name = None
+ self.zone_rdclass = dns.rdataclass.IN
+ self.updating = False
+
+ def _header_line(self, section):
+ """Process one line from the text format header section."""
+
+ token = self.tok.get()
+ what = token.value
+ if what == 'id':
+ self.message.id = self.tok.get_int()
+ elif what == 'flags':
+ while True:
+ token = self.tok.get()
+ if not token.is_identifier():
+ self.tok.unget(token)
+ break
+ self.message.flags = self.message.flags | \
+ dns.flags.from_text(token.value)
+ if dns.opcode.is_update(self.message.flags):
+ self.updating = True
+ elif what == 'edns':
+ self.message.edns = self.tok.get_int()
+ self.message.ednsflags = self.message.ednsflags | \
+ (self.message.edns << 16)
+ elif what == 'eflags':
+ if self.message.edns < 0:
+ self.message.edns = 0
+ while True:
+ token = self.tok.get()
+ if not token.is_identifier():
+ self.tok.unget(token)
+ break
+ self.message.ednsflags = self.message.ednsflags | \
+ dns.flags.edns_from_text(token.value)
+ elif what == 'payload':
+ self.message.payload = self.tok.get_int()
+ if self.message.edns < 0:
+ self.message.edns = 0
+ elif what == 'opcode':
+ text = self.tok.get_string()
+ self.message.flags = self.message.flags | \
+ dns.opcode.to_flags(dns.opcode.from_text(text))
+ elif what == 'rcode':
+ text = self.tok.get_string()
+ self.message.set_rcode(dns.rcode.from_text(text))
+ else:
+ raise UnknownHeaderField
+ self.tok.get_eol()
+
+ def _question_line(self, section):
+ """Process one line from the text format question section."""
+
+ token = self.tok.get(want_leading=True)
+ if not token.is_whitespace():
+ self.last_name = dns.name.from_text(token.value, None)
+ name = self.last_name
+ token = self.tok.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError
+ # Class
+ try:
+ rdclass = dns.rdataclass.from_text(token.value)
+ token = self.tok.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError
+ except dns.exception.SyntaxError:
+ raise dns.exception.SyntaxError
+ except Exception:
+ rdclass = dns.rdataclass.IN
+ # Type
+ rdtype = dns.rdatatype.from_text(token.value)
+ self.message.find_rrset(self.message.question, name,
+ rdclass, rdtype, create=True,
+ force_unique=True)
+ if self.updating:
+ self.zone_rdclass = rdclass
+ self.tok.get_eol()
+
+ def _rr_line(self, section):
+ """Process one line from the text format answer, authority, or
+ additional data sections.
+ """
+
+ deleting = None
+ # Name
+ token = self.tok.get(want_leading=True)
+ if not token.is_whitespace():
+ self.last_name = dns.name.from_text(token.value, None)
+ name = self.last_name
+ token = self.tok.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError
+ # TTL
+ try:
+ ttl = int(token.value, 0)
+ token = self.tok.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError
+ except dns.exception.SyntaxError:
+ raise dns.exception.SyntaxError
+ except Exception:
+ ttl = 0
+ # Class
+ try:
+ rdclass = dns.rdataclass.from_text(token.value)
+ token = self.tok.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError
+ if rdclass == dns.rdataclass.ANY or rdclass == dns.rdataclass.NONE:
+ deleting = rdclass
+ rdclass = self.zone_rdclass
+ except dns.exception.SyntaxError:
+ raise dns.exception.SyntaxError
+ except Exception:
+ rdclass = dns.rdataclass.IN
+ # Type
+ rdtype = dns.rdatatype.from_text(token.value)
+ token = self.tok.get()
+ if not token.is_eol_or_eof():
+ self.tok.unget(token)
+ rd = dns.rdata.from_text(rdclass, rdtype, self.tok, None)
+ covers = rd.covers()
+ else:
+ rd = None
+ covers = dns.rdatatype.NONE
+ rrset = self.message.find_rrset(section, name,
+ rdclass, rdtype, covers,
+ deleting, True, self.updating)
+ if rd is not None:
+ rrset.add(rd, ttl)
+
+ def read(self):
+ """Read a text format DNS message and build a dns.message.Message
+ object."""
+
+ line_method = self._header_line
+ section = None
+ while 1:
+ token = self.tok.get(True, True)
+ if token.is_eol_or_eof():
+ break
+ if token.is_comment():
+ u = token.value.upper()
+ if u == 'HEADER':
+ line_method = self._header_line
+ elif u == 'QUESTION' or u == 'ZONE':
+ line_method = self._question_line
+ section = self.message.question
+ elif u == 'ANSWER' or u == 'PREREQ':
+ line_method = self._rr_line
+ section = self.message.answer
+ elif u == 'AUTHORITY' or u == 'UPDATE':
+ line_method = self._rr_line
+ section = self.message.authority
+ elif u == 'ADDITIONAL':
+ line_method = self._rr_line
+ section = self.message.additional
+ self.tok.get_eol()
+ continue
+ self.tok.unget(token)
+ line_method(section)
+
+
+def from_text(text):
+ """Convert the text format message into a message object.
+
+ *text*, a ``text``, the text format message.
+
+ Raises ``dns.message.UnknownHeaderField`` if a header is unknown.
+
+ Raises ``dns.exception.SyntaxError`` if the text is badly formed.
+
+ Returns a ``dns.message.Message object``
+ """
+
+ # 'text' can also be a file, but we don't publish that fact
+ # since it's an implementation detail. The official file
+ # interface is from_file().
+
+ m = Message()
+
+ reader = _TextReader(text, m)
+ reader.read()
+
+ return m
+
+
+def from_file(f):
+ """Read the next text format message from the specified file.
+
+ *f*, a ``file`` or ``text``. If *f* is text, it is treated as the
+ pathname of a file to open.
+
+ Raises ``dns.message.UnknownHeaderField`` if a header is unknown.
+
+ Raises ``dns.exception.SyntaxError`` if the text is badly formed.
+
+ Returns a ``dns.message.Message object``
+ """
+
+ str_type = string_types
+ opts = 'rU'
+
+ if isinstance(f, str_type):
+ f = open(f, opts)
+ want_close = True
+ else:
+ want_close = False
+
+ try:
+ m = from_text(f)
+ finally:
+ if want_close:
+ f.close()
+ return m
+
+
+def make_query(qname, rdtype, rdclass=dns.rdataclass.IN, use_edns=None,
+ want_dnssec=False, ednsflags=None, payload=None,
+ request_payload=None, options=None):
+ """Make a query message.
+
+ The query name, type, and class may all be specified either
+ as objects of the appropriate type, or as strings.
+
+ The query will have a randomly chosen query id, and its DNS flags
+ will be set to dns.flags.RD.
+
+ qname, a ``dns.name.Name`` or ``text``, the query name.
+
+ *rdtype*, an ``int`` or ``text``, the desired rdata type.
+
+ *rdclass*, an ``int`` or ``text``, the desired rdata class; the default
+ is class IN.
+
+ *use_edns*, an ``int``, ``bool`` or ``None``. The EDNS level to use; the
+ default is None (no EDNS).
+ See the description of dns.message.Message.use_edns() for the possible
+ values for use_edns and their meanings.
+
+ *want_dnssec*, a ``bool``. If ``True``, DNSSEC data is desired.
+
+ *ednsflags*, an ``int``, the EDNS flag values.
+
+ *payload*, an ``int``, is the EDNS sender's payload field, which is the
+ maximum size of UDP datagram the sender can handle. I.e. how big
+ a response to this message can be.
+
+ *request_payload*, an ``int``, is the EDNS payload size to use when
+ sending this message. If not specified, defaults to the value of
+ *payload*.
+
+ *options*, a list of ``dns.edns.Option`` objects or ``None``, the EDNS
+ options.
+
+ Returns a ``dns.message.Message``
+ """
+
+ if isinstance(qname, string_types):
+ qname = dns.name.from_text(qname)
+ if isinstance(rdtype, string_types):
+ rdtype = dns.rdatatype.from_text(rdtype)
+ if isinstance(rdclass, string_types):
+ rdclass = dns.rdataclass.from_text(rdclass)
+ m = Message()
+ m.flags |= dns.flags.RD
+ m.find_rrset(m.question, qname, rdclass, rdtype, create=True,
+ force_unique=True)
+ # only pass keywords on to use_edns if they have been set to a
+ # non-None value. Setting a field will turn EDNS on if it hasn't
+ # been configured.
+ kwargs = {}
+ if ednsflags is not None:
+ kwargs['ednsflags'] = ednsflags
+ if use_edns is None:
+ use_edns = 0
+ if payload is not None:
+ kwargs['payload'] = payload
+ if use_edns is None:
+ use_edns = 0
+ if request_payload is not None:
+ kwargs['request_payload'] = request_payload
+ if use_edns is None:
+ use_edns = 0
+ if options is not None:
+ kwargs['options'] = options
+ if use_edns is None:
+ use_edns = 0
+ kwargs['edns'] = use_edns
+ m.use_edns(**kwargs)
+ m.want_dnssec(want_dnssec)
+ return m
+
+
+def make_response(query, recursion_available=False, our_payload=8192,
+ fudge=300):
+ """Make a message which is a response for the specified query.
+ The message returned is really a response skeleton; it has all
+ of the infrastructure required of a response, but none of the
+ content.
+
+ The response's question section is a shallow copy of the query's
+ question section, so the query's question RRsets should not be
+ changed.
+
+ *query*, a ``dns.message.Message``, the query to respond to.
+
+ *recursion_available*, a ``bool``, should RA be set in the response?
+
+ *our_payload*, an ``int``, the payload size to advertise in EDNS
+ responses.
+
+ *fudge*, an ``int``, the TSIG time fudge.
+
+ Returns a ``dns.message.Message`` object.
+ """
+
+ if query.flags & dns.flags.QR:
+ raise dns.exception.FormError('specified query message is not a query')
+ response = dns.message.Message(query.id)
+ response.flags = dns.flags.QR | (query.flags & dns.flags.RD)
+ if recursion_available:
+ response.flags |= dns.flags.RA
+ response.set_opcode(query.opcode())
+ response.question = list(query.question)
+ if query.edns >= 0:
+ response.use_edns(0, 0, our_payload, query.payload)
+ if query.had_tsig:
+ response.use_tsig(query.keyring, query.keyname, fudge, None, 0, b'',
+ query.keyalgorithm)
+ response.request_mac = query.mac
+ return response
diff --git a/lib/dns/name.py b/lib/dns/name.py
new file mode 100644
index 00000000..0bcfd834
--- /dev/null
+++ b/lib/dns/name.py
@@ -0,0 +1,994 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2001-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS Names.
+"""
+
+from io import BytesIO
+import struct
+import sys
+import copy
+import encodings.idna
+try:
+ import idna
+ have_idna_2008 = True
+except ImportError:
+ have_idna_2008 = False
+
+import dns.exception
+import dns.wiredata
+
+from ._compat import long, binary_type, text_type, unichr, maybe_decode
+
+try:
+ maxint = sys.maxint # pylint: disable=sys-max-int
+except AttributeError:
+ maxint = (1 << (8 * struct.calcsize("P"))) // 2 - 1
+
+
+# fullcompare() result values
+
+#: The compared names have no relationship to each other.
+NAMERELN_NONE = 0
+#: the first name is a superdomain of the second.
+NAMERELN_SUPERDOMAIN = 1
+#: The first name is a subdomain of the second.
+NAMERELN_SUBDOMAIN = 2
+#: The compared names are equal.
+NAMERELN_EQUAL = 3
+#: The compared names have a common ancestor.
+NAMERELN_COMMONANCESTOR = 4
+
+
+class EmptyLabel(dns.exception.SyntaxError):
+ """A DNS label is empty."""
+
+
+class BadEscape(dns.exception.SyntaxError):
+ """An escaped code in a text format of DNS name is invalid."""
+
+
+class BadPointer(dns.exception.FormError):
+ """A DNS compression pointer points forward instead of backward."""
+
+
+class BadLabelType(dns.exception.FormError):
+ """The label type in DNS name wire format is unknown."""
+
+
+class NeedAbsoluteNameOrOrigin(dns.exception.DNSException):
+ """An attempt was made to convert a non-absolute name to
+ wire when there was also a non-absolute (or missing) origin."""
+
+
+class NameTooLong(dns.exception.FormError):
+ """A DNS name is > 255 octets long."""
+
+
+class LabelTooLong(dns.exception.SyntaxError):
+ """A DNS label is > 63 octets long."""
+
+
+class AbsoluteConcatenation(dns.exception.DNSException):
+ """An attempt was made to append anything other than the
+ empty name to an absolute DNS name."""
+
+
+class NoParent(dns.exception.DNSException):
+ """An attempt was made to get the parent of the root name
+ or the empty name."""
+
+class NoIDNA2008(dns.exception.DNSException):
+ """IDNA 2008 processing was requested but the idna module is not
+ available."""
+
+
+class IDNAException(dns.exception.DNSException):
+ """IDNA processing raised an exception."""
+
+ supp_kwargs = {'idna_exception'}
+ fmt = "IDNA processing exception: {idna_exception}"
+
+
+class IDNACodec(object):
+ """Abstract base class for IDNA encoder/decoders."""
+
+ def __init__(self):
+ pass
+
+ def encode(self, label):
+ raise NotImplementedError
+
+ def decode(self, label):
+ # We do not apply any IDNA policy on decode; we just
+ downcased = label.lower()
+ if downcased.startswith(b'xn--'):
+ try:
+ label = downcased[4:].decode('punycode')
+ except Exception as e:
+ raise IDNAException(idna_exception=e)
+ else:
+ label = maybe_decode(label)
+ return _escapify(label, True)
+
+
+class IDNA2003Codec(IDNACodec):
+ """IDNA 2003 encoder/decoder."""
+
+ def __init__(self, strict_decode=False):
+ """Initialize the IDNA 2003 encoder/decoder.
+
+ *strict_decode* is a ``bool``. If `True`, then IDNA2003 checking
+ is done when decoding. This can cause failures if the name
+ was encoded with IDNA2008. The default is `False`.
+ """
+
+ super(IDNA2003Codec, self).__init__()
+ self.strict_decode = strict_decode
+
+ def encode(self, label):
+ """Encode *label*."""
+
+ if label == '':
+ return b''
+ try:
+ return encodings.idna.ToASCII(label)
+ except UnicodeError:
+ raise LabelTooLong
+
+ def decode(self, label):
+ """Decode *label*."""
+ if not self.strict_decode:
+ return super(IDNA2003Codec, self).decode(label)
+ if label == b'':
+ return u''
+ try:
+ return _escapify(encodings.idna.ToUnicode(label), True)
+ except Exception as e:
+ raise IDNAException(idna_exception=e)
+
+
+class IDNA2008Codec(IDNACodec):
+ """IDNA 2008 encoder/decoder.
+
+ *uts_46* is a ``bool``. If True, apply Unicode IDNA
+ compatibility processing as described in Unicode Technical
+ Standard #46 (http://unicode.org/reports/tr46/).
+ If False, do not apply the mapping. The default is False.
+
+ *transitional* is a ``bool``: If True, use the
+ "transitional" mode described in Unicode Technical Standard
+ #46. The default is False.
+
+ *allow_pure_ascii* is a ``bool``. If True, then a label which
+ consists of only ASCII characters is allowed. This is less
+ strict than regular IDNA 2008, but is also necessary for mixed
+ names, e.g. a name with starting with "_sip._tcp." and ending
+ in an IDN suffix which would otherwise be disallowed. The
+ default is False.
+
+ *strict_decode* is a ``bool``: If True, then IDNA2008 checking
+ is done when decoding. This can cause failures if the name
+ was encoded with IDNA2003. The default is False.
+ """
+
+ def __init__(self, uts_46=False, transitional=False,
+ allow_pure_ascii=False, strict_decode=False):
+ """Initialize the IDNA 2008 encoder/decoder."""
+ super(IDNA2008Codec, self).__init__()
+ self.uts_46 = uts_46
+ self.transitional = transitional
+ self.allow_pure_ascii = allow_pure_ascii
+ self.strict_decode = strict_decode
+
+ def is_all_ascii(self, label):
+ for c in label:
+ if ord(c) > 0x7f:
+ return False
+ return True
+
+ def encode(self, label):
+ if label == '':
+ return b''
+ if self.allow_pure_ascii and self.is_all_ascii(label):
+ return label.encode('ascii')
+ if not have_idna_2008:
+ raise NoIDNA2008
+ try:
+ if self.uts_46:
+ label = idna.uts46_remap(label, False, self.transitional)
+ return idna.alabel(label)
+ except idna.IDNAError as e:
+ raise IDNAException(idna_exception=e)
+
+ def decode(self, label):
+ if not self.strict_decode:
+ return super(IDNA2008Codec, self).decode(label)
+ if label == b'':
+ return u''
+ if not have_idna_2008:
+ raise NoIDNA2008
+ try:
+ if self.uts_46:
+ label = idna.uts46_remap(label, False, False)
+ return _escapify(idna.ulabel(label), True)
+ except idna.IDNAError as e:
+ raise IDNAException(idna_exception=e)
+
+_escaped = bytearray(b'"().;\\@$')
+
+IDNA_2003_Practical = IDNA2003Codec(False)
+IDNA_2003_Strict = IDNA2003Codec(True)
+IDNA_2003 = IDNA_2003_Practical
+IDNA_2008_Practical = IDNA2008Codec(True, False, True, False)
+IDNA_2008_UTS_46 = IDNA2008Codec(True, False, False, False)
+IDNA_2008_Strict = IDNA2008Codec(False, False, False, True)
+IDNA_2008_Transitional = IDNA2008Codec(True, True, False, False)
+IDNA_2008 = IDNA_2008_Practical
+
+def _escapify(label, unicode_mode=False):
+ """Escape the characters in label which need it.
+ @param unicode_mode: escapify only special and whitespace (<= 0x20)
+ characters
+ @returns: the escaped string
+ @rtype: string"""
+ if not unicode_mode:
+ text = ''
+ if isinstance(label, text_type):
+ label = label.encode()
+ for c in bytearray(label):
+ if c in _escaped:
+ text += '\\' + chr(c)
+ elif c > 0x20 and c < 0x7F:
+ text += chr(c)
+ else:
+ text += '\\%03d' % c
+ return text.encode()
+
+ text = u''
+ if isinstance(label, binary_type):
+ label = label.decode()
+ for c in label:
+ if c > u'\x20' and c < u'\x7f':
+ text += c
+ else:
+ if c >= u'\x7f':
+ text += c
+ else:
+ text += u'\\%03d' % ord(c)
+ return text
+
+def _validate_labels(labels):
+ """Check for empty labels in the middle of a label sequence,
+ labels that are too long, and for too many labels.
+
+ Raises ``dns.name.NameTooLong`` if the name as a whole is too long.
+
+ Raises ``dns.name.EmptyLabel`` if a label is empty (i.e. the root
+ label) and appears in a position other than the end of the label
+ sequence
+
+ """
+
+ l = len(labels)
+ total = 0
+ i = -1
+ j = 0
+ for label in labels:
+ ll = len(label)
+ total += ll + 1
+ if ll > 63:
+ raise LabelTooLong
+ if i < 0 and label == b'':
+ i = j
+ j += 1
+ if total > 255:
+ raise NameTooLong
+ if i >= 0 and i != l - 1:
+ raise EmptyLabel
+
+
+def _maybe_convert_to_binary(label):
+ """If label is ``text``, convert it to ``binary``. If it is already
+ ``binary`` just return it.
+
+ """
+
+ if isinstance(label, binary_type):
+ return label
+ if isinstance(label, text_type):
+ return label.encode()
+ raise ValueError
+
+
+class Name(object):
+
+ """A DNS name.
+
+ The dns.name.Name class represents a DNS name as a tuple of
+ labels. Each label is a `binary` in DNS wire format. Instances
+ of the class are immutable.
+ """
+
+ __slots__ = ['labels']
+
+ def __init__(self, labels):
+ """*labels* is any iterable whose values are ``text`` or ``binary``.
+ """
+
+ labels = [_maybe_convert_to_binary(x) for x in labels]
+ super(Name, self).__setattr__('labels', tuple(labels))
+ _validate_labels(self.labels)
+
+ def __setattr__(self, name, value):
+ # Names are immutable
+ raise TypeError("object doesn't support attribute assignment")
+
+ def __copy__(self):
+ return Name(self.labels)
+
+ def __deepcopy__(self, memo):
+ return Name(copy.deepcopy(self.labels, memo))
+
+ def __getstate__(self):
+ # Names can be pickled
+ return {'labels': self.labels}
+
+ def __setstate__(self, state):
+ super(Name, self).__setattr__('labels', state['labels'])
+ _validate_labels(self.labels)
+
+ def is_absolute(self):
+ """Is the most significant label of this name the root label?
+
+ Returns a ``bool``.
+ """
+
+ return len(self.labels) > 0 and self.labels[-1] == b''
+
+ def is_wild(self):
+ """Is this name wild? (I.e. Is the least significant label '*'?)
+
+ Returns a ``bool``.
+ """
+
+ return len(self.labels) > 0 and self.labels[0] == b'*'
+
+ def __hash__(self):
+ """Return a case-insensitive hash of the name.
+
+ Returns an ``int``.
+ """
+
+ h = long(0)
+ for label in self.labels:
+ for c in bytearray(label.lower()):
+ h += (h << 3) + c
+ return int(h % maxint)
+
+ def fullcompare(self, other):
+ """Compare two names, returning a 3-tuple
+ ``(relation, order, nlabels)``.
+
+ *relation* describes the relation ship between the names,
+ and is one of: ``dns.name.NAMERELN_NONE``,
+ ``dns.name.NAMERELN_SUPERDOMAIN``, ``dns.name.NAMERELN_SUBDOMAIN``,
+ ``dns.name.NAMERELN_EQUAL``, or ``dns.name.NAMERELN_COMMONANCESTOR``.
+
+ *order* is < 0 if *self* < *other*, > 0 if *self* > *other*, and ==
+ 0 if *self* == *other*. A relative name is always less than an
+ absolute name. If both names have the same relativity, then
+ the DNSSEC order relation is used to order them.
+
+ *nlabels* is the number of significant labels that the two names
+ have in common.
+
+ Here are some examples. Names ending in "." are absolute names,
+ those not ending in "." are relative names.
+
+ ============= ============= =========== ===== =======
+ self other relation order nlabels
+ ============= ============= =========== ===== =======
+ www.example. www.example. equal 0 3
+ www.example. example. subdomain > 0 2
+ example. www.example. superdomain < 0 2
+ example1.com. example2.com. common anc. < 0 2
+ example1 example2. none < 0 0
+ example1. example2 none > 0 0
+ ============= ============= =========== ===== =======
+ """
+
+ sabs = self.is_absolute()
+ oabs = other.is_absolute()
+ if sabs != oabs:
+ if sabs:
+ return (NAMERELN_NONE, 1, 0)
+ else:
+ return (NAMERELN_NONE, -1, 0)
+ l1 = len(self.labels)
+ l2 = len(other.labels)
+ ldiff = l1 - l2
+ if ldiff < 0:
+ l = l1
+ else:
+ l = l2
+
+ order = 0
+ nlabels = 0
+ namereln = NAMERELN_NONE
+ while l > 0:
+ l -= 1
+ l1 -= 1
+ l2 -= 1
+ label1 = self.labels[l1].lower()
+ label2 = other.labels[l2].lower()
+ if label1 < label2:
+ order = -1
+ if nlabels > 0:
+ namereln = NAMERELN_COMMONANCESTOR
+ return (namereln, order, nlabels)
+ elif label1 > label2:
+ order = 1
+ if nlabels > 0:
+ namereln = NAMERELN_COMMONANCESTOR
+ return (namereln, order, nlabels)
+ nlabels += 1
+ order = ldiff
+ if ldiff < 0:
+ namereln = NAMERELN_SUPERDOMAIN
+ elif ldiff > 0:
+ namereln = NAMERELN_SUBDOMAIN
+ else:
+ namereln = NAMERELN_EQUAL
+ return (namereln, order, nlabels)
+
+ def is_subdomain(self, other):
+ """Is self a subdomain of other?
+
+ Note that the notion of subdomain includes equality, e.g.
+ "dnpython.org" is a subdomain of itself.
+
+ Returns a ``bool``.
+ """
+
+ (nr, o, nl) = self.fullcompare(other)
+ if nr == NAMERELN_SUBDOMAIN or nr == NAMERELN_EQUAL:
+ return True
+ return False
+
+ def is_superdomain(self, other):
+ """Is self a superdomain of other?
+
+ Note that the notion of superdomain includes equality, e.g.
+ "dnpython.org" is a superdomain of itself.
+
+ Returns a ``bool``.
+ """
+
+ (nr, o, nl) = self.fullcompare(other)
+ if nr == NAMERELN_SUPERDOMAIN or nr == NAMERELN_EQUAL:
+ return True
+ return False
+
+ def canonicalize(self):
+ """Return a name which is equal to the current name, but is in
+ DNSSEC canonical form.
+ """
+
+ return Name([x.lower() for x in self.labels])
+
+ def __eq__(self, other):
+ if isinstance(other, Name):
+ return self.fullcompare(other)[1] == 0
+ else:
+ return False
+
+ def __ne__(self, other):
+ if isinstance(other, Name):
+ return self.fullcompare(other)[1] != 0
+ else:
+ return True
+
+ def __lt__(self, other):
+ if isinstance(other, Name):
+ return self.fullcompare(other)[1] < 0
+ else:
+ return NotImplemented
+
+ def __le__(self, other):
+ if isinstance(other, Name):
+ return self.fullcompare(other)[1] <= 0
+ else:
+ return NotImplemented
+
+ def __ge__(self, other):
+ if isinstance(other, Name):
+ return self.fullcompare(other)[1] >= 0
+ else:
+ return NotImplemented
+
+ def __gt__(self, other):
+ if isinstance(other, Name):
+ return self.fullcompare(other)[1] > 0
+ else:
+ return NotImplemented
+
+ def __repr__(self):
+ return ''
+
+ def __str__(self):
+ return self.to_text(False)
+
+ def to_text(self, omit_final_dot=False):
+ """Convert name to DNS text format.
+
+ *omit_final_dot* is a ``bool``. If True, don't emit the final
+ dot (denoting the root label) for absolute names. The default
+ is False.
+
+ Returns a ``text``.
+ """
+
+ if len(self.labels) == 0:
+ return maybe_decode(b'@')
+ if len(self.labels) == 1 and self.labels[0] == b'':
+ return maybe_decode(b'.')
+ if omit_final_dot and self.is_absolute():
+ l = self.labels[:-1]
+ else:
+ l = self.labels
+ s = b'.'.join(map(_escapify, l))
+ return maybe_decode(s)
+
+ def to_unicode(self, omit_final_dot=False, idna_codec=None):
+ """Convert name to Unicode text format.
+
+ IDN ACE labels are converted to Unicode.
+
+ *omit_final_dot* is a ``bool``. If True, don't emit the final
+ dot (denoting the root label) for absolute names. The default
+ is False.
+ *idna_codec* specifies the IDNA encoder/decoder. If None, the
+ dns.name.IDNA_2003_Practical encoder/decoder is used.
+ The IDNA_2003_Practical decoder does
+ not impose any policy, it just decodes punycode, so if you
+ don't want checking for compliance, you can use this decoder
+ for IDNA2008 as well.
+
+ Returns a ``text``.
+ """
+
+ if len(self.labels) == 0:
+ return u'@'
+ if len(self.labels) == 1 and self.labels[0] == b'':
+ return u'.'
+ if omit_final_dot and self.is_absolute():
+ l = self.labels[:-1]
+ else:
+ l = self.labels
+ if idna_codec is None:
+ idna_codec = IDNA_2003_Practical
+ return u'.'.join([idna_codec.decode(x) for x in l])
+
+ def to_digestable(self, origin=None):
+ """Convert name to a format suitable for digesting in hashes.
+
+ The name is canonicalized and converted to uncompressed wire
+ format. All names in wire format are absolute. If the name
+ is a relative name, then an origin must be supplied.
+
+ *origin* is a ``dns.name.Name`` or ``None``. If the name is
+ relative and origin is not ``None``, then origin will be appended
+ to the name.
+
+ Raises ``dns.name.NeedAbsoluteNameOrOrigin`` if the name is
+ relative and no origin was provided.
+
+ Returns a ``binary``.
+ """
+
+ if not self.is_absolute():
+ if origin is None or not origin.is_absolute():
+ raise NeedAbsoluteNameOrOrigin
+ labels = list(self.labels)
+ labels.extend(list(origin.labels))
+ else:
+ labels = self.labels
+ dlabels = [struct.pack('!B%ds' % len(x), len(x), x.lower())
+ for x in labels]
+ return b''.join(dlabels)
+
+ def to_wire(self, file=None, compress=None, origin=None):
+ """Convert name to wire format, possibly compressing it.
+
+ *file* is the file where the name is emitted (typically a
+ BytesIO file). If ``None`` (the default), a ``binary``
+ containing the wire name will be returned.
+
+ *compress*, a ``dict``, is the compression table to use. If
+ ``None`` (the default), names will not be compressed.
+
+ *origin* is a ``dns.name.Name`` or ``None``. If the name is
+ relative and origin is not ``None``, then *origin* will be appended
+ to it.
+
+ Raises ``dns.name.NeedAbsoluteNameOrOrigin`` if the name is
+ relative and no origin was provided.
+
+ Returns a ``binary`` or ``None``.
+ """
+
+ if file is None:
+ file = BytesIO()
+ want_return = True
+ else:
+ want_return = False
+
+ if not self.is_absolute():
+ if origin is None or not origin.is_absolute():
+ raise NeedAbsoluteNameOrOrigin
+ labels = list(self.labels)
+ labels.extend(list(origin.labels))
+ else:
+ labels = self.labels
+ i = 0
+ for label in labels:
+ n = Name(labels[i:])
+ i += 1
+ if compress is not None:
+ pos = compress.get(n)
+ else:
+ pos = None
+ if pos is not None:
+ value = 0xc000 + pos
+ s = struct.pack('!H', value)
+ file.write(s)
+ break
+ else:
+ if compress is not None and len(n) > 1:
+ pos = file.tell()
+ if pos <= 0x3fff:
+ compress[n] = pos
+ l = len(label)
+ file.write(struct.pack('!B', l))
+ if l > 0:
+ file.write(label)
+ if want_return:
+ return file.getvalue()
+
+ def __len__(self):
+ """The length of the name (in labels).
+
+ Returns an ``int``.
+ """
+
+ return len(self.labels)
+
+ def __getitem__(self, index):
+ return self.labels[index]
+
+ def __add__(self, other):
+ return self.concatenate(other)
+
+ def __sub__(self, other):
+ return self.relativize(other)
+
+ def split(self, depth):
+ """Split a name into a prefix and suffix names at the specified depth.
+
+ *depth* is an ``int`` specifying the number of labels in the suffix
+
+ Raises ``ValueError`` if *depth* was not >= 0 and <= the length of the
+ name.
+
+ Returns the tuple ``(prefix, suffix)``.
+ """
+
+ l = len(self.labels)
+ if depth == 0:
+ return (self, dns.name.empty)
+ elif depth == l:
+ return (dns.name.empty, self)
+ elif depth < 0 or depth > l:
+ raise ValueError(
+ 'depth must be >= 0 and <= the length of the name')
+ return (Name(self[: -depth]), Name(self[-depth:]))
+
+ def concatenate(self, other):
+ """Return a new name which is the concatenation of self and other.
+
+ Raises ``dns.name.AbsoluteConcatenation`` if the name is
+ absolute and *other* is not the empty name.
+
+ Returns a ``dns.name.Name``.
+ """
+
+ if self.is_absolute() and len(other) > 0:
+ raise AbsoluteConcatenation
+ labels = list(self.labels)
+ labels.extend(list(other.labels))
+ return Name(labels)
+
+ def relativize(self, origin):
+ """If the name is a subdomain of *origin*, return a new name which is
+ the name relative to origin. Otherwise return the name.
+
+ For example, relativizing ``www.dnspython.org.`` to origin
+ ``dnspython.org.`` returns the name ``www``. Relativizing ``example.``
+ to origin ``dnspython.org.`` returns ``example.``.
+
+ Returns a ``dns.name.Name``.
+ """
+
+ if origin is not None and self.is_subdomain(origin):
+ return Name(self[: -len(origin)])
+ else:
+ return self
+
+ def derelativize(self, origin):
+ """If the name is a relative name, return a new name which is the
+ concatenation of the name and origin. Otherwise return the name.
+
+ For example, derelativizing ``www`` to origin ``dnspython.org.``
+ returns the name ``www.dnspython.org.``. Derelativizing ``example.``
+ to origin ``dnspython.org.`` returns ``example.``.
+
+ Returns a ``dns.name.Name``.
+ """
+
+ if not self.is_absolute():
+ return self.concatenate(origin)
+ else:
+ return self
+
+ def choose_relativity(self, origin=None, relativize=True):
+ """Return a name with the relativity desired by the caller.
+
+ If *origin* is ``None``, then the name is returned.
+ Otherwise, if *relativize* is ``True`` the name is
+ relativized, and if *relativize* is ``False`` the name is
+ derelativized.
+
+ Returns a ``dns.name.Name``.
+ """
+
+ if origin:
+ if relativize:
+ return self.relativize(origin)
+ else:
+ return self.derelativize(origin)
+ else:
+ return self
+
+ def parent(self):
+ """Return the parent of the name.
+
+ For example, the parent of ``www.dnspython.org.`` is ``dnspython.org``.
+
+ Raises ``dns.name.NoParent`` if the name is either the root name or the
+ empty name, and thus has no parent.
+
+ Returns a ``dns.name.Name``.
+ """
+
+ if self == root or self == empty:
+ raise NoParent
+ return Name(self.labels[1:])
+
+#: The root name, '.'
+root = Name([b''])
+
+#: The empty name.
+empty = Name([])
+
+def from_unicode(text, origin=root, idna_codec=None):
+ """Convert unicode text into a Name object.
+
+ Labels are encoded in IDN ACE form according to rules specified by
+ the IDNA codec.
+
+ *text*, a ``text``, is the text to convert into a name.
+
+ *origin*, a ``dns.name.Name``, specifies the origin to
+ append to non-absolute names. The default is the root name.
+
+ *idna_codec*, a ``dns.name.IDNACodec``, specifies the IDNA
+ encoder/decoder. If ``None``, the default IDNA 2003 encoder/decoder
+ is used.
+
+ Returns a ``dns.name.Name``.
+ """
+
+ if not isinstance(text, text_type):
+ raise ValueError("input to from_unicode() must be a unicode string")
+ if not (origin is None or isinstance(origin, Name)):
+ raise ValueError("origin must be a Name or None")
+ labels = []
+ label = u''
+ escaping = False
+ edigits = 0
+ total = 0
+ if idna_codec is None:
+ idna_codec = IDNA_2003
+ if text == u'@':
+ text = u''
+ if text:
+ if text == u'.':
+ return Name([b'']) # no Unicode "u" on this constant!
+ for c in text:
+ if escaping:
+ if edigits == 0:
+ if c.isdigit():
+ total = int(c)
+ edigits += 1
+ else:
+ label += c
+ escaping = False
+ else:
+ if not c.isdigit():
+ raise BadEscape
+ total *= 10
+ total += int(c)
+ edigits += 1
+ if edigits == 3:
+ escaping = False
+ label += unichr(total)
+ elif c in [u'.', u'\u3002', u'\uff0e', u'\uff61']:
+ if len(label) == 0:
+ raise EmptyLabel
+ labels.append(idna_codec.encode(label))
+ label = u''
+ elif c == u'\\':
+ escaping = True
+ edigits = 0
+ total = 0
+ else:
+ label += c
+ if escaping:
+ raise BadEscape
+ if len(label) > 0:
+ labels.append(idna_codec.encode(label))
+ else:
+ labels.append(b'')
+
+ if (len(labels) == 0 or labels[-1] != b'') and origin is not None:
+ labels.extend(list(origin.labels))
+ return Name(labels)
+
+
+def from_text(text, origin=root, idna_codec=None):
+ """Convert text into a Name object.
+
+ *text*, a ``text``, is the text to convert into a name.
+
+ *origin*, a ``dns.name.Name``, specifies the origin to
+ append to non-absolute names. The default is the root name.
+
+ *idna_codec*, a ``dns.name.IDNACodec``, specifies the IDNA
+ encoder/decoder. If ``None``, the default IDNA 2003 encoder/decoder
+ is used.
+
+ Returns a ``dns.name.Name``.
+ """
+
+ if isinstance(text, text_type):
+ return from_unicode(text, origin, idna_codec)
+ if not isinstance(text, binary_type):
+ raise ValueError("input to from_text() must be a string")
+ if not (origin is None or isinstance(origin, Name)):
+ raise ValueError("origin must be a Name or None")
+ labels = []
+ label = b''
+ escaping = False
+ edigits = 0
+ total = 0
+ if text == b'@':
+ text = b''
+ if text:
+ if text == b'.':
+ return Name([b''])
+ for c in bytearray(text):
+ byte_ = struct.pack('!B', c)
+ if escaping:
+ if edigits == 0:
+ if byte_.isdigit():
+ total = int(byte_)
+ edigits += 1
+ else:
+ label += byte_
+ escaping = False
+ else:
+ if not byte_.isdigit():
+ raise BadEscape
+ total *= 10
+ total += int(byte_)
+ edigits += 1
+ if edigits == 3:
+ escaping = False
+ label += struct.pack('!B', total)
+ elif byte_ == b'.':
+ if len(label) == 0:
+ raise EmptyLabel
+ labels.append(label)
+ label = b''
+ elif byte_ == b'\\':
+ escaping = True
+ edigits = 0
+ total = 0
+ else:
+ label += byte_
+ if escaping:
+ raise BadEscape
+ if len(label) > 0:
+ labels.append(label)
+ else:
+ labels.append(b'')
+ if (len(labels) == 0 or labels[-1] != b'') and origin is not None:
+ labels.extend(list(origin.labels))
+ return Name(labels)
+
+
+def from_wire(message, current):
+ """Convert possibly compressed wire format into a Name.
+
+ *message* is a ``binary`` containing an entire DNS message in DNS
+ wire form.
+
+ *current*, an ``int``, is the offset of the beginning of the name
+ from the start of the message
+
+ Raises ``dns.name.BadPointer`` if a compression pointer did not
+ point backwards in the message.
+
+ Raises ``dns.name.BadLabelType`` if an invalid label type was encountered.
+
+ Returns a ``(dns.name.Name, int)`` tuple consisting of the name
+ that was read and the number of bytes of the wire format message
+ which were consumed reading it.
+ """
+
+ if not isinstance(message, binary_type):
+ raise ValueError("input to from_wire() must be a byte string")
+ message = dns.wiredata.maybe_wrap(message)
+ labels = []
+ biggest_pointer = current
+ hops = 0
+ count = message[current]
+ current += 1
+ cused = 1
+ while count != 0:
+ if count < 64:
+ labels.append(message[current: current + count].unwrap())
+ current += count
+ if hops == 0:
+ cused += count
+ elif count >= 192:
+ current = (count & 0x3f) * 256 + message[current]
+ if hops == 0:
+ cused += 1
+ if current >= biggest_pointer:
+ raise BadPointer
+ biggest_pointer = current
+ hops += 1
+ else:
+ raise BadLabelType
+ count = message[current]
+ current += 1
+ if hops == 0:
+ cused += 1
+ labels.append('')
+ return (Name(labels), cused)
diff --git a/lib/dns/namedict.py b/lib/dns/namedict.py
new file mode 100644
index 00000000..37a13104
--- /dev/null
+++ b/lib/dns/namedict.py
@@ -0,0 +1,108 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2017 Nominum, Inc.
+# Copyright (C) 2016 Coresec Systems AB
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND CORESEC SYSTEMS AB DISCLAIMS ALL
+# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL CORESEC
+# SYSTEMS AB BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
+# CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
+# OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS name dictionary"""
+
+import collections
+import dns.name
+from ._compat import xrange
+
+
+class NameDict(collections.MutableMapping):
+ """A dictionary whose keys are dns.name.Name objects.
+
+ In addition to being like a regular Python dictionary, this
+ dictionary can also get the deepest match for a given key.
+ """
+
+ __slots__ = ["max_depth", "max_depth_items", "__store"]
+
+ def __init__(self, *args, **kwargs):
+ super(NameDict, self).__init__()
+ self.__store = dict()
+ #: the maximum depth of the keys that have ever been added
+ self.max_depth = 0
+ #: the number of items of maximum depth
+ self.max_depth_items = 0
+ self.update(dict(*args, **kwargs))
+
+ def __update_max_depth(self, key):
+ if len(key) == self.max_depth:
+ self.max_depth_items = self.max_depth_items + 1
+ elif len(key) > self.max_depth:
+ self.max_depth = len(key)
+ self.max_depth_items = 1
+
+ def __getitem__(self, key):
+ return self.__store[key]
+
+ def __setitem__(self, key, value):
+ if not isinstance(key, dns.name.Name):
+ raise ValueError('NameDict key must be a name')
+ self.__store[key] = value
+ self.__update_max_depth(key)
+
+ def __delitem__(self, key):
+ value = self.__store.pop(key)
+ if len(value) == self.max_depth:
+ self.max_depth_items = self.max_depth_items - 1
+ if self.max_depth_items == 0:
+ self.max_depth = 0
+ for k in self.__store:
+ self.__update_max_depth(k)
+
+ def __iter__(self):
+ return iter(self.__store)
+
+ def __len__(self):
+ return len(self.__store)
+
+ def has_key(self, key):
+ return key in self.__store
+
+ def get_deepest_match(self, name):
+ """Find the deepest match to *fname* in the dictionary.
+
+ The deepest match is the longest name in the dictionary which is
+ a superdomain of *name*. Note that *superdomain* includes matching
+ *name* itself.
+
+ *name*, a ``dns.name.Name``, the name to find.
+
+ Returns a ``(key, value)`` where *key* is the deepest
+ ``dns.name.Name``, and *value* is the value associated with *key*.
+ """
+
+ depth = len(name)
+ if depth > self.max_depth:
+ depth = self.max_depth
+ for i in xrange(-depth, 0):
+ n = dns.name.Name(name[i:])
+ if n in self:
+ return (n, self[n])
+ v = self[dns.name.empty]
+ return (dns.name.empty, v)
diff --git a/lib/dns/node.py b/lib/dns/node.py
new file mode 100644
index 00000000..8a7f19f5
--- /dev/null
+++ b/lib/dns/node.py
@@ -0,0 +1,182 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2001-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS nodes. A node is a set of rdatasets."""
+
+from io import StringIO
+
+import dns.rdataset
+import dns.rdatatype
+import dns.renderer
+
+
+class Node(object):
+
+ """A Node is a set of rdatasets."""
+
+ __slots__ = ['rdatasets']
+
+ def __init__(self):
+ #: the set of rdatsets, represented as a list.
+ self.rdatasets = []
+
+ def to_text(self, name, **kw):
+ """Convert a node to text format.
+
+ Each rdataset at the node is printed. Any keyword arguments
+ to this method are passed on to the rdataset's to_text() method.
+
+ *name*, a ``dns.name.Name`` or ``text``, the owner name of the rdatasets.
+
+ Returns a ``text``.
+ """
+
+ s = StringIO()
+ for rds in self.rdatasets:
+ if len(rds) > 0:
+ s.write(rds.to_text(name, **kw))
+ s.write(u'\n')
+ return s.getvalue()[:-1]
+
+ def __repr__(self):
+ return ''
+
+ def __eq__(self, other):
+ #
+ # This is inefficient. Good thing we don't need to do it much.
+ #
+ for rd in self.rdatasets:
+ if rd not in other.rdatasets:
+ return False
+ for rd in other.rdatasets:
+ if rd not in self.rdatasets:
+ return False
+ return True
+
+ def __ne__(self, other):
+ return not self.__eq__(other)
+
+ def __len__(self):
+ return len(self.rdatasets)
+
+ def __iter__(self):
+ return iter(self.rdatasets)
+
+ def find_rdataset(self, rdclass, rdtype, covers=dns.rdatatype.NONE,
+ create=False):
+ """Find an rdataset matching the specified properties in the
+ current node.
+
+ *rdclass*, an ``int``, the class of the rdataset.
+
+ *rdtype*, an ``int``, the type of the rdataset.
+
+ *covers*, an ``int``, the covered type. Usually this value is
+ dns.rdatatype.NONE, but if the rdtype is dns.rdatatype.SIG or
+ dns.rdatatype.RRSIG, then the covers value will be the rdata
+ type the SIG/RRSIG covers. The library treats the SIG and RRSIG
+ types as if they were a family of
+ types, e.g. RRSIG(A), RRSIG(NS), RRSIG(SOA). This makes RRSIGs much
+ easier to work with than if RRSIGs covering different rdata
+ types were aggregated into a single RRSIG rdataset.
+
+ *create*, a ``bool``. If True, create the rdataset if it is not found.
+
+ Raises ``KeyError`` if an rdataset of the desired type and class does
+ not exist and *create* is not ``True``.
+
+ Returns a ``dns.rdataset.Rdataset``.
+ """
+
+ for rds in self.rdatasets:
+ if rds.match(rdclass, rdtype, covers):
+ return rds
+ if not create:
+ raise KeyError
+ rds = dns.rdataset.Rdataset(rdclass, rdtype)
+ self.rdatasets.append(rds)
+ return rds
+
+ def get_rdataset(self, rdclass, rdtype, covers=dns.rdatatype.NONE,
+ create=False):
+ """Get an rdataset matching the specified properties in the
+ current node.
+
+ None is returned if an rdataset of the specified type and
+ class does not exist and *create* is not ``True``.
+
+ *rdclass*, an ``int``, the class of the rdataset.
+
+ *rdtype*, an ``int``, the type of the rdataset.
+
+ *covers*, an ``int``, the covered type. Usually this value is
+ dns.rdatatype.NONE, but if the rdtype is dns.rdatatype.SIG or
+ dns.rdatatype.RRSIG, then the covers value will be the rdata
+ type the SIG/RRSIG covers. The library treats the SIG and RRSIG
+ types as if they were a family of
+ types, e.g. RRSIG(A), RRSIG(NS), RRSIG(SOA). This makes RRSIGs much
+ easier to work with than if RRSIGs covering different rdata
+ types were aggregated into a single RRSIG rdataset.
+
+ *create*, a ``bool``. If True, create the rdataset if it is not found.
+
+ Returns a ``dns.rdataset.Rdataset`` or ``None``.
+ """
+
+ try:
+ rds = self.find_rdataset(rdclass, rdtype, covers, create)
+ except KeyError:
+ rds = None
+ return rds
+
+ def delete_rdataset(self, rdclass, rdtype, covers=dns.rdatatype.NONE):
+ """Delete the rdataset matching the specified properties in the
+ current node.
+
+ If a matching rdataset does not exist, it is not an error.
+
+ *rdclass*, an ``int``, the class of the rdataset.
+
+ *rdtype*, an ``int``, the type of the rdataset.
+
+ *covers*, an ``int``, the covered type.
+ """
+
+ rds = self.get_rdataset(rdclass, rdtype, covers)
+ if rds is not None:
+ self.rdatasets.remove(rds)
+
+ def replace_rdataset(self, replacement):
+ """Replace an rdataset.
+
+ It is not an error if there is no rdataset matching *replacement*.
+
+ Ownership of the *replacement* object is transferred to the node;
+ in other words, this method does not store a copy of *replacement*
+ at the node, it stores *replacement* itself.
+
+ *replacement*, a ``dns.rdataset.Rdataset``.
+
+ Raises ``ValueError`` if *replacement* is not a
+ ``dns.rdataset.Rdataset``.
+ """
+
+ if not isinstance(replacement, dns.rdataset.Rdataset):
+ raise ValueError('replacement is not an rdataset')
+ self.delete_rdataset(replacement.rdclass, replacement.rdtype,
+ replacement.covers)
+ self.rdatasets.append(replacement)
diff --git a/lib/dns/opcode.py b/lib/dns/opcode.py
new file mode 100644
index 00000000..c0735ba4
--- /dev/null
+++ b/lib/dns/opcode.py
@@ -0,0 +1,119 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2001-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS Opcodes."""
+
+import dns.exception
+
+#: Query
+QUERY = 0
+#: Inverse Query (historical)
+IQUERY = 1
+#: Server Status (unspecified and unimplemented anywhere)
+STATUS = 2
+#: Notify
+NOTIFY = 4
+#: Dynamic Update
+UPDATE = 5
+
+_by_text = {
+ 'QUERY': QUERY,
+ 'IQUERY': IQUERY,
+ 'STATUS': STATUS,
+ 'NOTIFY': NOTIFY,
+ 'UPDATE': UPDATE
+}
+
+# We construct the inverse mapping programmatically to ensure that we
+# cannot make any mistakes (e.g. omissions, cut-and-paste errors) that
+# would cause the mapping not to be true inverse.
+
+_by_value = {y: x for x, y in _by_text.items()}
+
+
+class UnknownOpcode(dns.exception.DNSException):
+ """An DNS opcode is unknown."""
+
+
+def from_text(text):
+ """Convert text into an opcode.
+
+ *text*, a ``text``, the textual opcode
+
+ Raises ``dns.opcode.UnknownOpcode`` if the opcode is unknown.
+
+ Returns an ``int``.
+ """
+
+ if text.isdigit():
+ value = int(text)
+ if value >= 0 and value <= 15:
+ return value
+ value = _by_text.get(text.upper())
+ if value is None:
+ raise UnknownOpcode
+ return value
+
+
+def from_flags(flags):
+ """Extract an opcode from DNS message flags.
+
+ *flags*, an ``int``, the DNS flags.
+
+ Returns an ``int``.
+ """
+
+ return (flags & 0x7800) >> 11
+
+
+def to_flags(value):
+ """Convert an opcode to a value suitable for ORing into DNS message
+ flags.
+
+ *value*, an ``int``, the DNS opcode value.
+
+ Returns an ``int``.
+ """
+
+ return (value << 11) & 0x7800
+
+
+def to_text(value):
+ """Convert an opcode to text.
+
+ *value*, an ``int`` the opcode value,
+
+ Raises ``dns.opcode.UnknownOpcode`` if the opcode is unknown.
+
+ Returns a ``text``.
+ """
+
+ text = _by_value.get(value)
+ if text is None:
+ text = str(value)
+ return text
+
+
+def is_update(flags):
+ """Is the opcode in flags UPDATE?
+
+ *flags*, an ``int``, the DNS message flags.
+
+ Returns a ``bool``.
+ """
+
+ return from_flags(flags) == UPDATE
diff --git a/lib/dns/py.typed b/lib/dns/py.typed
new file mode 100644
index 00000000..e69de29b
diff --git a/lib/dns/query.py b/lib/dns/query.py
new file mode 100644
index 00000000..c0c517cc
--- /dev/null
+++ b/lib/dns/query.py
@@ -0,0 +1,683 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""Talk to a DNS server."""
+
+from __future__ import generators
+
+import errno
+import select
+import socket
+import struct
+import sys
+import time
+
+import dns.exception
+import dns.inet
+import dns.name
+import dns.message
+import dns.rcode
+import dns.rdataclass
+import dns.rdatatype
+from ._compat import long, string_types, PY3
+
+if PY3:
+ select_error = OSError
+else:
+ select_error = select.error
+
+# Function used to create a socket. Can be overridden if needed in special
+# situations.
+socket_factory = socket.socket
+
+class UnexpectedSource(dns.exception.DNSException):
+ """A DNS query response came from an unexpected address or port."""
+
+
+class BadResponse(dns.exception.FormError):
+ """A DNS query response does not respond to the question asked."""
+
+
+class TransferError(dns.exception.DNSException):
+ """A zone transfer response got a non-zero rcode."""
+
+ def __init__(self, rcode):
+ message = 'Zone transfer error: %s' % dns.rcode.to_text(rcode)
+ super(TransferError, self).__init__(message)
+ self.rcode = rcode
+
+
+def _compute_expiration(timeout):
+ if timeout is None:
+ return None
+ else:
+ return time.time() + timeout
+
+# This module can use either poll() or select() as the "polling backend".
+#
+# A backend function takes an fd, bools for readability, writablity, and
+# error detection, and a timeout.
+
+def _poll_for(fd, readable, writable, error, timeout):
+ """Poll polling backend."""
+
+ event_mask = 0
+ if readable:
+ event_mask |= select.POLLIN
+ if writable:
+ event_mask |= select.POLLOUT
+ if error:
+ event_mask |= select.POLLERR
+
+ pollable = select.poll()
+ pollable.register(fd, event_mask)
+
+ if timeout:
+ event_list = pollable.poll(long(timeout * 1000))
+ else:
+ event_list = pollable.poll()
+
+ return bool(event_list)
+
+
+def _select_for(fd, readable, writable, error, timeout):
+ """Select polling backend."""
+
+ rset, wset, xset = [], [], []
+
+ if readable:
+ rset = [fd]
+ if writable:
+ wset = [fd]
+ if error:
+ xset = [fd]
+
+ if timeout is None:
+ (rcount, wcount, xcount) = select.select(rset, wset, xset)
+ else:
+ (rcount, wcount, xcount) = select.select(rset, wset, xset, timeout)
+
+ return bool((rcount or wcount or xcount))
+
+
+def _wait_for(fd, readable, writable, error, expiration):
+ # Use the selected polling backend to wait for any of the specified
+ # events. An "expiration" absolute time is converted into a relative
+ # timeout.
+
+ done = False
+ while not done:
+ if expiration is None:
+ timeout = None
+ else:
+ timeout = expiration - time.time()
+ if timeout <= 0.0:
+ raise dns.exception.Timeout
+ try:
+ if not _polling_backend(fd, readable, writable, error, timeout):
+ raise dns.exception.Timeout
+ except select_error as e:
+ if e.args[0] != errno.EINTR:
+ raise e
+ done = True
+
+
+def _set_polling_backend(fn):
+ # Internal API. Do not use.
+
+ global _polling_backend
+
+ _polling_backend = fn
+
+if hasattr(select, 'poll'):
+ # Prefer poll() on platforms that support it because it has no
+ # limits on the maximum value of a file descriptor (plus it will
+ # be more efficient for high values).
+ _polling_backend = _poll_for
+else:
+ _polling_backend = _select_for
+
+
+def _wait_for_readable(s, expiration):
+ _wait_for(s, True, False, True, expiration)
+
+
+def _wait_for_writable(s, expiration):
+ _wait_for(s, False, True, True, expiration)
+
+
+def _addresses_equal(af, a1, a2):
+ # Convert the first value of the tuple, which is a textual format
+ # address into binary form, so that we are not confused by different
+ # textual representations of the same address
+ try:
+ n1 = dns.inet.inet_pton(af, a1[0])
+ n2 = dns.inet.inet_pton(af, a2[0])
+ except dns.exception.SyntaxError:
+ return False
+ return n1 == n2 and a1[1:] == a2[1:]
+
+
+def _destination_and_source(af, where, port, source, source_port):
+ # Apply defaults and compute destination and source tuples
+ # suitable for use in connect(), sendto(), or bind().
+ if af is None:
+ try:
+ af = dns.inet.af_for_address(where)
+ except Exception:
+ af = dns.inet.AF_INET
+ if af == dns.inet.AF_INET:
+ destination = (where, port)
+ if source is not None or source_port != 0:
+ if source is None:
+ source = '0.0.0.0'
+ source = (source, source_port)
+ elif af == dns.inet.AF_INET6:
+ destination = (where, port, 0, 0)
+ if source is not None or source_port != 0:
+ if source is None:
+ source = '::'
+ source = (source, source_port, 0, 0)
+ return (af, destination, source)
+
+
+def send_udp(sock, what, destination, expiration=None):
+ """Send a DNS message to the specified UDP socket.
+
+ *sock*, a ``socket``.
+
+ *what*, a ``binary`` or ``dns.message.Message``, the message to send.
+
+ *destination*, a destination tuple appropriate for the address family
+ of the socket, specifying where to send the query.
+
+ *expiration*, a ``float`` or ``None``, the absolute time at which
+ a timeout exception should be raised. If ``None``, no timeout will
+ occur.
+
+ Returns an ``(int, float)`` tuple of bytes sent and the sent time.
+ """
+
+ if isinstance(what, dns.message.Message):
+ what = what.to_wire()
+ _wait_for_writable(sock, expiration)
+ sent_time = time.time()
+ n = sock.sendto(what, destination)
+ return (n, sent_time)
+
+
+def receive_udp(sock, destination, expiration=None,
+ ignore_unexpected=False, one_rr_per_rrset=False,
+ keyring=None, request_mac=b'', ignore_trailing=False):
+ """Read a DNS message from a UDP socket.
+
+ *sock*, a ``socket``.
+
+ *destination*, a destination tuple appropriate for the address family
+ of the socket, specifying where the associated query was sent.
+
+ *expiration*, a ``float`` or ``None``, the absolute time at which
+ a timeout exception should be raised. If ``None``, no timeout will
+ occur.
+
+ *ignore_unexpected*, a ``bool``. If ``True``, ignore responses from
+ unexpected sources.
+
+ *one_rr_per_rrset*, a ``bool``. If ``True``, put each RR into its own
+ RRset.
+
+ *keyring*, a ``dict``, the keyring to use for TSIG.
+
+ *request_mac*, a ``binary``, the MAC of the request (for TSIG).
+
+ *ignore_trailing*, a ``bool``. If ``True``, ignore trailing
+ junk at end of the received message.
+
+ Raises if the message is malformed, if network errors occur, of if
+ there is a timeout.
+
+ Returns a ``dns.message.Message`` object.
+ """
+
+ wire = b''
+ while 1:
+ _wait_for_readable(sock, expiration)
+ (wire, from_address) = sock.recvfrom(65535)
+ if _addresses_equal(sock.family, from_address, destination) or \
+ (dns.inet.is_multicast(destination[0]) and
+ from_address[1:] == destination[1:]):
+ break
+ if not ignore_unexpected:
+ raise UnexpectedSource('got a response from '
+ '%s instead of %s' % (from_address,
+ destination))
+ received_time = time.time()
+ r = dns.message.from_wire(wire, keyring=keyring, request_mac=request_mac,
+ one_rr_per_rrset=one_rr_per_rrset,
+ ignore_trailing=ignore_trailing)
+ return (r, received_time)
+
+def udp(q, where, timeout=None, port=53, af=None, source=None, source_port=0,
+ ignore_unexpected=False, one_rr_per_rrset=False, ignore_trailing=False):
+ """Return the response obtained after sending a query via UDP.
+
+ *q*, a ``dns.message.Message``, the query to send
+
+ *where*, a ``text`` containing an IPv4 or IPv6 address, where
+ to send the message.
+
+ *timeout*, a ``float`` or ``None``, the number of seconds to wait before the
+ query times out. If ``None``, the default, wait forever.
+
+ *port*, an ``int``, the port send the message to. The default is 53.
+
+ *af*, an ``int``, the address family to use. The default is ``None``,
+ which causes the address family to use to be inferred from the form of
+ *where*. If the inference attempt fails, AF_INET is used. This
+ parameter is historical; you need never set it.
+
+ *source*, a ``text`` containing an IPv4 or IPv6 address, specifying
+ the source address. The default is the wildcard address.
+
+ *source_port*, an ``int``, the port from which to send the message.
+ The default is 0.
+
+ *ignore_unexpected*, a ``bool``. If ``True``, ignore responses from
+ unexpected sources.
+
+ *one_rr_per_rrset*, a ``bool``. If ``True``, put each RR into its own
+ RRset.
+
+ *ignore_trailing*, a ``bool``. If ``True``, ignore trailing
+ junk at end of the received message.
+
+ Returns a ``dns.message.Message``.
+ """
+
+ wire = q.to_wire()
+ (af, destination, source) = _destination_and_source(af, where, port,
+ source, source_port)
+ s = socket_factory(af, socket.SOCK_DGRAM, 0)
+ received_time = None
+ sent_time = None
+ try:
+ expiration = _compute_expiration(timeout)
+ s.setblocking(0)
+ if source is not None:
+ s.bind(source)
+ (_, sent_time) = send_udp(s, wire, destination, expiration)
+ (r, received_time) = receive_udp(s, destination, expiration,
+ ignore_unexpected, one_rr_per_rrset,
+ q.keyring, q.mac, ignore_trailing)
+ finally:
+ if sent_time is None or received_time is None:
+ response_time = 0
+ else:
+ response_time = received_time - sent_time
+ s.close()
+ r.time = response_time
+ if not q.is_response(r):
+ raise BadResponse
+ return r
+
+
+def _net_read(sock, count, expiration):
+ """Read the specified number of bytes from sock. Keep trying until we
+ either get the desired amount, or we hit EOF.
+ A Timeout exception will be raised if the operation is not completed
+ by the expiration time.
+ """
+ s = b''
+ while count > 0:
+ _wait_for_readable(sock, expiration)
+ n = sock.recv(count)
+ if n == b'':
+ raise EOFError
+ count = count - len(n)
+ s = s + n
+ return s
+
+
+def _net_write(sock, data, expiration):
+ """Write the specified data to the socket.
+ A Timeout exception will be raised if the operation is not completed
+ by the expiration time.
+ """
+ current = 0
+ l = len(data)
+ while current < l:
+ _wait_for_writable(sock, expiration)
+ current += sock.send(data[current:])
+
+
+def send_tcp(sock, what, expiration=None):
+ """Send a DNS message to the specified TCP socket.
+
+ *sock*, a ``socket``.
+
+ *what*, a ``binary`` or ``dns.message.Message``, the message to send.
+
+ *expiration*, a ``float`` or ``None``, the absolute time at which
+ a timeout exception should be raised. If ``None``, no timeout will
+ occur.
+
+ Returns an ``(int, float)`` tuple of bytes sent and the sent time.
+ """
+
+ if isinstance(what, dns.message.Message):
+ what = what.to_wire()
+ l = len(what)
+ # copying the wire into tcpmsg is inefficient, but lets us
+ # avoid writev() or doing a short write that would get pushed
+ # onto the net
+ tcpmsg = struct.pack("!H", l) + what
+ _wait_for_writable(sock, expiration)
+ sent_time = time.time()
+ _net_write(sock, tcpmsg, expiration)
+ return (len(tcpmsg), sent_time)
+
+def receive_tcp(sock, expiration=None, one_rr_per_rrset=False,
+ keyring=None, request_mac=b'', ignore_trailing=False):
+ """Read a DNS message from a TCP socket.
+
+ *sock*, a ``socket``.
+
+ *expiration*, a ``float`` or ``None``, the absolute time at which
+ a timeout exception should be raised. If ``None``, no timeout will
+ occur.
+
+ *one_rr_per_rrset*, a ``bool``. If ``True``, put each RR into its own
+ RRset.
+
+ *keyring*, a ``dict``, the keyring to use for TSIG.
+
+ *request_mac*, a ``binary``, the MAC of the request (for TSIG).
+
+ *ignore_trailing*, a ``bool``. If ``True``, ignore trailing
+ junk at end of the received message.
+
+ Raises if the message is malformed, if network errors occur, of if
+ there is a timeout.
+
+ Returns a ``dns.message.Message`` object.
+ """
+
+ ldata = _net_read(sock, 2, expiration)
+ (l,) = struct.unpack("!H", ldata)
+ wire = _net_read(sock, l, expiration)
+ received_time = time.time()
+ r = dns.message.from_wire(wire, keyring=keyring, request_mac=request_mac,
+ one_rr_per_rrset=one_rr_per_rrset,
+ ignore_trailing=ignore_trailing)
+ return (r, received_time)
+
+def _connect(s, address):
+ try:
+ s.connect(address)
+ except socket.error:
+ (ty, v) = sys.exc_info()[:2]
+
+ if hasattr(v, 'errno'):
+ v_err = v.errno
+ else:
+ v_err = v[0]
+ if v_err not in [errno.EINPROGRESS, errno.EWOULDBLOCK, errno.EALREADY]:
+ raise v
+
+
+def tcp(q, where, timeout=None, port=53, af=None, source=None, source_port=0,
+ one_rr_per_rrset=False, ignore_trailing=False):
+ """Return the response obtained after sending a query via TCP.
+
+ *q*, a ``dns.message.Message``, the query to send
+
+ *where*, a ``text`` containing an IPv4 or IPv6 address, where
+ to send the message.
+
+ *timeout*, a ``float`` or ``None``, the number of seconds to wait before the
+ query times out. If ``None``, the default, wait forever.
+
+ *port*, an ``int``, the port send the message to. The default is 53.
+
+ *af*, an ``int``, the address family to use. The default is ``None``,
+ which causes the address family to use to be inferred from the form of
+ *where*. If the inference attempt fails, AF_INET is used. This
+ parameter is historical; you need never set it.
+
+ *source*, a ``text`` containing an IPv4 or IPv6 address, specifying
+ the source address. The default is the wildcard address.
+
+ *source_port*, an ``int``, the port from which to send the message.
+ The default is 0.
+
+ *one_rr_per_rrset*, a ``bool``. If ``True``, put each RR into its own
+ RRset.
+
+ *ignore_trailing*, a ``bool``. If ``True``, ignore trailing
+ junk at end of the received message.
+
+ Returns a ``dns.message.Message``.
+ """
+
+ wire = q.to_wire()
+ (af, destination, source) = _destination_and_source(af, where, port,
+ source, source_port)
+ s = socket_factory(af, socket.SOCK_STREAM, 0)
+ begin_time = None
+ received_time = None
+ try:
+ expiration = _compute_expiration(timeout)
+ s.setblocking(0)
+ begin_time = time.time()
+ if source is not None:
+ s.bind(source)
+ _connect(s, destination)
+ send_tcp(s, wire, expiration)
+ (r, received_time) = receive_tcp(s, expiration, one_rr_per_rrset,
+ q.keyring, q.mac, ignore_trailing)
+ finally:
+ if begin_time is None or received_time is None:
+ response_time = 0
+ else:
+ response_time = received_time - begin_time
+ s.close()
+ r.time = response_time
+ if not q.is_response(r):
+ raise BadResponse
+ return r
+
+
+def xfr(where, zone, rdtype=dns.rdatatype.AXFR, rdclass=dns.rdataclass.IN,
+ timeout=None, port=53, keyring=None, keyname=None, relativize=True,
+ af=None, lifetime=None, source=None, source_port=0, serial=0,
+ use_udp=False, keyalgorithm=dns.tsig.default_algorithm):
+ """Return a generator for the responses to a zone transfer.
+
+ *where*. If the inference attempt fails, AF_INET is used. This
+ parameter is historical; you need never set it.
+
+ *zone*, a ``dns.name.Name`` or ``text``, the name of the zone to transfer.
+
+ *rdtype*, an ``int`` or ``text``, the type of zone transfer. The
+ default is ``dns.rdatatype.AXFR``. ``dns.rdatatype.IXFR`` can be
+ used to do an incremental transfer instead.
+
+ *rdclass*, an ``int`` or ``text``, the class of the zone transfer.
+ The default is ``dns.rdataclass.IN``.
+
+ *timeout*, a ``float``, the number of seconds to wait for each
+ response message. If None, the default, wait forever.
+
+ *port*, an ``int``, the port send the message to. The default is 53.
+
+ *keyring*, a ``dict``, the keyring to use for TSIG.
+
+ *keyname*, a ``dns.name.Name`` or ``text``, the name of the TSIG
+ key to use.
+
+ *relativize*, a ``bool``. If ``True``, all names in the zone will be
+ relativized to the zone origin. It is essential that the
+ relativize setting matches the one specified to
+ ``dns.zone.from_xfr()`` if using this generator to make a zone.
+
+ *af*, an ``int``, the address family to use. The default is ``None``,
+ which causes the address family to use to be inferred from the form of
+ *where*. If the inference attempt fails, AF_INET is used. This
+ parameter is historical; you need never set it.
+
+ *lifetime*, a ``float``, the total number of seconds to spend
+ doing the transfer. If ``None``, the default, then there is no
+ limit on the time the transfer may take.
+
+ *source*, a ``text`` containing an IPv4 or IPv6 address, specifying
+ the source address. The default is the wildcard address.
+
+ *source_port*, an ``int``, the port from which to send the message.
+ The default is 0.
+
+ *serial*, an ``int``, the SOA serial number to use as the base for
+ an IXFR diff sequence (only meaningful if *rdtype* is
+ ``dns.rdatatype.IXFR``).
+
+ *use_udp*, a ``bool``. If ``True``, use UDP (only meaningful for IXFR).
+
+ *keyalgorithm*, a ``dns.name.Name`` or ``text``, the TSIG algorithm to use.
+
+ Raises on errors, and so does the generator.
+
+ Returns a generator of ``dns.message.Message`` objects.
+ """
+
+ if isinstance(zone, string_types):
+ zone = dns.name.from_text(zone)
+ if isinstance(rdtype, string_types):
+ rdtype = dns.rdatatype.from_text(rdtype)
+ q = dns.message.make_query(zone, rdtype, rdclass)
+ if rdtype == dns.rdatatype.IXFR:
+ rrset = dns.rrset.from_text(zone, 0, 'IN', 'SOA',
+ '. . %u 0 0 0 0' % serial)
+ q.authority.append(rrset)
+ if keyring is not None:
+ q.use_tsig(keyring, keyname, algorithm=keyalgorithm)
+ wire = q.to_wire()
+ (af, destination, source) = _destination_and_source(af, where, port,
+ source, source_port)
+ if use_udp:
+ if rdtype != dns.rdatatype.IXFR:
+ raise ValueError('cannot do a UDP AXFR')
+ s = socket_factory(af, socket.SOCK_DGRAM, 0)
+ else:
+ s = socket_factory(af, socket.SOCK_STREAM, 0)
+ s.setblocking(0)
+ if source is not None:
+ s.bind(source)
+ expiration = _compute_expiration(lifetime)
+ _connect(s, destination)
+ l = len(wire)
+ if use_udp:
+ _wait_for_writable(s, expiration)
+ s.send(wire)
+ else:
+ tcpmsg = struct.pack("!H", l) + wire
+ _net_write(s, tcpmsg, expiration)
+ done = False
+ delete_mode = True
+ expecting_SOA = False
+ soa_rrset = None
+ if relativize:
+ origin = zone
+ oname = dns.name.empty
+ else:
+ origin = None
+ oname = zone
+ tsig_ctx = None
+ first = True
+ while not done:
+ mexpiration = _compute_expiration(timeout)
+ if mexpiration is None or mexpiration > expiration:
+ mexpiration = expiration
+ if use_udp:
+ _wait_for_readable(s, expiration)
+ (wire, from_address) = s.recvfrom(65535)
+ else:
+ ldata = _net_read(s, 2, mexpiration)
+ (l,) = struct.unpack("!H", ldata)
+ wire = _net_read(s, l, mexpiration)
+ is_ixfr = (rdtype == dns.rdatatype.IXFR)
+ r = dns.message.from_wire(wire, keyring=q.keyring, request_mac=q.mac,
+ xfr=True, origin=origin, tsig_ctx=tsig_ctx,
+ multi=True, first=first,
+ one_rr_per_rrset=is_ixfr)
+ rcode = r.rcode()
+ if rcode != dns.rcode.NOERROR:
+ raise TransferError(rcode)
+ tsig_ctx = r.tsig_ctx
+ first = False
+ answer_index = 0
+ if soa_rrset is None:
+ if not r.answer or r.answer[0].name != oname:
+ raise dns.exception.FormError(
+ "No answer or RRset not for qname")
+ rrset = r.answer[0]
+ if rrset.rdtype != dns.rdatatype.SOA:
+ raise dns.exception.FormError("first RRset is not an SOA")
+ answer_index = 1
+ soa_rrset = rrset.copy()
+ if rdtype == dns.rdatatype.IXFR:
+ if soa_rrset[0].serial <= serial:
+ #
+ # We're already up-to-date.
+ #
+ done = True
+ else:
+ expecting_SOA = True
+ #
+ # Process SOAs in the answer section (other than the initial
+ # SOA in the first message).
+ #
+ for rrset in r.answer[answer_index:]:
+ if done:
+ raise dns.exception.FormError("answers after final SOA")
+ if rrset.rdtype == dns.rdatatype.SOA and rrset.name == oname:
+ if expecting_SOA:
+ if rrset[0].serial != serial:
+ raise dns.exception.FormError(
+ "IXFR base serial mismatch")
+ expecting_SOA = False
+ elif rdtype == dns.rdatatype.IXFR:
+ delete_mode = not delete_mode
+ #
+ # If this SOA RRset is equal to the first we saw then we're
+ # finished. If this is an IXFR we also check that we're seeing
+ # the record in the expected part of the response.
+ #
+ if rrset == soa_rrset and \
+ (rdtype == dns.rdatatype.AXFR or
+ (rdtype == dns.rdatatype.IXFR and delete_mode)):
+ done = True
+ elif expecting_SOA:
+ #
+ # We made an IXFR request and are expecting another
+ # SOA RR, but saw something else, so this must be an
+ # AXFR response.
+ #
+ rdtype = dns.rdatatype.AXFR
+ expecting_SOA = False
+ if done and q.keyring and not r.had_tsig:
+ raise dns.exception.FormError("missing TSIG")
+ yield r
+ s.close()
diff --git a/lib/dns/rcode.py b/lib/dns/rcode.py
new file mode 100644
index 00000000..5191e1b1
--- /dev/null
+++ b/lib/dns/rcode.py
@@ -0,0 +1,144 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2001-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS Result Codes."""
+
+import dns.exception
+from ._compat import long
+
+#: No error
+NOERROR = 0
+#: Form error
+FORMERR = 1
+#: Server failure
+SERVFAIL = 2
+#: Name does not exist ("Name Error" in RFC 1025 terminology).
+NXDOMAIN = 3
+#: Not implemented
+NOTIMP = 4
+#: Refused
+REFUSED = 5
+#: Name exists.
+YXDOMAIN = 6
+#: RRset exists.
+YXRRSET = 7
+#: RRset does not exist.
+NXRRSET = 8
+#: Not authoritative.
+NOTAUTH = 9
+#: Name not in zone.
+NOTZONE = 10
+#: Bad EDNS version.
+BADVERS = 16
+
+_by_text = {
+ 'NOERROR': NOERROR,
+ 'FORMERR': FORMERR,
+ 'SERVFAIL': SERVFAIL,
+ 'NXDOMAIN': NXDOMAIN,
+ 'NOTIMP': NOTIMP,
+ 'REFUSED': REFUSED,
+ 'YXDOMAIN': YXDOMAIN,
+ 'YXRRSET': YXRRSET,
+ 'NXRRSET': NXRRSET,
+ 'NOTAUTH': NOTAUTH,
+ 'NOTZONE': NOTZONE,
+ 'BADVERS': BADVERS
+}
+
+# We construct the inverse mapping programmatically to ensure that we
+# cannot make any mistakes (e.g. omissions, cut-and-paste errors) that
+# would cause the mapping not to be a true inverse.
+
+_by_value = {y: x for x, y in _by_text.items()}
+
+
+class UnknownRcode(dns.exception.DNSException):
+ """A DNS rcode is unknown."""
+
+
+def from_text(text):
+ """Convert text into an rcode.
+
+ *text*, a ``text``, the textual rcode or an integer in textual form.
+
+ Raises ``dns.rcode.UnknownRcode`` if the rcode mnemonic is unknown.
+
+ Returns an ``int``.
+ """
+
+ if text.isdigit():
+ v = int(text)
+ if v >= 0 and v <= 4095:
+ return v
+ v = _by_text.get(text.upper())
+ if v is None:
+ raise UnknownRcode
+ return v
+
+
+def from_flags(flags, ednsflags):
+ """Return the rcode value encoded by flags and ednsflags.
+
+ *flags*, an ``int``, the DNS flags field.
+
+ *ednsflags*, an ``int``, the EDNS flags field.
+
+ Raises ``ValueError`` if rcode is < 0 or > 4095
+
+ Returns an ``int``.
+ """
+
+ value = (flags & 0x000f) | ((ednsflags >> 20) & 0xff0)
+ if value < 0 or value > 4095:
+ raise ValueError('rcode must be >= 0 and <= 4095')
+ return value
+
+
+def to_flags(value):
+ """Return a (flags, ednsflags) tuple which encodes the rcode.
+
+ *value*, an ``int``, the rcode.
+
+ Raises ``ValueError`` if rcode is < 0 or > 4095.
+
+ Returns an ``(int, int)`` tuple.
+ """
+
+ if value < 0 or value > 4095:
+ raise ValueError('rcode must be >= 0 and <= 4095')
+ v = value & 0xf
+ ev = long(value & 0xff0) << 20
+ return (v, ev)
+
+
+def to_text(value):
+ """Convert rcode into text.
+
+ *value*, and ``int``, the rcode.
+
+ Raises ``ValueError`` if rcode is < 0 or > 4095.
+
+ Returns a ``text``.
+ """
+
+ if value < 0 or value > 4095:
+ raise ValueError('rcode must be >= 0 and <= 4095')
+ text = _by_value.get(value)
+ if text is None:
+ text = str(value)
+ return text
diff --git a/lib/dns/rdata.py b/lib/dns/rdata.py
new file mode 100644
index 00000000..ea1971dc
--- /dev/null
+++ b/lib/dns/rdata.py
@@ -0,0 +1,456 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2001-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS rdata."""
+
+from io import BytesIO
+import base64
+import binascii
+
+import dns.exception
+import dns.name
+import dns.rdataclass
+import dns.rdatatype
+import dns.tokenizer
+import dns.wiredata
+from ._compat import xrange, string_types, text_type
+
+try:
+ import threading as _threading
+except ImportError:
+ import dummy_threading as _threading
+
+_hex_chunksize = 32
+
+
+def _hexify(data, chunksize=_hex_chunksize):
+ """Convert a binary string into its hex encoding, broken up into chunks
+ of chunksize characters separated by a space.
+ """
+
+ line = binascii.hexlify(data)
+ return b' '.join([line[i:i + chunksize]
+ for i
+ in range(0, len(line), chunksize)]).decode()
+
+_base64_chunksize = 32
+
+
+def _base64ify(data, chunksize=_base64_chunksize):
+ """Convert a binary string into its base64 encoding, broken up into chunks
+ of chunksize characters separated by a space.
+ """
+
+ line = base64.b64encode(data)
+ return b' '.join([line[i:i + chunksize]
+ for i
+ in range(0, len(line), chunksize)]).decode()
+
+__escaped = bytearray(b'"\\')
+
+def _escapify(qstring):
+ """Escape the characters in a quoted string which need it."""
+
+ if isinstance(qstring, text_type):
+ qstring = qstring.encode()
+ if not isinstance(qstring, bytearray):
+ qstring = bytearray(qstring)
+
+ text = ''
+ for c in qstring:
+ if c in __escaped:
+ text += '\\' + chr(c)
+ elif c >= 0x20 and c < 0x7F:
+ text += chr(c)
+ else:
+ text += '\\%03d' % c
+ return text
+
+
+def _truncate_bitmap(what):
+ """Determine the index of greatest byte that isn't all zeros, and
+ return the bitmap that contains all the bytes less than that index.
+ """
+
+ for i in xrange(len(what) - 1, -1, -1):
+ if what[i] != 0:
+ return what[0: i + 1]
+ return what[0:1]
+
+
+class Rdata(object):
+ """Base class for all DNS rdata types."""
+
+ __slots__ = ['rdclass', 'rdtype']
+
+ def __init__(self, rdclass, rdtype):
+ """Initialize an rdata.
+
+ *rdclass*, an ``int`` is the rdataclass of the Rdata.
+ *rdtype*, an ``int`` is the rdatatype of the Rdata.
+ """
+
+ self.rdclass = rdclass
+ self.rdtype = rdtype
+
+ def covers(self):
+ """Return the type a Rdata covers.
+
+ DNS SIG/RRSIG rdatas apply to a specific type; this type is
+ returned by the covers() function. If the rdata type is not
+ SIG or RRSIG, dns.rdatatype.NONE is returned. This is useful when
+ creating rdatasets, allowing the rdataset to contain only RRSIGs
+ of a particular type, e.g. RRSIG(NS).
+
+ Returns an ``int``.
+ """
+
+ return dns.rdatatype.NONE
+
+ def extended_rdatatype(self):
+ """Return a 32-bit type value, the least significant 16 bits of
+ which are the ordinary DNS type, and the upper 16 bits of which are
+ the "covered" type, if any.
+
+ Returns an ``int``.
+ """
+
+ return self.covers() << 16 | self.rdtype
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ """Convert an rdata to text format.
+
+ Returns a ``text``.
+ """
+
+ raise NotImplementedError
+
+ def to_wire(self, file, compress=None, origin=None):
+ """Convert an rdata to wire format.
+
+ Returns a ``binary``.
+ """
+
+ raise NotImplementedError
+
+ def to_digestable(self, origin=None):
+ """Convert rdata to a format suitable for digesting in hashes. This
+ is also the DNSSEC canonical form.
+
+ Returns a ``binary``.
+ """
+
+ f = BytesIO()
+ self.to_wire(f, None, origin)
+ return f.getvalue()
+
+ def validate(self):
+ """Check that the current contents of the rdata's fields are
+ valid.
+
+ If you change an rdata by assigning to its fields,
+ it is a good idea to call validate() when you are done making
+ changes.
+
+ Raises various exceptions if there are problems.
+
+ Returns ``None``.
+ """
+
+ dns.rdata.from_text(self.rdclass, self.rdtype, self.to_text())
+
+ def __repr__(self):
+ covers = self.covers()
+ if covers == dns.rdatatype.NONE:
+ ctext = ''
+ else:
+ ctext = '(' + dns.rdatatype.to_text(covers) + ')'
+ return ''
+
+ def __str__(self):
+ return self.to_text()
+
+ def _cmp(self, other):
+ """Compare an rdata with another rdata of the same rdtype and
+ rdclass.
+
+ Return < 0 if self < other in the DNSSEC ordering, 0 if self
+ == other, and > 0 if self > other.
+
+ """
+ our = self.to_digestable(dns.name.root)
+ their = other.to_digestable(dns.name.root)
+ if our == their:
+ return 0
+ elif our > their:
+ return 1
+ else:
+ return -1
+
+ def __eq__(self, other):
+ if not isinstance(other, Rdata):
+ return False
+ if self.rdclass != other.rdclass or self.rdtype != other.rdtype:
+ return False
+ return self._cmp(other) == 0
+
+ def __ne__(self, other):
+ if not isinstance(other, Rdata):
+ return True
+ if self.rdclass != other.rdclass or self.rdtype != other.rdtype:
+ return True
+ return self._cmp(other) != 0
+
+ def __lt__(self, other):
+ if not isinstance(other, Rdata) or \
+ self.rdclass != other.rdclass or self.rdtype != other.rdtype:
+
+ return NotImplemented
+ return self._cmp(other) < 0
+
+ def __le__(self, other):
+ if not isinstance(other, Rdata) or \
+ self.rdclass != other.rdclass or self.rdtype != other.rdtype:
+ return NotImplemented
+ return self._cmp(other) <= 0
+
+ def __ge__(self, other):
+ if not isinstance(other, Rdata) or \
+ self.rdclass != other.rdclass or self.rdtype != other.rdtype:
+ return NotImplemented
+ return self._cmp(other) >= 0
+
+ def __gt__(self, other):
+ if not isinstance(other, Rdata) or \
+ self.rdclass != other.rdclass or self.rdtype != other.rdtype:
+ return NotImplemented
+ return self._cmp(other) > 0
+
+ def __hash__(self):
+ return hash(self.to_digestable(dns.name.root))
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ raise NotImplementedError
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ raise NotImplementedError
+
+ def choose_relativity(self, origin=None, relativize=True):
+ """Convert any domain names in the rdata to the specified
+ relativization.
+ """
+
+class GenericRdata(Rdata):
+
+ """Generic Rdata Class
+
+ This class is used for rdata types for which we have no better
+ implementation. It implements the DNS "unknown RRs" scheme.
+ """
+
+ __slots__ = ['data']
+
+ def __init__(self, rdclass, rdtype, data):
+ super(GenericRdata, self).__init__(rdclass, rdtype)
+ self.data = data
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return r'\# %d ' % len(self.data) + _hexify(self.data)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ token = tok.get()
+ if not token.is_identifier() or token.value != r'\#':
+ raise dns.exception.SyntaxError(
+ r'generic rdata does not start with \#')
+ length = tok.get_int()
+ chunks = []
+ while 1:
+ token = tok.get()
+ if token.is_eol_or_eof():
+ break
+ chunks.append(token.value.encode())
+ hex = b''.join(chunks)
+ data = binascii.unhexlify(hex)
+ if len(data) != length:
+ raise dns.exception.SyntaxError(
+ 'generic rdata hex data has wrong length')
+ return cls(rdclass, rdtype, data)
+
+ def to_wire(self, file, compress=None, origin=None):
+ file.write(self.data)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ return cls(rdclass, rdtype, wire[current: current + rdlen])
+
+_rdata_modules = {}
+_module_prefix = 'dns.rdtypes'
+_import_lock = _threading.Lock()
+
+def get_rdata_class(rdclass, rdtype):
+
+ def import_module(name):
+ with _import_lock:
+ mod = __import__(name)
+ components = name.split('.')
+ for comp in components[1:]:
+ mod = getattr(mod, comp)
+ return mod
+
+ mod = _rdata_modules.get((rdclass, rdtype))
+ rdclass_text = dns.rdataclass.to_text(rdclass)
+ rdtype_text = dns.rdatatype.to_text(rdtype)
+ rdtype_text = rdtype_text.replace('-', '_')
+ if not mod:
+ mod = _rdata_modules.get((dns.rdatatype.ANY, rdtype))
+ if not mod:
+ try:
+ mod = import_module('.'.join([_module_prefix,
+ rdclass_text, rdtype_text]))
+ _rdata_modules[(rdclass, rdtype)] = mod
+ except ImportError:
+ try:
+ mod = import_module('.'.join([_module_prefix,
+ 'ANY', rdtype_text]))
+ _rdata_modules[(dns.rdataclass.ANY, rdtype)] = mod
+ except ImportError:
+ mod = None
+ if mod:
+ cls = getattr(mod, rdtype_text)
+ else:
+ cls = GenericRdata
+ return cls
+
+
+def from_text(rdclass, rdtype, tok, origin=None, relativize=True):
+ """Build an rdata object from text format.
+
+ This function attempts to dynamically load a class which
+ implements the specified rdata class and type. If there is no
+ class-and-type-specific implementation, the GenericRdata class
+ is used.
+
+ Once a class is chosen, its from_text() class method is called
+ with the parameters to this function.
+
+ If *tok* is a ``text``, then a tokenizer is created and the string
+ is used as its input.
+
+ *rdclass*, an ``int``, the rdataclass.
+
+ *rdtype*, an ``int``, the rdatatype.
+
+ *tok*, a ``dns.tokenizer.Tokenizer`` or a ``text``.
+
+ *origin*, a ``dns.name.Name`` (or ``None``), the
+ origin to use for relative names.
+
+ *relativize*, a ``bool``. If true, name will be relativized to
+ the specified origin.
+
+ Returns an instance of the chosen Rdata subclass.
+ """
+
+ if isinstance(tok, string_types):
+ tok = dns.tokenizer.Tokenizer(tok)
+ cls = get_rdata_class(rdclass, rdtype)
+ if cls != GenericRdata:
+ # peek at first token
+ token = tok.get()
+ tok.unget(token)
+ if token.is_identifier() and \
+ token.value == r'\#':
+ #
+ # Known type using the generic syntax. Extract the
+ # wire form from the generic syntax, and then run
+ # from_wire on it.
+ #
+ rdata = GenericRdata.from_text(rdclass, rdtype, tok, origin,
+ relativize)
+ return from_wire(rdclass, rdtype, rdata.data, 0, len(rdata.data),
+ origin)
+ return cls.from_text(rdclass, rdtype, tok, origin, relativize)
+
+
+def from_wire(rdclass, rdtype, wire, current, rdlen, origin=None):
+ """Build an rdata object from wire format
+
+ This function attempts to dynamically load a class which
+ implements the specified rdata class and type. If there is no
+ class-and-type-specific implementation, the GenericRdata class
+ is used.
+
+ Once a class is chosen, its from_wire() class method is called
+ with the parameters to this function.
+
+ *rdclass*, an ``int``, the rdataclass.
+
+ *rdtype*, an ``int``, the rdatatype.
+
+ *wire*, a ``binary``, the wire-format message.
+
+ *current*, an ``int``, the offset in wire of the beginning of
+ the rdata.
+
+ *rdlen*, an ``int``, the length of the wire-format rdata
+
+ *origin*, a ``dns.name.Name`` (or ``None``). If not ``None``,
+ then names will be relativized to this origin.
+
+ Returns an instance of the chosen Rdata subclass.
+ """
+
+ wire = dns.wiredata.maybe_wrap(wire)
+ cls = get_rdata_class(rdclass, rdtype)
+ return cls.from_wire(rdclass, rdtype, wire, current, rdlen, origin)
+
+
+class RdatatypeExists(dns.exception.DNSException):
+ """DNS rdatatype already exists."""
+ supp_kwargs = {'rdclass', 'rdtype'}
+ fmt = "The rdata type with class {rdclass} and rdtype {rdtype} " + \
+ "already exists."
+
+
+def register_type(implementation, rdtype, rdtype_text, is_singleton=False,
+ rdclass=dns.rdataclass.IN):
+ """Dynamically register a module to handle an rdatatype.
+
+ *implementation*, a module implementing the type in the usual dnspython
+ way.
+
+ *rdtype*, an ``int``, the rdatatype to register.
+
+ *rdtype_text*, a ``text``, the textual form of the rdatatype.
+
+ *is_singleton*, a ``bool``, indicating if the type is a singleton (i.e.
+ RRsets of the type can have only one member.)
+
+ *rdclass*, the rdataclass of the type, or ``dns.rdataclass.ANY`` if
+ it applies to all classes.
+ """
+
+ existing_cls = get_rdata_class(rdclass, rdtype)
+ if existing_cls != GenericRdata:
+ raise RdatatypeExists(rdclass=rdclass, rdtype=rdtype)
+ _rdata_modules[(rdclass, rdtype)] = implementation
+ dns.rdatatype.register_type(rdtype, rdtype_text, is_singleton)
diff --git a/lib/dns/rdataclass.py b/lib/dns/rdataclass.py
new file mode 100644
index 00000000..b88aa85b
--- /dev/null
+++ b/lib/dns/rdataclass.py
@@ -0,0 +1,122 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2001-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS Rdata Classes."""
+
+import re
+
+import dns.exception
+
+RESERVED0 = 0
+IN = 1
+CH = 3
+HS = 4
+NONE = 254
+ANY = 255
+
+_by_text = {
+ 'RESERVED0': RESERVED0,
+ 'IN': IN,
+ 'CH': CH,
+ 'HS': HS,
+ 'NONE': NONE,
+ 'ANY': ANY
+}
+
+# We construct the inverse mapping programmatically to ensure that we
+# cannot make any mistakes (e.g. omissions, cut-and-paste errors) that
+# would cause the mapping not to be true inverse.
+
+_by_value = {y: x for x, y in _by_text.items()}
+
+# Now that we've built the inverse map, we can add class aliases to
+# the _by_text mapping.
+
+_by_text.update({
+ 'INTERNET': IN,
+ 'CHAOS': CH,
+ 'HESIOD': HS
+})
+
+_metaclasses = {
+ NONE: True,
+ ANY: True
+}
+
+_unknown_class_pattern = re.compile('CLASS([0-9]+)$', re.I)
+
+
+class UnknownRdataclass(dns.exception.DNSException):
+ """A DNS class is unknown."""
+
+
+def from_text(text):
+ """Convert text into a DNS rdata class value.
+
+ The input text can be a defined DNS RR class mnemonic or
+ instance of the DNS generic class syntax.
+
+ For example, "IN" and "CLASS1" will both result in a value of 1.
+
+ Raises ``dns.rdatatype.UnknownRdataclass`` if the class is unknown.
+
+ Raises ``ValueError`` if the rdata class value is not >= 0 and <= 65535.
+
+ Returns an ``int``.
+ """
+
+ value = _by_text.get(text.upper())
+ if value is None:
+ match = _unknown_class_pattern.match(text)
+ if match is None:
+ raise UnknownRdataclass
+ value = int(match.group(1))
+ if value < 0 or value > 65535:
+ raise ValueError("class must be between >= 0 and <= 65535")
+ return value
+
+
+def to_text(value):
+ """Convert a DNS rdata type value to text.
+
+ If the value has a known mnemonic, it will be used, otherwise the
+ DNS generic class syntax will be used.
+
+ Raises ``ValueError`` if the rdata class value is not >= 0 and <= 65535.
+
+ Returns a ``str``.
+ """
+
+ if value < 0 or value > 65535:
+ raise ValueError("class must be between >= 0 and <= 65535")
+ text = _by_value.get(value)
+ if text is None:
+ text = 'CLASS' + repr(value)
+ return text
+
+
+def is_metaclass(rdclass):
+ """True if the specified class is a metaclass.
+
+ The currently defined metaclasses are ANY and NONE.
+
+ *rdclass* is an ``int``.
+ """
+
+ if rdclass in _metaclasses:
+ return True
+ return False
diff --git a/lib/dns/rdataset.py b/lib/dns/rdataset.py
new file mode 100644
index 00000000..f1afe241
--- /dev/null
+++ b/lib/dns/rdataset.py
@@ -0,0 +1,347 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2001-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS rdatasets (an rdataset is a set of rdatas of a given type and class)"""
+
+import random
+from io import StringIO
+import struct
+
+import dns.exception
+import dns.rdatatype
+import dns.rdataclass
+import dns.rdata
+import dns.set
+from ._compat import string_types
+
+# define SimpleSet here for backwards compatibility
+SimpleSet = dns.set.Set
+
+
+class DifferingCovers(dns.exception.DNSException):
+ """An attempt was made to add a DNS SIG/RRSIG whose covered type
+ is not the same as that of the other rdatas in the rdataset."""
+
+
+class IncompatibleTypes(dns.exception.DNSException):
+ """An attempt was made to add DNS RR data of an incompatible type."""
+
+
+class Rdataset(dns.set.Set):
+
+ """A DNS rdataset."""
+
+ __slots__ = ['rdclass', 'rdtype', 'covers', 'ttl']
+
+ def __init__(self, rdclass, rdtype, covers=dns.rdatatype.NONE, ttl=0):
+ """Create a new rdataset of the specified class and type.
+
+ *rdclass*, an ``int``, the rdataclass.
+
+ *rdtype*, an ``int``, the rdatatype.
+
+ *covers*, an ``int``, the covered rdatatype.
+
+ *ttl*, an ``int``, the TTL.
+ """
+
+ super(Rdataset, self).__init__()
+ self.rdclass = rdclass
+ self.rdtype = rdtype
+ self.covers = covers
+ self.ttl = ttl
+
+ def _clone(self):
+ obj = super(Rdataset, self)._clone()
+ obj.rdclass = self.rdclass
+ obj.rdtype = self.rdtype
+ obj.covers = self.covers
+ obj.ttl = self.ttl
+ return obj
+
+ def update_ttl(self, ttl):
+ """Perform TTL minimization.
+
+ Set the TTL of the rdataset to be the lesser of the set's current
+ TTL or the specified TTL. If the set contains no rdatas, set the TTL
+ to the specified TTL.
+
+ *ttl*, an ``int``.
+ """
+
+ if len(self) == 0:
+ self.ttl = ttl
+ elif ttl < self.ttl:
+ self.ttl = ttl
+
+ def add(self, rd, ttl=None):
+ """Add the specified rdata to the rdataset.
+
+ If the optional *ttl* parameter is supplied, then
+ ``self.update_ttl(ttl)`` will be called prior to adding the rdata.
+
+ *rd*, a ``dns.rdata.Rdata``, the rdata
+
+ *ttl*, an ``int``, the TTL.
+
+ Raises ``dns.rdataset.IncompatibleTypes`` if the type and class
+ do not match the type and class of the rdataset.
+
+ Raises ``dns.rdataset.DifferingCovers`` if the type is a signature
+ type and the covered type does not match that of the rdataset.
+ """
+
+ #
+ # If we're adding a signature, do some special handling to
+ # check that the signature covers the same type as the
+ # other rdatas in this rdataset. If this is the first rdata
+ # in the set, initialize the covers field.
+ #
+ if self.rdclass != rd.rdclass or self.rdtype != rd.rdtype:
+ raise IncompatibleTypes
+ if ttl is not None:
+ self.update_ttl(ttl)
+ if self.rdtype == dns.rdatatype.RRSIG or \
+ self.rdtype == dns.rdatatype.SIG:
+ covers = rd.covers()
+ if len(self) == 0 and self.covers == dns.rdatatype.NONE:
+ self.covers = covers
+ elif self.covers != covers:
+ raise DifferingCovers
+ if dns.rdatatype.is_singleton(rd.rdtype) and len(self) > 0:
+ self.clear()
+ super(Rdataset, self).add(rd)
+
+ def union_update(self, other):
+ self.update_ttl(other.ttl)
+ super(Rdataset, self).union_update(other)
+
+ def intersection_update(self, other):
+ self.update_ttl(other.ttl)
+ super(Rdataset, self).intersection_update(other)
+
+ def update(self, other):
+ """Add all rdatas in other to self.
+
+ *other*, a ``dns.rdataset.Rdataset``, the rdataset from which
+ to update.
+ """
+
+ self.update_ttl(other.ttl)
+ super(Rdataset, self).update(other)
+
+ def __repr__(self):
+ if self.covers == 0:
+ ctext = ''
+ else:
+ ctext = '(' + dns.rdatatype.to_text(self.covers) + ')'
+ return ''
+
+ def __str__(self):
+ return self.to_text()
+
+ def __eq__(self, other):
+ if not isinstance(other, Rdataset):
+ return False
+ if self.rdclass != other.rdclass or \
+ self.rdtype != other.rdtype or \
+ self.covers != other.covers:
+ return False
+ return super(Rdataset, self).__eq__(other)
+
+ def __ne__(self, other):
+ return not self.__eq__(other)
+
+ def to_text(self, name=None, origin=None, relativize=True,
+ override_rdclass=None, **kw):
+ """Convert the rdataset into DNS master file format.
+
+ See ``dns.name.Name.choose_relativity`` for more information
+ on how *origin* and *relativize* determine the way names
+ are emitted.
+
+ Any additional keyword arguments are passed on to the rdata
+ ``to_text()`` method.
+
+ *name*, a ``dns.name.Name``. If name is not ``None``, emit RRs with
+ *name* as the owner name.
+
+ *origin*, a ``dns.name.Name`` or ``None``, the origin for relative
+ names.
+
+ *relativize*, a ``bool``. If ``True``, names will be relativized
+ to *origin*.
+ """
+
+ if name is not None:
+ name = name.choose_relativity(origin, relativize)
+ ntext = str(name)
+ pad = ' '
+ else:
+ ntext = ''
+ pad = ''
+ s = StringIO()
+ if override_rdclass is not None:
+ rdclass = override_rdclass
+ else:
+ rdclass = self.rdclass
+ if len(self) == 0:
+ #
+ # Empty rdatasets are used for the question section, and in
+ # some dynamic updates, so we don't need to print out the TTL
+ # (which is meaningless anyway).
+ #
+ s.write(u'{}{}{} {}\n'.format(ntext, pad,
+ dns.rdataclass.to_text(rdclass),
+ dns.rdatatype.to_text(self.rdtype)))
+ else:
+ for rd in self:
+ s.write(u'%s%s%d %s %s %s\n' %
+ (ntext, pad, self.ttl, dns.rdataclass.to_text(rdclass),
+ dns.rdatatype.to_text(self.rdtype),
+ rd.to_text(origin=origin, relativize=relativize,
+ **kw)))
+ #
+ # We strip off the final \n for the caller's convenience in printing
+ #
+ return s.getvalue()[:-1]
+
+ def to_wire(self, name, file, compress=None, origin=None,
+ override_rdclass=None, want_shuffle=True):
+ """Convert the rdataset to wire format.
+
+ *name*, a ``dns.name.Name`` is the owner name to use.
+
+ *file* is the file where the name is emitted (typically a
+ BytesIO file).
+
+ *compress*, a ``dict``, is the compression table to use. If
+ ``None`` (the default), names will not be compressed.
+
+ *origin* is a ``dns.name.Name`` or ``None``. If the name is
+ relative and origin is not ``None``, then *origin* will be appended
+ to it.
+
+ *override_rdclass*, an ``int``, is used as the class instead of the
+ class of the rdataset. This is useful when rendering rdatasets
+ associated with dynamic updates.
+
+ *want_shuffle*, a ``bool``. If ``True``, then the order of the
+ Rdatas within the Rdataset will be shuffled before rendering.
+
+ Returns an ``int``, the number of records emitted.
+ """
+
+ if override_rdclass is not None:
+ rdclass = override_rdclass
+ want_shuffle = False
+ else:
+ rdclass = self.rdclass
+ file.seek(0, 2)
+ if len(self) == 0:
+ name.to_wire(file, compress, origin)
+ stuff = struct.pack("!HHIH", self.rdtype, rdclass, 0, 0)
+ file.write(stuff)
+ return 1
+ else:
+ if want_shuffle:
+ l = list(self)
+ random.shuffle(l)
+ else:
+ l = self
+ for rd in l:
+ name.to_wire(file, compress, origin)
+ stuff = struct.pack("!HHIH", self.rdtype, rdclass,
+ self.ttl, 0)
+ file.write(stuff)
+ start = file.tell()
+ rd.to_wire(file, compress, origin)
+ end = file.tell()
+ assert end - start < 65536
+ file.seek(start - 2)
+ stuff = struct.pack("!H", end - start)
+ file.write(stuff)
+ file.seek(0, 2)
+ return len(self)
+
+ def match(self, rdclass, rdtype, covers):
+ """Returns ``True`` if this rdataset matches the specified class,
+ type, and covers.
+ """
+ if self.rdclass == rdclass and \
+ self.rdtype == rdtype and \
+ self.covers == covers:
+ return True
+ return False
+
+
+def from_text_list(rdclass, rdtype, ttl, text_rdatas):
+ """Create an rdataset with the specified class, type, and TTL, and with
+ the specified list of rdatas in text format.
+
+ Returns a ``dns.rdataset.Rdataset`` object.
+ """
+
+ if isinstance(rdclass, string_types):
+ rdclass = dns.rdataclass.from_text(rdclass)
+ if isinstance(rdtype, string_types):
+ rdtype = dns.rdatatype.from_text(rdtype)
+ r = Rdataset(rdclass, rdtype)
+ r.update_ttl(ttl)
+ for t in text_rdatas:
+ rd = dns.rdata.from_text(r.rdclass, r.rdtype, t)
+ r.add(rd)
+ return r
+
+
+def from_text(rdclass, rdtype, ttl, *text_rdatas):
+ """Create an rdataset with the specified class, type, and TTL, and with
+ the specified rdatas in text format.
+
+ Returns a ``dns.rdataset.Rdataset`` object.
+ """
+
+ return from_text_list(rdclass, rdtype, ttl, text_rdatas)
+
+
+def from_rdata_list(ttl, rdatas):
+ """Create an rdataset with the specified TTL, and with
+ the specified list of rdata objects.
+
+ Returns a ``dns.rdataset.Rdataset`` object.
+ """
+
+ if len(rdatas) == 0:
+ raise ValueError("rdata list must not be empty")
+ r = None
+ for rd in rdatas:
+ if r is None:
+ r = Rdataset(rd.rdclass, rd.rdtype)
+ r.update_ttl(ttl)
+ r.add(rd)
+ return r
+
+
+def from_rdata(ttl, *rdatas):
+ """Create an rdataset with the specified TTL, and with
+ the specified rdata objects.
+
+ Returns a ``dns.rdataset.Rdataset`` object.
+ """
+
+ return from_rdata_list(ttl, rdatas)
diff --git a/lib/dns/rdatatype.py b/lib/dns/rdatatype.py
new file mode 100644
index 00000000..b247bc9c
--- /dev/null
+++ b/lib/dns/rdatatype.py
@@ -0,0 +1,287 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2001-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS Rdata Types."""
+
+import re
+
+import dns.exception
+
+NONE = 0
+A = 1
+NS = 2
+MD = 3
+MF = 4
+CNAME = 5
+SOA = 6
+MB = 7
+MG = 8
+MR = 9
+NULL = 10
+WKS = 11
+PTR = 12
+HINFO = 13
+MINFO = 14
+MX = 15
+TXT = 16
+RP = 17
+AFSDB = 18
+X25 = 19
+ISDN = 20
+RT = 21
+NSAP = 22
+NSAP_PTR = 23
+SIG = 24
+KEY = 25
+PX = 26
+GPOS = 27
+AAAA = 28
+LOC = 29
+NXT = 30
+SRV = 33
+NAPTR = 35
+KX = 36
+CERT = 37
+A6 = 38
+DNAME = 39
+OPT = 41
+APL = 42
+DS = 43
+SSHFP = 44
+IPSECKEY = 45
+RRSIG = 46
+NSEC = 47
+DNSKEY = 48
+DHCID = 49
+NSEC3 = 50
+NSEC3PARAM = 51
+TLSA = 52
+HIP = 55
+CDS = 59
+CDNSKEY = 60
+OPENPGPKEY = 61
+CSYNC = 62
+SPF = 99
+UNSPEC = 103
+EUI48 = 108
+EUI64 = 109
+TKEY = 249
+TSIG = 250
+IXFR = 251
+AXFR = 252
+MAILB = 253
+MAILA = 254
+ANY = 255
+URI = 256
+CAA = 257
+AVC = 258
+TA = 32768
+DLV = 32769
+
+_by_text = {
+ 'NONE': NONE,
+ 'A': A,
+ 'NS': NS,
+ 'MD': MD,
+ 'MF': MF,
+ 'CNAME': CNAME,
+ 'SOA': SOA,
+ 'MB': MB,
+ 'MG': MG,
+ 'MR': MR,
+ 'NULL': NULL,
+ 'WKS': WKS,
+ 'PTR': PTR,
+ 'HINFO': HINFO,
+ 'MINFO': MINFO,
+ 'MX': MX,
+ 'TXT': TXT,
+ 'RP': RP,
+ 'AFSDB': AFSDB,
+ 'X25': X25,
+ 'ISDN': ISDN,
+ 'RT': RT,
+ 'NSAP': NSAP,
+ 'NSAP-PTR': NSAP_PTR,
+ 'SIG': SIG,
+ 'KEY': KEY,
+ 'PX': PX,
+ 'GPOS': GPOS,
+ 'AAAA': AAAA,
+ 'LOC': LOC,
+ 'NXT': NXT,
+ 'SRV': SRV,
+ 'NAPTR': NAPTR,
+ 'KX': KX,
+ 'CERT': CERT,
+ 'A6': A6,
+ 'DNAME': DNAME,
+ 'OPT': OPT,
+ 'APL': APL,
+ 'DS': DS,
+ 'SSHFP': SSHFP,
+ 'IPSECKEY': IPSECKEY,
+ 'RRSIG': RRSIG,
+ 'NSEC': NSEC,
+ 'DNSKEY': DNSKEY,
+ 'DHCID': DHCID,
+ 'NSEC3': NSEC3,
+ 'NSEC3PARAM': NSEC3PARAM,
+ 'TLSA': TLSA,
+ 'HIP': HIP,
+ 'CDS': CDS,
+ 'CDNSKEY': CDNSKEY,
+ 'OPENPGPKEY': OPENPGPKEY,
+ 'CSYNC': CSYNC,
+ 'SPF': SPF,
+ 'UNSPEC': UNSPEC,
+ 'EUI48': EUI48,
+ 'EUI64': EUI64,
+ 'TKEY': TKEY,
+ 'TSIG': TSIG,
+ 'IXFR': IXFR,
+ 'AXFR': AXFR,
+ 'MAILB': MAILB,
+ 'MAILA': MAILA,
+ 'ANY': ANY,
+ 'URI': URI,
+ 'CAA': CAA,
+ 'AVC': AVC,
+ 'TA': TA,
+ 'DLV': DLV,
+}
+
+# We construct the inverse mapping programmatically to ensure that we
+# cannot make any mistakes (e.g. omissions, cut-and-paste errors) that
+# would cause the mapping not to be true inverse.
+
+_by_value = {y: x for x, y in _by_text.items()}
+
+_metatypes = {
+ OPT: True
+}
+
+_singletons = {
+ SOA: True,
+ NXT: True,
+ DNAME: True,
+ NSEC: True,
+ CNAME: True,
+}
+
+_unknown_type_pattern = re.compile('TYPE([0-9]+)$', re.I)
+
+
+class UnknownRdatatype(dns.exception.DNSException):
+ """DNS resource record type is unknown."""
+
+
+def from_text(text):
+ """Convert text into a DNS rdata type value.
+
+ The input text can be a defined DNS RR type mnemonic or
+ instance of the DNS generic type syntax.
+
+ For example, "NS" and "TYPE2" will both result in a value of 2.
+
+ Raises ``dns.rdatatype.UnknownRdatatype`` if the type is unknown.
+
+ Raises ``ValueError`` if the rdata type value is not >= 0 and <= 65535.
+
+ Returns an ``int``.
+ """
+
+ value = _by_text.get(text.upper())
+ if value is None:
+ match = _unknown_type_pattern.match(text)
+ if match is None:
+ raise UnknownRdatatype
+ value = int(match.group(1))
+ if value < 0 or value > 65535:
+ raise ValueError("type must be between >= 0 and <= 65535")
+ return value
+
+
+def to_text(value):
+ """Convert a DNS rdata type value to text.
+
+ If the value has a known mnemonic, it will be used, otherwise the
+ DNS generic type syntax will be used.
+
+ Raises ``ValueError`` if the rdata type value is not >= 0 and <= 65535.
+
+ Returns a ``str``.
+ """
+
+ if value < 0 or value > 65535:
+ raise ValueError("type must be between >= 0 and <= 65535")
+ text = _by_value.get(value)
+ if text is None:
+ text = 'TYPE' + repr(value)
+ return text
+
+
+def is_metatype(rdtype):
+ """True if the specified type is a metatype.
+
+ *rdtype* is an ``int``.
+
+ The currently defined metatypes are TKEY, TSIG, IXFR, AXFR, MAILA,
+ MAILB, ANY, and OPT.
+
+ Returns a ``bool``.
+ """
+
+ if rdtype >= TKEY and rdtype <= ANY or rdtype in _metatypes:
+ return True
+ return False
+
+
+def is_singleton(rdtype):
+ """Is the specified type a singleton type?
+
+ Singleton types can only have a single rdata in an rdataset, or a single
+ RR in an RRset.
+
+ The currently defined singleton types are CNAME, DNAME, NSEC, NXT, and
+ SOA.
+
+ *rdtype* is an ``int``.
+
+ Returns a ``bool``.
+ """
+
+ if rdtype in _singletons:
+ return True
+ return False
+
+
+def register_type(rdtype, rdtype_text, is_singleton=False): # pylint: disable=redefined-outer-name
+ """Dynamically register an rdatatype.
+
+ *rdtype*, an ``int``, the rdatatype to register.
+
+ *rdtype_text*, a ``text``, the textual form of the rdatatype.
+
+ *is_singleton*, a ``bool``, indicating if the type is a singleton (i.e.
+ RRsets of the type can have only one member.)
+ """
+
+ _by_text[rdtype_text] = rdtype
+ _by_value[rdtype] = rdtype_text
+ if is_singleton:
+ _singletons[rdtype] = True
diff --git a/lib/dns/rdtypes/ANY/AFSDB.py b/lib/dns/rdtypes/ANY/AFSDB.py
new file mode 100644
index 00000000..c6a700cf
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/AFSDB.py
@@ -0,0 +1,55 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.mxbase
+
+
+class AFSDB(dns.rdtypes.mxbase.UncompressedDowncasingMX):
+
+ """AFSDB record
+
+ @ivar subtype: the subtype value
+ @type subtype: int
+ @ivar hostname: the hostname name
+ @type hostname: dns.name.Name object"""
+
+ # Use the property mechanism to make "subtype" an alias for the
+ # "preference" attribute, and "hostname" an alias for the "exchange"
+ # attribute.
+ #
+ # This lets us inherit the UncompressedMX implementation but lets
+ # the caller use appropriate attribute names for the rdata type.
+ #
+ # We probably lose some performance vs. a cut-and-paste
+ # implementation, but this way we don't copy code, and that's
+ # good.
+
+ def get_subtype(self):
+ return self.preference
+
+ def set_subtype(self, subtype):
+ self.preference = subtype
+
+ subtype = property(get_subtype, set_subtype)
+
+ def get_hostname(self):
+ return self.exchange
+
+ def set_hostname(self, hostname):
+ self.exchange = hostname
+
+ hostname = property(get_hostname, set_hostname)
diff --git a/lib/dns/rdtypes/ANY/AVC.py b/lib/dns/rdtypes/ANY/AVC.py
new file mode 100644
index 00000000..7f340b39
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/AVC.py
@@ -0,0 +1,25 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2016 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.txtbase
+
+
+class AVC(dns.rdtypes.txtbase.TXTBase):
+
+ """AVC record
+
+ @see: U{http://www.iana.org/assignments/dns-parameters/AVC/avc-completed-template}"""
diff --git a/lib/dns/rdtypes/ANY/CAA.py b/lib/dns/rdtypes/ANY/CAA.py
new file mode 100644
index 00000000..0acf201a
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/CAA.py
@@ -0,0 +1,75 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+
+import dns.exception
+import dns.rdata
+import dns.tokenizer
+
+
+class CAA(dns.rdata.Rdata):
+
+ """CAA (Certification Authority Authorization) record
+
+ @ivar flags: the flags
+ @type flags: int
+ @ivar tag: the tag
+ @type tag: string
+ @ivar value: the value
+ @type value: string
+ @see: RFC 6844"""
+
+ __slots__ = ['flags', 'tag', 'value']
+
+ def __init__(self, rdclass, rdtype, flags, tag, value):
+ super(CAA, self).__init__(rdclass, rdtype)
+ self.flags = flags
+ self.tag = tag
+ self.value = value
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return '%u %s "%s"' % (self.flags,
+ dns.rdata._escapify(self.tag),
+ dns.rdata._escapify(self.value))
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ flags = tok.get_uint8()
+ tag = tok.get_string().encode()
+ if len(tag) > 255:
+ raise dns.exception.SyntaxError("tag too long")
+ if not tag.isalnum():
+ raise dns.exception.SyntaxError("tag is not alphanumeric")
+ value = tok.get_string().encode()
+ return cls(rdclass, rdtype, flags, tag, value)
+
+ def to_wire(self, file, compress=None, origin=None):
+ file.write(struct.pack('!B', self.flags))
+ l = len(self.tag)
+ assert l < 256
+ file.write(struct.pack('!B', l))
+ file.write(self.tag)
+ file.write(self.value)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ (flags, l) = struct.unpack('!BB', wire[current: current + 2])
+ current += 2
+ tag = wire[current: current + l]
+ value = wire[current + l:current + rdlen - 2]
+ return cls(rdclass, rdtype, flags, tag, value)
diff --git a/lib/dns/rdtypes/ANY/CDNSKEY.py b/lib/dns/rdtypes/ANY/CDNSKEY.py
new file mode 100644
index 00000000..653ae1be
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/CDNSKEY.py
@@ -0,0 +1,27 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2004-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.dnskeybase
+from dns.rdtypes.dnskeybase import flags_to_text_set, flags_from_text_set
+
+
+__all__ = ['flags_to_text_set', 'flags_from_text_set']
+
+
+class CDNSKEY(dns.rdtypes.dnskeybase.DNSKEYBase):
+
+ """CDNSKEY record"""
diff --git a/lib/dns/rdtypes/ANY/CDS.py b/lib/dns/rdtypes/ANY/CDS.py
new file mode 100644
index 00000000..a63041dd
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/CDS.py
@@ -0,0 +1,23 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.dsbase
+
+
+class CDS(dns.rdtypes.dsbase.DSBase):
+
+ """CDS record"""
diff --git a/lib/dns/rdtypes/ANY/CERT.py b/lib/dns/rdtypes/ANY/CERT.py
new file mode 100644
index 00000000..eea27b52
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/CERT.py
@@ -0,0 +1,123 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+import base64
+
+import dns.exception
+import dns.dnssec
+import dns.rdata
+import dns.tokenizer
+
+_ctype_by_value = {
+ 1: 'PKIX',
+ 2: 'SPKI',
+ 3: 'PGP',
+ 253: 'URI',
+ 254: 'OID',
+}
+
+_ctype_by_name = {
+ 'PKIX': 1,
+ 'SPKI': 2,
+ 'PGP': 3,
+ 'URI': 253,
+ 'OID': 254,
+}
+
+
+def _ctype_from_text(what):
+ v = _ctype_by_name.get(what)
+ if v is not None:
+ return v
+ return int(what)
+
+
+def _ctype_to_text(what):
+ v = _ctype_by_value.get(what)
+ if v is not None:
+ return v
+ return str(what)
+
+
+class CERT(dns.rdata.Rdata):
+
+ """CERT record
+
+ @ivar certificate_type: certificate type
+ @type certificate_type: int
+ @ivar key_tag: key tag
+ @type key_tag: int
+ @ivar algorithm: algorithm
+ @type algorithm: int
+ @ivar certificate: the certificate or CRL
+ @type certificate: string
+ @see: RFC 2538"""
+
+ __slots__ = ['certificate_type', 'key_tag', 'algorithm', 'certificate']
+
+ def __init__(self, rdclass, rdtype, certificate_type, key_tag, algorithm,
+ certificate):
+ super(CERT, self).__init__(rdclass, rdtype)
+ self.certificate_type = certificate_type
+ self.key_tag = key_tag
+ self.algorithm = algorithm
+ self.certificate = certificate
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ certificate_type = _ctype_to_text(self.certificate_type)
+ return "%s %d %s %s" % (certificate_type, self.key_tag,
+ dns.dnssec.algorithm_to_text(self.algorithm),
+ dns.rdata._base64ify(self.certificate))
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ certificate_type = _ctype_from_text(tok.get_string())
+ key_tag = tok.get_uint16()
+ algorithm = dns.dnssec.algorithm_from_text(tok.get_string())
+ if algorithm < 0 or algorithm > 255:
+ raise dns.exception.SyntaxError("bad algorithm type")
+ chunks = []
+ while 1:
+ t = tok.get().unescape()
+ if t.is_eol_or_eof():
+ break
+ if not t.is_identifier():
+ raise dns.exception.SyntaxError
+ chunks.append(t.value.encode())
+ b64 = b''.join(chunks)
+ certificate = base64.b64decode(b64)
+ return cls(rdclass, rdtype, certificate_type, key_tag,
+ algorithm, certificate)
+
+ def to_wire(self, file, compress=None, origin=None):
+ prefix = struct.pack("!HHB", self.certificate_type, self.key_tag,
+ self.algorithm)
+ file.write(prefix)
+ file.write(self.certificate)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ prefix = wire[current: current + 5].unwrap()
+ current += 5
+ rdlen -= 5
+ if rdlen < 0:
+ raise dns.exception.FormError
+ (certificate_type, key_tag, algorithm) = struct.unpack("!HHB", prefix)
+ certificate = wire[current: current + rdlen].unwrap()
+ return cls(rdclass, rdtype, certificate_type, key_tag, algorithm,
+ certificate)
diff --git a/lib/dns/rdtypes/ANY/CNAME.py b/lib/dns/rdtypes/ANY/CNAME.py
new file mode 100644
index 00000000..11d42aa7
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/CNAME.py
@@ -0,0 +1,27 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.nsbase
+
+
+class CNAME(dns.rdtypes.nsbase.NSBase):
+
+ """CNAME record
+
+ Note: although CNAME is officially a singleton type, dnspython allows
+ non-singleton CNAME rdatasets because such sets have been commonly
+ used by BIND and other nameservers for load balancing."""
diff --git a/lib/dns/rdtypes/ANY/CSYNC.py b/lib/dns/rdtypes/ANY/CSYNC.py
new file mode 100644
index 00000000..06292fb2
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/CSYNC.py
@@ -0,0 +1,126 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2004-2007, 2009-2011, 2016 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+
+import dns.exception
+import dns.rdata
+import dns.rdatatype
+import dns.name
+from dns._compat import xrange
+
+class CSYNC(dns.rdata.Rdata):
+
+ """CSYNC record
+
+ @ivar serial: the SOA serial number
+ @type serial: int
+ @ivar flags: the CSYNC flags
+ @type flags: int
+ @ivar windows: the windowed bitmap list
+ @type windows: list of (window number, string) tuples"""
+
+ __slots__ = ['serial', 'flags', 'windows']
+
+ def __init__(self, rdclass, rdtype, serial, flags, windows):
+ super(CSYNC, self).__init__(rdclass, rdtype)
+ self.serial = serial
+ self.flags = flags
+ self.windows = windows
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ text = ''
+ for (window, bitmap) in self.windows:
+ bits = []
+ for i in xrange(0, len(bitmap)):
+ byte = bitmap[i]
+ for j in xrange(0, 8):
+ if byte & (0x80 >> j):
+ bits.append(dns.rdatatype.to_text(window * 256 +
+ i * 8 + j))
+ text += (' ' + ' '.join(bits))
+ return '%d %d%s' % (self.serial, self.flags, text)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ serial = tok.get_uint32()
+ flags = tok.get_uint16()
+ rdtypes = []
+ while 1:
+ token = tok.get().unescape()
+ if token.is_eol_or_eof():
+ break
+ nrdtype = dns.rdatatype.from_text(token.value)
+ if nrdtype == 0:
+ raise dns.exception.SyntaxError("CSYNC with bit 0")
+ if nrdtype > 65535:
+ raise dns.exception.SyntaxError("CSYNC with bit > 65535")
+ rdtypes.append(nrdtype)
+ rdtypes.sort()
+ window = 0
+ octets = 0
+ prior_rdtype = 0
+ bitmap = bytearray(b'\0' * 32)
+ windows = []
+ for nrdtype in rdtypes:
+ if nrdtype == prior_rdtype:
+ continue
+ prior_rdtype = nrdtype
+ new_window = nrdtype // 256
+ if new_window != window:
+ windows.append((window, bitmap[0:octets]))
+ bitmap = bytearray(b'\0' * 32)
+ window = new_window
+ offset = nrdtype % 256
+ byte = offset // 8
+ bit = offset % 8
+ octets = byte + 1
+ bitmap[byte] = bitmap[byte] | (0x80 >> bit)
+
+ windows.append((window, bitmap[0:octets]))
+ return cls(rdclass, rdtype, serial, flags, windows)
+
+ def to_wire(self, file, compress=None, origin=None):
+ file.write(struct.pack('!IH', self.serial, self.flags))
+ for (window, bitmap) in self.windows:
+ file.write(struct.pack('!BB', window, len(bitmap)))
+ file.write(bitmap)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ if rdlen < 6:
+ raise dns.exception.FormError("CSYNC too short")
+ (serial, flags) = struct.unpack("!IH", wire[current: current + 6])
+ current += 6
+ rdlen -= 6
+ windows = []
+ while rdlen > 0:
+ if rdlen < 3:
+ raise dns.exception.FormError("CSYNC too short")
+ window = wire[current]
+ octets = wire[current + 1]
+ if octets == 0 or octets > 32:
+ raise dns.exception.FormError("bad CSYNC octets")
+ current += 2
+ rdlen -= 2
+ if rdlen < octets:
+ raise dns.exception.FormError("bad CSYNC bitmap length")
+ bitmap = bytearray(wire[current: current + octets].unwrap())
+ current += octets
+ rdlen -= octets
+ windows.append((window, bitmap))
+ return cls(rdclass, rdtype, serial, flags, windows)
diff --git a/lib/dns/rdtypes/ANY/DLV.py b/lib/dns/rdtypes/ANY/DLV.py
new file mode 100644
index 00000000..16352125
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/DLV.py
@@ -0,0 +1,23 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.dsbase
+
+
+class DLV(dns.rdtypes.dsbase.DSBase):
+
+ """DLV record"""
diff --git a/lib/dns/rdtypes/ANY/DNAME.py b/lib/dns/rdtypes/ANY/DNAME.py
new file mode 100644
index 00000000..2499283c
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/DNAME.py
@@ -0,0 +1,26 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.nsbase
+
+
+class DNAME(dns.rdtypes.nsbase.UncompressedNS):
+
+ """DNAME record"""
+
+ def to_digestable(self, origin=None):
+ return self.target.to_digestable(origin)
diff --git a/lib/dns/rdtypes/ANY/DNSKEY.py b/lib/dns/rdtypes/ANY/DNSKEY.py
new file mode 100644
index 00000000..e36f7bc5
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/DNSKEY.py
@@ -0,0 +1,27 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2004-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.dnskeybase
+from dns.rdtypes.dnskeybase import flags_to_text_set, flags_from_text_set
+
+
+__all__ = ['flags_to_text_set', 'flags_from_text_set']
+
+
+class DNSKEY(dns.rdtypes.dnskeybase.DNSKEYBase):
+
+ """DNSKEY record"""
diff --git a/lib/dns/rdtypes/ANY/DS.py b/lib/dns/rdtypes/ANY/DS.py
new file mode 100644
index 00000000..7d457b22
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/DS.py
@@ -0,0 +1,23 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.dsbase
+
+
+class DS(dns.rdtypes.dsbase.DSBase):
+
+ """DS record"""
diff --git a/lib/dns/rdtypes/ANY/EUI48.py b/lib/dns/rdtypes/ANY/EUI48.py
new file mode 100644
index 00000000..aa260e20
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/EUI48.py
@@ -0,0 +1,29 @@
+# Copyright (C) 2015 Red Hat, Inc.
+# Author: Petr Spacek
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED 'AS IS' AND RED HAT DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.euibase
+
+
+class EUI48(dns.rdtypes.euibase.EUIBase):
+
+ """EUI48 record
+
+ @ivar fingerprint: 48-bit Extended Unique Identifier (EUI-48)
+ @type fingerprint: string
+ @see: rfc7043.txt"""
+
+ byte_len = 6 # 0123456789ab (in hex)
+ text_len = byte_len * 3 - 1 # 01-23-45-67-89-ab
diff --git a/lib/dns/rdtypes/ANY/EUI64.py b/lib/dns/rdtypes/ANY/EUI64.py
new file mode 100644
index 00000000..5eba350d
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/EUI64.py
@@ -0,0 +1,29 @@
+# Copyright (C) 2015 Red Hat, Inc.
+# Author: Petr Spacek
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED 'AS IS' AND RED HAT DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.euibase
+
+
+class EUI64(dns.rdtypes.euibase.EUIBase):
+
+ """EUI64 record
+
+ @ivar fingerprint: 64-bit Extended Unique Identifier (EUI-64)
+ @type fingerprint: string
+ @see: rfc7043.txt"""
+
+ byte_len = 8 # 0123456789abcdef (in hex)
+ text_len = byte_len * 3 - 1 # 01-23-45-67-89-ab-cd-ef
diff --git a/lib/dns/rdtypes/ANY/GPOS.py b/lib/dns/rdtypes/ANY/GPOS.py
new file mode 100644
index 00000000..422822f0
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/GPOS.py
@@ -0,0 +1,162 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+
+import dns.exception
+import dns.rdata
+import dns.tokenizer
+from dns._compat import long, text_type
+
+
+def _validate_float_string(what):
+ if what[0] == b'-'[0] or what[0] == b'+'[0]:
+ what = what[1:]
+ if what.isdigit():
+ return
+ (left, right) = what.split(b'.')
+ if left == b'' and right == b'':
+ raise dns.exception.FormError
+ if not left == b'' and not left.decode().isdigit():
+ raise dns.exception.FormError
+ if not right == b'' and not right.decode().isdigit():
+ raise dns.exception.FormError
+
+
+def _sanitize(value):
+ if isinstance(value, text_type):
+ return value.encode()
+ return value
+
+
+class GPOS(dns.rdata.Rdata):
+
+ """GPOS record
+
+ @ivar latitude: latitude
+ @type latitude: string
+ @ivar longitude: longitude
+ @type longitude: string
+ @ivar altitude: altitude
+ @type altitude: string
+ @see: RFC 1712"""
+
+ __slots__ = ['latitude', 'longitude', 'altitude']
+
+ def __init__(self, rdclass, rdtype, latitude, longitude, altitude):
+ super(GPOS, self).__init__(rdclass, rdtype)
+ if isinstance(latitude, float) or \
+ isinstance(latitude, int) or \
+ isinstance(latitude, long):
+ latitude = str(latitude)
+ if isinstance(longitude, float) or \
+ isinstance(longitude, int) or \
+ isinstance(longitude, long):
+ longitude = str(longitude)
+ if isinstance(altitude, float) or \
+ isinstance(altitude, int) or \
+ isinstance(altitude, long):
+ altitude = str(altitude)
+ latitude = _sanitize(latitude)
+ longitude = _sanitize(longitude)
+ altitude = _sanitize(altitude)
+ _validate_float_string(latitude)
+ _validate_float_string(longitude)
+ _validate_float_string(altitude)
+ self.latitude = latitude
+ self.longitude = longitude
+ self.altitude = altitude
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return '{} {} {}'.format(self.latitude.decode(),
+ self.longitude.decode(),
+ self.altitude.decode())
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ latitude = tok.get_string()
+ longitude = tok.get_string()
+ altitude = tok.get_string()
+ tok.get_eol()
+ return cls(rdclass, rdtype, latitude, longitude, altitude)
+
+ def to_wire(self, file, compress=None, origin=None):
+ l = len(self.latitude)
+ assert l < 256
+ file.write(struct.pack('!B', l))
+ file.write(self.latitude)
+ l = len(self.longitude)
+ assert l < 256
+ file.write(struct.pack('!B', l))
+ file.write(self.longitude)
+ l = len(self.altitude)
+ assert l < 256
+ file.write(struct.pack('!B', l))
+ file.write(self.altitude)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ l = wire[current]
+ current += 1
+ rdlen -= 1
+ if l > rdlen:
+ raise dns.exception.FormError
+ latitude = wire[current: current + l].unwrap()
+ current += l
+ rdlen -= l
+ l = wire[current]
+ current += 1
+ rdlen -= 1
+ if l > rdlen:
+ raise dns.exception.FormError
+ longitude = wire[current: current + l].unwrap()
+ current += l
+ rdlen -= l
+ l = wire[current]
+ current += 1
+ rdlen -= 1
+ if l != rdlen:
+ raise dns.exception.FormError
+ altitude = wire[current: current + l].unwrap()
+ return cls(rdclass, rdtype, latitude, longitude, altitude)
+
+ def _get_float_latitude(self):
+ return float(self.latitude)
+
+ def _set_float_latitude(self, value):
+ self.latitude = str(value)
+
+ float_latitude = property(_get_float_latitude, _set_float_latitude,
+ doc="latitude as a floating point value")
+
+ def _get_float_longitude(self):
+ return float(self.longitude)
+
+ def _set_float_longitude(self, value):
+ self.longitude = str(value)
+
+ float_longitude = property(_get_float_longitude, _set_float_longitude,
+ doc="longitude as a floating point value")
+
+ def _get_float_altitude(self):
+ return float(self.altitude)
+
+ def _set_float_altitude(self, value):
+ self.altitude = str(value)
+
+ float_altitude = property(_get_float_altitude, _set_float_altitude,
+ doc="altitude as a floating point value")
diff --git a/lib/dns/rdtypes/ANY/HINFO.py b/lib/dns/rdtypes/ANY/HINFO.py
new file mode 100644
index 00000000..e4e0b34a
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/HINFO.py
@@ -0,0 +1,86 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+
+import dns.exception
+import dns.rdata
+import dns.tokenizer
+from dns._compat import text_type
+
+
+class HINFO(dns.rdata.Rdata):
+
+ """HINFO record
+
+ @ivar cpu: the CPU type
+ @type cpu: string
+ @ivar os: the OS type
+ @type os: string
+ @see: RFC 1035"""
+
+ __slots__ = ['cpu', 'os']
+
+ def __init__(self, rdclass, rdtype, cpu, os):
+ super(HINFO, self).__init__(rdclass, rdtype)
+ if isinstance(cpu, text_type):
+ self.cpu = cpu.encode()
+ else:
+ self.cpu = cpu
+ if isinstance(os, text_type):
+ self.os = os.encode()
+ else:
+ self.os = os
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return '"{}" "{}"'.format(dns.rdata._escapify(self.cpu),
+ dns.rdata._escapify(self.os))
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ cpu = tok.get_string()
+ os = tok.get_string()
+ tok.get_eol()
+ return cls(rdclass, rdtype, cpu, os)
+
+ def to_wire(self, file, compress=None, origin=None):
+ l = len(self.cpu)
+ assert l < 256
+ file.write(struct.pack('!B', l))
+ file.write(self.cpu)
+ l = len(self.os)
+ assert l < 256
+ file.write(struct.pack('!B', l))
+ file.write(self.os)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ l = wire[current]
+ current += 1
+ rdlen -= 1
+ if l > rdlen:
+ raise dns.exception.FormError
+ cpu = wire[current:current + l].unwrap()
+ current += l
+ rdlen -= l
+ l = wire[current]
+ current += 1
+ rdlen -= 1
+ if l != rdlen:
+ raise dns.exception.FormError
+ os = wire[current: current + l].unwrap()
+ return cls(rdclass, rdtype, cpu, os)
diff --git a/lib/dns/rdtypes/ANY/HIP.py b/lib/dns/rdtypes/ANY/HIP.py
new file mode 100644
index 00000000..7c876b2d
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/HIP.py
@@ -0,0 +1,115 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2010, 2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+import base64
+import binascii
+
+import dns.exception
+import dns.rdata
+import dns.rdatatype
+
+
+class HIP(dns.rdata.Rdata):
+
+ """HIP record
+
+ @ivar hit: the host identity tag
+ @type hit: string
+ @ivar algorithm: the public key cryptographic algorithm
+ @type algorithm: int
+ @ivar key: the public key
+ @type key: string
+ @ivar servers: the rendezvous servers
+ @type servers: list of dns.name.Name objects
+ @see: RFC 5205"""
+
+ __slots__ = ['hit', 'algorithm', 'key', 'servers']
+
+ def __init__(self, rdclass, rdtype, hit, algorithm, key, servers):
+ super(HIP, self).__init__(rdclass, rdtype)
+ self.hit = hit
+ self.algorithm = algorithm
+ self.key = key
+ self.servers = servers
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ hit = binascii.hexlify(self.hit).decode()
+ key = base64.b64encode(self.key).replace(b'\n', b'').decode()
+ text = u''
+ servers = []
+ for server in self.servers:
+ servers.append(server.choose_relativity(origin, relativize))
+ if len(servers) > 0:
+ text += (u' ' + u' '.join((x.to_unicode() for x in servers)))
+ return u'%u %s %s%s' % (self.algorithm, hit, key, text)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ algorithm = tok.get_uint8()
+ hit = binascii.unhexlify(tok.get_string().encode())
+ if len(hit) > 255:
+ raise dns.exception.SyntaxError("HIT too long")
+ key = base64.b64decode(tok.get_string().encode())
+ servers = []
+ while 1:
+ token = tok.get()
+ if token.is_eol_or_eof():
+ break
+ server = dns.name.from_text(token.value, origin)
+ server.choose_relativity(origin, relativize)
+ servers.append(server)
+ return cls(rdclass, rdtype, hit, algorithm, key, servers)
+
+ def to_wire(self, file, compress=None, origin=None):
+ lh = len(self.hit)
+ lk = len(self.key)
+ file.write(struct.pack("!BBH", lh, self.algorithm, lk))
+ file.write(self.hit)
+ file.write(self.key)
+ for server in self.servers:
+ server.to_wire(file, None, origin)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ (lh, algorithm, lk) = struct.unpack('!BBH',
+ wire[current: current + 4])
+ current += 4
+ rdlen -= 4
+ hit = wire[current: current + lh].unwrap()
+ current += lh
+ rdlen -= lh
+ key = wire[current: current + lk].unwrap()
+ current += lk
+ rdlen -= lk
+ servers = []
+ while rdlen > 0:
+ (server, cused) = dns.name.from_wire(wire[: current + rdlen],
+ current)
+ current += cused
+ rdlen -= cused
+ if origin is not None:
+ server = server.relativize(origin)
+ servers.append(server)
+ return cls(rdclass, rdtype, hit, algorithm, key, servers)
+
+ def choose_relativity(self, origin=None, relativize=True):
+ servers = []
+ for server in self.servers:
+ server = server.choose_relativity(origin, relativize)
+ servers.append(server)
+ self.servers = servers
diff --git a/lib/dns/rdtypes/ANY/ISDN.py b/lib/dns/rdtypes/ANY/ISDN.py
new file mode 100644
index 00000000..f5f5f8b9
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/ISDN.py
@@ -0,0 +1,99 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+
+import dns.exception
+import dns.rdata
+import dns.tokenizer
+from dns._compat import text_type
+
+
+class ISDN(dns.rdata.Rdata):
+
+ """ISDN record
+
+ @ivar address: the ISDN address
+ @type address: string
+ @ivar subaddress: the ISDN subaddress (or '' if not present)
+ @type subaddress: string
+ @see: RFC 1183"""
+
+ __slots__ = ['address', 'subaddress']
+
+ def __init__(self, rdclass, rdtype, address, subaddress):
+ super(ISDN, self).__init__(rdclass, rdtype)
+ if isinstance(address, text_type):
+ self.address = address.encode()
+ else:
+ self.address = address
+ if isinstance(address, text_type):
+ self.subaddress = subaddress.encode()
+ else:
+ self.subaddress = subaddress
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ if self.subaddress:
+ return '"{}" "{}"'.format(dns.rdata._escapify(self.address),
+ dns.rdata._escapify(self.subaddress))
+ else:
+ return '"%s"' % dns.rdata._escapify(self.address)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ address = tok.get_string()
+ t = tok.get()
+ if not t.is_eol_or_eof():
+ tok.unget(t)
+ subaddress = tok.get_string()
+ else:
+ tok.unget(t)
+ subaddress = ''
+ tok.get_eol()
+ return cls(rdclass, rdtype, address, subaddress)
+
+ def to_wire(self, file, compress=None, origin=None):
+ l = len(self.address)
+ assert l < 256
+ file.write(struct.pack('!B', l))
+ file.write(self.address)
+ l = len(self.subaddress)
+ if l > 0:
+ assert l < 256
+ file.write(struct.pack('!B', l))
+ file.write(self.subaddress)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ l = wire[current]
+ current += 1
+ rdlen -= 1
+ if l > rdlen:
+ raise dns.exception.FormError
+ address = wire[current: current + l].unwrap()
+ current += l
+ rdlen -= l
+ if rdlen > 0:
+ l = wire[current]
+ current += 1
+ rdlen -= 1
+ if l != rdlen:
+ raise dns.exception.FormError
+ subaddress = wire[current: current + l].unwrap()
+ else:
+ subaddress = ''
+ return cls(rdclass, rdtype, address, subaddress)
diff --git a/lib/dns/rdtypes/ANY/LOC.py b/lib/dns/rdtypes/ANY/LOC.py
new file mode 100644
index 00000000..da9bb03a
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/LOC.py
@@ -0,0 +1,327 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+from __future__ import division
+
+import struct
+
+import dns.exception
+import dns.rdata
+from dns._compat import long, xrange, round_py2_compat
+
+
+_pows = tuple(long(10**i) for i in range(0, 11))
+
+# default values are in centimeters
+_default_size = 100.0
+_default_hprec = 1000000.0
+_default_vprec = 1000.0
+
+
+def _exponent_of(what, desc):
+ if what == 0:
+ return 0
+ exp = None
+ for i in xrange(len(_pows)):
+ if what // _pows[i] == long(0):
+ exp = i - 1
+ break
+ if exp is None or exp < 0:
+ raise dns.exception.SyntaxError("%s value out of bounds" % desc)
+ return exp
+
+
+def _float_to_tuple(what):
+ if what < 0:
+ sign = -1
+ what *= -1
+ else:
+ sign = 1
+ what = round_py2_compat(what * 3600000)
+ degrees = int(what // 3600000)
+ what -= degrees * 3600000
+ minutes = int(what // 60000)
+ what -= minutes * 60000
+ seconds = int(what // 1000)
+ what -= int(seconds * 1000)
+ what = int(what)
+ return (degrees, minutes, seconds, what, sign)
+
+
+def _tuple_to_float(what):
+ value = float(what[0])
+ value += float(what[1]) / 60.0
+ value += float(what[2]) / 3600.0
+ value += float(what[3]) / 3600000.0
+ return float(what[4]) * value
+
+
+def _encode_size(what, desc):
+ what = long(what)
+ exponent = _exponent_of(what, desc) & 0xF
+ base = what // pow(10, exponent) & 0xF
+ return base * 16 + exponent
+
+
+def _decode_size(what, desc):
+ exponent = what & 0x0F
+ if exponent > 9:
+ raise dns.exception.SyntaxError("bad %s exponent" % desc)
+ base = (what & 0xF0) >> 4
+ if base > 9:
+ raise dns.exception.SyntaxError("bad %s base" % desc)
+ return long(base) * pow(10, exponent)
+
+
+class LOC(dns.rdata.Rdata):
+
+ """LOC record
+
+ @ivar latitude: latitude
+ @type latitude: (int, int, int, int, sign) tuple specifying the degrees, minutes,
+ seconds, milliseconds, and sign of the coordinate.
+ @ivar longitude: longitude
+ @type longitude: (int, int, int, int, sign) tuple specifying the degrees,
+ minutes, seconds, milliseconds, and sign of the coordinate.
+ @ivar altitude: altitude
+ @type altitude: float
+ @ivar size: size of the sphere
+ @type size: float
+ @ivar horizontal_precision: horizontal precision
+ @type horizontal_precision: float
+ @ivar vertical_precision: vertical precision
+ @type vertical_precision: float
+ @see: RFC 1876"""
+
+ __slots__ = ['latitude', 'longitude', 'altitude', 'size',
+ 'horizontal_precision', 'vertical_precision']
+
+ def __init__(self, rdclass, rdtype, latitude, longitude, altitude,
+ size=_default_size, hprec=_default_hprec,
+ vprec=_default_vprec):
+ """Initialize a LOC record instance.
+
+ The parameters I{latitude} and I{longitude} may be either a 4-tuple
+ of integers specifying (degrees, minutes, seconds, milliseconds),
+ or they may be floating point values specifying the number of
+ degrees. The other parameters are floats. Size, horizontal precision,
+ and vertical precision are specified in centimeters."""
+
+ super(LOC, self).__init__(rdclass, rdtype)
+ if isinstance(latitude, int) or isinstance(latitude, long):
+ latitude = float(latitude)
+ if isinstance(latitude, float):
+ latitude = _float_to_tuple(latitude)
+ self.latitude = latitude
+ if isinstance(longitude, int) or isinstance(longitude, long):
+ longitude = float(longitude)
+ if isinstance(longitude, float):
+ longitude = _float_to_tuple(longitude)
+ self.longitude = longitude
+ self.altitude = float(altitude)
+ self.size = float(size)
+ self.horizontal_precision = float(hprec)
+ self.vertical_precision = float(vprec)
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ if self.latitude[4] > 0:
+ lat_hemisphere = 'N'
+ else:
+ lat_hemisphere = 'S'
+ if self.longitude[4] > 0:
+ long_hemisphere = 'E'
+ else:
+ long_hemisphere = 'W'
+ text = "%d %d %d.%03d %s %d %d %d.%03d %s %0.2fm" % (
+ self.latitude[0], self.latitude[1],
+ self.latitude[2], self.latitude[3], lat_hemisphere,
+ self.longitude[0], self.longitude[1], self.longitude[2],
+ self.longitude[3], long_hemisphere,
+ self.altitude / 100.0
+ )
+
+ # do not print default values
+ if self.size != _default_size or \
+ self.horizontal_precision != _default_hprec or \
+ self.vertical_precision != _default_vprec:
+ text += " {:0.2f}m {:0.2f}m {:0.2f}m".format(
+ self.size / 100.0, self.horizontal_precision / 100.0,
+ self.vertical_precision / 100.0
+ )
+ return text
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ latitude = [0, 0, 0, 0, 1]
+ longitude = [0, 0, 0, 0, 1]
+ size = _default_size
+ hprec = _default_hprec
+ vprec = _default_vprec
+
+ latitude[0] = tok.get_int()
+ t = tok.get_string()
+ if t.isdigit():
+ latitude[1] = int(t)
+ t = tok.get_string()
+ if '.' in t:
+ (seconds, milliseconds) = t.split('.')
+ if not seconds.isdigit():
+ raise dns.exception.SyntaxError(
+ 'bad latitude seconds value')
+ latitude[2] = int(seconds)
+ if latitude[2] >= 60:
+ raise dns.exception.SyntaxError('latitude seconds >= 60')
+ l = len(milliseconds)
+ if l == 0 or l > 3 or not milliseconds.isdigit():
+ raise dns.exception.SyntaxError(
+ 'bad latitude milliseconds value')
+ if l == 1:
+ m = 100
+ elif l == 2:
+ m = 10
+ else:
+ m = 1
+ latitude[3] = m * int(milliseconds)
+ t = tok.get_string()
+ elif t.isdigit():
+ latitude[2] = int(t)
+ t = tok.get_string()
+ if t == 'S':
+ latitude[4] = -1
+ elif t != 'N':
+ raise dns.exception.SyntaxError('bad latitude hemisphere value')
+
+ longitude[0] = tok.get_int()
+ t = tok.get_string()
+ if t.isdigit():
+ longitude[1] = int(t)
+ t = tok.get_string()
+ if '.' in t:
+ (seconds, milliseconds) = t.split('.')
+ if not seconds.isdigit():
+ raise dns.exception.SyntaxError(
+ 'bad longitude seconds value')
+ longitude[2] = int(seconds)
+ if longitude[2] >= 60:
+ raise dns.exception.SyntaxError('longitude seconds >= 60')
+ l = len(milliseconds)
+ if l == 0 or l > 3 or not milliseconds.isdigit():
+ raise dns.exception.SyntaxError(
+ 'bad longitude milliseconds value')
+ if l == 1:
+ m = 100
+ elif l == 2:
+ m = 10
+ else:
+ m = 1
+ longitude[3] = m * int(milliseconds)
+ t = tok.get_string()
+ elif t.isdigit():
+ longitude[2] = int(t)
+ t = tok.get_string()
+ if t == 'W':
+ longitude[4] = -1
+ elif t != 'E':
+ raise dns.exception.SyntaxError('bad longitude hemisphere value')
+
+ t = tok.get_string()
+ if t[-1] == 'm':
+ t = t[0: -1]
+ altitude = float(t) * 100.0 # m -> cm
+
+ token = tok.get().unescape()
+ if not token.is_eol_or_eof():
+ value = token.value
+ if value[-1] == 'm':
+ value = value[0: -1]
+ size = float(value) * 100.0 # m -> cm
+ token = tok.get().unescape()
+ if not token.is_eol_or_eof():
+ value = token.value
+ if value[-1] == 'm':
+ value = value[0: -1]
+ hprec = float(value) * 100.0 # m -> cm
+ token = tok.get().unescape()
+ if not token.is_eol_or_eof():
+ value = token.value
+ if value[-1] == 'm':
+ value = value[0: -1]
+ vprec = float(value) * 100.0 # m -> cm
+ tok.get_eol()
+
+ return cls(rdclass, rdtype, latitude, longitude, altitude,
+ size, hprec, vprec)
+
+ def to_wire(self, file, compress=None, origin=None):
+ milliseconds = (self.latitude[0] * 3600000 +
+ self.latitude[1] * 60000 +
+ self.latitude[2] * 1000 +
+ self.latitude[3]) * self.latitude[4]
+ latitude = long(0x80000000) + milliseconds
+ milliseconds = (self.longitude[0] * 3600000 +
+ self.longitude[1] * 60000 +
+ self.longitude[2] * 1000 +
+ self.longitude[3]) * self.longitude[4]
+ longitude = long(0x80000000) + milliseconds
+ altitude = long(self.altitude) + long(10000000)
+ size = _encode_size(self.size, "size")
+ hprec = _encode_size(self.horizontal_precision, "horizontal precision")
+ vprec = _encode_size(self.vertical_precision, "vertical precision")
+ wire = struct.pack("!BBBBIII", 0, size, hprec, vprec, latitude,
+ longitude, altitude)
+ file.write(wire)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ (version, size, hprec, vprec, latitude, longitude, altitude) = \
+ struct.unpack("!BBBBIII", wire[current: current + rdlen])
+ if latitude > long(0x80000000):
+ latitude = float(latitude - long(0x80000000)) / 3600000
+ else:
+ latitude = -1 * float(long(0x80000000) - latitude) / 3600000
+ if latitude < -90.0 or latitude > 90.0:
+ raise dns.exception.FormError("bad latitude")
+ if longitude > long(0x80000000):
+ longitude = float(longitude - long(0x80000000)) / 3600000
+ else:
+ longitude = -1 * float(long(0x80000000) - longitude) / 3600000
+ if longitude < -180.0 or longitude > 180.0:
+ raise dns.exception.FormError("bad longitude")
+ altitude = float(altitude) - 10000000.0
+ size = _decode_size(size, "size")
+ hprec = _decode_size(hprec, "horizontal precision")
+ vprec = _decode_size(vprec, "vertical precision")
+ return cls(rdclass, rdtype, latitude, longitude, altitude,
+ size, hprec, vprec)
+
+ def _get_float_latitude(self):
+ return _tuple_to_float(self.latitude)
+
+ def _set_float_latitude(self, value):
+ self.latitude = _float_to_tuple(value)
+
+ float_latitude = property(_get_float_latitude, _set_float_latitude,
+ doc="latitude as a floating point value")
+
+ def _get_float_longitude(self):
+ return _tuple_to_float(self.longitude)
+
+ def _set_float_longitude(self, value):
+ self.longitude = _float_to_tuple(value)
+
+ float_longitude = property(_get_float_longitude, _set_float_longitude,
+ doc="longitude as a floating point value")
diff --git a/lib/dns/rdtypes/ANY/MX.py b/lib/dns/rdtypes/ANY/MX.py
new file mode 100644
index 00000000..0a06494f
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/MX.py
@@ -0,0 +1,23 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.mxbase
+
+
+class MX(dns.rdtypes.mxbase.MXBase):
+
+ """MX record"""
diff --git a/lib/dns/rdtypes/ANY/NS.py b/lib/dns/rdtypes/ANY/NS.py
new file mode 100644
index 00000000..f9fcf637
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/NS.py
@@ -0,0 +1,23 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.nsbase
+
+
+class NS(dns.rdtypes.nsbase.NSBase):
+
+ """NS record"""
diff --git a/lib/dns/rdtypes/ANY/NSEC.py b/lib/dns/rdtypes/ANY/NSEC.py
new file mode 100644
index 00000000..4e3da729
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/NSEC.py
@@ -0,0 +1,128 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2004-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+
+import dns.exception
+import dns.rdata
+import dns.rdatatype
+import dns.name
+from dns._compat import xrange
+
+
+class NSEC(dns.rdata.Rdata):
+
+ """NSEC record
+
+ @ivar next: the next name
+ @type next: dns.name.Name object
+ @ivar windows: the windowed bitmap list
+ @type windows: list of (window number, string) tuples"""
+
+ __slots__ = ['next', 'windows']
+
+ def __init__(self, rdclass, rdtype, next, windows):
+ super(NSEC, self).__init__(rdclass, rdtype)
+ self.next = next
+ self.windows = windows
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ next = self.next.choose_relativity(origin, relativize)
+ text = ''
+ for (window, bitmap) in self.windows:
+ bits = []
+ for i in xrange(0, len(bitmap)):
+ byte = bitmap[i]
+ for j in xrange(0, 8):
+ if byte & (0x80 >> j):
+ bits.append(dns.rdatatype.to_text(window * 256 +
+ i * 8 + j))
+ text += (' ' + ' '.join(bits))
+ return '{}{}'.format(next, text)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ next = tok.get_name()
+ next = next.choose_relativity(origin, relativize)
+ rdtypes = []
+ while 1:
+ token = tok.get().unescape()
+ if token.is_eol_or_eof():
+ break
+ nrdtype = dns.rdatatype.from_text(token.value)
+ if nrdtype == 0:
+ raise dns.exception.SyntaxError("NSEC with bit 0")
+ if nrdtype > 65535:
+ raise dns.exception.SyntaxError("NSEC with bit > 65535")
+ rdtypes.append(nrdtype)
+ rdtypes.sort()
+ window = 0
+ octets = 0
+ prior_rdtype = 0
+ bitmap = bytearray(b'\0' * 32)
+ windows = []
+ for nrdtype in rdtypes:
+ if nrdtype == prior_rdtype:
+ continue
+ prior_rdtype = nrdtype
+ new_window = nrdtype // 256
+ if new_window != window:
+ windows.append((window, bitmap[0:octets]))
+ bitmap = bytearray(b'\0' * 32)
+ window = new_window
+ offset = nrdtype % 256
+ byte = offset // 8
+ bit = offset % 8
+ octets = byte + 1
+ bitmap[byte] = bitmap[byte] | (0x80 >> bit)
+
+ windows.append((window, bitmap[0:octets]))
+ return cls(rdclass, rdtype, next, windows)
+
+ def to_wire(self, file, compress=None, origin=None):
+ self.next.to_wire(file, None, origin)
+ for (window, bitmap) in self.windows:
+ file.write(struct.pack('!BB', window, len(bitmap)))
+ file.write(bitmap)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ (next, cused) = dns.name.from_wire(wire[: current + rdlen], current)
+ current += cused
+ rdlen -= cused
+ windows = []
+ while rdlen > 0:
+ if rdlen < 3:
+ raise dns.exception.FormError("NSEC too short")
+ window = wire[current]
+ octets = wire[current + 1]
+ if octets == 0 or octets > 32:
+ raise dns.exception.FormError("bad NSEC octets")
+ current += 2
+ rdlen -= 2
+ if rdlen < octets:
+ raise dns.exception.FormError("bad NSEC bitmap length")
+ bitmap = bytearray(wire[current: current + octets].unwrap())
+ current += octets
+ rdlen -= octets
+ windows.append((window, bitmap))
+ if origin is not None:
+ next = next.relativize(origin)
+ return cls(rdclass, rdtype, next, windows)
+
+ def choose_relativity(self, origin=None, relativize=True):
+ self.next = self.next.choose_relativity(origin, relativize)
diff --git a/lib/dns/rdtypes/ANY/NSEC3.py b/lib/dns/rdtypes/ANY/NSEC3.py
new file mode 100644
index 00000000..1c281c4a
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/NSEC3.py
@@ -0,0 +1,196 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2004-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import base64
+import binascii
+import string
+import struct
+
+import dns.exception
+import dns.rdata
+import dns.rdatatype
+from dns._compat import xrange, text_type, PY3
+
+# pylint: disable=deprecated-string-function
+if PY3:
+ b32_hex_to_normal = bytes.maketrans(b'0123456789ABCDEFGHIJKLMNOPQRSTUV',
+ b'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567')
+ b32_normal_to_hex = bytes.maketrans(b'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567',
+ b'0123456789ABCDEFGHIJKLMNOPQRSTUV')
+else:
+ b32_hex_to_normal = string.maketrans('0123456789ABCDEFGHIJKLMNOPQRSTUV',
+ 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567')
+ b32_normal_to_hex = string.maketrans('ABCDEFGHIJKLMNOPQRSTUVWXYZ234567',
+ '0123456789ABCDEFGHIJKLMNOPQRSTUV')
+# pylint: enable=deprecated-string-function
+
+
+# hash algorithm constants
+SHA1 = 1
+
+# flag constants
+OPTOUT = 1
+
+
+class NSEC3(dns.rdata.Rdata):
+
+ """NSEC3 record
+
+ @ivar algorithm: the hash algorithm number
+ @type algorithm: int
+ @ivar flags: the flags
+ @type flags: int
+ @ivar iterations: the number of iterations
+ @type iterations: int
+ @ivar salt: the salt
+ @type salt: string
+ @ivar next: the next name hash
+ @type next: string
+ @ivar windows: the windowed bitmap list
+ @type windows: list of (window number, string) tuples"""
+
+ __slots__ = ['algorithm', 'flags', 'iterations', 'salt', 'next', 'windows']
+
+ def __init__(self, rdclass, rdtype, algorithm, flags, iterations, salt,
+ next, windows):
+ super(NSEC3, self).__init__(rdclass, rdtype)
+ self.algorithm = algorithm
+ self.flags = flags
+ self.iterations = iterations
+ if isinstance(salt, text_type):
+ self.salt = salt.encode()
+ else:
+ self.salt = salt
+ self.next = next
+ self.windows = windows
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ next = base64.b32encode(self.next).translate(
+ b32_normal_to_hex).lower().decode()
+ if self.salt == b'':
+ salt = '-'
+ else:
+ salt = binascii.hexlify(self.salt).decode()
+ text = u''
+ for (window, bitmap) in self.windows:
+ bits = []
+ for i in xrange(0, len(bitmap)):
+ byte = bitmap[i]
+ for j in xrange(0, 8):
+ if byte & (0x80 >> j):
+ bits.append(dns.rdatatype.to_text(window * 256 +
+ i * 8 + j))
+ text += (u' ' + u' '.join(bits))
+ return u'%u %u %u %s %s%s' % (self.algorithm, self.flags,
+ self.iterations, salt, next, text)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ algorithm = tok.get_uint8()
+ flags = tok.get_uint8()
+ iterations = tok.get_uint16()
+ salt = tok.get_string()
+ if salt == u'-':
+ salt = b''
+ else:
+ salt = binascii.unhexlify(salt.encode('ascii'))
+ next = tok.get_string().encode(
+ 'ascii').upper().translate(b32_hex_to_normal)
+ next = base64.b32decode(next)
+ rdtypes = []
+ while 1:
+ token = tok.get().unescape()
+ if token.is_eol_or_eof():
+ break
+ nrdtype = dns.rdatatype.from_text(token.value)
+ if nrdtype == 0:
+ raise dns.exception.SyntaxError("NSEC3 with bit 0")
+ if nrdtype > 65535:
+ raise dns.exception.SyntaxError("NSEC3 with bit > 65535")
+ rdtypes.append(nrdtype)
+ rdtypes.sort()
+ window = 0
+ octets = 0
+ prior_rdtype = 0
+ bitmap = bytearray(b'\0' * 32)
+ windows = []
+ for nrdtype in rdtypes:
+ if nrdtype == prior_rdtype:
+ continue
+ prior_rdtype = nrdtype
+ new_window = nrdtype // 256
+ if new_window != window:
+ if octets != 0:
+ windows.append((window, bitmap[0:octets]))
+ bitmap = bytearray(b'\0' * 32)
+ window = new_window
+ offset = nrdtype % 256
+ byte = offset // 8
+ bit = offset % 8
+ octets = byte + 1
+ bitmap[byte] = bitmap[byte] | (0x80 >> bit)
+ if octets != 0:
+ windows.append((window, bitmap[0:octets]))
+ return cls(rdclass, rdtype, algorithm, flags, iterations, salt, next,
+ windows)
+
+ def to_wire(self, file, compress=None, origin=None):
+ l = len(self.salt)
+ file.write(struct.pack("!BBHB", self.algorithm, self.flags,
+ self.iterations, l))
+ file.write(self.salt)
+ l = len(self.next)
+ file.write(struct.pack("!B", l))
+ file.write(self.next)
+ for (window, bitmap) in self.windows:
+ file.write(struct.pack("!BB", window, len(bitmap)))
+ file.write(bitmap)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ (algorithm, flags, iterations, slen) = \
+ struct.unpack('!BBHB', wire[current: current + 5])
+
+ current += 5
+ rdlen -= 5
+ salt = wire[current: current + slen].unwrap()
+ current += slen
+ rdlen -= slen
+ nlen = wire[current]
+ current += 1
+ rdlen -= 1
+ next = wire[current: current + nlen].unwrap()
+ current += nlen
+ rdlen -= nlen
+ windows = []
+ while rdlen > 0:
+ if rdlen < 3:
+ raise dns.exception.FormError("NSEC3 too short")
+ window = wire[current]
+ octets = wire[current + 1]
+ if octets == 0 or octets > 32:
+ raise dns.exception.FormError("bad NSEC3 octets")
+ current += 2
+ rdlen -= 2
+ if rdlen < octets:
+ raise dns.exception.FormError("bad NSEC3 bitmap length")
+ bitmap = bytearray(wire[current: current + octets].unwrap())
+ current += octets
+ rdlen -= octets
+ windows.append((window, bitmap))
+ return cls(rdclass, rdtype, algorithm, flags, iterations, salt, next,
+ windows)
diff --git a/lib/dns/rdtypes/ANY/NSEC3PARAM.py b/lib/dns/rdtypes/ANY/NSEC3PARAM.py
new file mode 100644
index 00000000..87c36e56
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/NSEC3PARAM.py
@@ -0,0 +1,90 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2004-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+import binascii
+
+import dns.exception
+import dns.rdata
+from dns._compat import text_type
+
+
+class NSEC3PARAM(dns.rdata.Rdata):
+
+ """NSEC3PARAM record
+
+ @ivar algorithm: the hash algorithm number
+ @type algorithm: int
+ @ivar flags: the flags
+ @type flags: int
+ @ivar iterations: the number of iterations
+ @type iterations: int
+ @ivar salt: the salt
+ @type salt: string"""
+
+ __slots__ = ['algorithm', 'flags', 'iterations', 'salt']
+
+ def __init__(self, rdclass, rdtype, algorithm, flags, iterations, salt):
+ super(NSEC3PARAM, self).__init__(rdclass, rdtype)
+ self.algorithm = algorithm
+ self.flags = flags
+ self.iterations = iterations
+ if isinstance(salt, text_type):
+ self.salt = salt.encode()
+ else:
+ self.salt = salt
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ if self.salt == b'':
+ salt = '-'
+ else:
+ salt = binascii.hexlify(self.salt).decode()
+ return '%u %u %u %s' % (self.algorithm, self.flags, self.iterations,
+ salt)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ algorithm = tok.get_uint8()
+ flags = tok.get_uint8()
+ iterations = tok.get_uint16()
+ salt = tok.get_string()
+ if salt == '-':
+ salt = ''
+ else:
+ salt = binascii.unhexlify(salt.encode())
+ tok.get_eol()
+ return cls(rdclass, rdtype, algorithm, flags, iterations, salt)
+
+ def to_wire(self, file, compress=None, origin=None):
+ l = len(self.salt)
+ file.write(struct.pack("!BBHB", self.algorithm, self.flags,
+ self.iterations, l))
+ file.write(self.salt)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ (algorithm, flags, iterations, slen) = \
+ struct.unpack('!BBHB',
+ wire[current: current + 5])
+ current += 5
+ rdlen -= 5
+ salt = wire[current: current + slen].unwrap()
+ current += slen
+ rdlen -= slen
+ if rdlen != 0:
+ raise dns.exception.FormError
+ return cls(rdclass, rdtype, algorithm, flags, iterations, salt)
diff --git a/lib/dns/rdtypes/ANY/OPENPGPKEY.py b/lib/dns/rdtypes/ANY/OPENPGPKEY.py
new file mode 100644
index 00000000..a066cf98
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/OPENPGPKEY.py
@@ -0,0 +1,60 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2016 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import base64
+
+import dns.exception
+import dns.rdata
+import dns.tokenizer
+
+class OPENPGPKEY(dns.rdata.Rdata):
+
+ """OPENPGPKEY record
+
+ @ivar key: the key
+ @type key: bytes
+ @see: RFC 7929
+ """
+
+ def __init__(self, rdclass, rdtype, key):
+ super(OPENPGPKEY, self).__init__(rdclass, rdtype)
+ self.key = key
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return dns.rdata._base64ify(self.key)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ chunks = []
+ while 1:
+ t = tok.get().unescape()
+ if t.is_eol_or_eof():
+ break
+ if not t.is_identifier():
+ raise dns.exception.SyntaxError
+ chunks.append(t.value.encode())
+ b64 = b''.join(chunks)
+ key = base64.b64decode(b64)
+ return cls(rdclass, rdtype, key)
+
+ def to_wire(self, file, compress=None, origin=None):
+ file.write(self.key)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ key = wire[current: current + rdlen].unwrap()
+ return cls(rdclass, rdtype, key)
diff --git a/lib/dns/rdtypes/ANY/PTR.py b/lib/dns/rdtypes/ANY/PTR.py
new file mode 100644
index 00000000..20cd5076
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/PTR.py
@@ -0,0 +1,23 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.nsbase
+
+
+class PTR(dns.rdtypes.nsbase.NSBase):
+
+ """PTR record"""
diff --git a/lib/dns/rdtypes/ANY/RP.py b/lib/dns/rdtypes/ANY/RP.py
new file mode 100644
index 00000000..8f07be90
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/RP.py
@@ -0,0 +1,82 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.exception
+import dns.rdata
+import dns.name
+
+
+class RP(dns.rdata.Rdata):
+
+ """RP record
+
+ @ivar mbox: The responsible person's mailbox
+ @type mbox: dns.name.Name object
+ @ivar txt: The owner name of a node with TXT records, or the root name
+ if no TXT records are associated with this RP.
+ @type txt: dns.name.Name object
+ @see: RFC 1183"""
+
+ __slots__ = ['mbox', 'txt']
+
+ def __init__(self, rdclass, rdtype, mbox, txt):
+ super(RP, self).__init__(rdclass, rdtype)
+ self.mbox = mbox
+ self.txt = txt
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ mbox = self.mbox.choose_relativity(origin, relativize)
+ txt = self.txt.choose_relativity(origin, relativize)
+ return "{} {}".format(str(mbox), str(txt))
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ mbox = tok.get_name()
+ txt = tok.get_name()
+ mbox = mbox.choose_relativity(origin, relativize)
+ txt = txt.choose_relativity(origin, relativize)
+ tok.get_eol()
+ return cls(rdclass, rdtype, mbox, txt)
+
+ def to_wire(self, file, compress=None, origin=None):
+ self.mbox.to_wire(file, None, origin)
+ self.txt.to_wire(file, None, origin)
+
+ def to_digestable(self, origin=None):
+ return self.mbox.to_digestable(origin) + \
+ self.txt.to_digestable(origin)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ (mbox, cused) = dns.name.from_wire(wire[: current + rdlen],
+ current)
+ current += cused
+ rdlen -= cused
+ if rdlen <= 0:
+ raise dns.exception.FormError
+ (txt, cused) = dns.name.from_wire(wire[: current + rdlen],
+ current)
+ if cused != rdlen:
+ raise dns.exception.FormError
+ if origin is not None:
+ mbox = mbox.relativize(origin)
+ txt = txt.relativize(origin)
+ return cls(rdclass, rdtype, mbox, txt)
+
+ def choose_relativity(self, origin=None, relativize=True):
+ self.mbox = self.mbox.choose_relativity(origin, relativize)
+ self.txt = self.txt.choose_relativity(origin, relativize)
diff --git a/lib/dns/rdtypes/ANY/RRSIG.py b/lib/dns/rdtypes/ANY/RRSIG.py
new file mode 100644
index 00000000..d3756ece
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/RRSIG.py
@@ -0,0 +1,158 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2004-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import base64
+import calendar
+import struct
+import time
+
+import dns.dnssec
+import dns.exception
+import dns.rdata
+import dns.rdatatype
+
+
+class BadSigTime(dns.exception.DNSException):
+
+ """Time in DNS SIG or RRSIG resource record cannot be parsed."""
+
+
+def sigtime_to_posixtime(what):
+ if len(what) != 14:
+ raise BadSigTime
+ year = int(what[0:4])
+ month = int(what[4:6])
+ day = int(what[6:8])
+ hour = int(what[8:10])
+ minute = int(what[10:12])
+ second = int(what[12:14])
+ return calendar.timegm((year, month, day, hour, minute, second,
+ 0, 0, 0))
+
+
+def posixtime_to_sigtime(what):
+ return time.strftime('%Y%m%d%H%M%S', time.gmtime(what))
+
+
+class RRSIG(dns.rdata.Rdata):
+
+ """RRSIG record
+
+ @ivar type_covered: the rdata type this signature covers
+ @type type_covered: int
+ @ivar algorithm: the algorithm used for the sig
+ @type algorithm: int
+ @ivar labels: number of labels
+ @type labels: int
+ @ivar original_ttl: the original TTL
+ @type original_ttl: long
+ @ivar expiration: signature expiration time
+ @type expiration: long
+ @ivar inception: signature inception time
+ @type inception: long
+ @ivar key_tag: the key tag
+ @type key_tag: int
+ @ivar signer: the signer
+ @type signer: dns.name.Name object
+ @ivar signature: the signature
+ @type signature: string"""
+
+ __slots__ = ['type_covered', 'algorithm', 'labels', 'original_ttl',
+ 'expiration', 'inception', 'key_tag', 'signer',
+ 'signature']
+
+ def __init__(self, rdclass, rdtype, type_covered, algorithm, labels,
+ original_ttl, expiration, inception, key_tag, signer,
+ signature):
+ super(RRSIG, self).__init__(rdclass, rdtype)
+ self.type_covered = type_covered
+ self.algorithm = algorithm
+ self.labels = labels
+ self.original_ttl = original_ttl
+ self.expiration = expiration
+ self.inception = inception
+ self.key_tag = key_tag
+ self.signer = signer
+ self.signature = signature
+
+ def covers(self):
+ return self.type_covered
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return '%s %d %d %d %s %s %d %s %s' % (
+ dns.rdatatype.to_text(self.type_covered),
+ self.algorithm,
+ self.labels,
+ self.original_ttl,
+ posixtime_to_sigtime(self.expiration),
+ posixtime_to_sigtime(self.inception),
+ self.key_tag,
+ self.signer.choose_relativity(origin, relativize),
+ dns.rdata._base64ify(self.signature)
+ )
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ type_covered = dns.rdatatype.from_text(tok.get_string())
+ algorithm = dns.dnssec.algorithm_from_text(tok.get_string())
+ labels = tok.get_int()
+ original_ttl = tok.get_ttl()
+ expiration = sigtime_to_posixtime(tok.get_string())
+ inception = sigtime_to_posixtime(tok.get_string())
+ key_tag = tok.get_int()
+ signer = tok.get_name()
+ signer = signer.choose_relativity(origin, relativize)
+ chunks = []
+ while 1:
+ t = tok.get().unescape()
+ if t.is_eol_or_eof():
+ break
+ if not t.is_identifier():
+ raise dns.exception.SyntaxError
+ chunks.append(t.value.encode())
+ b64 = b''.join(chunks)
+ signature = base64.b64decode(b64)
+ return cls(rdclass, rdtype, type_covered, algorithm, labels,
+ original_ttl, expiration, inception, key_tag, signer,
+ signature)
+
+ def to_wire(self, file, compress=None, origin=None):
+ header = struct.pack('!HBBIIIH', self.type_covered,
+ self.algorithm, self.labels,
+ self.original_ttl, self.expiration,
+ self.inception, self.key_tag)
+ file.write(header)
+ self.signer.to_wire(file, None, origin)
+ file.write(self.signature)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ header = struct.unpack('!HBBIIIH', wire[current: current + 18])
+ current += 18
+ rdlen -= 18
+ (signer, cused) = dns.name.from_wire(wire[: current + rdlen], current)
+ current += cused
+ rdlen -= cused
+ if origin is not None:
+ signer = signer.relativize(origin)
+ signature = wire[current: current + rdlen].unwrap()
+ return cls(rdclass, rdtype, header[0], header[1], header[2],
+ header[3], header[4], header[5], header[6], signer,
+ signature)
+
+ def choose_relativity(self, origin=None, relativize=True):
+ self.signer = self.signer.choose_relativity(origin, relativize)
diff --git a/lib/dns/rdtypes/ANY/RT.py b/lib/dns/rdtypes/ANY/RT.py
new file mode 100644
index 00000000..d0feb79e
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/RT.py
@@ -0,0 +1,23 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.mxbase
+
+
+class RT(dns.rdtypes.mxbase.UncompressedDowncasingMX):
+
+ """RT record"""
diff --git a/lib/dns/rdtypes/ANY/SOA.py b/lib/dns/rdtypes/ANY/SOA.py
new file mode 100644
index 00000000..aec81cad
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/SOA.py
@@ -0,0 +1,116 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+
+import dns.exception
+import dns.rdata
+import dns.name
+
+
+class SOA(dns.rdata.Rdata):
+
+ """SOA record
+
+ @ivar mname: the SOA MNAME (master name) field
+ @type mname: dns.name.Name object
+ @ivar rname: the SOA RNAME (responsible name) field
+ @type rname: dns.name.Name object
+ @ivar serial: The zone's serial number
+ @type serial: int
+ @ivar refresh: The zone's refresh value (in seconds)
+ @type refresh: int
+ @ivar retry: The zone's retry value (in seconds)
+ @type retry: int
+ @ivar expire: The zone's expiration value (in seconds)
+ @type expire: int
+ @ivar minimum: The zone's negative caching time (in seconds, called
+ "minimum" for historical reasons)
+ @type minimum: int
+ @see: RFC 1035"""
+
+ __slots__ = ['mname', 'rname', 'serial', 'refresh', 'retry', 'expire',
+ 'minimum']
+
+ def __init__(self, rdclass, rdtype, mname, rname, serial, refresh, retry,
+ expire, minimum):
+ super(SOA, self).__init__(rdclass, rdtype)
+ self.mname = mname
+ self.rname = rname
+ self.serial = serial
+ self.refresh = refresh
+ self.retry = retry
+ self.expire = expire
+ self.minimum = minimum
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ mname = self.mname.choose_relativity(origin, relativize)
+ rname = self.rname.choose_relativity(origin, relativize)
+ return '%s %s %d %d %d %d %d' % (
+ mname, rname, self.serial, self.refresh, self.retry,
+ self.expire, self.minimum)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ mname = tok.get_name()
+ rname = tok.get_name()
+ mname = mname.choose_relativity(origin, relativize)
+ rname = rname.choose_relativity(origin, relativize)
+ serial = tok.get_uint32()
+ refresh = tok.get_ttl()
+ retry = tok.get_ttl()
+ expire = tok.get_ttl()
+ minimum = tok.get_ttl()
+ tok.get_eol()
+ return cls(rdclass, rdtype, mname, rname, serial, refresh, retry,
+ expire, minimum)
+
+ def to_wire(self, file, compress=None, origin=None):
+ self.mname.to_wire(file, compress, origin)
+ self.rname.to_wire(file, compress, origin)
+ five_ints = struct.pack('!IIIII', self.serial, self.refresh,
+ self.retry, self.expire, self.minimum)
+ file.write(five_ints)
+
+ def to_digestable(self, origin=None):
+ return self.mname.to_digestable(origin) + \
+ self.rname.to_digestable(origin) + \
+ struct.pack('!IIIII', self.serial, self.refresh,
+ self.retry, self.expire, self.minimum)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ (mname, cused) = dns.name.from_wire(wire[: current + rdlen], current)
+ current += cused
+ rdlen -= cused
+ (rname, cused) = dns.name.from_wire(wire[: current + rdlen], current)
+ current += cused
+ rdlen -= cused
+ if rdlen != 20:
+ raise dns.exception.FormError
+ five_ints = struct.unpack('!IIIII',
+ wire[current: current + rdlen])
+ if origin is not None:
+ mname = mname.relativize(origin)
+ rname = rname.relativize(origin)
+ return cls(rdclass, rdtype, mname, rname,
+ five_ints[0], five_ints[1], five_ints[2], five_ints[3],
+ five_ints[4])
+
+ def choose_relativity(self, origin=None, relativize=True):
+ self.mname = self.mname.choose_relativity(origin, relativize)
+ self.rname = self.rname.choose_relativity(origin, relativize)
diff --git a/lib/dns/rdtypes/ANY/SPF.py b/lib/dns/rdtypes/ANY/SPF.py
new file mode 100644
index 00000000..41dee623
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/SPF.py
@@ -0,0 +1,25 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2006, 2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.txtbase
+
+
+class SPF(dns.rdtypes.txtbase.TXTBase):
+
+ """SPF record
+
+ @see: RFC 4408"""
diff --git a/lib/dns/rdtypes/ANY/SSHFP.py b/lib/dns/rdtypes/ANY/SSHFP.py
new file mode 100644
index 00000000..c18311e9
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/SSHFP.py
@@ -0,0 +1,79 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2005-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+import binascii
+
+import dns.rdata
+import dns.rdatatype
+
+
+class SSHFP(dns.rdata.Rdata):
+
+ """SSHFP record
+
+ @ivar algorithm: the algorithm
+ @type algorithm: int
+ @ivar fp_type: the digest type
+ @type fp_type: int
+ @ivar fingerprint: the fingerprint
+ @type fingerprint: string
+ @see: draft-ietf-secsh-dns-05.txt"""
+
+ __slots__ = ['algorithm', 'fp_type', 'fingerprint']
+
+ def __init__(self, rdclass, rdtype, algorithm, fp_type,
+ fingerprint):
+ super(SSHFP, self).__init__(rdclass, rdtype)
+ self.algorithm = algorithm
+ self.fp_type = fp_type
+ self.fingerprint = fingerprint
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return '%d %d %s' % (self.algorithm,
+ self.fp_type,
+ dns.rdata._hexify(self.fingerprint,
+ chunksize=128))
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ algorithm = tok.get_uint8()
+ fp_type = tok.get_uint8()
+ chunks = []
+ while 1:
+ t = tok.get().unescape()
+ if t.is_eol_or_eof():
+ break
+ if not t.is_identifier():
+ raise dns.exception.SyntaxError
+ chunks.append(t.value.encode())
+ fingerprint = b''.join(chunks)
+ fingerprint = binascii.unhexlify(fingerprint)
+ return cls(rdclass, rdtype, algorithm, fp_type, fingerprint)
+
+ def to_wire(self, file, compress=None, origin=None):
+ header = struct.pack("!BB", self.algorithm, self.fp_type)
+ file.write(header)
+ file.write(self.fingerprint)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ header = struct.unpack("!BB", wire[current: current + 2])
+ current += 2
+ rdlen -= 2
+ fingerprint = wire[current: current + rdlen].unwrap()
+ return cls(rdclass, rdtype, header[0], header[1], fingerprint)
diff --git a/lib/dns/rdtypes/ANY/TLSA.py b/lib/dns/rdtypes/ANY/TLSA.py
new file mode 100644
index 00000000..a135c2b3
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/TLSA.py
@@ -0,0 +1,84 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2005-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+import binascii
+
+import dns.rdata
+import dns.rdatatype
+
+
+class TLSA(dns.rdata.Rdata):
+
+ """TLSA record
+
+ @ivar usage: The certificate usage
+ @type usage: int
+ @ivar selector: The selector field
+ @type selector: int
+ @ivar mtype: The 'matching type' field
+ @type mtype: int
+ @ivar cert: The 'Certificate Association Data' field
+ @type cert: string
+ @see: RFC 6698"""
+
+ __slots__ = ['usage', 'selector', 'mtype', 'cert']
+
+ def __init__(self, rdclass, rdtype, usage, selector,
+ mtype, cert):
+ super(TLSA, self).__init__(rdclass, rdtype)
+ self.usage = usage
+ self.selector = selector
+ self.mtype = mtype
+ self.cert = cert
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return '%d %d %d %s' % (self.usage,
+ self.selector,
+ self.mtype,
+ dns.rdata._hexify(self.cert,
+ chunksize=128))
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ usage = tok.get_uint8()
+ selector = tok.get_uint8()
+ mtype = tok.get_uint8()
+ cert_chunks = []
+ while 1:
+ t = tok.get().unescape()
+ if t.is_eol_or_eof():
+ break
+ if not t.is_identifier():
+ raise dns.exception.SyntaxError
+ cert_chunks.append(t.value.encode())
+ cert = b''.join(cert_chunks)
+ cert = binascii.unhexlify(cert)
+ return cls(rdclass, rdtype, usage, selector, mtype, cert)
+
+ def to_wire(self, file, compress=None, origin=None):
+ header = struct.pack("!BBB", self.usage, self.selector, self.mtype)
+ file.write(header)
+ file.write(self.cert)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ header = struct.unpack("!BBB", wire[current: current + 3])
+ current += 3
+ rdlen -= 3
+ cert = wire[current: current + rdlen].unwrap()
+ return cls(rdclass, rdtype, header[0], header[1], header[2], cert)
diff --git a/lib/dns/rdtypes/ANY/TXT.py b/lib/dns/rdtypes/ANY/TXT.py
new file mode 100644
index 00000000..c5ae919c
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/TXT.py
@@ -0,0 +1,23 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.txtbase
+
+
+class TXT(dns.rdtypes.txtbase.TXTBase):
+
+ """TXT record"""
diff --git a/lib/dns/rdtypes/ANY/URI.py b/lib/dns/rdtypes/ANY/URI.py
new file mode 100644
index 00000000..f5b65ed6
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/URI.py
@@ -0,0 +1,82 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+# Copyright (C) 2015 Red Hat, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+
+import dns.exception
+import dns.rdata
+import dns.name
+from dns._compat import text_type
+
+
+class URI(dns.rdata.Rdata):
+
+ """URI record
+
+ @ivar priority: the priority
+ @type priority: int
+ @ivar weight: the weight
+ @type weight: int
+ @ivar target: the target host
+ @type target: dns.name.Name object
+ @see: draft-faltstrom-uri-13"""
+
+ __slots__ = ['priority', 'weight', 'target']
+
+ def __init__(self, rdclass, rdtype, priority, weight, target):
+ super(URI, self).__init__(rdclass, rdtype)
+ self.priority = priority
+ self.weight = weight
+ if len(target) < 1:
+ raise dns.exception.SyntaxError("URI target cannot be empty")
+ if isinstance(target, text_type):
+ self.target = target.encode()
+ else:
+ self.target = target
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return '%d %d "%s"' % (self.priority, self.weight,
+ self.target.decode())
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ priority = tok.get_uint16()
+ weight = tok.get_uint16()
+ target = tok.get().unescape()
+ if not (target.is_quoted_string() or target.is_identifier()):
+ raise dns.exception.SyntaxError("URI target must be a string")
+ tok.get_eol()
+ return cls(rdclass, rdtype, priority, weight, target.value)
+
+ def to_wire(self, file, compress=None, origin=None):
+ two_ints = struct.pack("!HH", self.priority, self.weight)
+ file.write(two_ints)
+ file.write(self.target)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ if rdlen < 5:
+ raise dns.exception.FormError('URI RR is shorter than 5 octets')
+
+ (priority, weight) = struct.unpack('!HH', wire[current: current + 4])
+ current += 4
+ rdlen -= 4
+ target = wire[current: current + rdlen]
+ current += rdlen
+
+ return cls(rdclass, rdtype, priority, weight, target)
diff --git a/lib/dns/rdtypes/ANY/X25.py b/lib/dns/rdtypes/ANY/X25.py
new file mode 100644
index 00000000..e530a2c2
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/X25.py
@@ -0,0 +1,66 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+
+import dns.exception
+import dns.rdata
+import dns.tokenizer
+from dns._compat import text_type
+
+
+class X25(dns.rdata.Rdata):
+
+ """X25 record
+
+ @ivar address: the PSDN address
+ @type address: string
+ @see: RFC 1183"""
+
+ __slots__ = ['address']
+
+ def __init__(self, rdclass, rdtype, address):
+ super(X25, self).__init__(rdclass, rdtype)
+ if isinstance(address, text_type):
+ self.address = address.encode()
+ else:
+ self.address = address
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return '"%s"' % dns.rdata._escapify(self.address)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ address = tok.get_string()
+ tok.get_eol()
+ return cls(rdclass, rdtype, address)
+
+ def to_wire(self, file, compress=None, origin=None):
+ l = len(self.address)
+ assert l < 256
+ file.write(struct.pack('!B', l))
+ file.write(self.address)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ l = wire[current]
+ current += 1
+ rdlen -= 1
+ if l != rdlen:
+ raise dns.exception.FormError
+ address = wire[current: current + l].unwrap()
+ return cls(rdclass, rdtype, address)
diff --git a/lib/dns/rdtypes/ANY/__init__.py b/lib/dns/rdtypes/ANY/__init__.py
new file mode 100644
index 00000000..ca41ef80
--- /dev/null
+++ b/lib/dns/rdtypes/ANY/__init__.py
@@ -0,0 +1,57 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""Class ANY (generic) rdata type classes."""
+
+__all__ = [
+ 'AFSDB',
+ 'AVC',
+ 'CAA',
+ 'CDNSKEY',
+ 'CDS',
+ 'CERT',
+ 'CNAME',
+ 'CSYNC',
+ 'DLV',
+ 'DNAME',
+ 'DNSKEY',
+ 'DS',
+ 'EUI48',
+ 'EUI64',
+ 'GPOS',
+ 'HINFO',
+ 'HIP',
+ 'ISDN',
+ 'LOC',
+ 'MX',
+ 'NS',
+ 'NSEC',
+ 'NSEC3',
+ 'NSEC3PARAM',
+ 'OPENPGPKEY',
+ 'PTR',
+ 'RP',
+ 'RRSIG',
+ 'RT',
+ 'SOA',
+ 'SPF',
+ 'SSHFP',
+ 'TLSA',
+ 'TXT',
+ 'URI',
+ 'X25',
+]
diff --git a/lib/dns/rdtypes/CH/A.py b/lib/dns/rdtypes/CH/A.py
new file mode 100644
index 00000000..e65d192d
--- /dev/null
+++ b/lib/dns/rdtypes/CH/A.py
@@ -0,0 +1,70 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.mxbase
+import struct
+
+class A(dns.rdtypes.mxbase.MXBase):
+
+ """A record for Chaosnet
+ @ivar domain: the domain of the address
+ @type domain: dns.name.Name object
+ @ivar address: the 16-bit address
+ @type address: int"""
+
+ __slots__ = ['domain', 'address']
+
+ def __init__(self, rdclass, rdtype, address, domain):
+ super(A, self).__init__(rdclass, rdtype, address, domain)
+ self.domain = domain
+ self.address = address
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ domain = self.domain.choose_relativity(origin, relativize)
+ return '%s %o' % (domain, self.address)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ domain = tok.get_name()
+ address = tok.get_uint16(base=8)
+ domain = domain.choose_relativity(origin, relativize)
+ tok.get_eol()
+ return cls(rdclass, rdtype, address, domain)
+
+ def to_wire(self, file, compress=None, origin=None):
+ self.domain.to_wire(file, compress, origin)
+ pref = struct.pack("!H", self.address)
+ file.write(pref)
+
+ def to_digestable(self, origin=None):
+ return self.domain.to_digestable(origin) + \
+ struct.pack("!H", self.address)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ (domain, cused) = dns.name.from_wire(wire[: current + rdlen-2],
+ current)
+ current += cused
+ (address,) = struct.unpack('!H', wire[current: current + 2])
+ if cused+2 != rdlen:
+ raise dns.exception.FormError
+ if origin is not None:
+ domain = domain.relativize(origin)
+ return cls(rdclass, rdtype, address, domain)
+
+ def choose_relativity(self, origin=None, relativize=True):
+ self.domain = self.domain.choose_relativity(origin, relativize)
diff --git a/lib/dns/rdtypes/CH/__init__.py b/lib/dns/rdtypes/CH/__init__.py
new file mode 100644
index 00000000..7184a733
--- /dev/null
+++ b/lib/dns/rdtypes/CH/__init__.py
@@ -0,0 +1,22 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""Class CH rdata type classes."""
+
+__all__ = [
+ 'A',
+]
diff --git a/lib/dns/rdtypes/IN/A.py b/lib/dns/rdtypes/IN/A.py
new file mode 100644
index 00000000..89989824
--- /dev/null
+++ b/lib/dns/rdtypes/IN/A.py
@@ -0,0 +1,54 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.exception
+import dns.ipv4
+import dns.rdata
+import dns.tokenizer
+
+
+class A(dns.rdata.Rdata):
+
+ """A record.
+
+ @ivar address: an IPv4 address
+ @type address: string (in the standard "dotted quad" format)"""
+
+ __slots__ = ['address']
+
+ def __init__(self, rdclass, rdtype, address):
+ super(A, self).__init__(rdclass, rdtype)
+ # check that it's OK
+ dns.ipv4.inet_aton(address)
+ self.address = address
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return self.address
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ address = tok.get_identifier()
+ tok.get_eol()
+ return cls(rdclass, rdtype, address)
+
+ def to_wire(self, file, compress=None, origin=None):
+ file.write(dns.ipv4.inet_aton(self.address))
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ address = dns.ipv4.inet_ntoa(wire[current: current + rdlen])
+ return cls(rdclass, rdtype, address)
diff --git a/lib/dns/rdtypes/IN/AAAA.py b/lib/dns/rdtypes/IN/AAAA.py
new file mode 100644
index 00000000..a77c5bf2
--- /dev/null
+++ b/lib/dns/rdtypes/IN/AAAA.py
@@ -0,0 +1,55 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.exception
+import dns.inet
+import dns.rdata
+import dns.tokenizer
+
+
+class AAAA(dns.rdata.Rdata):
+
+ """AAAA record.
+
+ @ivar address: an IPv6 address
+ @type address: string (in the standard IPv6 format)"""
+
+ __slots__ = ['address']
+
+ def __init__(self, rdclass, rdtype, address):
+ super(AAAA, self).__init__(rdclass, rdtype)
+ # check that it's OK
+ dns.inet.inet_pton(dns.inet.AF_INET6, address)
+ self.address = address
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return self.address
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ address = tok.get_identifier()
+ tok.get_eol()
+ return cls(rdclass, rdtype, address)
+
+ def to_wire(self, file, compress=None, origin=None):
+ file.write(dns.inet.inet_pton(dns.inet.AF_INET6, self.address))
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ address = dns.inet.inet_ntop(dns.inet.AF_INET6,
+ wire[current: current + rdlen])
+ return cls(rdclass, rdtype, address)
diff --git a/lib/dns/rdtypes/IN/APL.py b/lib/dns/rdtypes/IN/APL.py
new file mode 100644
index 00000000..48faf88a
--- /dev/null
+++ b/lib/dns/rdtypes/IN/APL.py
@@ -0,0 +1,165 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import binascii
+import codecs
+import struct
+
+import dns.exception
+import dns.inet
+import dns.rdata
+import dns.tokenizer
+from dns._compat import xrange, maybe_chr
+
+
+class APLItem(object):
+
+ """An APL list item.
+
+ @ivar family: the address family (IANA address family registry)
+ @type family: int
+ @ivar negation: is this item negated?
+ @type negation: bool
+ @ivar address: the address
+ @type address: string
+ @ivar prefix: the prefix length
+ @type prefix: int
+ """
+
+ __slots__ = ['family', 'negation', 'address', 'prefix']
+
+ def __init__(self, family, negation, address, prefix):
+ self.family = family
+ self.negation = negation
+ self.address = address
+ self.prefix = prefix
+
+ def __str__(self):
+ if self.negation:
+ return "!%d:%s/%s" % (self.family, self.address, self.prefix)
+ else:
+ return "%d:%s/%s" % (self.family, self.address, self.prefix)
+
+ def to_wire(self, file):
+ if self.family == 1:
+ address = dns.inet.inet_pton(dns.inet.AF_INET, self.address)
+ elif self.family == 2:
+ address = dns.inet.inet_pton(dns.inet.AF_INET6, self.address)
+ else:
+ address = binascii.unhexlify(self.address)
+ #
+ # Truncate least significant zero bytes.
+ #
+ last = 0
+ for i in xrange(len(address) - 1, -1, -1):
+ if address[i] != maybe_chr(0):
+ last = i + 1
+ break
+ address = address[0: last]
+ l = len(address)
+ assert l < 128
+ if self.negation:
+ l |= 0x80
+ header = struct.pack('!HBB', self.family, self.prefix, l)
+ file.write(header)
+ file.write(address)
+
+
+class APL(dns.rdata.Rdata):
+
+ """APL record.
+
+ @ivar items: a list of APL items
+ @type items: list of APL_Item
+ @see: RFC 3123"""
+
+ __slots__ = ['items']
+
+ def __init__(self, rdclass, rdtype, items):
+ super(APL, self).__init__(rdclass, rdtype)
+ self.items = items
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return ' '.join(map(str, self.items))
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ items = []
+ while 1:
+ token = tok.get().unescape()
+ if token.is_eol_or_eof():
+ break
+ item = token.value
+ if item[0] == '!':
+ negation = True
+ item = item[1:]
+ else:
+ negation = False
+ (family, rest) = item.split(':', 1)
+ family = int(family)
+ (address, prefix) = rest.split('/', 1)
+ prefix = int(prefix)
+ item = APLItem(family, negation, address, prefix)
+ items.append(item)
+
+ return cls(rdclass, rdtype, items)
+
+ def to_wire(self, file, compress=None, origin=None):
+ for item in self.items:
+ item.to_wire(file)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+
+ items = []
+ while 1:
+ if rdlen == 0:
+ break
+ if rdlen < 4:
+ raise dns.exception.FormError
+ header = struct.unpack('!HBB', wire[current: current + 4])
+ afdlen = header[2]
+ if afdlen > 127:
+ negation = True
+ afdlen -= 128
+ else:
+ negation = False
+ current += 4
+ rdlen -= 4
+ if rdlen < afdlen:
+ raise dns.exception.FormError
+ address = wire[current: current + afdlen].unwrap()
+ l = len(address)
+ if header[0] == 1:
+ if l < 4:
+ address += b'\x00' * (4 - l)
+ address = dns.inet.inet_ntop(dns.inet.AF_INET, address)
+ elif header[0] == 2:
+ if l < 16:
+ address += b'\x00' * (16 - l)
+ address = dns.inet.inet_ntop(dns.inet.AF_INET6, address)
+ else:
+ #
+ # This isn't really right according to the RFC, but it
+ # seems better than throwing an exception
+ #
+ address = codecs.encode(address, 'hex_codec')
+ current += afdlen
+ rdlen -= afdlen
+ item = APLItem(header[0], negation, address, header[1])
+ items.append(item)
+ return cls(rdclass, rdtype, items)
diff --git a/lib/dns/rdtypes/IN/DHCID.py b/lib/dns/rdtypes/IN/DHCID.py
new file mode 100644
index 00000000..cec64590
--- /dev/null
+++ b/lib/dns/rdtypes/IN/DHCID.py
@@ -0,0 +1,61 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2006, 2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import base64
+
+import dns.exception
+
+
+class DHCID(dns.rdata.Rdata):
+
+ """DHCID record
+
+ @ivar data: the data (the content of the RR is opaque as far as the
+ DNS is concerned)
+ @type data: string
+ @see: RFC 4701"""
+
+ __slots__ = ['data']
+
+ def __init__(self, rdclass, rdtype, data):
+ super(DHCID, self).__init__(rdclass, rdtype)
+ self.data = data
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return dns.rdata._base64ify(self.data)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ chunks = []
+ while 1:
+ t = tok.get().unescape()
+ if t.is_eol_or_eof():
+ break
+ if not t.is_identifier():
+ raise dns.exception.SyntaxError
+ chunks.append(t.value.encode())
+ b64 = b''.join(chunks)
+ data = base64.b64decode(b64)
+ return cls(rdclass, rdtype, data)
+
+ def to_wire(self, file, compress=None, origin=None):
+ file.write(self.data)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ data = wire[current: current + rdlen].unwrap()
+ return cls(rdclass, rdtype, data)
diff --git a/lib/dns/rdtypes/IN/IPSECKEY.py b/lib/dns/rdtypes/IN/IPSECKEY.py
new file mode 100644
index 00000000..8f49ba13
--- /dev/null
+++ b/lib/dns/rdtypes/IN/IPSECKEY.py
@@ -0,0 +1,150 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2006, 2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+import base64
+
+import dns.exception
+import dns.inet
+import dns.name
+
+
+class IPSECKEY(dns.rdata.Rdata):
+
+ """IPSECKEY record
+
+ @ivar precedence: the precedence for this key data
+ @type precedence: int
+ @ivar gateway_type: the gateway type
+ @type gateway_type: int
+ @ivar algorithm: the algorithm to use
+ @type algorithm: int
+ @ivar gateway: the public key
+ @type gateway: None, IPv4 address, IPV6 address, or domain name
+ @ivar key: the public key
+ @type key: string
+ @see: RFC 4025"""
+
+ __slots__ = ['precedence', 'gateway_type', 'algorithm', 'gateway', 'key']
+
+ def __init__(self, rdclass, rdtype, precedence, gateway_type, algorithm,
+ gateway, key):
+ super(IPSECKEY, self).__init__(rdclass, rdtype)
+ if gateway_type == 0:
+ if gateway != '.' and gateway is not None:
+ raise SyntaxError('invalid gateway for gateway type 0')
+ gateway = None
+ elif gateway_type == 1:
+ # check that it's OK
+ dns.inet.inet_pton(dns.inet.AF_INET, gateway)
+ elif gateway_type == 2:
+ # check that it's OK
+ dns.inet.inet_pton(dns.inet.AF_INET6, gateway)
+ elif gateway_type == 3:
+ pass
+ else:
+ raise SyntaxError(
+ 'invalid IPSECKEY gateway type: %d' % gateway_type)
+ self.precedence = precedence
+ self.gateway_type = gateway_type
+ self.algorithm = algorithm
+ self.gateway = gateway
+ self.key = key
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ if self.gateway_type == 0:
+ gateway = '.'
+ elif self.gateway_type == 1:
+ gateway = self.gateway
+ elif self.gateway_type == 2:
+ gateway = self.gateway
+ elif self.gateway_type == 3:
+ gateway = str(self.gateway.choose_relativity(origin, relativize))
+ else:
+ raise ValueError('invalid gateway type')
+ return '%d %d %d %s %s' % (self.precedence, self.gateway_type,
+ self.algorithm, gateway,
+ dns.rdata._base64ify(self.key))
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ precedence = tok.get_uint8()
+ gateway_type = tok.get_uint8()
+ algorithm = tok.get_uint8()
+ if gateway_type == 3:
+ gateway = tok.get_name().choose_relativity(origin, relativize)
+ else:
+ gateway = tok.get_string()
+ chunks = []
+ while 1:
+ t = tok.get().unescape()
+ if t.is_eol_or_eof():
+ break
+ if not t.is_identifier():
+ raise dns.exception.SyntaxError
+ chunks.append(t.value.encode())
+ b64 = b''.join(chunks)
+ key = base64.b64decode(b64)
+ return cls(rdclass, rdtype, precedence, gateway_type, algorithm,
+ gateway, key)
+
+ def to_wire(self, file, compress=None, origin=None):
+ header = struct.pack("!BBB", self.precedence, self.gateway_type,
+ self.algorithm)
+ file.write(header)
+ if self.gateway_type == 0:
+ pass
+ elif self.gateway_type == 1:
+ file.write(dns.inet.inet_pton(dns.inet.AF_INET, self.gateway))
+ elif self.gateway_type == 2:
+ file.write(dns.inet.inet_pton(dns.inet.AF_INET6, self.gateway))
+ elif self.gateway_type == 3:
+ self.gateway.to_wire(file, None, origin)
+ else:
+ raise ValueError('invalid gateway type')
+ file.write(self.key)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ if rdlen < 3:
+ raise dns.exception.FormError
+ header = struct.unpack('!BBB', wire[current: current + 3])
+ gateway_type = header[1]
+ current += 3
+ rdlen -= 3
+ if gateway_type == 0:
+ gateway = None
+ elif gateway_type == 1:
+ gateway = dns.inet.inet_ntop(dns.inet.AF_INET,
+ wire[current: current + 4])
+ current += 4
+ rdlen -= 4
+ elif gateway_type == 2:
+ gateway = dns.inet.inet_ntop(dns.inet.AF_INET6,
+ wire[current: current + 16])
+ current += 16
+ rdlen -= 16
+ elif gateway_type == 3:
+ (gateway, cused) = dns.name.from_wire(wire[: current + rdlen],
+ current)
+ current += cused
+ rdlen -= cused
+ else:
+ raise dns.exception.FormError('invalid IPSECKEY gateway type')
+ key = wire[current: current + rdlen].unwrap()
+ return cls(rdclass, rdtype, header[0], gateway_type, header[2],
+ gateway, key)
diff --git a/lib/dns/rdtypes/IN/KX.py b/lib/dns/rdtypes/IN/KX.py
new file mode 100644
index 00000000..1318a582
--- /dev/null
+++ b/lib/dns/rdtypes/IN/KX.py
@@ -0,0 +1,23 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.mxbase
+
+
+class KX(dns.rdtypes.mxbase.UncompressedMX):
+
+ """KX record"""
diff --git a/lib/dns/rdtypes/IN/NAPTR.py b/lib/dns/rdtypes/IN/NAPTR.py
new file mode 100644
index 00000000..32fa4745
--- /dev/null
+++ b/lib/dns/rdtypes/IN/NAPTR.py
@@ -0,0 +1,127 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+
+import dns.exception
+import dns.name
+import dns.rdata
+from dns._compat import xrange, text_type
+
+
+def _write_string(file, s):
+ l = len(s)
+ assert l < 256
+ file.write(struct.pack('!B', l))
+ file.write(s)
+
+
+def _sanitize(value):
+ if isinstance(value, text_type):
+ return value.encode()
+ return value
+
+
+class NAPTR(dns.rdata.Rdata):
+
+ """NAPTR record
+
+ @ivar order: order
+ @type order: int
+ @ivar preference: preference
+ @type preference: int
+ @ivar flags: flags
+ @type flags: string
+ @ivar service: service
+ @type service: string
+ @ivar regexp: regular expression
+ @type regexp: string
+ @ivar replacement: replacement name
+ @type replacement: dns.name.Name object
+ @see: RFC 3403"""
+
+ __slots__ = ['order', 'preference', 'flags', 'service', 'regexp',
+ 'replacement']
+
+ def __init__(self, rdclass, rdtype, order, preference, flags, service,
+ regexp, replacement):
+ super(NAPTR, self).__init__(rdclass, rdtype)
+ self.flags = _sanitize(flags)
+ self.service = _sanitize(service)
+ self.regexp = _sanitize(regexp)
+ self.order = order
+ self.preference = preference
+ self.replacement = replacement
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ replacement = self.replacement.choose_relativity(origin, relativize)
+ return '%d %d "%s" "%s" "%s" %s' % \
+ (self.order, self.preference,
+ dns.rdata._escapify(self.flags),
+ dns.rdata._escapify(self.service),
+ dns.rdata._escapify(self.regexp),
+ replacement)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ order = tok.get_uint16()
+ preference = tok.get_uint16()
+ flags = tok.get_string()
+ service = tok.get_string()
+ regexp = tok.get_string()
+ replacement = tok.get_name()
+ replacement = replacement.choose_relativity(origin, relativize)
+ tok.get_eol()
+ return cls(rdclass, rdtype, order, preference, flags, service,
+ regexp, replacement)
+
+ def to_wire(self, file, compress=None, origin=None):
+ two_ints = struct.pack("!HH", self.order, self.preference)
+ file.write(two_ints)
+ _write_string(file, self.flags)
+ _write_string(file, self.service)
+ _write_string(file, self.regexp)
+ self.replacement.to_wire(file, compress, origin)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ (order, preference) = struct.unpack('!HH', wire[current: current + 4])
+ current += 4
+ rdlen -= 4
+ strings = []
+ for i in xrange(3):
+ l = wire[current]
+ current += 1
+ rdlen -= 1
+ if l > rdlen or rdlen < 0:
+ raise dns.exception.FormError
+ s = wire[current: current + l].unwrap()
+ current += l
+ rdlen -= l
+ strings.append(s)
+ (replacement, cused) = dns.name.from_wire(wire[: current + rdlen],
+ current)
+ if cused != rdlen:
+ raise dns.exception.FormError
+ if origin is not None:
+ replacement = replacement.relativize(origin)
+ return cls(rdclass, rdtype, order, preference, strings[0], strings[1],
+ strings[2], replacement)
+
+ def choose_relativity(self, origin=None, relativize=True):
+ self.replacement = self.replacement.choose_relativity(origin,
+ relativize)
diff --git a/lib/dns/rdtypes/IN/NSAP.py b/lib/dns/rdtypes/IN/NSAP.py
new file mode 100644
index 00000000..336befc7
--- /dev/null
+++ b/lib/dns/rdtypes/IN/NSAP.py
@@ -0,0 +1,60 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import binascii
+
+import dns.exception
+import dns.rdata
+import dns.tokenizer
+
+
+class NSAP(dns.rdata.Rdata):
+
+ """NSAP record.
+
+ @ivar address: a NASP
+ @type address: string
+ @see: RFC 1706"""
+
+ __slots__ = ['address']
+
+ def __init__(self, rdclass, rdtype, address):
+ super(NSAP, self).__init__(rdclass, rdtype)
+ self.address = address
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return "0x%s" % binascii.hexlify(self.address).decode()
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ address = tok.get_string()
+ tok.get_eol()
+ if address[0:2] != '0x':
+ raise dns.exception.SyntaxError('string does not start with 0x')
+ address = address[2:].replace('.', '')
+ if len(address) % 2 != 0:
+ raise dns.exception.SyntaxError('hexstring has odd length')
+ address = binascii.unhexlify(address.encode())
+ return cls(rdclass, rdtype, address)
+
+ def to_wire(self, file, compress=None, origin=None):
+ file.write(self.address)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ address = wire[current: current + rdlen].unwrap()
+ return cls(rdclass, rdtype, address)
diff --git a/lib/dns/rdtypes/IN/NSAP_PTR.py b/lib/dns/rdtypes/IN/NSAP_PTR.py
new file mode 100644
index 00000000..a5b66c80
--- /dev/null
+++ b/lib/dns/rdtypes/IN/NSAP_PTR.py
@@ -0,0 +1,23 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import dns.rdtypes.nsbase
+
+
+class NSAP_PTR(dns.rdtypes.nsbase.UncompressedNS):
+
+ """NSAP-PTR record"""
diff --git a/lib/dns/rdtypes/IN/PX.py b/lib/dns/rdtypes/IN/PX.py
new file mode 100644
index 00000000..2dbaee6c
--- /dev/null
+++ b/lib/dns/rdtypes/IN/PX.py
@@ -0,0 +1,89 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+
+import dns.exception
+import dns.rdata
+import dns.name
+
+
+class PX(dns.rdata.Rdata):
+
+ """PX record.
+
+ @ivar preference: the preference value
+ @type preference: int
+ @ivar map822: the map822 name
+ @type map822: dns.name.Name object
+ @ivar mapx400: the mapx400 name
+ @type mapx400: dns.name.Name object
+ @see: RFC 2163"""
+
+ __slots__ = ['preference', 'map822', 'mapx400']
+
+ def __init__(self, rdclass, rdtype, preference, map822, mapx400):
+ super(PX, self).__init__(rdclass, rdtype)
+ self.preference = preference
+ self.map822 = map822
+ self.mapx400 = mapx400
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ map822 = self.map822.choose_relativity(origin, relativize)
+ mapx400 = self.mapx400.choose_relativity(origin, relativize)
+ return '%d %s %s' % (self.preference, map822, mapx400)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ preference = tok.get_uint16()
+ map822 = tok.get_name()
+ map822 = map822.choose_relativity(origin, relativize)
+ mapx400 = tok.get_name(None)
+ mapx400 = mapx400.choose_relativity(origin, relativize)
+ tok.get_eol()
+ return cls(rdclass, rdtype, preference, map822, mapx400)
+
+ def to_wire(self, file, compress=None, origin=None):
+ pref = struct.pack("!H", self.preference)
+ file.write(pref)
+ self.map822.to_wire(file, None, origin)
+ self.mapx400.to_wire(file, None, origin)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ (preference, ) = struct.unpack('!H', wire[current: current + 2])
+ current += 2
+ rdlen -= 2
+ (map822, cused) = dns.name.from_wire(wire[: current + rdlen],
+ current)
+ if cused > rdlen:
+ raise dns.exception.FormError
+ current += cused
+ rdlen -= cused
+ if origin is not None:
+ map822 = map822.relativize(origin)
+ (mapx400, cused) = dns.name.from_wire(wire[: current + rdlen],
+ current)
+ if cused != rdlen:
+ raise dns.exception.FormError
+ if origin is not None:
+ mapx400 = mapx400.relativize(origin)
+ return cls(rdclass, rdtype, preference, map822, mapx400)
+
+ def choose_relativity(self, origin=None, relativize=True):
+ self.map822 = self.map822.choose_relativity(origin, relativize)
+ self.mapx400 = self.mapx400.choose_relativity(origin, relativize)
diff --git a/lib/dns/rdtypes/IN/SRV.py b/lib/dns/rdtypes/IN/SRV.py
new file mode 100644
index 00000000..b2c1bc9f
--- /dev/null
+++ b/lib/dns/rdtypes/IN/SRV.py
@@ -0,0 +1,83 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+
+import dns.exception
+import dns.rdata
+import dns.name
+
+
+class SRV(dns.rdata.Rdata):
+
+ """SRV record
+
+ @ivar priority: the priority
+ @type priority: int
+ @ivar weight: the weight
+ @type weight: int
+ @ivar port: the port of the service
+ @type port: int
+ @ivar target: the target host
+ @type target: dns.name.Name object
+ @see: RFC 2782"""
+
+ __slots__ = ['priority', 'weight', 'port', 'target']
+
+ def __init__(self, rdclass, rdtype, priority, weight, port, target):
+ super(SRV, self).__init__(rdclass, rdtype)
+ self.priority = priority
+ self.weight = weight
+ self.port = port
+ self.target = target
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ target = self.target.choose_relativity(origin, relativize)
+ return '%d %d %d %s' % (self.priority, self.weight, self.port,
+ target)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ priority = tok.get_uint16()
+ weight = tok.get_uint16()
+ port = tok.get_uint16()
+ target = tok.get_name(None)
+ target = target.choose_relativity(origin, relativize)
+ tok.get_eol()
+ return cls(rdclass, rdtype, priority, weight, port, target)
+
+ def to_wire(self, file, compress=None, origin=None):
+ three_ints = struct.pack("!HHH", self.priority, self.weight, self.port)
+ file.write(three_ints)
+ self.target.to_wire(file, compress, origin)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ (priority, weight, port) = struct.unpack('!HHH',
+ wire[current: current + 6])
+ current += 6
+ rdlen -= 6
+ (target, cused) = dns.name.from_wire(wire[: current + rdlen],
+ current)
+ if cused != rdlen:
+ raise dns.exception.FormError
+ if origin is not None:
+ target = target.relativize(origin)
+ return cls(rdclass, rdtype, priority, weight, port, target)
+
+ def choose_relativity(self, origin=None, relativize=True):
+ self.target = self.target.choose_relativity(origin, relativize)
diff --git a/lib/dns/rdtypes/IN/WKS.py b/lib/dns/rdtypes/IN/WKS.py
new file mode 100644
index 00000000..96f98ada
--- /dev/null
+++ b/lib/dns/rdtypes/IN/WKS.py
@@ -0,0 +1,107 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import socket
+import struct
+
+import dns.ipv4
+import dns.rdata
+from dns._compat import xrange
+
+_proto_tcp = socket.getprotobyname('tcp')
+_proto_udp = socket.getprotobyname('udp')
+
+
+class WKS(dns.rdata.Rdata):
+
+ """WKS record
+
+ @ivar address: the address
+ @type address: string
+ @ivar protocol: the protocol
+ @type protocol: int
+ @ivar bitmap: the bitmap
+ @type bitmap: string
+ @see: RFC 1035"""
+
+ __slots__ = ['address', 'protocol', 'bitmap']
+
+ def __init__(self, rdclass, rdtype, address, protocol, bitmap):
+ super(WKS, self).__init__(rdclass, rdtype)
+ self.address = address
+ self.protocol = protocol
+ if not isinstance(bitmap, bytearray):
+ self.bitmap = bytearray(bitmap)
+ else:
+ self.bitmap = bitmap
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ bits = []
+ for i in xrange(0, len(self.bitmap)):
+ byte = self.bitmap[i]
+ for j in xrange(0, 8):
+ if byte & (0x80 >> j):
+ bits.append(str(i * 8 + j))
+ text = ' '.join(bits)
+ return '%s %d %s' % (self.address, self.protocol, text)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ address = tok.get_string()
+ protocol = tok.get_string()
+ if protocol.isdigit():
+ protocol = int(protocol)
+ else:
+ protocol = socket.getprotobyname(protocol)
+ bitmap = bytearray()
+ while 1:
+ token = tok.get().unescape()
+ if token.is_eol_or_eof():
+ break
+ if token.value.isdigit():
+ serv = int(token.value)
+ else:
+ if protocol != _proto_udp and protocol != _proto_tcp:
+ raise NotImplementedError("protocol must be TCP or UDP")
+ if protocol == _proto_udp:
+ protocol_text = "udp"
+ else:
+ protocol_text = "tcp"
+ serv = socket.getservbyname(token.value, protocol_text)
+ i = serv // 8
+ l = len(bitmap)
+ if l < i + 1:
+ for j in xrange(l, i + 1):
+ bitmap.append(0)
+ bitmap[i] = bitmap[i] | (0x80 >> (serv % 8))
+ bitmap = dns.rdata._truncate_bitmap(bitmap)
+ return cls(rdclass, rdtype, address, protocol, bitmap)
+
+ def to_wire(self, file, compress=None, origin=None):
+ file.write(dns.ipv4.inet_aton(self.address))
+ protocol = struct.pack('!B', self.protocol)
+ file.write(protocol)
+ file.write(self.bitmap)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ address = dns.ipv4.inet_ntoa(wire[current: current + 4])
+ protocol, = struct.unpack('!B', wire[current + 4: current + 5])
+ current += 5
+ rdlen -= 5
+ bitmap = wire[current: current + rdlen].unwrap()
+ return cls(rdclass, rdtype, address, protocol, bitmap)
diff --git a/lib/dns/rdtypes/IN/__init__.py b/lib/dns/rdtypes/IN/__init__.py
new file mode 100644
index 00000000..d7e69c9f
--- /dev/null
+++ b/lib/dns/rdtypes/IN/__init__.py
@@ -0,0 +1,33 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""Class IN rdata type classes."""
+
+__all__ = [
+ 'A',
+ 'AAAA',
+ 'APL',
+ 'DHCID',
+ 'IPSECKEY',
+ 'KX',
+ 'NAPTR',
+ 'NSAP',
+ 'NSAP_PTR',
+ 'PX',
+ 'SRV',
+ 'WKS',
+]
diff --git a/lib/dns/rdtypes/__init__.py b/lib/dns/rdtypes/__init__.py
new file mode 100644
index 00000000..1ac137f1
--- /dev/null
+++ b/lib/dns/rdtypes/__init__.py
@@ -0,0 +1,27 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS rdata type classes"""
+
+__all__ = [
+ 'ANY',
+ 'IN',
+ 'CH',
+ 'euibase',
+ 'mxbase',
+ 'nsbase',
+]
diff --git a/lib/dns/rdtypes/dnskeybase.py b/lib/dns/rdtypes/dnskeybase.py
new file mode 100644
index 00000000..3e7e87ef
--- /dev/null
+++ b/lib/dns/rdtypes/dnskeybase.py
@@ -0,0 +1,138 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2004-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import base64
+import struct
+
+import dns.exception
+import dns.dnssec
+import dns.rdata
+
+# wildcard import
+__all__ = ["SEP", "REVOKE", "ZONE",
+ "flags_to_text_set", "flags_from_text_set"]
+
+# flag constants
+SEP = 0x0001
+REVOKE = 0x0080
+ZONE = 0x0100
+
+_flag_by_text = {
+ 'SEP': SEP,
+ 'REVOKE': REVOKE,
+ 'ZONE': ZONE
+}
+
+# We construct the inverse mapping programmatically to ensure that we
+# cannot make any mistakes (e.g. omissions, cut-and-paste errors) that
+# would cause the mapping not to be true inverse.
+_flag_by_value = {y: x for x, y in _flag_by_text.items()}
+
+
+def flags_to_text_set(flags):
+ """Convert a DNSKEY flags value to set texts
+ @rtype: set([string])"""
+
+ flags_set = set()
+ mask = 0x1
+ while mask <= 0x8000:
+ if flags & mask:
+ text = _flag_by_value.get(mask)
+ if not text:
+ text = hex(mask)
+ flags_set.add(text)
+ mask <<= 1
+ return flags_set
+
+
+def flags_from_text_set(texts_set):
+ """Convert set of DNSKEY flag mnemonic texts to DNSKEY flag value
+ @rtype: int"""
+
+ flags = 0
+ for text in texts_set:
+ try:
+ flags += _flag_by_text[text]
+ except KeyError:
+ raise NotImplementedError(
+ "DNSKEY flag '%s' is not supported" % text)
+ return flags
+
+
+class DNSKEYBase(dns.rdata.Rdata):
+
+ """Base class for rdata that is like a DNSKEY record
+
+ @ivar flags: the key flags
+ @type flags: int
+ @ivar protocol: the protocol for which this key may be used
+ @type protocol: int
+ @ivar algorithm: the algorithm used for the key
+ @type algorithm: int
+ @ivar key: the public key
+ @type key: string"""
+
+ __slots__ = ['flags', 'protocol', 'algorithm', 'key']
+
+ def __init__(self, rdclass, rdtype, flags, protocol, algorithm, key):
+ super(DNSKEYBase, self).__init__(rdclass, rdtype)
+ self.flags = flags
+ self.protocol = protocol
+ self.algorithm = algorithm
+ self.key = key
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return '%d %d %d %s' % (self.flags, self.protocol, self.algorithm,
+ dns.rdata._base64ify(self.key))
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ flags = tok.get_uint16()
+ protocol = tok.get_uint8()
+ algorithm = dns.dnssec.algorithm_from_text(tok.get_string())
+ chunks = []
+ while 1:
+ t = tok.get().unescape()
+ if t.is_eol_or_eof():
+ break
+ if not t.is_identifier():
+ raise dns.exception.SyntaxError
+ chunks.append(t.value.encode())
+ b64 = b''.join(chunks)
+ key = base64.b64decode(b64)
+ return cls(rdclass, rdtype, flags, protocol, algorithm, key)
+
+ def to_wire(self, file, compress=None, origin=None):
+ header = struct.pack("!HBB", self.flags, self.protocol, self.algorithm)
+ file.write(header)
+ file.write(self.key)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ if rdlen < 4:
+ raise dns.exception.FormError
+ header = struct.unpack('!HBB', wire[current: current + 4])
+ current += 4
+ rdlen -= 4
+ key = wire[current: current + rdlen].unwrap()
+ return cls(rdclass, rdtype, header[0], header[1], header[2],
+ key)
+
+ def flags_to_text_set(self):
+ """Convert a DNSKEY flags value to set texts
+ @rtype: set([string])"""
+ return flags_to_text_set(self.flags)
diff --git a/lib/dns/rdtypes/dsbase.py b/lib/dns/rdtypes/dsbase.py
new file mode 100644
index 00000000..26ae9d5c
--- /dev/null
+++ b/lib/dns/rdtypes/dsbase.py
@@ -0,0 +1,85 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2010, 2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import struct
+import binascii
+
+import dns.rdata
+import dns.rdatatype
+
+
+class DSBase(dns.rdata.Rdata):
+
+ """Base class for rdata that is like a DS record
+
+ @ivar key_tag: the key tag
+ @type key_tag: int
+ @ivar algorithm: the algorithm
+ @type algorithm: int
+ @ivar digest_type: the digest type
+ @type digest_type: int
+ @ivar digest: the digest
+ @type digest: int
+ @see: draft-ietf-dnsext-delegation-signer-14.txt"""
+
+ __slots__ = ['key_tag', 'algorithm', 'digest_type', 'digest']
+
+ def __init__(self, rdclass, rdtype, key_tag, algorithm, digest_type,
+ digest):
+ super(DSBase, self).__init__(rdclass, rdtype)
+ self.key_tag = key_tag
+ self.algorithm = algorithm
+ self.digest_type = digest_type
+ self.digest = digest
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return '%d %d %d %s' % (self.key_tag, self.algorithm,
+ self.digest_type,
+ dns.rdata._hexify(self.digest,
+ chunksize=128))
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ key_tag = tok.get_uint16()
+ algorithm = tok.get_uint8()
+ digest_type = tok.get_uint8()
+ chunks = []
+ while 1:
+ t = tok.get().unescape()
+ if t.is_eol_or_eof():
+ break
+ if not t.is_identifier():
+ raise dns.exception.SyntaxError
+ chunks.append(t.value.encode())
+ digest = b''.join(chunks)
+ digest = binascii.unhexlify(digest)
+ return cls(rdclass, rdtype, key_tag, algorithm, digest_type,
+ digest)
+
+ def to_wire(self, file, compress=None, origin=None):
+ header = struct.pack("!HBB", self.key_tag, self.algorithm,
+ self.digest_type)
+ file.write(header)
+ file.write(self.digest)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ header = struct.unpack("!HBB", wire[current: current + 4])
+ current += 4
+ rdlen -= 4
+ digest = wire[current: current + rdlen].unwrap()
+ return cls(rdclass, rdtype, header[0], header[1], header[2], digest)
diff --git a/lib/dns/rdtypes/euibase.py b/lib/dns/rdtypes/euibase.py
new file mode 100644
index 00000000..cc5fdaa6
--- /dev/null
+++ b/lib/dns/rdtypes/euibase.py
@@ -0,0 +1,71 @@
+# Copyright (C) 2015 Red Hat, Inc.
+# Author: Petr Spacek
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED 'AS IS' AND RED HAT DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+import binascii
+
+import dns.rdata
+from dns._compat import xrange
+
+
+class EUIBase(dns.rdata.Rdata):
+
+ """EUIxx record
+
+ @ivar fingerprint: xx-bit Extended Unique Identifier (EUI-xx)
+ @type fingerprint: string
+ @see: rfc7043.txt"""
+
+ __slots__ = ['eui']
+ # define these in subclasses
+ # byte_len = 6 # 0123456789ab (in hex)
+ # text_len = byte_len * 3 - 1 # 01-23-45-67-89-ab
+
+ def __init__(self, rdclass, rdtype, eui):
+ super(EUIBase, self).__init__(rdclass, rdtype)
+ if len(eui) != self.byte_len:
+ raise dns.exception.FormError('EUI%s rdata has to have %s bytes'
+ % (self.byte_len * 8, self.byte_len))
+ self.eui = eui
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ return dns.rdata._hexify(self.eui, chunksize=2).replace(' ', '-')
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ text = tok.get_string()
+ tok.get_eol()
+ if len(text) != cls.text_len:
+ raise dns.exception.SyntaxError(
+ 'Input text must have %s characters' % cls.text_len)
+ expected_dash_idxs = xrange(2, cls.byte_len * 3 - 1, 3)
+ for i in expected_dash_idxs:
+ if text[i] != '-':
+ raise dns.exception.SyntaxError('Dash expected at position %s'
+ % i)
+ text = text.replace('-', '')
+ try:
+ data = binascii.unhexlify(text.encode())
+ except (ValueError, TypeError) as ex:
+ raise dns.exception.SyntaxError('Hex decoding error: %s' % str(ex))
+ return cls(rdclass, rdtype, data)
+
+ def to_wire(self, file, compress=None, origin=None):
+ file.write(self.eui)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ eui = wire[current:current + rdlen].unwrap()
+ return cls(rdclass, rdtype, eui)
diff --git a/lib/dns/rdtypes/mxbase.py b/lib/dns/rdtypes/mxbase.py
new file mode 100644
index 00000000..9a3fa623
--- /dev/null
+++ b/lib/dns/rdtypes/mxbase.py
@@ -0,0 +1,103 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""MX-like base classes."""
+
+from io import BytesIO
+import struct
+
+import dns.exception
+import dns.rdata
+import dns.name
+
+
+class MXBase(dns.rdata.Rdata):
+
+ """Base class for rdata that is like an MX record.
+
+ @ivar preference: the preference value
+ @type preference: int
+ @ivar exchange: the exchange name
+ @type exchange: dns.name.Name object"""
+
+ __slots__ = ['preference', 'exchange']
+
+ def __init__(self, rdclass, rdtype, preference, exchange):
+ super(MXBase, self).__init__(rdclass, rdtype)
+ self.preference = preference
+ self.exchange = exchange
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ exchange = self.exchange.choose_relativity(origin, relativize)
+ return '%d %s' % (self.preference, exchange)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ preference = tok.get_uint16()
+ exchange = tok.get_name()
+ exchange = exchange.choose_relativity(origin, relativize)
+ tok.get_eol()
+ return cls(rdclass, rdtype, preference, exchange)
+
+ def to_wire(self, file, compress=None, origin=None):
+ pref = struct.pack("!H", self.preference)
+ file.write(pref)
+ self.exchange.to_wire(file, compress, origin)
+
+ def to_digestable(self, origin=None):
+ return struct.pack("!H", self.preference) + \
+ self.exchange.to_digestable(origin)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ (preference, ) = struct.unpack('!H', wire[current: current + 2])
+ current += 2
+ rdlen -= 2
+ (exchange, cused) = dns.name.from_wire(wire[: current + rdlen],
+ current)
+ if cused != rdlen:
+ raise dns.exception.FormError
+ if origin is not None:
+ exchange = exchange.relativize(origin)
+ return cls(rdclass, rdtype, preference, exchange)
+
+ def choose_relativity(self, origin=None, relativize=True):
+ self.exchange = self.exchange.choose_relativity(origin, relativize)
+
+
+class UncompressedMX(MXBase):
+
+ """Base class for rdata that is like an MX record, but whose name
+ is not compressed when converted to DNS wire format, and whose
+ digestable form is not downcased."""
+
+ def to_wire(self, file, compress=None, origin=None):
+ super(UncompressedMX, self).to_wire(file, None, origin)
+
+ def to_digestable(self, origin=None):
+ f = BytesIO()
+ self.to_wire(f, None, origin)
+ return f.getvalue()
+
+
+class UncompressedDowncasingMX(MXBase):
+
+ """Base class for rdata that is like an MX record, but whose name
+ is not compressed when convert to DNS wire format."""
+
+ def to_wire(self, file, compress=None, origin=None):
+ super(UncompressedDowncasingMX, self).to_wire(file, None, origin)
diff --git a/lib/dns/rdtypes/nsbase.py b/lib/dns/rdtypes/nsbase.py
new file mode 100644
index 00000000..97a22326
--- /dev/null
+++ b/lib/dns/rdtypes/nsbase.py
@@ -0,0 +1,83 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""NS-like base classes."""
+
+from io import BytesIO
+
+import dns.exception
+import dns.rdata
+import dns.name
+
+
+class NSBase(dns.rdata.Rdata):
+
+ """Base class for rdata that is like an NS record.
+
+ @ivar target: the target name of the rdata
+ @type target: dns.name.Name object"""
+
+ __slots__ = ['target']
+
+ def __init__(self, rdclass, rdtype, target):
+ super(NSBase, self).__init__(rdclass, rdtype)
+ self.target = target
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ target = self.target.choose_relativity(origin, relativize)
+ return str(target)
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ target = tok.get_name()
+ target = target.choose_relativity(origin, relativize)
+ tok.get_eol()
+ return cls(rdclass, rdtype, target)
+
+ def to_wire(self, file, compress=None, origin=None):
+ self.target.to_wire(file, compress, origin)
+
+ def to_digestable(self, origin=None):
+ return self.target.to_digestable(origin)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ (target, cused) = dns.name.from_wire(wire[: current + rdlen],
+ current)
+ if cused != rdlen:
+ raise dns.exception.FormError
+ if origin is not None:
+ target = target.relativize(origin)
+ return cls(rdclass, rdtype, target)
+
+ def choose_relativity(self, origin=None, relativize=True):
+ self.target = self.target.choose_relativity(origin, relativize)
+
+
+class UncompressedNS(NSBase):
+
+ """Base class for rdata that is like an NS record, but whose name
+ is not compressed when convert to DNS wire format, and whose
+ digestable form is not downcased."""
+
+ def to_wire(self, file, compress=None, origin=None):
+ super(UncompressedNS, self).to_wire(file, None, origin)
+
+ def to_digestable(self, origin=None):
+ f = BytesIO()
+ self.to_wire(f, None, origin)
+ return f.getvalue()
diff --git a/lib/dns/rdtypes/txtbase.py b/lib/dns/rdtypes/txtbase.py
new file mode 100644
index 00000000..645a57ec
--- /dev/null
+++ b/lib/dns/rdtypes/txtbase.py
@@ -0,0 +1,97 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2006-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""TXT-like base class."""
+
+import struct
+
+import dns.exception
+import dns.rdata
+import dns.tokenizer
+from dns._compat import binary_type, string_types
+
+
+class TXTBase(dns.rdata.Rdata):
+
+ """Base class for rdata that is like a TXT record
+
+ @ivar strings: the strings
+ @type strings: list of binary
+ @see: RFC 1035"""
+
+ __slots__ = ['strings']
+
+ def __init__(self, rdclass, rdtype, strings):
+ super(TXTBase, self).__init__(rdclass, rdtype)
+ if isinstance(strings, binary_type) or \
+ isinstance(strings, string_types):
+ strings = [strings]
+ self.strings = []
+ for string in strings:
+ if isinstance(string, string_types):
+ string = string.encode()
+ self.strings.append(string)
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ txt = ''
+ prefix = ''
+ for s in self.strings:
+ txt += '{}"{}"'.format(prefix, dns.rdata._escapify(s))
+ prefix = ' '
+ return txt
+
+ @classmethod
+ def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
+ strings = []
+ while 1:
+ token = tok.get().unescape()
+ if token.is_eol_or_eof():
+ break
+ if not (token.is_quoted_string() or token.is_identifier()):
+ raise dns.exception.SyntaxError("expected a string")
+ if len(token.value) > 255:
+ raise dns.exception.SyntaxError("string too long")
+ value = token.value
+ if isinstance(value, binary_type):
+ strings.append(value)
+ else:
+ strings.append(value.encode())
+ if len(strings) == 0:
+ raise dns.exception.UnexpectedEnd
+ return cls(rdclass, rdtype, strings)
+
+ def to_wire(self, file, compress=None, origin=None):
+ for s in self.strings:
+ l = len(s)
+ assert l < 256
+ file.write(struct.pack('!B', l))
+ file.write(s)
+
+ @classmethod
+ def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
+ strings = []
+ while rdlen > 0:
+ l = wire[current]
+ current += 1
+ rdlen -= 1
+ if l > rdlen:
+ raise dns.exception.FormError
+ s = wire[current: current + l].unwrap()
+ current += l
+ rdlen -= l
+ strings.append(s)
+ return cls(rdclass, rdtype, strings)
diff --git a/lib/dns/renderer.py b/lib/dns/renderer.py
new file mode 100644
index 00000000..d7ef8c7f
--- /dev/null
+++ b/lib/dns/renderer.py
@@ -0,0 +1,291 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2001-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""Help for building DNS wire format messages"""
+
+from io import BytesIO
+import struct
+import random
+import time
+
+import dns.exception
+import dns.tsig
+from ._compat import long
+
+
+QUESTION = 0
+ANSWER = 1
+AUTHORITY = 2
+ADDITIONAL = 3
+
+
+class Renderer(object):
+ """Helper class for building DNS wire-format messages.
+
+ Most applications can use the higher-level L{dns.message.Message}
+ class and its to_wire() method to generate wire-format messages.
+ This class is for those applications which need finer control
+ over the generation of messages.
+
+ Typical use::
+
+ r = dns.renderer.Renderer(id=1, flags=0x80, max_size=512)
+ r.add_question(qname, qtype, qclass)
+ r.add_rrset(dns.renderer.ANSWER, rrset_1)
+ r.add_rrset(dns.renderer.ANSWER, rrset_2)
+ r.add_rrset(dns.renderer.AUTHORITY, ns_rrset)
+ r.add_edns(0, 0, 4096)
+ r.add_rrset(dns.renderer.ADDTIONAL, ad_rrset_1)
+ r.add_rrset(dns.renderer.ADDTIONAL, ad_rrset_2)
+ r.write_header()
+ r.add_tsig(keyname, secret, 300, 1, 0, '', request_mac)
+ wire = r.get_wire()
+
+ output, a BytesIO, where rendering is written
+
+ id: the message id
+
+ flags: the message flags
+
+ max_size: the maximum size of the message
+
+ origin: the origin to use when rendering relative names
+
+ compress: the compression table
+
+ section: an int, the section currently being rendered
+
+ counts: list of the number of RRs in each section
+
+ mac: the MAC of the rendered message (if TSIG was used)
+ """
+
+ def __init__(self, id=None, flags=0, max_size=65535, origin=None):
+ """Initialize a new renderer."""
+
+ self.output = BytesIO()
+ if id is None:
+ self.id = random.randint(0, 65535)
+ else:
+ self.id = id
+ self.flags = flags
+ self.max_size = max_size
+ self.origin = origin
+ self.compress = {}
+ self.section = QUESTION
+ self.counts = [0, 0, 0, 0]
+ self.output.write(b'\x00' * 12)
+ self.mac = ''
+
+ def _rollback(self, where):
+ """Truncate the output buffer at offset *where*, and remove any
+ compression table entries that pointed beyond the truncation
+ point.
+ """
+
+ self.output.seek(where)
+ self.output.truncate()
+ keys_to_delete = []
+ for k, v in self.compress.items():
+ if v >= where:
+ keys_to_delete.append(k)
+ for k in keys_to_delete:
+ del self.compress[k]
+
+ def _set_section(self, section):
+ """Set the renderer's current section.
+
+ Sections must be rendered order: QUESTION, ANSWER, AUTHORITY,
+ ADDITIONAL. Sections may be empty.
+
+ Raises dns.exception.FormError if an attempt was made to set
+ a section value less than the current section.
+ """
+
+ if self.section != section:
+ if self.section > section:
+ raise dns.exception.FormError
+ self.section = section
+
+ def add_question(self, qname, rdtype, rdclass=dns.rdataclass.IN):
+ """Add a question to the message."""
+
+ self._set_section(QUESTION)
+ before = self.output.tell()
+ qname.to_wire(self.output, self.compress, self.origin)
+ self.output.write(struct.pack("!HH", rdtype, rdclass))
+ after = self.output.tell()
+ if after >= self.max_size:
+ self._rollback(before)
+ raise dns.exception.TooBig
+ self.counts[QUESTION] += 1
+
+ def add_rrset(self, section, rrset, **kw):
+ """Add the rrset to the specified section.
+
+ Any keyword arguments are passed on to the rdataset's to_wire()
+ routine.
+ """
+
+ self._set_section(section)
+ before = self.output.tell()
+ n = rrset.to_wire(self.output, self.compress, self.origin, **kw)
+ after = self.output.tell()
+ if after >= self.max_size:
+ self._rollback(before)
+ raise dns.exception.TooBig
+ self.counts[section] += n
+
+ def add_rdataset(self, section, name, rdataset, **kw):
+ """Add the rdataset to the specified section, using the specified
+ name as the owner name.
+
+ Any keyword arguments are passed on to the rdataset's to_wire()
+ routine.
+ """
+
+ self._set_section(section)
+ before = self.output.tell()
+ n = rdataset.to_wire(name, self.output, self.compress, self.origin,
+ **kw)
+ after = self.output.tell()
+ if after >= self.max_size:
+ self._rollback(before)
+ raise dns.exception.TooBig
+ self.counts[section] += n
+
+ def add_edns(self, edns, ednsflags, payload, options=None):
+ """Add an EDNS OPT record to the message."""
+
+ # make sure the EDNS version in ednsflags agrees with edns
+ ednsflags &= long(0xFF00FFFF)
+ ednsflags |= (edns << 16)
+ self._set_section(ADDITIONAL)
+ before = self.output.tell()
+ self.output.write(struct.pack('!BHHIH', 0, dns.rdatatype.OPT, payload,
+ ednsflags, 0))
+ if options is not None:
+ lstart = self.output.tell()
+ for opt in options:
+ stuff = struct.pack("!HH", opt.otype, 0)
+ self.output.write(stuff)
+ start = self.output.tell()
+ opt.to_wire(self.output)
+ end = self.output.tell()
+ assert end - start < 65536
+ self.output.seek(start - 2)
+ stuff = struct.pack("!H", end - start)
+ self.output.write(stuff)
+ self.output.seek(0, 2)
+ lend = self.output.tell()
+ assert lend - lstart < 65536
+ self.output.seek(lstart - 2)
+ stuff = struct.pack("!H", lend - lstart)
+ self.output.write(stuff)
+ self.output.seek(0, 2)
+ after = self.output.tell()
+ if after >= self.max_size:
+ self._rollback(before)
+ raise dns.exception.TooBig
+ self.counts[ADDITIONAL] += 1
+
+ def add_tsig(self, keyname, secret, fudge, id, tsig_error, other_data,
+ request_mac, algorithm=dns.tsig.default_algorithm):
+ """Add a TSIG signature to the message."""
+
+ s = self.output.getvalue()
+ (tsig_rdata, self.mac, ctx) = dns.tsig.sign(s,
+ keyname,
+ secret,
+ int(time.time()),
+ fudge,
+ id,
+ tsig_error,
+ other_data,
+ request_mac,
+ algorithm=algorithm)
+ self._write_tsig(tsig_rdata, keyname)
+
+ def add_multi_tsig(self, ctx, keyname, secret, fudge, id, tsig_error,
+ other_data, request_mac,
+ algorithm=dns.tsig.default_algorithm):
+ """Add a TSIG signature to the message. Unlike add_tsig(), this can be
+ used for a series of consecutive DNS envelopes, e.g. for a zone
+ transfer over TCP [RFC2845, 4.4].
+
+ For the first message in the sequence, give ctx=None. For each
+ subsequent message, give the ctx that was returned from the
+ add_multi_tsig() call for the previous message."""
+
+ s = self.output.getvalue()
+ (tsig_rdata, self.mac, ctx) = dns.tsig.sign(s,
+ keyname,
+ secret,
+ int(time.time()),
+ fudge,
+ id,
+ tsig_error,
+ other_data,
+ request_mac,
+ ctx=ctx,
+ first=ctx is None,
+ multi=True,
+ algorithm=algorithm)
+ self._write_tsig(tsig_rdata, keyname)
+ return ctx
+
+ def _write_tsig(self, tsig_rdata, keyname):
+ self._set_section(ADDITIONAL)
+ before = self.output.tell()
+
+ keyname.to_wire(self.output, self.compress, self.origin)
+ self.output.write(struct.pack('!HHIH', dns.rdatatype.TSIG,
+ dns.rdataclass.ANY, 0, 0))
+ rdata_start = self.output.tell()
+ self.output.write(tsig_rdata)
+
+ after = self.output.tell()
+ assert after - rdata_start < 65536
+ if after >= self.max_size:
+ self._rollback(before)
+ raise dns.exception.TooBig
+
+ self.output.seek(rdata_start - 2)
+ self.output.write(struct.pack('!H', after - rdata_start))
+ self.counts[ADDITIONAL] += 1
+ self.output.seek(10)
+ self.output.write(struct.pack('!H', self.counts[ADDITIONAL]))
+ self.output.seek(0, 2)
+
+ def write_header(self):
+ """Write the DNS message header.
+
+ Writing the DNS message header is done after all sections
+ have been rendered, but before the optional TSIG signature
+ is added.
+ """
+
+ self.output.seek(0)
+ self.output.write(struct.pack('!HHHHHH', self.id, self.flags,
+ self.counts[0], self.counts[1],
+ self.counts[2], self.counts[3]))
+ self.output.seek(0, 2)
+
+ def get_wire(self):
+ """Return the wire format message."""
+
+ return self.output.getvalue()
diff --git a/lib/dns/resolver.py b/lib/dns/resolver.py
new file mode 100644
index 00000000..806e5b2b
--- /dev/null
+++ b/lib/dns/resolver.py
@@ -0,0 +1,1383 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS stub resolver."""
+
+import socket
+import sys
+import time
+import random
+
+try:
+ import threading as _threading
+except ImportError:
+ import dummy_threading as _threading
+
+import dns.exception
+import dns.flags
+import dns.ipv4
+import dns.ipv6
+import dns.message
+import dns.name
+import dns.query
+import dns.rcode
+import dns.rdataclass
+import dns.rdatatype
+import dns.reversename
+import dns.tsig
+from ._compat import xrange, string_types
+
+if sys.platform == 'win32':
+ try:
+ import winreg as _winreg
+ except ImportError:
+ import _winreg # pylint: disable=import-error
+
+class NXDOMAIN(dns.exception.DNSException):
+ """The DNS query name does not exist."""
+ supp_kwargs = {'qnames', 'responses'}
+ fmt = None # we have our own __str__ implementation
+
+ def _check_kwargs(self, qnames, responses=None):
+ if not isinstance(qnames, (list, tuple, set)):
+ raise AttributeError("qnames must be a list, tuple or set")
+ if len(qnames) == 0:
+ raise AttributeError("qnames must contain at least one element")
+ if responses is None:
+ responses = {}
+ elif not isinstance(responses, dict):
+ raise AttributeError("responses must be a dict(qname=response)")
+ kwargs = dict(qnames=qnames, responses=responses)
+ return kwargs
+
+ def __str__(self):
+ if 'qnames' not in self.kwargs:
+ return super(NXDOMAIN, self).__str__()
+ qnames = self.kwargs['qnames']
+ if len(qnames) > 1:
+ msg = 'None of DNS query names exist'
+ else:
+ msg = 'The DNS query name does not exist'
+ qnames = ', '.join(map(str, qnames))
+ return "{}: {}".format(msg, qnames)
+
+ def canonical_name(self):
+ if not 'qnames' in self.kwargs:
+ raise TypeError("parametrized exception required")
+ IN = dns.rdataclass.IN
+ CNAME = dns.rdatatype.CNAME
+ cname = None
+ for qname in self.kwargs['qnames']:
+ response = self.kwargs['responses'][qname]
+ for answer in response.answer:
+ if answer.rdtype != CNAME or answer.rdclass != IN:
+ continue
+ cname = answer.items[0].target.to_text()
+ if cname is not None:
+ return dns.name.from_text(cname)
+ return self.kwargs['qnames'][0]
+ canonical_name = property(canonical_name, doc=(
+ "Return the unresolved canonical name."))
+
+ def __add__(self, e_nx):
+ """Augment by results from another NXDOMAIN exception."""
+ qnames0 = list(self.kwargs.get('qnames', []))
+ responses0 = dict(self.kwargs.get('responses', {}))
+ responses1 = e_nx.kwargs.get('responses', {})
+ for qname1 in e_nx.kwargs.get('qnames', []):
+ if qname1 not in qnames0:
+ qnames0.append(qname1)
+ if qname1 in responses1:
+ responses0[qname1] = responses1[qname1]
+ return NXDOMAIN(qnames=qnames0, responses=responses0)
+
+ def qnames(self):
+ """All of the names that were tried.
+
+ Returns a list of ``dns.name.Name``.
+ """
+ return self.kwargs['qnames']
+
+ def responses(self):
+ """A map from queried names to their NXDOMAIN responses.
+
+ Returns a dict mapping a ``dns.name.Name`` to a
+ ``dns.message.Message``.
+ """
+ return self.kwargs['responses']
+
+ def response(self, qname):
+ """The response for query *qname*.
+
+ Returns a ``dns.message.Message``.
+ """
+ return self.kwargs['responses'][qname]
+
+
+class YXDOMAIN(dns.exception.DNSException):
+ """The DNS query name is too long after DNAME substitution."""
+
+# The definition of the Timeout exception has moved from here to the
+# dns.exception module. We keep dns.resolver.Timeout defined for
+# backwards compatibility.
+
+Timeout = dns.exception.Timeout
+
+
+class NoAnswer(dns.exception.DNSException):
+ """The DNS response does not contain an answer to the question."""
+ fmt = 'The DNS response does not contain an answer ' + \
+ 'to the question: {query}'
+ supp_kwargs = {'response'}
+
+ def _fmt_kwargs(self, **kwargs):
+ return super(NoAnswer, self)._fmt_kwargs(
+ query=kwargs['response'].question)
+
+
+class NoNameservers(dns.exception.DNSException):
+ """All nameservers failed to answer the query.
+
+ errors: list of servers and respective errors
+ The type of errors is
+ [(server IP address, any object convertible to string)].
+ Non-empty errors list will add explanatory message ()
+ """
+
+ msg = "All nameservers failed to answer the query."
+ fmt = "%s {query}: {errors}" % msg[:-1]
+ supp_kwargs = {'request', 'errors'}
+
+ def _fmt_kwargs(self, **kwargs):
+ srv_msgs = []
+ for err in kwargs['errors']:
+ srv_msgs.append('Server {} {} port {} answered {}'.format(err[0],
+ 'TCP' if err[1] else 'UDP', err[2], err[3]))
+ return super(NoNameservers, self)._fmt_kwargs(
+ query=kwargs['request'].question, errors='; '.join(srv_msgs))
+
+
+class NotAbsolute(dns.exception.DNSException):
+ """An absolute domain name is required but a relative name was provided."""
+
+
+class NoRootSOA(dns.exception.DNSException):
+ """There is no SOA RR at the DNS root name. This should never happen!"""
+
+
+class NoMetaqueries(dns.exception.DNSException):
+ """DNS metaqueries are not allowed."""
+
+
+class Answer(object):
+ """DNS stub resolver answer.
+
+ Instances of this class bundle up the result of a successful DNS
+ resolution.
+
+ For convenience, the answer object implements much of the sequence
+ protocol, forwarding to its ``rrset`` attribute. E.g.
+ ``for a in answer`` is equivalent to ``for a in answer.rrset``.
+ ``answer[i]`` is equivalent to ``answer.rrset[i]``, and
+ ``answer[i:j]`` is equivalent to ``answer.rrset[i:j]``.
+
+ Note that CNAMEs or DNAMEs in the response may mean that answer
+ RRset's name might not be the query name.
+ """
+
+ def __init__(self, qname, rdtype, rdclass, response,
+ raise_on_no_answer=True):
+ self.qname = qname
+ self.rdtype = rdtype
+ self.rdclass = rdclass
+ self.response = response
+ min_ttl = -1
+ rrset = None
+ for count in xrange(0, 15):
+ try:
+ rrset = response.find_rrset(response.answer, qname,
+ rdclass, rdtype)
+ if min_ttl == -1 or rrset.ttl < min_ttl:
+ min_ttl = rrset.ttl
+ break
+ except KeyError:
+ if rdtype != dns.rdatatype.CNAME:
+ try:
+ crrset = response.find_rrset(response.answer,
+ qname,
+ rdclass,
+ dns.rdatatype.CNAME)
+ if min_ttl == -1 or crrset.ttl < min_ttl:
+ min_ttl = crrset.ttl
+ for rd in crrset:
+ qname = rd.target
+ break
+ continue
+ except KeyError:
+ if raise_on_no_answer:
+ raise NoAnswer(response=response)
+ if raise_on_no_answer:
+ raise NoAnswer(response=response)
+ if rrset is None and raise_on_no_answer:
+ raise NoAnswer(response=response)
+ self.canonical_name = qname
+ self.rrset = rrset
+ if rrset is None:
+ while 1:
+ # Look for a SOA RR whose owner name is a superdomain
+ # of qname.
+ try:
+ srrset = response.find_rrset(response.authority, qname,
+ rdclass, dns.rdatatype.SOA)
+ if min_ttl == -1 or srrset.ttl < min_ttl:
+ min_ttl = srrset.ttl
+ if srrset[0].minimum < min_ttl:
+ min_ttl = srrset[0].minimum
+ break
+ except KeyError:
+ try:
+ qname = qname.parent()
+ except dns.name.NoParent:
+ break
+ self.expiration = time.time() + min_ttl
+
+ def __getattr__(self, attr):
+ if attr == 'name':
+ return self.rrset.name
+ elif attr == 'ttl':
+ return self.rrset.ttl
+ elif attr == 'covers':
+ return self.rrset.covers
+ elif attr == 'rdclass':
+ return self.rrset.rdclass
+ elif attr == 'rdtype':
+ return self.rrset.rdtype
+ else:
+ raise AttributeError(attr)
+
+ def __len__(self):
+ return self.rrset and len(self.rrset) or 0
+
+ def __iter__(self):
+ return self.rrset and iter(self.rrset) or iter(tuple())
+
+ def __getitem__(self, i):
+ if self.rrset is None:
+ raise IndexError
+ return self.rrset[i]
+
+ def __delitem__(self, i):
+ if self.rrset is None:
+ raise IndexError
+ del self.rrset[i]
+
+
+class Cache(object):
+ """Simple thread-safe DNS answer cache."""
+
+ def __init__(self, cleaning_interval=300.0):
+ """*cleaning_interval*, a ``float`` is the number of seconds between
+ periodic cleanings.
+ """
+
+ self.data = {}
+ self.cleaning_interval = cleaning_interval
+ self.next_cleaning = time.time() + self.cleaning_interval
+ self.lock = _threading.Lock()
+
+ def _maybe_clean(self):
+ """Clean the cache if it's time to do so."""
+
+ now = time.time()
+ if self.next_cleaning <= now:
+ keys_to_delete = []
+ for (k, v) in self.data.items():
+ if v.expiration <= now:
+ keys_to_delete.append(k)
+ for k in keys_to_delete:
+ del self.data[k]
+ now = time.time()
+ self.next_cleaning = now + self.cleaning_interval
+
+ def get(self, key):
+ """Get the answer associated with *key*.
+
+ Returns None if no answer is cached for the key.
+
+ *key*, a ``(dns.name.Name, int, int)`` tuple whose values are the
+ query name, rdtype, and rdclass respectively.
+
+ Returns a ``dns.resolver.Answer`` or ``None``.
+ """
+
+ try:
+ self.lock.acquire()
+ self._maybe_clean()
+ v = self.data.get(key)
+ if v is None or v.expiration <= time.time():
+ return None
+ return v
+ finally:
+ self.lock.release()
+
+ def put(self, key, value):
+ """Associate key and value in the cache.
+
+ *key*, a ``(dns.name.Name, int, int)`` tuple whose values are the
+ query name, rdtype, and rdclass respectively.
+
+ *value*, a ``dns.resolver.Answer``, the answer.
+ """
+
+ try:
+ self.lock.acquire()
+ self._maybe_clean()
+ self.data[key] = value
+ finally:
+ self.lock.release()
+
+ def flush(self, key=None):
+ """Flush the cache.
+
+ If *key* is not ``None``, only that item is flushed. Otherwise
+ the entire cache is flushed.
+
+ *key*, a ``(dns.name.Name, int, int)`` tuple whose values are the
+ query name, rdtype, and rdclass respectively.
+ """
+
+ try:
+ self.lock.acquire()
+ if key is not None:
+ if key in self.data:
+ del self.data[key]
+ else:
+ self.data = {}
+ self.next_cleaning = time.time() + self.cleaning_interval
+ finally:
+ self.lock.release()
+
+
+class LRUCacheNode(object):
+ """LRUCache node."""
+
+ def __init__(self, key, value):
+ self.key = key
+ self.value = value
+ self.prev = self
+ self.next = self
+
+ def link_before(self, node):
+ self.prev = node.prev
+ self.next = node
+ node.prev.next = self
+ node.prev = self
+
+ def link_after(self, node):
+ self.prev = node
+ self.next = node.next
+ node.next.prev = self
+ node.next = self
+
+ def unlink(self):
+ self.next.prev = self.prev
+ self.prev.next = self.next
+
+
+class LRUCache(object):
+ """Thread-safe, bounded, least-recently-used DNS answer cache.
+
+ This cache is better than the simple cache (above) if you're
+ running a web crawler or other process that does a lot of
+ resolutions. The LRUCache has a maximum number of nodes, and when
+ it is full, the least-recently used node is removed to make space
+ for a new one.
+ """
+
+ def __init__(self, max_size=100000):
+ """*max_size*, an ``int``, is the maximum number of nodes to cache;
+ it must be greater than 0.
+ """
+
+ self.data = {}
+ self.set_max_size(max_size)
+ self.sentinel = LRUCacheNode(None, None)
+ self.lock = _threading.Lock()
+
+ def set_max_size(self, max_size):
+ if max_size < 1:
+ max_size = 1
+ self.max_size = max_size
+
+ def get(self, key):
+ """Get the answer associated with *key*.
+
+ Returns None if no answer is cached for the key.
+
+ *key*, a ``(dns.name.Name, int, int)`` tuple whose values are the
+ query name, rdtype, and rdclass respectively.
+
+ Returns a ``dns.resolver.Answer`` or ``None``.
+ """
+
+ try:
+ self.lock.acquire()
+ node = self.data.get(key)
+ if node is None:
+ return None
+ # Unlink because we're either going to move the node to the front
+ # of the LRU list or we're going to free it.
+ node.unlink()
+ if node.value.expiration <= time.time():
+ del self.data[node.key]
+ return None
+ node.link_after(self.sentinel)
+ return node.value
+ finally:
+ self.lock.release()
+
+ def put(self, key, value):
+ """Associate key and value in the cache.
+
+ *key*, a ``(dns.name.Name, int, int)`` tuple whose values are the
+ query name, rdtype, and rdclass respectively.
+
+ *value*, a ``dns.resolver.Answer``, the answer.
+ """
+
+ try:
+ self.lock.acquire()
+ node = self.data.get(key)
+ if node is not None:
+ node.unlink()
+ del self.data[node.key]
+ while len(self.data) >= self.max_size:
+ node = self.sentinel.prev
+ node.unlink()
+ del self.data[node.key]
+ node = LRUCacheNode(key, value)
+ node.link_after(self.sentinel)
+ self.data[key] = node
+ finally:
+ self.lock.release()
+
+ def flush(self, key=None):
+ """Flush the cache.
+
+ If *key* is not ``None``, only that item is flushed. Otherwise
+ the entire cache is flushed.
+
+ *key*, a ``(dns.name.Name, int, int)`` tuple whose values are the
+ query name, rdtype, and rdclass respectively.
+ """
+
+ try:
+ self.lock.acquire()
+ if key is not None:
+ node = self.data.get(key)
+ if node is not None:
+ node.unlink()
+ del self.data[node.key]
+ else:
+ node = self.sentinel.next
+ while node != self.sentinel:
+ next = node.next
+ node.prev = None
+ node.next = None
+ node = next
+ self.data = {}
+ finally:
+ self.lock.release()
+
+
+class Resolver(object):
+ """DNS stub resolver."""
+
+ def __init__(self, filename='/etc/resolv.conf', configure=True):
+ """*filename*, a ``text`` or file object, specifying a file
+ in standard /etc/resolv.conf format. This parameter is meaningful
+ only when *configure* is true and the platform is POSIX.
+
+ *configure*, a ``bool``. If True (the default), the resolver
+ instance is configured in the normal fashion for the operating
+ system the resolver is running on. (I.e. by reading a
+ /etc/resolv.conf file on POSIX systems and from the registry
+ on Windows systems.)
+ """
+
+ self.domain = None
+ self.nameservers = None
+ self.nameserver_ports = None
+ self.port = None
+ self.search = None
+ self.timeout = None
+ self.lifetime = None
+ self.keyring = None
+ self.keyname = None
+ self.keyalgorithm = None
+ self.edns = None
+ self.ednsflags = None
+ self.payload = None
+ self.cache = None
+ self.flags = None
+ self.retry_servfail = False
+ self.rotate = False
+
+ self.reset()
+ if configure:
+ if sys.platform == 'win32':
+ self.read_registry()
+ elif filename:
+ self.read_resolv_conf(filename)
+
+ def reset(self):
+ """Reset all resolver configuration to the defaults."""
+
+ self.domain = \
+ dns.name.Name(dns.name.from_text(socket.gethostname())[1:])
+ if len(self.domain) == 0:
+ self.domain = dns.name.root
+ self.nameservers = []
+ self.nameserver_ports = {}
+ self.port = 53
+ self.search = []
+ self.timeout = 2.0
+ self.lifetime = 30.0
+ self.keyring = None
+ self.keyname = None
+ self.keyalgorithm = dns.tsig.default_algorithm
+ self.edns = -1
+ self.ednsflags = 0
+ self.payload = 0
+ self.cache = None
+ self.flags = None
+ self.retry_servfail = False
+ self.rotate = False
+
+ def read_resolv_conf(self, f):
+ """Process *f* as a file in the /etc/resolv.conf format. If f is
+ a ``text``, it is used as the name of the file to open; otherwise it
+ is treated as the file itself."""
+
+ if isinstance(f, string_types):
+ try:
+ f = open(f, 'r')
+ except IOError:
+ # /etc/resolv.conf doesn't exist, can't be read, etc.
+ # We'll just use the default resolver configuration.
+ self.nameservers = ['127.0.0.1']
+ return
+ want_close = True
+ else:
+ want_close = False
+ try:
+ for l in f:
+ if len(l) == 0 or l[0] == '#' or l[0] == ';':
+ continue
+ tokens = l.split()
+
+ # Any line containing less than 2 tokens is malformed
+ if len(tokens) < 2:
+ continue
+
+ if tokens[0] == 'nameserver':
+ self.nameservers.append(tokens[1])
+ elif tokens[0] == 'domain':
+ self.domain = dns.name.from_text(tokens[1])
+ elif tokens[0] == 'search':
+ for suffix in tokens[1:]:
+ self.search.append(dns.name.from_text(suffix))
+ elif tokens[0] == 'options':
+ if 'rotate' in tokens[1:]:
+ self.rotate = True
+ finally:
+ if want_close:
+ f.close()
+ if len(self.nameservers) == 0:
+ self.nameservers.append('127.0.0.1')
+
+ def _determine_split_char(self, entry):
+ #
+ # The windows registry irritatingly changes the list element
+ # delimiter in between ' ' and ',' (and vice-versa) in various
+ # versions of windows.
+ #
+ if entry.find(' ') >= 0:
+ split_char = ' '
+ elif entry.find(',') >= 0:
+ split_char = ','
+ else:
+ # probably a singleton; treat as a space-separated list.
+ split_char = ' '
+ return split_char
+
+ def _config_win32_nameservers(self, nameservers):
+ # we call str() on nameservers to convert it from unicode to ascii
+ nameservers = str(nameservers)
+ split_char = self._determine_split_char(nameservers)
+ ns_list = nameservers.split(split_char)
+ for ns in ns_list:
+ if ns not in self.nameservers:
+ self.nameservers.append(ns)
+
+ def _config_win32_domain(self, domain):
+ # we call str() on domain to convert it from unicode to ascii
+ self.domain = dns.name.from_text(str(domain))
+
+ def _config_win32_search(self, search):
+ # we call str() on search to convert it from unicode to ascii
+ search = str(search)
+ split_char = self._determine_split_char(search)
+ search_list = search.split(split_char)
+ for s in search_list:
+ if s not in self.search:
+ self.search.append(dns.name.from_text(s))
+
+ def _config_win32_fromkey(self, key, always_try_domain):
+ try:
+ servers, rtype = _winreg.QueryValueEx(key, 'NameServer')
+ except WindowsError: # pylint: disable=undefined-variable
+ servers = None
+ if servers:
+ self._config_win32_nameservers(servers)
+ if servers or always_try_domain:
+ try:
+ dom, rtype = _winreg.QueryValueEx(key, 'Domain')
+ if dom:
+ self._config_win32_domain(dom)
+ except WindowsError: # pylint: disable=undefined-variable
+ pass
+ else:
+ try:
+ servers, rtype = _winreg.QueryValueEx(key, 'DhcpNameServer')
+ except WindowsError: # pylint: disable=undefined-variable
+ servers = None
+ if servers:
+ self._config_win32_nameservers(servers)
+ try:
+ dom, rtype = _winreg.QueryValueEx(key, 'DhcpDomain')
+ if dom:
+ self._config_win32_domain(dom)
+ except WindowsError: # pylint: disable=undefined-variable
+ pass
+ try:
+ search, rtype = _winreg.QueryValueEx(key, 'SearchList')
+ except WindowsError: # pylint: disable=undefined-variable
+ search = None
+ if search:
+ self._config_win32_search(search)
+
+ def read_registry(self):
+ """Extract resolver configuration from the Windows registry."""
+
+ lm = _winreg.ConnectRegistry(None, _winreg.HKEY_LOCAL_MACHINE)
+ want_scan = False
+ try:
+ try:
+ # XP, 2000
+ tcp_params = _winreg.OpenKey(lm,
+ r'SYSTEM\CurrentControlSet'
+ r'\Services\Tcpip\Parameters')
+ want_scan = True
+ except EnvironmentError:
+ # ME
+ tcp_params = _winreg.OpenKey(lm,
+ r'SYSTEM\CurrentControlSet'
+ r'\Services\VxD\MSTCP')
+ try:
+ self._config_win32_fromkey(tcp_params, True)
+ finally:
+ tcp_params.Close()
+ if want_scan:
+ interfaces = _winreg.OpenKey(lm,
+ r'SYSTEM\CurrentControlSet'
+ r'\Services\Tcpip\Parameters'
+ r'\Interfaces')
+ try:
+ i = 0
+ while True:
+ try:
+ guid = _winreg.EnumKey(interfaces, i)
+ i += 1
+ key = _winreg.OpenKey(interfaces, guid)
+ if not self._win32_is_nic_enabled(lm, guid, key):
+ continue
+ try:
+ self._config_win32_fromkey(key, False)
+ finally:
+ key.Close()
+ except EnvironmentError:
+ break
+ finally:
+ interfaces.Close()
+ finally:
+ lm.Close()
+
+ def _win32_is_nic_enabled(self, lm, guid, interface_key):
+ # Look in the Windows Registry to determine whether the network
+ # interface corresponding to the given guid is enabled.
+ #
+ # (Code contributed by Paul Marks, thanks!)
+ #
+ try:
+ # This hard-coded location seems to be consistent, at least
+ # from Windows 2000 through Vista.
+ connection_key = _winreg.OpenKey(
+ lm,
+ r'SYSTEM\CurrentControlSet\Control\Network'
+ r'\{4D36E972-E325-11CE-BFC1-08002BE10318}'
+ r'\%s\Connection' % guid)
+
+ try:
+ # The PnpInstanceID points to a key inside Enum
+ (pnp_id, ttype) = _winreg.QueryValueEx(
+ connection_key, 'PnpInstanceID')
+
+ if ttype != _winreg.REG_SZ:
+ raise ValueError
+
+ device_key = _winreg.OpenKey(
+ lm, r'SYSTEM\CurrentControlSet\Enum\%s' % pnp_id)
+
+ try:
+ # Get ConfigFlags for this device
+ (flags, ttype) = _winreg.QueryValueEx(
+ device_key, 'ConfigFlags')
+
+ if ttype != _winreg.REG_DWORD:
+ raise ValueError
+
+ # Based on experimentation, bit 0x1 indicates that the
+ # device is disabled.
+ return not flags & 0x1
+
+ finally:
+ device_key.Close()
+ finally:
+ connection_key.Close()
+ except (EnvironmentError, ValueError):
+ # Pre-vista, enabled interfaces seem to have a non-empty
+ # NTEContextList; this was how dnspython detected enabled
+ # nics before the code above was contributed. We've retained
+ # the old method since we don't know if the code above works
+ # on Windows 95/98/ME.
+ try:
+ (nte, ttype) = _winreg.QueryValueEx(interface_key,
+ 'NTEContextList')
+ return nte is not None
+ except WindowsError: # pylint: disable=undefined-variable
+ return False
+
+ def _compute_timeout(self, start, lifetime=None):
+ lifetime = self.lifetime if lifetime is None else lifetime
+ now = time.time()
+ duration = now - start
+ if duration < 0:
+ if duration < -1:
+ # Time going backwards is bad. Just give up.
+ raise Timeout(timeout=duration)
+ else:
+ # Time went backwards, but only a little. This can
+ # happen, e.g. under vmware with older linux kernels.
+ # Pretend it didn't happen.
+ now = start
+ if duration >= lifetime:
+ raise Timeout(timeout=duration)
+ return min(lifetime - duration, self.timeout)
+
+ def query(self, qname, rdtype=dns.rdatatype.A, rdclass=dns.rdataclass.IN,
+ tcp=False, source=None, raise_on_no_answer=True, source_port=0,
+ lifetime=None):
+ """Query nameservers to find the answer to the question.
+
+ The *qname*, *rdtype*, and *rdclass* parameters may be objects
+ of the appropriate type, or strings that can be converted into objects
+ of the appropriate type.
+
+ *qname*, a ``dns.name.Name`` or ``text``, the query name.
+
+ *rdtype*, an ``int`` or ``text``, the query type.
+
+ *rdclass*, an ``int`` or ``text``, the query class.
+
+ *tcp*, a ``bool``. If ``True``, use TCP to make the query.
+
+ *source*, a ``text`` or ``None``. If not ``None``, bind to this IP
+ address when making queries.
+
+ *raise_on_no_answer*, a ``bool``. If ``True``, raise
+ ``dns.resolver.NoAnswer`` if there's no answer to the question.
+
+ *source_port*, an ``int``, the port from which to send the message.
+
+ *lifetime*, a ``float``, how long query should run before timing out.
+
+ Raises ``dns.exception.Timeout`` if no answers could be found
+ in the specified lifetime.
+
+ Raises ``dns.resolver.NXDOMAIN`` if the query name does not exist.
+
+ Raises ``dns.resolver.YXDOMAIN`` if the query name is too long after
+ DNAME substitution.
+
+ Raises ``dns.resolver.NoAnswer`` if *raise_on_no_answer* is
+ ``True`` and the query name exists but has no RRset of the
+ desired type and class.
+
+ Raises ``dns.resolver.NoNameservers`` if no non-broken
+ nameservers are available to answer the question.
+
+ Returns a ``dns.resolver.Answer`` instance.
+ """
+
+ if isinstance(qname, string_types):
+ qname = dns.name.from_text(qname, None)
+ if isinstance(rdtype, string_types):
+ rdtype = dns.rdatatype.from_text(rdtype)
+ if dns.rdatatype.is_metatype(rdtype):
+ raise NoMetaqueries
+ if isinstance(rdclass, string_types):
+ rdclass = dns.rdataclass.from_text(rdclass)
+ if dns.rdataclass.is_metaclass(rdclass):
+ raise NoMetaqueries
+ qnames_to_try = []
+ if qname.is_absolute():
+ qnames_to_try.append(qname)
+ else:
+ if len(qname) > 1:
+ qnames_to_try.append(qname.concatenate(dns.name.root))
+ if self.search:
+ for suffix in self.search:
+ qnames_to_try.append(qname.concatenate(suffix))
+ else:
+ qnames_to_try.append(qname.concatenate(self.domain))
+ all_nxdomain = True
+ nxdomain_responses = {}
+ start = time.time()
+ _qname = None # make pylint happy
+ for _qname in qnames_to_try:
+ if self.cache:
+ answer = self.cache.get((_qname, rdtype, rdclass))
+ if answer is not None:
+ if answer.rrset is None and raise_on_no_answer:
+ raise NoAnswer(response=answer.response)
+ else:
+ return answer
+ request = dns.message.make_query(_qname, rdtype, rdclass)
+ if self.keyname is not None:
+ request.use_tsig(self.keyring, self.keyname,
+ algorithm=self.keyalgorithm)
+ request.use_edns(self.edns, self.ednsflags, self.payload)
+ if self.flags is not None:
+ request.flags = self.flags
+ response = None
+ #
+ # make a copy of the servers list so we can alter it later.
+ #
+ nameservers = self.nameservers[:]
+ errors = []
+ if self.rotate:
+ random.shuffle(nameservers)
+ backoff = 0.10
+ while response is None:
+ if len(nameservers) == 0:
+ raise NoNameservers(request=request, errors=errors)
+ for nameserver in nameservers[:]:
+ timeout = self._compute_timeout(start, lifetime)
+ port = self.nameserver_ports.get(nameserver, self.port)
+ try:
+ tcp_attempt = tcp
+ if tcp:
+ response = dns.query.tcp(request, nameserver,
+ timeout, port,
+ source=source,
+ source_port=source_port)
+ else:
+ response = dns.query.udp(request, nameserver,
+ timeout, port,
+ source=source,
+ source_port=source_port)
+ if response.flags & dns.flags.TC:
+ # Response truncated; retry with TCP.
+ tcp_attempt = True
+ timeout = self._compute_timeout(start, lifetime)
+ response = \
+ dns.query.tcp(request, nameserver,
+ timeout, port,
+ source=source,
+ source_port=source_port)
+ except (socket.error, dns.exception.Timeout) as ex:
+ #
+ # Communication failure or timeout. Go to the
+ # next server
+ #
+ errors.append((nameserver, tcp_attempt, port, ex,
+ response))
+ response = None
+ continue
+ except dns.query.UnexpectedSource as ex:
+ #
+ # Who knows? Keep going.
+ #
+ errors.append((nameserver, tcp_attempt, port, ex,
+ response))
+ response = None
+ continue
+ except dns.exception.FormError as ex:
+ #
+ # We don't understand what this server is
+ # saying. Take it out of the mix and
+ # continue.
+ #
+ nameservers.remove(nameserver)
+ errors.append((nameserver, tcp_attempt, port, ex,
+ response))
+ response = None
+ continue
+ except EOFError as ex:
+ #
+ # We're using TCP and they hung up on us.
+ # Probably they don't support TCP (though
+ # they're supposed to!). Take it out of the
+ # mix and continue.
+ #
+ nameservers.remove(nameserver)
+ errors.append((nameserver, tcp_attempt, port, ex,
+ response))
+ response = None
+ continue
+ rcode = response.rcode()
+ if rcode == dns.rcode.YXDOMAIN:
+ ex = YXDOMAIN()
+ errors.append((nameserver, tcp_attempt, port, ex,
+ response))
+ raise ex
+ if rcode == dns.rcode.NOERROR or \
+ rcode == dns.rcode.NXDOMAIN:
+ break
+ #
+ # We got a response, but we're not happy with the
+ # rcode in it. Remove the server from the mix if
+ # the rcode isn't SERVFAIL.
+ #
+ if rcode != dns.rcode.SERVFAIL or not self.retry_servfail:
+ nameservers.remove(nameserver)
+ errors.append((nameserver, tcp_attempt, port,
+ dns.rcode.to_text(rcode), response))
+ response = None
+ if response is not None:
+ break
+ #
+ # All nameservers failed!
+ #
+ if len(nameservers) > 0:
+ #
+ # But we still have servers to try. Sleep a bit
+ # so we don't pound them!
+ #
+ timeout = self._compute_timeout(start, lifetime)
+ sleep_time = min(timeout, backoff)
+ backoff *= 2
+ time.sleep(sleep_time)
+ if response.rcode() == dns.rcode.NXDOMAIN:
+ nxdomain_responses[_qname] = response
+ continue
+ all_nxdomain = False
+ break
+ if all_nxdomain:
+ raise NXDOMAIN(qnames=qnames_to_try, responses=nxdomain_responses)
+ answer = Answer(_qname, rdtype, rdclass, response,
+ raise_on_no_answer)
+ if self.cache:
+ self.cache.put((_qname, rdtype, rdclass), answer)
+ return answer
+
+ def use_tsig(self, keyring, keyname=None,
+ algorithm=dns.tsig.default_algorithm):
+ """Add a TSIG signature to the query.
+
+ See the documentation of the Message class for a complete
+ description of the keyring dictionary.
+
+ *keyring*, a ``dict``, the TSIG keyring to use. If a
+ *keyring* is specified but a *keyname* is not, then the key
+ used will be the first key in the *keyring*. Note that the
+ order of keys in a dictionary is not defined, so applications
+ should supply a keyname when a keyring is used, unless they
+ know the keyring contains only one key.
+
+ *keyname*, a ``dns.name.Name`` or ``None``, the name of the TSIG key
+ to use; defaults to ``None``. The key must be defined in the keyring.
+
+ *algorithm*, a ``dns.name.Name``, the TSIG algorithm to use.
+ """
+
+ self.keyring = keyring
+ if keyname is None:
+ self.keyname = list(self.keyring.keys())[0]
+ else:
+ self.keyname = keyname
+ self.keyalgorithm = algorithm
+
+ def use_edns(self, edns, ednsflags, payload):
+ """Configure EDNS behavior.
+
+ *edns*, an ``int``, is the EDNS level to use. Specifying
+ ``None``, ``False``, or ``-1`` means "do not use EDNS", and in this case
+ the other parameters are ignored. Specifying ``True`` is
+ equivalent to specifying 0, i.e. "use EDNS0".
+
+ *ednsflags*, an ``int``, the EDNS flag values.
+
+ *payload*, an ``int``, is the EDNS sender's payload field, which is the
+ maximum size of UDP datagram the sender can handle. I.e. how big
+ a response to this message can be.
+ """
+
+ if edns is None:
+ edns = -1
+ self.edns = edns
+ self.ednsflags = ednsflags
+ self.payload = payload
+
+ def set_flags(self, flags):
+ """Overrides the default flags with your own.
+
+ *flags*, an ``int``, the message flags to use.
+ """
+
+ self.flags = flags
+
+
+#: The default resolver.
+default_resolver = None
+
+
+def get_default_resolver():
+ """Get the default resolver, initializing it if necessary."""
+ if default_resolver is None:
+ reset_default_resolver()
+ return default_resolver
+
+
+def reset_default_resolver():
+ """Re-initialize default resolver.
+
+ Note that the resolver configuration (i.e. /etc/resolv.conf on UNIX
+ systems) will be re-read immediately.
+ """
+
+ global default_resolver
+ default_resolver = Resolver()
+
+
+def query(qname, rdtype=dns.rdatatype.A, rdclass=dns.rdataclass.IN,
+ tcp=False, source=None, raise_on_no_answer=True,
+ source_port=0, lifetime=None):
+ """Query nameservers to find the answer to the question.
+
+ This is a convenience function that uses the default resolver
+ object to make the query.
+
+ See ``dns.resolver.Resolver.query`` for more information on the
+ parameters.
+ """
+
+ return get_default_resolver().query(qname, rdtype, rdclass, tcp, source,
+ raise_on_no_answer, source_port,
+ lifetime)
+
+
+def zone_for_name(name, rdclass=dns.rdataclass.IN, tcp=False, resolver=None):
+ """Find the name of the zone which contains the specified name.
+
+ *name*, an absolute ``dns.name.Name`` or ``text``, the query name.
+
+ *rdclass*, an ``int``, the query class.
+
+ *tcp*, a ``bool``. If ``True``, use TCP to make the query.
+
+ *resolver*, a ``dns.resolver.Resolver`` or ``None``, the resolver to use.
+ If ``None``, the default resolver is used.
+
+ Raises ``dns.resolver.NoRootSOA`` if there is no SOA RR at the DNS
+ root. (This is only likely to happen if you're using non-default
+ root servers in your network and they are misconfigured.)
+
+ Returns a ``dns.name.Name``.
+ """
+
+ if isinstance(name, string_types):
+ name = dns.name.from_text(name, dns.name.root)
+ if resolver is None:
+ resolver = get_default_resolver()
+ if not name.is_absolute():
+ raise NotAbsolute(name)
+ while 1:
+ try:
+ answer = resolver.query(name, dns.rdatatype.SOA, rdclass, tcp)
+ if answer.rrset.name == name:
+ return name
+ # otherwise we were CNAMEd or DNAMEd and need to look higher
+ except (dns.resolver.NXDOMAIN, dns.resolver.NoAnswer):
+ pass
+ try:
+ name = name.parent()
+ except dns.name.NoParent:
+ raise NoRootSOA
+
+#
+# Support for overriding the system resolver for all python code in the
+# running process.
+#
+
+_protocols_for_socktype = {
+ socket.SOCK_DGRAM: [socket.SOL_UDP],
+ socket.SOCK_STREAM: [socket.SOL_TCP],
+}
+
+_resolver = None
+_original_getaddrinfo = socket.getaddrinfo
+_original_getnameinfo = socket.getnameinfo
+_original_getfqdn = socket.getfqdn
+_original_gethostbyname = socket.gethostbyname
+_original_gethostbyname_ex = socket.gethostbyname_ex
+_original_gethostbyaddr = socket.gethostbyaddr
+
+
+def _getaddrinfo(host=None, service=None, family=socket.AF_UNSPEC, socktype=0,
+ proto=0, flags=0):
+ if flags & (socket.AI_ADDRCONFIG | socket.AI_V4MAPPED) != 0:
+ raise NotImplementedError
+ if host is None and service is None:
+ raise socket.gaierror(socket.EAI_NONAME)
+ v6addrs = []
+ v4addrs = []
+ canonical_name = None
+ try:
+ # Is host None or a V6 address literal?
+ if host is None:
+ canonical_name = 'localhost'
+ if flags & socket.AI_PASSIVE != 0:
+ v6addrs.append('::')
+ v4addrs.append('0.0.0.0')
+ else:
+ v6addrs.append('::1')
+ v4addrs.append('127.0.0.1')
+ else:
+ parts = host.split('%')
+ if len(parts) == 2:
+ ahost = parts[0]
+ else:
+ ahost = host
+ addr = dns.ipv6.inet_aton(ahost)
+ v6addrs.append(host)
+ canonical_name = host
+ except Exception:
+ try:
+ # Is it a V4 address literal?
+ addr = dns.ipv4.inet_aton(host)
+ v4addrs.append(host)
+ canonical_name = host
+ except Exception:
+ if flags & socket.AI_NUMERICHOST == 0:
+ try:
+ if family == socket.AF_INET6 or family == socket.AF_UNSPEC:
+ v6 = _resolver.query(host, dns.rdatatype.AAAA,
+ raise_on_no_answer=False)
+ # Note that setting host ensures we query the same name
+ # for A as we did for AAAA.
+ host = v6.qname
+ canonical_name = v6.canonical_name.to_text(True)
+ if v6.rrset is not None:
+ for rdata in v6.rrset:
+ v6addrs.append(rdata.address)
+ if family == socket.AF_INET or family == socket.AF_UNSPEC:
+ v4 = _resolver.query(host, dns.rdatatype.A,
+ raise_on_no_answer=False)
+ host = v4.qname
+ canonical_name = v4.canonical_name.to_text(True)
+ if v4.rrset is not None:
+ for rdata in v4.rrset:
+ v4addrs.append(rdata.address)
+ except dns.resolver.NXDOMAIN:
+ raise socket.gaierror(socket.EAI_NONAME)
+ except Exception:
+ raise socket.gaierror(socket.EAI_SYSTEM)
+ port = None
+ try:
+ # Is it a port literal?
+ if service is None:
+ port = 0
+ else:
+ port = int(service)
+ except Exception:
+ if flags & socket.AI_NUMERICSERV == 0:
+ try:
+ port = socket.getservbyname(service)
+ except Exception:
+ pass
+ if port is None:
+ raise socket.gaierror(socket.EAI_NONAME)
+ tuples = []
+ if socktype == 0:
+ socktypes = [socket.SOCK_DGRAM, socket.SOCK_STREAM]
+ else:
+ socktypes = [socktype]
+ if flags & socket.AI_CANONNAME != 0:
+ cname = canonical_name
+ else:
+ cname = ''
+ if family == socket.AF_INET6 or family == socket.AF_UNSPEC:
+ for addr in v6addrs:
+ for socktype in socktypes:
+ for proto in _protocols_for_socktype[socktype]:
+ tuples.append((socket.AF_INET6, socktype, proto,
+ cname, (addr, port, 0, 0)))
+ if family == socket.AF_INET or family == socket.AF_UNSPEC:
+ for addr in v4addrs:
+ for socktype in socktypes:
+ for proto in _protocols_for_socktype[socktype]:
+ tuples.append((socket.AF_INET, socktype, proto,
+ cname, (addr, port)))
+ if len(tuples) == 0:
+ raise socket.gaierror(socket.EAI_NONAME)
+ return tuples
+
+
+def _getnameinfo(sockaddr, flags=0):
+ host = sockaddr[0]
+ port = sockaddr[1]
+ if len(sockaddr) == 4:
+ scope = sockaddr[3]
+ family = socket.AF_INET6
+ else:
+ scope = None
+ family = socket.AF_INET
+ tuples = _getaddrinfo(host, port, family, socket.SOCK_STREAM,
+ socket.SOL_TCP, 0)
+ if len(tuples) > 1:
+ raise socket.error('sockaddr resolved to multiple addresses')
+ addr = tuples[0][4][0]
+ if flags & socket.NI_DGRAM:
+ pname = 'udp'
+ else:
+ pname = 'tcp'
+ qname = dns.reversename.from_address(addr)
+ if flags & socket.NI_NUMERICHOST == 0:
+ try:
+ answer = _resolver.query(qname, 'PTR')
+ hostname = answer.rrset[0].target.to_text(True)
+ except (dns.resolver.NXDOMAIN, dns.resolver.NoAnswer):
+ if flags & socket.NI_NAMEREQD:
+ raise socket.gaierror(socket.EAI_NONAME)
+ hostname = addr
+ if scope is not None:
+ hostname += '%' + str(scope)
+ else:
+ hostname = addr
+ if scope is not None:
+ hostname += '%' + str(scope)
+ if flags & socket.NI_NUMERICSERV:
+ service = str(port)
+ else:
+ service = socket.getservbyport(port, pname)
+ return (hostname, service)
+
+
+def _getfqdn(name=None):
+ if name is None:
+ name = socket.gethostname()
+ try:
+ return _getnameinfo(_getaddrinfo(name, 80)[0][4])[0]
+ except Exception:
+ return name
+
+
+def _gethostbyname(name):
+ return _gethostbyname_ex(name)[2][0]
+
+
+def _gethostbyname_ex(name):
+ aliases = []
+ addresses = []
+ tuples = _getaddrinfo(name, 0, socket.AF_INET, socket.SOCK_STREAM,
+ socket.SOL_TCP, socket.AI_CANONNAME)
+ canonical = tuples[0][3]
+ for item in tuples:
+ addresses.append(item[4][0])
+ # XXX we just ignore aliases
+ return (canonical, aliases, addresses)
+
+
+def _gethostbyaddr(ip):
+ try:
+ dns.ipv6.inet_aton(ip)
+ sockaddr = (ip, 80, 0, 0)
+ family = socket.AF_INET6
+ except Exception:
+ sockaddr = (ip, 80)
+ family = socket.AF_INET
+ (name, port) = _getnameinfo(sockaddr, socket.NI_NAMEREQD)
+ aliases = []
+ addresses = []
+ tuples = _getaddrinfo(name, 0, family, socket.SOCK_STREAM, socket.SOL_TCP,
+ socket.AI_CANONNAME)
+ canonical = tuples[0][3]
+ for item in tuples:
+ addresses.append(item[4][0])
+ # XXX we just ignore aliases
+ return (canonical, aliases, addresses)
+
+
+def override_system_resolver(resolver=None):
+ """Override the system resolver routines in the socket module with
+ versions which use dnspython's resolver.
+
+ This can be useful in testing situations where you want to control
+ the resolution behavior of python code without having to change
+ the system's resolver settings (e.g. /etc/resolv.conf).
+
+ The resolver to use may be specified; if it's not, the default
+ resolver will be used.
+
+ resolver, a ``dns.resolver.Resolver`` or ``None``, the resolver to use.
+ """
+
+ if resolver is None:
+ resolver = get_default_resolver()
+ global _resolver
+ _resolver = resolver
+ socket.getaddrinfo = _getaddrinfo
+ socket.getnameinfo = _getnameinfo
+ socket.getfqdn = _getfqdn
+ socket.gethostbyname = _gethostbyname
+ socket.gethostbyname_ex = _gethostbyname_ex
+ socket.gethostbyaddr = _gethostbyaddr
+
+
+def restore_system_resolver():
+ """Undo the effects of prior override_system_resolver()."""
+
+ global _resolver
+ _resolver = None
+ socket.getaddrinfo = _original_getaddrinfo
+ socket.getnameinfo = _original_getnameinfo
+ socket.getfqdn = _original_getfqdn
+ socket.gethostbyname = _original_gethostbyname
+ socket.gethostbyname_ex = _original_gethostbyname_ex
+ socket.gethostbyaddr = _original_gethostbyaddr
diff --git a/lib/dns/reversename.py b/lib/dns/reversename.py
new file mode 100644
index 00000000..8f095fa9
--- /dev/null
+++ b/lib/dns/reversename.py
@@ -0,0 +1,96 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2006-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS Reverse Map Names."""
+
+import binascii
+
+import dns.name
+import dns.ipv6
+import dns.ipv4
+
+from dns._compat import PY3
+
+ipv4_reverse_domain = dns.name.from_text('in-addr.arpa.')
+ipv6_reverse_domain = dns.name.from_text('ip6.arpa.')
+
+
+def from_address(text):
+ """Convert an IPv4 or IPv6 address in textual form into a Name object whose
+ value is the reverse-map domain name of the address.
+
+ *text*, a ``text``, is an IPv4 or IPv6 address in textual form
+ (e.g. '127.0.0.1', '::1')
+
+ Raises ``dns.exception.SyntaxError`` if the address is badly formed.
+
+ Returns a ``dns.name.Name``.
+ """
+
+ try:
+ v6 = dns.ipv6.inet_aton(text)
+ if dns.ipv6.is_mapped(v6):
+ if PY3:
+ parts = ['%d' % byte for byte in v6[12:]]
+ else:
+ parts = ['%d' % ord(byte) for byte in v6[12:]]
+ origin = ipv4_reverse_domain
+ else:
+ parts = [x for x in str(binascii.hexlify(v6).decode())]
+ origin = ipv6_reverse_domain
+ except Exception:
+ parts = ['%d' %
+ byte for byte in bytearray(dns.ipv4.inet_aton(text))]
+ origin = ipv4_reverse_domain
+ parts.reverse()
+ return dns.name.from_text('.'.join(parts), origin=origin)
+
+
+def to_address(name):
+ """Convert a reverse map domain name into textual address form.
+
+ *name*, a ``dns.name.Name``, an IPv4 or IPv6 address in reverse-map name
+ form.
+
+ Raises ``dns.exception.SyntaxError`` if the name does not have a
+ reverse-map form.
+
+ Returns a ``text``.
+ """
+
+ if name.is_subdomain(ipv4_reverse_domain):
+ name = name.relativize(ipv4_reverse_domain)
+ labels = list(name.labels)
+ labels.reverse()
+ text = b'.'.join(labels)
+ # run through inet_aton() to check syntax and make pretty.
+ return dns.ipv4.inet_ntoa(dns.ipv4.inet_aton(text))
+ elif name.is_subdomain(ipv6_reverse_domain):
+ name = name.relativize(ipv6_reverse_domain)
+ labels = list(name.labels)
+ labels.reverse()
+ parts = []
+ i = 0
+ l = len(labels)
+ while i < l:
+ parts.append(b''.join(labels[i:i + 4]))
+ i += 4
+ text = b':'.join(parts)
+ # run through inet_aton() to check syntax and make pretty.
+ return dns.ipv6.inet_ntoa(dns.ipv6.inet_aton(text))
+ else:
+ raise dns.exception.SyntaxError('unknown reverse-map address family')
diff --git a/lib/dns/rrset.py b/lib/dns/rrset.py
new file mode 100644
index 00000000..a53ec324
--- /dev/null
+++ b/lib/dns/rrset.py
@@ -0,0 +1,189 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS RRsets (an RRset is a named rdataset)"""
+
+
+import dns.name
+import dns.rdataset
+import dns.rdataclass
+import dns.renderer
+from ._compat import string_types
+
+
+class RRset(dns.rdataset.Rdataset):
+
+ """A DNS RRset (named rdataset).
+
+ RRset inherits from Rdataset, and RRsets can be treated as
+ Rdatasets in most cases. There are, however, a few notable
+ exceptions. RRsets have different to_wire() and to_text() method
+ arguments, reflecting the fact that RRsets always have an owner
+ name.
+ """
+
+ __slots__ = ['name', 'deleting']
+
+ def __init__(self, name, rdclass, rdtype, covers=dns.rdatatype.NONE,
+ deleting=None):
+ """Create a new RRset."""
+
+ super(RRset, self).__init__(rdclass, rdtype, covers)
+ self.name = name
+ self.deleting = deleting
+
+ def _clone(self):
+ obj = super(RRset, self)._clone()
+ obj.name = self.name
+ obj.deleting = self.deleting
+ return obj
+
+ def __repr__(self):
+ if self.covers == 0:
+ ctext = ''
+ else:
+ ctext = '(' + dns.rdatatype.to_text(self.covers) + ')'
+ if self.deleting is not None:
+ dtext = ' delete=' + dns.rdataclass.to_text(self.deleting)
+ else:
+ dtext = ''
+ return ''
+
+ def __str__(self):
+ return self.to_text()
+
+ def __eq__(self, other):
+ if not isinstance(other, RRset):
+ return False
+ if self.name != other.name:
+ return False
+ return super(RRset, self).__eq__(other)
+
+ def match(self, name, rdclass, rdtype, covers, deleting=None):
+ """Returns ``True`` if this rrset matches the specified class, type,
+ covers, and deletion state.
+ """
+
+ if not super(RRset, self).match(rdclass, rdtype, covers):
+ return False
+ if self.name != name or self.deleting != deleting:
+ return False
+ return True
+
+ def to_text(self, origin=None, relativize=True, **kw):
+ """Convert the RRset into DNS master file format.
+
+ See ``dns.name.Name.choose_relativity`` for more information
+ on how *origin* and *relativize* determine the way names
+ are emitted.
+
+ Any additional keyword arguments are passed on to the rdata
+ ``to_text()`` method.
+
+ *origin*, a ``dns.name.Name`` or ``None``, the origin for relative
+ names.
+
+ *relativize*, a ``bool``. If ``True``, names will be relativized
+ to *origin*.
+ """
+
+ return super(RRset, self).to_text(self.name, origin, relativize,
+ self.deleting, **kw)
+
+ def to_wire(self, file, compress=None, origin=None, **kw):
+ """Convert the RRset to wire format.
+
+ All keyword arguments are passed to ``dns.rdataset.to_wire()``; see
+ that function for details.
+
+ Returns an ``int``, the number of records emitted.
+ """
+
+ return super(RRset, self).to_wire(self.name, file, compress, origin,
+ self.deleting, **kw)
+
+ def to_rdataset(self):
+ """Convert an RRset into an Rdataset.
+
+ Returns a ``dns.rdataset.Rdataset``.
+ """
+ return dns.rdataset.from_rdata_list(self.ttl, list(self))
+
+
+def from_text_list(name, ttl, rdclass, rdtype, text_rdatas,
+ idna_codec=None):
+ """Create an RRset with the specified name, TTL, class, and type, and with
+ the specified list of rdatas in text format.
+
+ Returns a ``dns.rrset.RRset`` object.
+ """
+
+ if isinstance(name, string_types):
+ name = dns.name.from_text(name, None, idna_codec=idna_codec)
+ if isinstance(rdclass, string_types):
+ rdclass = dns.rdataclass.from_text(rdclass)
+ if isinstance(rdtype, string_types):
+ rdtype = dns.rdatatype.from_text(rdtype)
+ r = RRset(name, rdclass, rdtype)
+ r.update_ttl(ttl)
+ for t in text_rdatas:
+ rd = dns.rdata.from_text(r.rdclass, r.rdtype, t)
+ r.add(rd)
+ return r
+
+
+def from_text(name, ttl, rdclass, rdtype, *text_rdatas):
+ """Create an RRset with the specified name, TTL, class, and type and with
+ the specified rdatas in text format.
+
+ Returns a ``dns.rrset.RRset`` object.
+ """
+
+ return from_text_list(name, ttl, rdclass, rdtype, text_rdatas)
+
+
+def from_rdata_list(name, ttl, rdatas, idna_codec=None):
+ """Create an RRset with the specified name and TTL, and with
+ the specified list of rdata objects.
+
+ Returns a ``dns.rrset.RRset`` object.
+ """
+
+ if isinstance(name, string_types):
+ name = dns.name.from_text(name, None, idna_codec=idna_codec)
+
+ if len(rdatas) == 0:
+ raise ValueError("rdata list must not be empty")
+ r = None
+ for rd in rdatas:
+ if r is None:
+ r = RRset(name, rd.rdclass, rd.rdtype)
+ r.update_ttl(ttl)
+ r.add(rd)
+ return r
+
+
+def from_rdata(name, ttl, *rdatas):
+ """Create an RRset with the specified name and TTL, and with
+ the specified rdata objects.
+
+ Returns a ``dns.rrset.RRset`` object.
+ """
+
+ return from_rdata_list(name, ttl, rdatas)
diff --git a/lib/dns/set.py b/lib/dns/set.py
new file mode 100644
index 00000000..81329bf4
--- /dev/null
+++ b/lib/dns/set.py
@@ -0,0 +1,261 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+class Set(object):
+
+ """A simple set class.
+
+ This class was originally used to deal with sets being missing in
+ ancient versions of python, but dnspython will continue to use it
+ as these sets are based on lists and are thus indexable, and this
+ ability is widely used in dnspython applications.
+ """
+
+ __slots__ = ['items']
+
+ def __init__(self, items=None):
+ """Initialize the set.
+
+ *items*, an iterable or ``None``, the initial set of items.
+ """
+
+ self.items = []
+ if items is not None:
+ for item in items:
+ self.add(item)
+
+ def __repr__(self):
+ return "dns.simpleset.Set(%s)" % repr(self.items)
+
+ def add(self, item):
+ """Add an item to the set.
+ """
+
+ if item not in self.items:
+ self.items.append(item)
+
+ def remove(self, item):
+ """Remove an item from the set.
+ """
+
+ self.items.remove(item)
+
+ def discard(self, item):
+ """Remove an item from the set if present.
+ """
+
+ try:
+ self.items.remove(item)
+ except ValueError:
+ pass
+
+ def _clone(self):
+ """Make a (shallow) copy of the set.
+
+ There is a 'clone protocol' that subclasses of this class
+ should use. To make a copy, first call your super's _clone()
+ method, and use the object returned as the new instance. Then
+ make shallow copies of the attributes defined in the subclass.
+
+ This protocol allows us to write the set algorithms that
+ return new instances (e.g. union) once, and keep using them in
+ subclasses.
+ """
+
+ cls = self.__class__
+ obj = cls.__new__(cls)
+ obj.items = list(self.items)
+ return obj
+
+ def __copy__(self):
+ """Make a (shallow) copy of the set.
+ """
+
+ return self._clone()
+
+ def copy(self):
+ """Make a (shallow) copy of the set.
+ """
+
+ return self._clone()
+
+ def union_update(self, other):
+ """Update the set, adding any elements from other which are not
+ already in the set.
+ """
+
+ if not isinstance(other, Set):
+ raise ValueError('other must be a Set instance')
+ if self is other:
+ return
+ for item in other.items:
+ self.add(item)
+
+ def intersection_update(self, other):
+ """Update the set, removing any elements from other which are not
+ in both sets.
+ """
+
+ if not isinstance(other, Set):
+ raise ValueError('other must be a Set instance')
+ if self is other:
+ return
+ # we make a copy of the list so that we can remove items from
+ # the list without breaking the iterator.
+ for item in list(self.items):
+ if item not in other.items:
+ self.items.remove(item)
+
+ def difference_update(self, other):
+ """Update the set, removing any elements from other which are in
+ the set.
+ """
+
+ if not isinstance(other, Set):
+ raise ValueError('other must be a Set instance')
+ if self is other:
+ self.items = []
+ else:
+ for item in other.items:
+ self.discard(item)
+
+ def union(self, other):
+ """Return a new set which is the union of ``self`` and ``other``.
+
+ Returns the same Set type as this set.
+ """
+
+ obj = self._clone()
+ obj.union_update(other)
+ return obj
+
+ def intersection(self, other):
+ """Return a new set which is the intersection of ``self`` and
+ ``other``.
+
+ Returns the same Set type as this set.
+ """
+
+ obj = self._clone()
+ obj.intersection_update(other)
+ return obj
+
+ def difference(self, other):
+ """Return a new set which ``self`` - ``other``, i.e. the items
+ in ``self`` which are not also in ``other``.
+
+ Returns the same Set type as this set.
+ """
+
+ obj = self._clone()
+ obj.difference_update(other)
+ return obj
+
+ def __or__(self, other):
+ return self.union(other)
+
+ def __and__(self, other):
+ return self.intersection(other)
+
+ def __add__(self, other):
+ return self.union(other)
+
+ def __sub__(self, other):
+ return self.difference(other)
+
+ def __ior__(self, other):
+ self.union_update(other)
+ return self
+
+ def __iand__(self, other):
+ self.intersection_update(other)
+ return self
+
+ def __iadd__(self, other):
+ self.union_update(other)
+ return self
+
+ def __isub__(self, other):
+ self.difference_update(other)
+ return self
+
+ def update(self, other):
+ """Update the set, adding any elements from other which are not
+ already in the set.
+
+ *other*, the collection of items with which to update the set, which
+ may be any iterable type.
+ """
+
+ for item in other:
+ self.add(item)
+
+ def clear(self):
+ """Make the set empty."""
+ self.items = []
+
+ def __eq__(self, other):
+ # Yes, this is inefficient but the sets we're dealing with are
+ # usually quite small, so it shouldn't hurt too much.
+ for item in self.items:
+ if item not in other.items:
+ return False
+ for item in other.items:
+ if item not in self.items:
+ return False
+ return True
+
+ def __ne__(self, other):
+ return not self.__eq__(other)
+
+ def __len__(self):
+ return len(self.items)
+
+ def __iter__(self):
+ return iter(self.items)
+
+ def __getitem__(self, i):
+ return self.items[i]
+
+ def __delitem__(self, i):
+ del self.items[i]
+
+ def issubset(self, other):
+ """Is this set a subset of *other*?
+
+ Returns a ``bool``.
+ """
+
+ if not isinstance(other, Set):
+ raise ValueError('other must be a Set instance')
+ for item in self.items:
+ if item not in other.items:
+ return False
+ return True
+
+ def issuperset(self, other):
+ """Is this set a superset of *other*?
+
+ Returns a ``bool``.
+ """
+
+ if not isinstance(other, Set):
+ raise ValueError('other must be a Set instance')
+ for item in other.items:
+ if item not in self.items:
+ return False
+ return True
diff --git a/lib/dns/tokenizer.py b/lib/dns/tokenizer.py
new file mode 100644
index 00000000..880b71ce
--- /dev/null
+++ b/lib/dns/tokenizer.py
@@ -0,0 +1,571 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""Tokenize DNS master file format"""
+
+from io import StringIO
+import sys
+
+import dns.exception
+import dns.name
+import dns.ttl
+from ._compat import long, text_type, binary_type
+
+_DELIMITERS = {
+ ' ': True,
+ '\t': True,
+ '\n': True,
+ ';': True,
+ '(': True,
+ ')': True,
+ '"': True}
+
+_QUOTING_DELIMITERS = {'"': True}
+
+EOF = 0
+EOL = 1
+WHITESPACE = 2
+IDENTIFIER = 3
+QUOTED_STRING = 4
+COMMENT = 5
+DELIMITER = 6
+
+
+class UngetBufferFull(dns.exception.DNSException):
+ """An attempt was made to unget a token when the unget buffer was full."""
+
+
+class Token(object):
+ """A DNS master file format token.
+
+ ttype: The token type
+ value: The token value
+ has_escape: Does the token value contain escapes?
+ """
+
+ def __init__(self, ttype, value='', has_escape=False):
+ """Initialize a token instance."""
+
+ self.ttype = ttype
+ self.value = value
+ self.has_escape = has_escape
+
+ def is_eof(self):
+ return self.ttype == EOF
+
+ def is_eol(self):
+ return self.ttype == EOL
+
+ def is_whitespace(self):
+ return self.ttype == WHITESPACE
+
+ def is_identifier(self):
+ return self.ttype == IDENTIFIER
+
+ def is_quoted_string(self):
+ return self.ttype == QUOTED_STRING
+
+ def is_comment(self):
+ return self.ttype == COMMENT
+
+ def is_delimiter(self):
+ return self.ttype == DELIMITER
+
+ def is_eol_or_eof(self):
+ return self.ttype == EOL or self.ttype == EOF
+
+ def __eq__(self, other):
+ if not isinstance(other, Token):
+ return False
+ return (self.ttype == other.ttype and
+ self.value == other.value)
+
+ def __ne__(self, other):
+ if not isinstance(other, Token):
+ return True
+ return (self.ttype != other.ttype or
+ self.value != other.value)
+
+ def __str__(self):
+ return '%d "%s"' % (self.ttype, self.value)
+
+ def unescape(self):
+ if not self.has_escape:
+ return self
+ unescaped = ''
+ l = len(self.value)
+ i = 0
+ while i < l:
+ c = self.value[i]
+ i += 1
+ if c == '\\':
+ if i >= l:
+ raise dns.exception.UnexpectedEnd
+ c = self.value[i]
+ i += 1
+ if c.isdigit():
+ if i >= l:
+ raise dns.exception.UnexpectedEnd
+ c2 = self.value[i]
+ i += 1
+ if i >= l:
+ raise dns.exception.UnexpectedEnd
+ c3 = self.value[i]
+ i += 1
+ if not (c2.isdigit() and c3.isdigit()):
+ raise dns.exception.SyntaxError
+ c = chr(int(c) * 100 + int(c2) * 10 + int(c3))
+ unescaped += c
+ return Token(self.ttype, unescaped)
+
+ # compatibility for old-style tuple tokens
+
+ def __len__(self):
+ return 2
+
+ def __iter__(self):
+ return iter((self.ttype, self.value))
+
+ def __getitem__(self, i):
+ if i == 0:
+ return self.ttype
+ elif i == 1:
+ return self.value
+ else:
+ raise IndexError
+
+
+class Tokenizer(object):
+ """A DNS master file format tokenizer.
+
+ A token object is basically a (type, value) tuple. The valid
+ types are EOF, EOL, WHITESPACE, IDENTIFIER, QUOTED_STRING,
+ COMMENT, and DELIMITER.
+
+ file: The file to tokenize
+
+ ungotten_char: The most recently ungotten character, or None.
+
+ ungotten_token: The most recently ungotten token, or None.
+
+ multiline: The current multiline level. This value is increased
+ by one every time a '(' delimiter is read, and decreased by one every time
+ a ')' delimiter is read.
+
+ quoting: This variable is true if the tokenizer is currently
+ reading a quoted string.
+
+ eof: This variable is true if the tokenizer has encountered EOF.
+
+ delimiters: The current delimiter dictionary.
+
+ line_number: The current line number
+
+ filename: A filename that will be returned by the where() method.
+ """
+
+ def __init__(self, f=sys.stdin, filename=None):
+ """Initialize a tokenizer instance.
+
+ f: The file to tokenize. The default is sys.stdin.
+ This parameter may also be a string, in which case the tokenizer
+ will take its input from the contents of the string.
+
+ filename: the name of the filename that the where() method
+ will return.
+ """
+
+ if isinstance(f, text_type):
+ f = StringIO(f)
+ if filename is None:
+ filename = ''
+ elif isinstance(f, binary_type):
+ f = StringIO(f.decode())
+ if filename is None:
+ filename = ''
+ else:
+ if filename is None:
+ if f is sys.stdin:
+ filename = ''
+ else:
+ filename = ''
+ self.file = f
+ self.ungotten_char = None
+ self.ungotten_token = None
+ self.multiline = 0
+ self.quoting = False
+ self.eof = False
+ self.delimiters = _DELIMITERS
+ self.line_number = 1
+ self.filename = filename
+
+ def _get_char(self):
+ """Read a character from input.
+ """
+
+ if self.ungotten_char is None:
+ if self.eof:
+ c = ''
+ else:
+ c = self.file.read(1)
+ if c == '':
+ self.eof = True
+ elif c == '\n':
+ self.line_number += 1
+ else:
+ c = self.ungotten_char
+ self.ungotten_char = None
+ return c
+
+ def where(self):
+ """Return the current location in the input.
+
+ Returns a (string, int) tuple. The first item is the filename of
+ the input, the second is the current line number.
+ """
+
+ return (self.filename, self.line_number)
+
+ def _unget_char(self, c):
+ """Unget a character.
+
+ The unget buffer for characters is only one character large; it is
+ an error to try to unget a character when the unget buffer is not
+ empty.
+
+ c: the character to unget
+ raises UngetBufferFull: there is already an ungotten char
+ """
+
+ if self.ungotten_char is not None:
+ raise UngetBufferFull
+ self.ungotten_char = c
+
+ def skip_whitespace(self):
+ """Consume input until a non-whitespace character is encountered.
+
+ The non-whitespace character is then ungotten, and the number of
+ whitespace characters consumed is returned.
+
+ If the tokenizer is in multiline mode, then newlines are whitespace.
+
+ Returns the number of characters skipped.
+ """
+
+ skipped = 0
+ while True:
+ c = self._get_char()
+ if c != ' ' and c != '\t':
+ if (c != '\n') or not self.multiline:
+ self._unget_char(c)
+ return skipped
+ skipped += 1
+
+ def get(self, want_leading=False, want_comment=False):
+ """Get the next token.
+
+ want_leading: If True, return a WHITESPACE token if the
+ first character read is whitespace. The default is False.
+
+ want_comment: If True, return a COMMENT token if the
+ first token read is a comment. The default is False.
+
+ Raises dns.exception.UnexpectedEnd: input ended prematurely
+
+ Raises dns.exception.SyntaxError: input was badly formed
+
+ Returns a Token.
+ """
+
+ if self.ungotten_token is not None:
+ token = self.ungotten_token
+ self.ungotten_token = None
+ if token.is_whitespace():
+ if want_leading:
+ return token
+ elif token.is_comment():
+ if want_comment:
+ return token
+ else:
+ return token
+ skipped = self.skip_whitespace()
+ if want_leading and skipped > 0:
+ return Token(WHITESPACE, ' ')
+ token = ''
+ ttype = IDENTIFIER
+ has_escape = False
+ while True:
+ c = self._get_char()
+ if c == '' or c in self.delimiters:
+ if c == '' and self.quoting:
+ raise dns.exception.UnexpectedEnd
+ if token == '' and ttype != QUOTED_STRING:
+ if c == '(':
+ self.multiline += 1
+ self.skip_whitespace()
+ continue
+ elif c == ')':
+ if self.multiline <= 0:
+ raise dns.exception.SyntaxError
+ self.multiline -= 1
+ self.skip_whitespace()
+ continue
+ elif c == '"':
+ if not self.quoting:
+ self.quoting = True
+ self.delimiters = _QUOTING_DELIMITERS
+ ttype = QUOTED_STRING
+ continue
+ else:
+ self.quoting = False
+ self.delimiters = _DELIMITERS
+ self.skip_whitespace()
+ continue
+ elif c == '\n':
+ return Token(EOL, '\n')
+ elif c == ';':
+ while 1:
+ c = self._get_char()
+ if c == '\n' or c == '':
+ break
+ token += c
+ if want_comment:
+ self._unget_char(c)
+ return Token(COMMENT, token)
+ elif c == '':
+ if self.multiline:
+ raise dns.exception.SyntaxError(
+ 'unbalanced parentheses')
+ return Token(EOF)
+ elif self.multiline:
+ self.skip_whitespace()
+ token = ''
+ continue
+ else:
+ return Token(EOL, '\n')
+ else:
+ # This code exists in case we ever want a
+ # delimiter to be returned. It never produces
+ # a token currently.
+ token = c
+ ttype = DELIMITER
+ else:
+ self._unget_char(c)
+ break
+ elif self.quoting:
+ if c == '\\':
+ c = self._get_char()
+ if c == '':
+ raise dns.exception.UnexpectedEnd
+ if c.isdigit():
+ c2 = self._get_char()
+ if c2 == '':
+ raise dns.exception.UnexpectedEnd
+ c3 = self._get_char()
+ if c == '':
+ raise dns.exception.UnexpectedEnd
+ if not (c2.isdigit() and c3.isdigit()):
+ raise dns.exception.SyntaxError
+ c = chr(int(c) * 100 + int(c2) * 10 + int(c3))
+ elif c == '\n':
+ raise dns.exception.SyntaxError('newline in quoted string')
+ elif c == '\\':
+ #
+ # It's an escape. Put it and the next character into
+ # the token; it will be checked later for goodness.
+ #
+ token += c
+ has_escape = True
+ c = self._get_char()
+ if c == '' or c == '\n':
+ raise dns.exception.UnexpectedEnd
+ token += c
+ if token == '' and ttype != QUOTED_STRING:
+ if self.multiline:
+ raise dns.exception.SyntaxError('unbalanced parentheses')
+ ttype = EOF
+ return Token(ttype, token, has_escape)
+
+ def unget(self, token):
+ """Unget a token.
+
+ The unget buffer for tokens is only one token large; it is
+ an error to try to unget a token when the unget buffer is not
+ empty.
+
+ token: the token to unget
+
+ Raises UngetBufferFull: there is already an ungotten token
+ """
+
+ if self.ungotten_token is not None:
+ raise UngetBufferFull
+ self.ungotten_token = token
+
+ def next(self):
+ """Return the next item in an iteration.
+
+ Returns a Token.
+ """
+
+ token = self.get()
+ if token.is_eof():
+ raise StopIteration
+ return token
+
+ __next__ = next
+
+ def __iter__(self):
+ return self
+
+ # Helpers
+
+ def get_int(self, base=10):
+ """Read the next token and interpret it as an integer.
+
+ Raises dns.exception.SyntaxError if not an integer.
+
+ Returns an int.
+ """
+
+ token = self.get().unescape()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError('expecting an identifier')
+ if not token.value.isdigit():
+ raise dns.exception.SyntaxError('expecting an integer')
+ return int(token.value, base)
+
+ def get_uint8(self):
+ """Read the next token and interpret it as an 8-bit unsigned
+ integer.
+
+ Raises dns.exception.SyntaxError if not an 8-bit unsigned integer.
+
+ Returns an int.
+ """
+
+ value = self.get_int()
+ if value < 0 or value > 255:
+ raise dns.exception.SyntaxError(
+ '%d is not an unsigned 8-bit integer' % value)
+ return value
+
+ def get_uint16(self, base=10):
+ """Read the next token and interpret it as a 16-bit unsigned
+ integer.
+
+ Raises dns.exception.SyntaxError if not a 16-bit unsigned integer.
+
+ Returns an int.
+ """
+
+ value = self.get_int(base=base)
+ if value < 0 or value > 65535:
+ if base == 8:
+ raise dns.exception.SyntaxError(
+ '%o is not an octal unsigned 16-bit integer' % value)
+ else:
+ raise dns.exception.SyntaxError(
+ '%d is not an unsigned 16-bit integer' % value)
+ return value
+
+ def get_uint32(self):
+ """Read the next token and interpret it as a 32-bit unsigned
+ integer.
+
+ Raises dns.exception.SyntaxError if not a 32-bit unsigned integer.
+
+ Returns an int.
+ """
+
+ token = self.get().unescape()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError('expecting an identifier')
+ if not token.value.isdigit():
+ raise dns.exception.SyntaxError('expecting an integer')
+ value = long(token.value)
+ if value < 0 or value > long(4294967296):
+ raise dns.exception.SyntaxError(
+ '%d is not an unsigned 32-bit integer' % value)
+ return value
+
+ def get_string(self, origin=None):
+ """Read the next token and interpret it as a string.
+
+ Raises dns.exception.SyntaxError if not a string.
+
+ Returns a string.
+ """
+
+ token = self.get().unescape()
+ if not (token.is_identifier() or token.is_quoted_string()):
+ raise dns.exception.SyntaxError('expecting a string')
+ return token.value
+
+ def get_identifier(self, origin=None):
+ """Read the next token, which should be an identifier.
+
+ Raises dns.exception.SyntaxError if not an identifier.
+
+ Returns a string.
+ """
+
+ token = self.get().unescape()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError('expecting an identifier')
+ return token.value
+
+ def get_name(self, origin=None):
+ """Read the next token and interpret it as a DNS name.
+
+ Raises dns.exception.SyntaxError if not a name.
+
+ Returns a dns.name.Name.
+ """
+
+ token = self.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError('expecting an identifier')
+ return dns.name.from_text(token.value, origin)
+
+ def get_eol(self):
+ """Read the next token and raise an exception if it isn't EOL or
+ EOF.
+
+ Returns a string.
+ """
+
+ token = self.get()
+ if not token.is_eol_or_eof():
+ raise dns.exception.SyntaxError(
+ 'expected EOL or EOF, got %d "%s"' % (token.ttype,
+ token.value))
+ return token.value
+
+ def get_ttl(self):
+ """Read the next token and interpret it as a DNS TTL.
+
+ Raises dns.exception.SyntaxError or dns.ttl.BadTTL if not an
+ identifier or badly formed.
+
+ Returns an int.
+ """
+
+ token = self.get().unescape()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError('expecting an identifier')
+ return dns.ttl.from_text(token.value)
diff --git a/lib/dns/tsig.py b/lib/dns/tsig.py
new file mode 100644
index 00000000..3daa3878
--- /dev/null
+++ b/lib/dns/tsig.py
@@ -0,0 +1,236 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2001-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS TSIG support."""
+
+import hashlib
+import hmac
+import struct
+
+import dns.exception
+import dns.rdataclass
+import dns.name
+from ._compat import long, string_types, text_type
+
+class BadTime(dns.exception.DNSException):
+
+ """The current time is not within the TSIG's validity time."""
+
+
+class BadSignature(dns.exception.DNSException):
+
+ """The TSIG signature fails to verify."""
+
+
+class PeerError(dns.exception.DNSException):
+
+ """Base class for all TSIG errors generated by the remote peer"""
+
+
+class PeerBadKey(PeerError):
+
+ """The peer didn't know the key we used"""
+
+
+class PeerBadSignature(PeerError):
+
+ """The peer didn't like the signature we sent"""
+
+
+class PeerBadTime(PeerError):
+
+ """The peer didn't like the time we sent"""
+
+
+class PeerBadTruncation(PeerError):
+
+ """The peer didn't like amount of truncation in the TSIG we sent"""
+
+# TSIG Algorithms
+
+HMAC_MD5 = dns.name.from_text("HMAC-MD5.SIG-ALG.REG.INT")
+HMAC_SHA1 = dns.name.from_text("hmac-sha1")
+HMAC_SHA224 = dns.name.from_text("hmac-sha224")
+HMAC_SHA256 = dns.name.from_text("hmac-sha256")
+HMAC_SHA384 = dns.name.from_text("hmac-sha384")
+HMAC_SHA512 = dns.name.from_text("hmac-sha512")
+
+_hashes = {
+ HMAC_SHA224: hashlib.sha224,
+ HMAC_SHA256: hashlib.sha256,
+ HMAC_SHA384: hashlib.sha384,
+ HMAC_SHA512: hashlib.sha512,
+ HMAC_SHA1: hashlib.sha1,
+ HMAC_MD5: hashlib.md5,
+}
+
+default_algorithm = HMAC_MD5
+
+BADSIG = 16
+BADKEY = 17
+BADTIME = 18
+BADTRUNC = 22
+
+
+def sign(wire, keyname, secret, time, fudge, original_id, error,
+ other_data, request_mac, ctx=None, multi=False, first=True,
+ algorithm=default_algorithm):
+ """Return a (tsig_rdata, mac, ctx) tuple containing the HMAC TSIG rdata
+ for the input parameters, the HMAC MAC calculated by applying the
+ TSIG signature algorithm, and the TSIG digest context.
+ @rtype: (string, string, hmac.HMAC object)
+ @raises ValueError: I{other_data} is too long
+ @raises NotImplementedError: I{algorithm} is not supported
+ """
+
+ if isinstance(other_data, text_type):
+ other_data = other_data.encode()
+ (algorithm_name, digestmod) = get_algorithm(algorithm)
+ if first:
+ ctx = hmac.new(secret, digestmod=digestmod)
+ ml = len(request_mac)
+ if ml > 0:
+ ctx.update(struct.pack('!H', ml))
+ ctx.update(request_mac)
+ id = struct.pack('!H', original_id)
+ ctx.update(id)
+ ctx.update(wire[2:])
+ if first:
+ ctx.update(keyname.to_digestable())
+ ctx.update(struct.pack('!H', dns.rdataclass.ANY))
+ ctx.update(struct.pack('!I', 0))
+ long_time = time + long(0)
+ upper_time = (long_time >> 32) & long(0xffff)
+ lower_time = long_time & long(0xffffffff)
+ time_mac = struct.pack('!HIH', upper_time, lower_time, fudge)
+ pre_mac = algorithm_name + time_mac
+ ol = len(other_data)
+ if ol > 65535:
+ raise ValueError('TSIG Other Data is > 65535 bytes')
+ post_mac = struct.pack('!HH', error, ol) + other_data
+ if first:
+ ctx.update(pre_mac)
+ ctx.update(post_mac)
+ else:
+ ctx.update(time_mac)
+ mac = ctx.digest()
+ mpack = struct.pack('!H', len(mac))
+ tsig_rdata = pre_mac + mpack + mac + id + post_mac
+ if multi:
+ ctx = hmac.new(secret, digestmod=digestmod)
+ ml = len(mac)
+ ctx.update(struct.pack('!H', ml))
+ ctx.update(mac)
+ else:
+ ctx = None
+ return (tsig_rdata, mac, ctx)
+
+
+def hmac_md5(wire, keyname, secret, time, fudge, original_id, error,
+ other_data, request_mac, ctx=None, multi=False, first=True,
+ algorithm=default_algorithm):
+ return sign(wire, keyname, secret, time, fudge, original_id, error,
+ other_data, request_mac, ctx, multi, first, algorithm)
+
+
+def validate(wire, keyname, secret, now, request_mac, tsig_start, tsig_rdata,
+ tsig_rdlen, ctx=None, multi=False, first=True):
+ """Validate the specified TSIG rdata against the other input parameters.
+
+ @raises FormError: The TSIG is badly formed.
+ @raises BadTime: There is too much time skew between the client and the
+ server.
+ @raises BadSignature: The TSIG signature did not validate
+ @rtype: hmac.HMAC object"""
+
+ (adcount,) = struct.unpack("!H", wire[10:12])
+ if adcount == 0:
+ raise dns.exception.FormError
+ adcount -= 1
+ new_wire = wire[0:10] + struct.pack("!H", adcount) + wire[12:tsig_start]
+ current = tsig_rdata
+ (aname, used) = dns.name.from_wire(wire, current)
+ current = current + used
+ (upper_time, lower_time, fudge, mac_size) = \
+ struct.unpack("!HIHH", wire[current:current + 10])
+ time = ((upper_time + long(0)) << 32) + (lower_time + long(0))
+ current += 10
+ mac = wire[current:current + mac_size]
+ current += mac_size
+ (original_id, error, other_size) = \
+ struct.unpack("!HHH", wire[current:current + 6])
+ current += 6
+ other_data = wire[current:current + other_size]
+ current += other_size
+ if current != tsig_rdata + tsig_rdlen:
+ raise dns.exception.FormError
+ if error != 0:
+ if error == BADSIG:
+ raise PeerBadSignature
+ elif error == BADKEY:
+ raise PeerBadKey
+ elif error == BADTIME:
+ raise PeerBadTime
+ elif error == BADTRUNC:
+ raise PeerBadTruncation
+ else:
+ raise PeerError('unknown TSIG error code %d' % error)
+ time_low = time - fudge
+ time_high = time + fudge
+ if now < time_low or now > time_high:
+ raise BadTime
+ (junk, our_mac, ctx) = sign(new_wire, keyname, secret, time, fudge,
+ original_id, error, other_data,
+ request_mac, ctx, multi, first, aname)
+ if our_mac != mac:
+ raise BadSignature
+ return ctx
+
+
+def get_algorithm(algorithm):
+ """Returns the wire format string and the hash module to use for the
+ specified TSIG algorithm
+
+ @rtype: (string, hash constructor)
+ @raises NotImplementedError: I{algorithm} is not supported
+ """
+
+ if isinstance(algorithm, string_types):
+ algorithm = dns.name.from_text(algorithm)
+
+ try:
+ return (algorithm.to_digestable(), _hashes[algorithm])
+ except KeyError:
+ raise NotImplementedError("TSIG algorithm " + str(algorithm) +
+ " is not supported")
+
+
+def get_algorithm_and_mac(wire, tsig_rdata, tsig_rdlen):
+ """Return the tsig algorithm for the specified tsig_rdata
+ @raises FormError: The TSIG is badly formed.
+ """
+ current = tsig_rdata
+ (aname, used) = dns.name.from_wire(wire, current)
+ current = current + used
+ (upper_time, lower_time, fudge, mac_size) = \
+ struct.unpack("!HIHH", wire[current:current + 10])
+ current += 10
+ mac = wire[current:current + mac_size]
+ current += mac_size
+ if current > tsig_rdata + tsig_rdlen:
+ raise dns.exception.FormError
+ return (aname, mac)
diff --git a/lib/dns/tsigkeyring.py b/lib/dns/tsigkeyring.py
new file mode 100644
index 00000000..5e5fe1cb
--- /dev/null
+++ b/lib/dns/tsigkeyring.py
@@ -0,0 +1,50 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""A place to store TSIG keys."""
+
+from dns._compat import maybe_decode, maybe_encode
+
+import base64
+
+import dns.name
+
+
+def from_text(textring):
+ """Convert a dictionary containing (textual DNS name, base64 secret) pairs
+ into a binary keyring which has (dns.name.Name, binary secret) pairs.
+ @rtype: dict"""
+
+ keyring = {}
+ for keytext in textring:
+ keyname = dns.name.from_text(keytext)
+ secret = base64.decodestring(maybe_encode(textring[keytext]))
+ keyring[keyname] = secret
+ return keyring
+
+
+def to_text(keyring):
+ """Convert a dictionary containing (dns.name.Name, binary secret) pairs
+ into a text keyring which has (textual DNS name, base64 secret) pairs.
+ @rtype: dict"""
+
+ textring = {}
+ for keyname in keyring:
+ keytext = maybe_decode(keyname.to_text())
+ secret = maybe_decode(base64.encodestring(keyring[keyname]))
+ textring[keytext] = secret
+ return textring
diff --git a/lib/dns/ttl.py b/lib/dns/ttl.py
new file mode 100644
index 00000000..4be16bee
--- /dev/null
+++ b/lib/dns/ttl.py
@@ -0,0 +1,70 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS TTL conversion."""
+
+import dns.exception
+from ._compat import long
+
+
+class BadTTL(dns.exception.SyntaxError):
+ """DNS TTL value is not well-formed."""
+
+
+def from_text(text):
+ """Convert the text form of a TTL to an integer.
+
+ The BIND 8 units syntax for TTLs (e.g. '1w6d4h3m10s') is supported.
+
+ *text*, a ``text``, the textual TTL.
+
+ Raises ``dns.ttl.BadTTL`` if the TTL is not well-formed.
+
+ Returns an ``int``.
+ """
+
+ if text.isdigit():
+ total = long(text)
+ else:
+ if not text[0].isdigit():
+ raise BadTTL
+ total = long(0)
+ current = long(0)
+ for c in text:
+ if c.isdigit():
+ current *= 10
+ current += long(c)
+ else:
+ c = c.lower()
+ if c == 'w':
+ total += current * long(604800)
+ elif c == 'd':
+ total += current * long(86400)
+ elif c == 'h':
+ total += current * long(3600)
+ elif c == 'm':
+ total += current * long(60)
+ elif c == 's':
+ total += current
+ else:
+ raise BadTTL("unknown unit '%s'" % c)
+ current = 0
+ if not current == 0:
+ raise BadTTL("trailing integer")
+ if total < long(0) or total > long(2147483647):
+ raise BadTTL("TTL should be between 0 and 2^31 - 1 (inclusive)")
+ return total
diff --git a/lib/dns/update.py b/lib/dns/update.py
new file mode 100644
index 00000000..96a00d5d
--- /dev/null
+++ b/lib/dns/update.py
@@ -0,0 +1,279 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS Dynamic Update Support"""
+
+
+import dns.message
+import dns.name
+import dns.opcode
+import dns.rdata
+import dns.rdataclass
+import dns.rdataset
+import dns.tsig
+from ._compat import string_types
+
+
+class Update(dns.message.Message):
+
+ def __init__(self, zone, rdclass=dns.rdataclass.IN, keyring=None,
+ keyname=None, keyalgorithm=dns.tsig.default_algorithm):
+ """Initialize a new DNS Update object.
+
+ See the documentation of the Message class for a complete
+ description of the keyring dictionary.
+
+ *zone*, a ``dns.name.Name`` or ``text``, the zone which is being
+ updated.
+
+ *rdclass*, an ``int`` or ``text``, the class of the zone.
+
+ *keyring*, a ``dict``, the TSIG keyring to use. If a
+ *keyring* is specified but a *keyname* is not, then the key
+ used will be the first key in the *keyring*. Note that the
+ order of keys in a dictionary is not defined, so applications
+ should supply a keyname when a keyring is used, unless they
+ know the keyring contains only one key.
+
+ *keyname*, a ``dns.name.Name`` or ``None``, the name of the TSIG key
+ to use; defaults to ``None``. The key must be defined in the keyring.
+
+ *keyalgorithm*, a ``dns.name.Name``, the TSIG algorithm to use.
+ """
+ super(Update, self).__init__()
+ self.flags |= dns.opcode.to_flags(dns.opcode.UPDATE)
+ if isinstance(zone, string_types):
+ zone = dns.name.from_text(zone)
+ self.origin = zone
+ if isinstance(rdclass, string_types):
+ rdclass = dns.rdataclass.from_text(rdclass)
+ self.zone_rdclass = rdclass
+ self.find_rrset(self.question, self.origin, rdclass, dns.rdatatype.SOA,
+ create=True, force_unique=True)
+ if keyring is not None:
+ self.use_tsig(keyring, keyname, algorithm=keyalgorithm)
+
+ def _add_rr(self, name, ttl, rd, deleting=None, section=None):
+ """Add a single RR to the update section."""
+
+ if section is None:
+ section = self.authority
+ covers = rd.covers()
+ rrset = self.find_rrset(section, name, self.zone_rdclass, rd.rdtype,
+ covers, deleting, True, True)
+ rrset.add(rd, ttl)
+
+ def _add(self, replace, section, name, *args):
+ """Add records.
+
+ *replace* is the replacement mode. If ``False``,
+ RRs are added to an existing RRset; if ``True``, the RRset
+ is replaced with the specified contents. The second
+ argument is the section to add to. The third argument
+ is always a name. The other arguments can be:
+
+ - rdataset...
+
+ - ttl, rdata...
+
+ - ttl, rdtype, string...
+ """
+
+ if isinstance(name, string_types):
+ name = dns.name.from_text(name, None)
+ if isinstance(args[0], dns.rdataset.Rdataset):
+ for rds in args:
+ if replace:
+ self.delete(name, rds.rdtype)
+ for rd in rds:
+ self._add_rr(name, rds.ttl, rd, section=section)
+ else:
+ args = list(args)
+ ttl = int(args.pop(0))
+ if isinstance(args[0], dns.rdata.Rdata):
+ if replace:
+ self.delete(name, args[0].rdtype)
+ for rd in args:
+ self._add_rr(name, ttl, rd, section=section)
+ else:
+ rdtype = args.pop(0)
+ if isinstance(rdtype, string_types):
+ rdtype = dns.rdatatype.from_text(rdtype)
+ if replace:
+ self.delete(name, rdtype)
+ for s in args:
+ rd = dns.rdata.from_text(self.zone_rdclass, rdtype, s,
+ self.origin)
+ self._add_rr(name, ttl, rd, section=section)
+
+ def add(self, name, *args):
+ """Add records.
+
+ The first argument is always a name. The other
+ arguments can be:
+
+ - rdataset...
+
+ - ttl, rdata...
+
+ - ttl, rdtype, string...
+ """
+
+ self._add(False, self.authority, name, *args)
+
+ def delete(self, name, *args):
+ """Delete records.
+
+ The first argument is always a name. The other
+ arguments can be:
+
+ - *empty*
+
+ - rdataset...
+
+ - rdata...
+
+ - rdtype, [string...]
+ """
+
+ if isinstance(name, string_types):
+ name = dns.name.from_text(name, None)
+ if len(args) == 0:
+ self.find_rrset(self.authority, name, dns.rdataclass.ANY,
+ dns.rdatatype.ANY, dns.rdatatype.NONE,
+ dns.rdatatype.ANY, True, True)
+ elif isinstance(args[0], dns.rdataset.Rdataset):
+ for rds in args:
+ for rd in rds:
+ self._add_rr(name, 0, rd, dns.rdataclass.NONE)
+ else:
+ args = list(args)
+ if isinstance(args[0], dns.rdata.Rdata):
+ for rd in args:
+ self._add_rr(name, 0, rd, dns.rdataclass.NONE)
+ else:
+ rdtype = args.pop(0)
+ if isinstance(rdtype, string_types):
+ rdtype = dns.rdatatype.from_text(rdtype)
+ if len(args) == 0:
+ self.find_rrset(self.authority, name,
+ self.zone_rdclass, rdtype,
+ dns.rdatatype.NONE,
+ dns.rdataclass.ANY,
+ True, True)
+ else:
+ for s in args:
+ rd = dns.rdata.from_text(self.zone_rdclass, rdtype, s,
+ self.origin)
+ self._add_rr(name, 0, rd, dns.rdataclass.NONE)
+
+ def replace(self, name, *args):
+ """Replace records.
+
+ The first argument is always a name. The other
+ arguments can be:
+
+ - rdataset...
+
+ - ttl, rdata...
+
+ - ttl, rdtype, string...
+
+ Note that if you want to replace the entire node, you should do
+ a delete of the name followed by one or more calls to add.
+ """
+
+ self._add(True, self.authority, name, *args)
+
+ def present(self, name, *args):
+ """Require that an owner name (and optionally an rdata type,
+ or specific rdataset) exists as a prerequisite to the
+ execution of the update.
+
+ The first argument is always a name.
+ The other arguments can be:
+
+ - rdataset...
+
+ - rdata...
+
+ - rdtype, string...
+ """
+
+ if isinstance(name, string_types):
+ name = dns.name.from_text(name, None)
+ if len(args) == 0:
+ self.find_rrset(self.answer, name,
+ dns.rdataclass.ANY, dns.rdatatype.ANY,
+ dns.rdatatype.NONE, None,
+ True, True)
+ elif isinstance(args[0], dns.rdataset.Rdataset) or \
+ isinstance(args[0], dns.rdata.Rdata) or \
+ len(args) > 1:
+ if not isinstance(args[0], dns.rdataset.Rdataset):
+ # Add a 0 TTL
+ args = list(args)
+ args.insert(0, 0)
+ self._add(False, self.answer, name, *args)
+ else:
+ rdtype = args[0]
+ if isinstance(rdtype, string_types):
+ rdtype = dns.rdatatype.from_text(rdtype)
+ self.find_rrset(self.answer, name,
+ dns.rdataclass.ANY, rdtype,
+ dns.rdatatype.NONE, None,
+ True, True)
+
+ def absent(self, name, rdtype=None):
+ """Require that an owner name (and optionally an rdata type) does
+ not exist as a prerequisite to the execution of the update."""
+
+ if isinstance(name, string_types):
+ name = dns.name.from_text(name, None)
+ if rdtype is None:
+ self.find_rrset(self.answer, name,
+ dns.rdataclass.NONE, dns.rdatatype.ANY,
+ dns.rdatatype.NONE, None,
+ True, True)
+ else:
+ if isinstance(rdtype, string_types):
+ rdtype = dns.rdatatype.from_text(rdtype)
+ self.find_rrset(self.answer, name,
+ dns.rdataclass.NONE, rdtype,
+ dns.rdatatype.NONE, None,
+ True, True)
+
+ def to_wire(self, origin=None, max_size=65535):
+ """Return a string containing the update in DNS compressed wire
+ format.
+
+ *origin*, a ``dns.name.Name`` or ``None``, the origin to be
+ appended to any relative names. If *origin* is ``None``, then
+ the origin of the ``dns.update.Update`` message object is used
+ (i.e. the *zone* parameter passed when the Update object was
+ created).
+
+ *max_size*, an ``int``, the maximum size of the wire format
+ output; default is 0, which means "the message's request
+ payload, if nonzero, or 65535".
+
+ Returns a ``binary``.
+ """
+
+ if origin is None:
+ origin = self.origin
+ return super(Update, self).to_wire(origin, max_size)
diff --git a/lib/dns/version.py b/lib/dns/version.py
new file mode 100644
index 00000000..f116904b
--- /dev/null
+++ b/lib/dns/version.py
@@ -0,0 +1,43 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""dnspython release version information."""
+
+#: MAJOR
+MAJOR = 1
+#: MINOR
+MINOR = 16
+#: MICRO
+MICRO = 0
+#: RELEASELEVEL
+RELEASELEVEL = 0x0f
+#: SERIAL
+SERIAL = 0
+
+if RELEASELEVEL == 0x0f:
+ #: version
+ version = '%d.%d.%d' % (MAJOR, MINOR, MICRO)
+elif RELEASELEVEL == 0x00:
+ version = '%d.%d.%dx%d' % \
+ (MAJOR, MINOR, MICRO, SERIAL)
+else:
+ version = '%d.%d.%d%x%d' % \
+ (MAJOR, MINOR, MICRO, RELEASELEVEL, SERIAL)
+
+#: hexversion
+hexversion = MAJOR << 24 | MINOR << 16 | MICRO << 8 | RELEASELEVEL << 4 | \
+ SERIAL
diff --git a/lib/dns/wiredata.py b/lib/dns/wiredata.py
new file mode 100644
index 00000000..ea3c1e67
--- /dev/null
+++ b/lib/dns/wiredata.py
@@ -0,0 +1,103 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2011,2017 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS Wire Data Helper"""
+
+import dns.exception
+from ._compat import binary_type, string_types, PY2
+
+# Figure out what constant python passes for an unspecified slice bound.
+# It's supposed to be sys.maxint, yet on 64-bit windows sys.maxint is 2^31 - 1
+# but Python uses 2^63 - 1 as the constant. Rather than making pointless
+# extra comparisons, duplicating code, or weakening WireData, we just figure
+# out what constant Python will use.
+
+
+class _SliceUnspecifiedBound(binary_type):
+
+ def __getitem__(self, key):
+ return key.stop
+
+ if PY2:
+ def __getslice__(self, i, j): # pylint: disable=getslice-method
+ return self.__getitem__(slice(i, j))
+
+_unspecified_bound = _SliceUnspecifiedBound()[1:]
+
+
+class WireData(binary_type):
+ # WireData is a binary type with stricter slicing
+
+ def __getitem__(self, key):
+ try:
+ if isinstance(key, slice):
+ # make sure we are not going outside of valid ranges,
+ # do stricter control of boundaries than python does
+ # by default
+ start = key.start
+ stop = key.stop
+
+ if PY2:
+ if stop == _unspecified_bound:
+ # handle the case where the right bound is unspecified
+ stop = len(self)
+
+ if start < 0 or stop < 0:
+ raise dns.exception.FormError
+ # If it's not an empty slice, access left and right bounds
+ # to make sure they're valid
+ if start != stop:
+ super(WireData, self).__getitem__(start)
+ super(WireData, self).__getitem__(stop - 1)
+ else:
+ for index in (start, stop):
+ if index is None:
+ continue
+ elif abs(index) > len(self):
+ raise dns.exception.FormError
+
+ return WireData(super(WireData, self).__getitem__(
+ slice(start, stop)))
+ return bytearray(self.unwrap())[key]
+ except IndexError:
+ raise dns.exception.FormError
+
+ if PY2:
+ def __getslice__(self, i, j): # pylint: disable=getslice-method
+ return self.__getitem__(slice(i, j))
+
+ def __iter__(self):
+ i = 0
+ while 1:
+ try:
+ yield self[i]
+ i += 1
+ except dns.exception.FormError:
+ raise StopIteration
+
+ def unwrap(self):
+ return binary_type(self)
+
+
+def maybe_wrap(wire):
+ if isinstance(wire, WireData):
+ return wire
+ elif isinstance(wire, binary_type):
+ return WireData(wire)
+ elif isinstance(wire, string_types):
+ return WireData(wire.encode())
+ raise ValueError("unhandled type %s" % type(wire))
diff --git a/lib/dns/zone.py b/lib/dns/zone.py
new file mode 100644
index 00000000..1e2fe781
--- /dev/null
+++ b/lib/dns/zone.py
@@ -0,0 +1,1127 @@
+# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
+
+# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose with or without fee is hereby granted,
+# provided that the above copyright notice and this permission notice
+# appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+"""DNS Zones."""
+
+from __future__ import generators
+
+import sys
+import re
+import os
+from io import BytesIO
+
+import dns.exception
+import dns.name
+import dns.node
+import dns.rdataclass
+import dns.rdatatype
+import dns.rdata
+import dns.rdtypes.ANY.SOA
+import dns.rrset
+import dns.tokenizer
+import dns.ttl
+import dns.grange
+from ._compat import string_types, text_type, PY3
+
+
+class BadZone(dns.exception.DNSException):
+
+ """The DNS zone is malformed."""
+
+
+class NoSOA(BadZone):
+
+ """The DNS zone has no SOA RR at its origin."""
+
+
+class NoNS(BadZone):
+
+ """The DNS zone has no NS RRset at its origin."""
+
+
+class UnknownOrigin(BadZone):
+
+ """The DNS zone's origin is unknown."""
+
+
+class Zone(object):
+
+ """A DNS zone.
+
+ A Zone is a mapping from names to nodes. The zone object may be
+ treated like a Python dictionary, e.g. zone[name] will retrieve
+ the node associated with that name. The I{name} may be a
+ dns.name.Name object, or it may be a string. In the either case,
+ if the name is relative it is treated as relative to the origin of
+ the zone.
+
+ @ivar rdclass: The zone's rdata class; the default is class IN.
+ @type rdclass: int
+ @ivar origin: The origin of the zone.
+ @type origin: dns.name.Name object
+ @ivar nodes: A dictionary mapping the names of nodes in the zone to the
+ nodes themselves.
+ @type nodes: dict
+ @ivar relativize: should names in the zone be relativized?
+ @type relativize: bool
+ @cvar node_factory: the factory used to create a new node
+ @type node_factory: class or callable
+ """
+
+ node_factory = dns.node.Node
+
+ __slots__ = ['rdclass', 'origin', 'nodes', 'relativize']
+
+ def __init__(self, origin, rdclass=dns.rdataclass.IN, relativize=True):
+ """Initialize a zone object.
+
+ @param origin: The origin of the zone.
+ @type origin: dns.name.Name object
+ @param rdclass: The zone's rdata class; the default is class IN.
+ @type rdclass: int"""
+
+ if origin is not None:
+ if isinstance(origin, string_types):
+ origin = dns.name.from_text(origin)
+ elif not isinstance(origin, dns.name.Name):
+ raise ValueError("origin parameter must be convertible to a "
+ "DNS name")
+ if not origin.is_absolute():
+ raise ValueError("origin parameter must be an absolute name")
+ self.origin = origin
+ self.rdclass = rdclass
+ self.nodes = {}
+ self.relativize = relativize
+
+ def __eq__(self, other):
+ """Two zones are equal if they have the same origin, class, and
+ nodes.
+ @rtype: bool
+ """
+
+ if not isinstance(other, Zone):
+ return False
+ if self.rdclass != other.rdclass or \
+ self.origin != other.origin or \
+ self.nodes != other.nodes:
+ return False
+ return True
+
+ def __ne__(self, other):
+ """Are two zones not equal?
+ @rtype: bool
+ """
+
+ return not self.__eq__(other)
+
+ def _validate_name(self, name):
+ if isinstance(name, string_types):
+ name = dns.name.from_text(name, None)
+ elif not isinstance(name, dns.name.Name):
+ raise KeyError("name parameter must be convertible to a DNS name")
+ if name.is_absolute():
+ if not name.is_subdomain(self.origin):
+ raise KeyError(
+ "name parameter must be a subdomain of the zone origin")
+ if self.relativize:
+ name = name.relativize(self.origin)
+ return name
+
+ def __getitem__(self, key):
+ key = self._validate_name(key)
+ return self.nodes[key]
+
+ def __setitem__(self, key, value):
+ key = self._validate_name(key)
+ self.nodes[key] = value
+
+ def __delitem__(self, key):
+ key = self._validate_name(key)
+ del self.nodes[key]
+
+ def __iter__(self):
+ return self.nodes.__iter__()
+
+ def iterkeys(self):
+ if PY3:
+ return self.nodes.keys() # pylint: disable=dict-keys-not-iterating
+ else:
+ return self.nodes.iterkeys() # pylint: disable=dict-iter-method
+
+ def keys(self):
+ return self.nodes.keys() # pylint: disable=dict-keys-not-iterating
+
+ def itervalues(self):
+ if PY3:
+ return self.nodes.values() # pylint: disable=dict-values-not-iterating
+ else:
+ return self.nodes.itervalues() # pylint: disable=dict-iter-method
+
+ def values(self):
+ return self.nodes.values() # pylint: disable=dict-values-not-iterating
+
+ def items(self):
+ return self.nodes.items() # pylint: disable=dict-items-not-iterating
+
+ iteritems = items
+
+ def get(self, key):
+ key = self._validate_name(key)
+ return self.nodes.get(key)
+
+ def __contains__(self, other):
+ return other in self.nodes
+
+ def find_node(self, name, create=False):
+ """Find a node in the zone, possibly creating it.
+
+ @param name: the name of the node to find
+ @type name: dns.name.Name object or string
+ @param create: should the node be created if it doesn't exist?
+ @type create: bool
+ @raises KeyError: the name is not known and create was not specified.
+ @rtype: dns.node.Node object
+ """
+
+ name = self._validate_name(name)
+ node = self.nodes.get(name)
+ if node is None:
+ if not create:
+ raise KeyError
+ node = self.node_factory()
+ self.nodes[name] = node
+ return node
+
+ def get_node(self, name, create=False):
+ """Get a node in the zone, possibly creating it.
+
+ This method is like L{find_node}, except it returns None instead
+ of raising an exception if the node does not exist and creation
+ has not been requested.
+
+ @param name: the name of the node to find
+ @type name: dns.name.Name object or string
+ @param create: should the node be created if it doesn't exist?
+ @type create: bool
+ @rtype: dns.node.Node object or None
+ """
+
+ try:
+ node = self.find_node(name, create)
+ except KeyError:
+ node = None
+ return node
+
+ def delete_node(self, name):
+ """Delete the specified node if it exists.
+
+ It is not an error if the node does not exist.
+ """
+
+ name = self._validate_name(name)
+ if name in self.nodes:
+ del self.nodes[name]
+
+ def find_rdataset(self, name, rdtype, covers=dns.rdatatype.NONE,
+ create=False):
+ """Look for rdata with the specified name and type in the zone,
+ and return an rdataset encapsulating it.
+
+ The I{name}, I{rdtype}, and I{covers} parameters may be
+ strings, in which case they will be converted to their proper
+ type.
+
+ The rdataset returned is not a copy; changes to it will change
+ the zone.
+
+ KeyError is raised if the name or type are not found.
+ Use L{get_rdataset} if you want to have None returned instead.
+
+ @param name: the owner name to look for
+ @type name: DNS.name.Name object or string
+ @param rdtype: the rdata type desired
+ @type rdtype: int or string
+ @param covers: the covered type (defaults to None)
+ @type covers: int or string
+ @param create: should the node and rdataset be created if they do not
+ exist?
+ @type create: bool
+ @raises KeyError: the node or rdata could not be found
+ @rtype: dns.rdataset.Rdataset object
+ """
+
+ name = self._validate_name(name)
+ if isinstance(rdtype, string_types):
+ rdtype = dns.rdatatype.from_text(rdtype)
+ if isinstance(covers, string_types):
+ covers = dns.rdatatype.from_text(covers)
+ node = self.find_node(name, create)
+ return node.find_rdataset(self.rdclass, rdtype, covers, create)
+
+ def get_rdataset(self, name, rdtype, covers=dns.rdatatype.NONE,
+ create=False):
+ """Look for rdata with the specified name and type in the zone,
+ and return an rdataset encapsulating it.
+
+ The I{name}, I{rdtype}, and I{covers} parameters may be
+ strings, in which case they will be converted to their proper
+ type.
+
+ The rdataset returned is not a copy; changes to it will change
+ the zone.
+
+ None is returned if the name or type are not found.
+ Use L{find_rdataset} if you want to have KeyError raised instead.
+
+ @param name: the owner name to look for
+ @type name: DNS.name.Name object or string
+ @param rdtype: the rdata type desired
+ @type rdtype: int or string
+ @param covers: the covered type (defaults to None)
+ @type covers: int or string
+ @param create: should the node and rdataset be created if they do not
+ exist?
+ @type create: bool
+ @rtype: dns.rdataset.Rdataset object or None
+ """
+
+ try:
+ rdataset = self.find_rdataset(name, rdtype, covers, create)
+ except KeyError:
+ rdataset = None
+ return rdataset
+
+ def delete_rdataset(self, name, rdtype, covers=dns.rdatatype.NONE):
+ """Delete the rdataset matching I{rdtype} and I{covers}, if it
+ exists at the node specified by I{name}.
+
+ The I{name}, I{rdtype}, and I{covers} parameters may be
+ strings, in which case they will be converted to their proper
+ type.
+
+ It is not an error if the node does not exist, or if there is no
+ matching rdataset at the node.
+
+ If the node has no rdatasets after the deletion, it will itself
+ be deleted.
+
+ @param name: the owner name to look for
+ @type name: DNS.name.Name object or string
+ @param rdtype: the rdata type desired
+ @type rdtype: int or string
+ @param covers: the covered type (defaults to None)
+ @type covers: int or string
+ """
+
+ name = self._validate_name(name)
+ if isinstance(rdtype, string_types):
+ rdtype = dns.rdatatype.from_text(rdtype)
+ if isinstance(covers, string_types):
+ covers = dns.rdatatype.from_text(covers)
+ node = self.get_node(name)
+ if node is not None:
+ node.delete_rdataset(self.rdclass, rdtype, covers)
+ if len(node) == 0:
+ self.delete_node(name)
+
+ def replace_rdataset(self, name, replacement):
+ """Replace an rdataset at name.
+
+ It is not an error if there is no rdataset matching I{replacement}.
+
+ Ownership of the I{replacement} object is transferred to the zone;
+ in other words, this method does not store a copy of I{replacement}
+ at the node, it stores I{replacement} itself.
+
+ If the I{name} node does not exist, it is created.
+
+ @param name: the owner name
+ @type name: DNS.name.Name object or string
+ @param replacement: the replacement rdataset
+ @type replacement: dns.rdataset.Rdataset
+ """
+
+ if replacement.rdclass != self.rdclass:
+ raise ValueError('replacement.rdclass != zone.rdclass')
+ node = self.find_node(name, True)
+ node.replace_rdataset(replacement)
+
+ def find_rrset(self, name, rdtype, covers=dns.rdatatype.NONE):
+ """Look for rdata with the specified name and type in the zone,
+ and return an RRset encapsulating it.
+
+ The I{name}, I{rdtype}, and I{covers} parameters may be
+ strings, in which case they will be converted to their proper
+ type.
+
+ This method is less efficient than the similar
+ L{find_rdataset} because it creates an RRset instead of
+ returning the matching rdataset. It may be more convenient
+ for some uses since it returns an object which binds the owner
+ name to the rdata.
+
+ This method may not be used to create new nodes or rdatasets;
+ use L{find_rdataset} instead.
+
+ KeyError is raised if the name or type are not found.
+ Use L{get_rrset} if you want to have None returned instead.
+
+ @param name: the owner name to look for
+ @type name: DNS.name.Name object or string
+ @param rdtype: the rdata type desired
+ @type rdtype: int or string
+ @param covers: the covered type (defaults to None)
+ @type covers: int or string
+ @raises KeyError: the node or rdata could not be found
+ @rtype: dns.rrset.RRset object
+ """
+
+ name = self._validate_name(name)
+ if isinstance(rdtype, string_types):
+ rdtype = dns.rdatatype.from_text(rdtype)
+ if isinstance(covers, string_types):
+ covers = dns.rdatatype.from_text(covers)
+ rdataset = self.nodes[name].find_rdataset(self.rdclass, rdtype, covers)
+ rrset = dns.rrset.RRset(name, self.rdclass, rdtype, covers)
+ rrset.update(rdataset)
+ return rrset
+
+ def get_rrset(self, name, rdtype, covers=dns.rdatatype.NONE):
+ """Look for rdata with the specified name and type in the zone,
+ and return an RRset encapsulating it.
+
+ The I{name}, I{rdtype}, and I{covers} parameters may be
+ strings, in which case they will be converted to their proper
+ type.
+
+ This method is less efficient than the similar L{get_rdataset}
+ because it creates an RRset instead of returning the matching
+ rdataset. It may be more convenient for some uses since it
+ returns an object which binds the owner name to the rdata.
+
+ This method may not be used to create new nodes or rdatasets;
+ use L{find_rdataset} instead.
+
+ None is returned if the name or type are not found.
+ Use L{find_rrset} if you want to have KeyError raised instead.
+
+ @param name: the owner name to look for
+ @type name: DNS.name.Name object or string
+ @param rdtype: the rdata type desired
+ @type rdtype: int or string
+ @param covers: the covered type (defaults to None)
+ @type covers: int or string
+ @rtype: dns.rrset.RRset object
+ """
+
+ try:
+ rrset = self.find_rrset(name, rdtype, covers)
+ except KeyError:
+ rrset = None
+ return rrset
+
+ def iterate_rdatasets(self, rdtype=dns.rdatatype.ANY,
+ covers=dns.rdatatype.NONE):
+ """Return a generator which yields (name, rdataset) tuples for
+ all rdatasets in the zone which have the specified I{rdtype}
+ and I{covers}. If I{rdtype} is dns.rdatatype.ANY, the default,
+ then all rdatasets will be matched.
+
+ @param rdtype: int or string
+ @type rdtype: int or string
+ @param covers: the covered type (defaults to None)
+ @type covers: int or string
+ """
+
+ if isinstance(rdtype, string_types):
+ rdtype = dns.rdatatype.from_text(rdtype)
+ if isinstance(covers, string_types):
+ covers = dns.rdatatype.from_text(covers)
+ for (name, node) in self.iteritems(): # pylint: disable=dict-iter-method
+ for rds in node:
+ if rdtype == dns.rdatatype.ANY or \
+ (rds.rdtype == rdtype and rds.covers == covers):
+ yield (name, rds)
+
+ def iterate_rdatas(self, rdtype=dns.rdatatype.ANY,
+ covers=dns.rdatatype.NONE):
+ """Return a generator which yields (name, ttl, rdata) tuples for
+ all rdatas in the zone which have the specified I{rdtype}
+ and I{covers}. If I{rdtype} is dns.rdatatype.ANY, the default,
+ then all rdatas will be matched.
+
+ @param rdtype: int or string
+ @type rdtype: int or string
+ @param covers: the covered type (defaults to None)
+ @type covers: int or string
+ """
+
+ if isinstance(rdtype, string_types):
+ rdtype = dns.rdatatype.from_text(rdtype)
+ if isinstance(covers, string_types):
+ covers = dns.rdatatype.from_text(covers)
+ for (name, node) in self.iteritems(): # pylint: disable=dict-iter-method
+ for rds in node:
+ if rdtype == dns.rdatatype.ANY or \
+ (rds.rdtype == rdtype and rds.covers == covers):
+ for rdata in rds:
+ yield (name, rds.ttl, rdata)
+
+ def to_file(self, f, sorted=True, relativize=True, nl=None):
+ """Write a zone to a file.
+
+ @param f: file or string. If I{f} is a string, it is treated
+ as the name of a file to open.
+ @param sorted: if True, the file will be written with the
+ names sorted in DNSSEC order from least to greatest. Otherwise
+ the names will be written in whatever order they happen to have
+ in the zone's dictionary.
+ @param relativize: if True, domain names in the output will be
+ relativized to the zone's origin (if possible).
+ @type relativize: bool
+ @param nl: The end of line string. If not specified, the
+ output will use the platform's native end-of-line marker (i.e.
+ LF on POSIX, CRLF on Windows, CR on Macintosh).
+ @type nl: string or None
+ """
+
+ if isinstance(f, string_types):
+ f = open(f, 'wb')
+ want_close = True
+ else:
+ want_close = False
+
+ # must be in this way, f.encoding may contain None, or even attribute
+ # may not be there
+ file_enc = getattr(f, 'encoding', None)
+ if file_enc is None:
+ file_enc = 'utf-8'
+
+ if nl is None:
+ nl_b = os.linesep.encode(file_enc) # binary mode, '\n' is not enough
+ nl = u'\n'
+ elif isinstance(nl, string_types):
+ nl_b = nl.encode(file_enc)
+ else:
+ nl_b = nl
+ nl = nl.decode()
+
+ try:
+ if sorted:
+ names = list(self.keys())
+ names.sort()
+ else:
+ names = self.iterkeys() # pylint: disable=dict-iter-method
+ for n in names:
+ l = self[n].to_text(n, origin=self.origin,
+ relativize=relativize)
+ if isinstance(l, text_type):
+ l_b = l.encode(file_enc)
+ else:
+ l_b = l
+ l = l.decode()
+
+ try:
+ f.write(l_b)
+ f.write(nl_b)
+ except TypeError: # textual mode
+ f.write(l)
+ f.write(nl)
+ finally:
+ if want_close:
+ f.close()
+
+ def to_text(self, sorted=True, relativize=True, nl=None):
+ """Return a zone's text as though it were written to a file.
+
+ @param sorted: if True, the file will be written with the
+ names sorted in DNSSEC order from least to greatest. Otherwise
+ the names will be written in whatever order they happen to have
+ in the zone's dictionary.
+ @param relativize: if True, domain names in the output will be
+ relativized to the zone's origin (if possible).
+ @type relativize: bool
+ @param nl: The end of line string. If not specified, the
+ output will use the platform's native end-of-line marker (i.e.
+ LF on POSIX, CRLF on Windows, CR on Macintosh).
+ @type nl: string or None
+ """
+ temp_buffer = BytesIO()
+ self.to_file(temp_buffer, sorted, relativize, nl)
+ return_value = temp_buffer.getvalue()
+ temp_buffer.close()
+ return return_value
+
+ def check_origin(self):
+ """Do some simple checking of the zone's origin.
+
+ @raises dns.zone.NoSOA: there is no SOA RR
+ @raises dns.zone.NoNS: there is no NS RRset
+ @raises KeyError: there is no origin node
+ """
+ if self.relativize:
+ name = dns.name.empty
+ else:
+ name = self.origin
+ if self.get_rdataset(name, dns.rdatatype.SOA) is None:
+ raise NoSOA
+ if self.get_rdataset(name, dns.rdatatype.NS) is None:
+ raise NoNS
+
+
+class _MasterReader(object):
+
+ """Read a DNS master file
+
+ @ivar tok: The tokenizer
+ @type tok: dns.tokenizer.Tokenizer object
+ @ivar last_ttl: The last seen explicit TTL for an RR
+ @type last_ttl: int
+ @ivar last_ttl_known: Has last TTL been detected
+ @type last_ttl_known: bool
+ @ivar default_ttl: The default TTL from a $TTL directive or SOA RR
+ @type default_ttl: int
+ @ivar default_ttl_known: Has default TTL been detected
+ @type default_ttl_known: bool
+ @ivar last_name: The last name read
+ @type last_name: dns.name.Name object
+ @ivar current_origin: The current origin
+ @type current_origin: dns.name.Name object
+ @ivar relativize: should names in the zone be relativized?
+ @type relativize: bool
+ @ivar zone: the zone
+ @type zone: dns.zone.Zone object
+ @ivar saved_state: saved reader state (used when processing $INCLUDE)
+ @type saved_state: list of (tokenizer, current_origin, last_name, file,
+ last_ttl, last_ttl_known, default_ttl, default_ttl_known) tuples.
+ @ivar current_file: the file object of the $INCLUDed file being parsed
+ (None if no $INCLUDE is active).
+ @ivar allow_include: is $INCLUDE allowed?
+ @type allow_include: bool
+ @ivar check_origin: should sanity checks of the origin node be done?
+ The default is True.
+ @type check_origin: bool
+ """
+
+ def __init__(self, tok, origin, rdclass, relativize, zone_factory=Zone,
+ allow_include=False, check_origin=True):
+ if isinstance(origin, string_types):
+ origin = dns.name.from_text(origin)
+ self.tok = tok
+ self.current_origin = origin
+ self.relativize = relativize
+ self.last_ttl = 0
+ self.last_ttl_known = False
+ self.default_ttl = 0
+ self.default_ttl_known = False
+ self.last_name = self.current_origin
+ self.zone = zone_factory(origin, rdclass, relativize=relativize)
+ self.saved_state = []
+ self.current_file = None
+ self.allow_include = allow_include
+ self.check_origin = check_origin
+
+ def _eat_line(self):
+ while 1:
+ token = self.tok.get()
+ if token.is_eol_or_eof():
+ break
+
+ def _rr_line(self):
+ """Process one line from a DNS master file."""
+ # Name
+ if self.current_origin is None:
+ raise UnknownOrigin
+ token = self.tok.get(want_leading=True)
+ if not token.is_whitespace():
+ self.last_name = dns.name.from_text(
+ token.value, self.current_origin)
+ else:
+ token = self.tok.get()
+ if token.is_eol_or_eof():
+ # treat leading WS followed by EOL/EOF as if they were EOL/EOF.
+ return
+ self.tok.unget(token)
+ name = self.last_name
+ if not name.is_subdomain(self.zone.origin):
+ self._eat_line()
+ return
+ if self.relativize:
+ name = name.relativize(self.zone.origin)
+ token = self.tok.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError
+ # TTL
+ try:
+ ttl = dns.ttl.from_text(token.value)
+ self.last_ttl = ttl
+ self.last_ttl_known = True
+ token = self.tok.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError
+ except dns.ttl.BadTTL:
+ if not (self.last_ttl_known or self.default_ttl_known):
+ raise dns.exception.SyntaxError("Missing default TTL value")
+ if self.default_ttl_known:
+ ttl = self.default_ttl
+ else:
+ ttl = self.last_ttl
+ # Class
+ try:
+ rdclass = dns.rdataclass.from_text(token.value)
+ token = self.tok.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError
+ except dns.exception.SyntaxError:
+ raise dns.exception.SyntaxError
+ except Exception:
+ rdclass = self.zone.rdclass
+ if rdclass != self.zone.rdclass:
+ raise dns.exception.SyntaxError("RR class is not zone's class")
+ # Type
+ try:
+ rdtype = dns.rdatatype.from_text(token.value)
+ except:
+ raise dns.exception.SyntaxError(
+ "unknown rdatatype '%s'" % token.value)
+ n = self.zone.nodes.get(name)
+ if n is None:
+ n = self.zone.node_factory()
+ self.zone.nodes[name] = n
+ try:
+ rd = dns.rdata.from_text(rdclass, rdtype, self.tok,
+ self.current_origin, False)
+ except dns.exception.SyntaxError:
+ # Catch and reraise.
+ (ty, va) = sys.exc_info()[:2]
+ raise va
+ except:
+ # All exceptions that occur in the processing of rdata
+ # are treated as syntax errors. This is not strictly
+ # correct, but it is correct almost all of the time.
+ # We convert them to syntax errors so that we can emit
+ # helpful filename:line info.
+ (ty, va) = sys.exc_info()[:2]
+ raise dns.exception.SyntaxError(
+ "caught exception {}: {}".format(str(ty), str(va)))
+
+ if not self.default_ttl_known and isinstance(rd, dns.rdtypes.ANY.SOA.SOA):
+ # The pre-RFC2308 and pre-BIND9 behavior inherits the zone default
+ # TTL from the SOA minttl if no $TTL statement is present before the
+ # SOA is parsed.
+ self.default_ttl = rd.minimum
+ self.default_ttl_known = True
+
+ rd.choose_relativity(self.zone.origin, self.relativize)
+ covers = rd.covers()
+ rds = n.find_rdataset(rdclass, rdtype, covers, True)
+ rds.add(rd, ttl)
+
+ def _parse_modify(self, side):
+ # Here we catch everything in '{' '}' in a group so we can replace it
+ # with ''.
+ is_generate1 = re.compile("^.*\$({(\+|-?)(\d+),(\d+),(.)}).*$")
+ is_generate2 = re.compile("^.*\$({(\+|-?)(\d+)}).*$")
+ is_generate3 = re.compile("^.*\$({(\+|-?)(\d+),(\d+)}).*$")
+ # Sometimes there are modifiers in the hostname. These come after
+ # the dollar sign. They are in the form: ${offset[,width[,base]]}.
+ # Make names
+ g1 = is_generate1.match(side)
+ if g1:
+ mod, sign, offset, width, base = g1.groups()
+ if sign == '':
+ sign = '+'
+ g2 = is_generate2.match(side)
+ if g2:
+ mod, sign, offset = g2.groups()
+ if sign == '':
+ sign = '+'
+ width = 0
+ base = 'd'
+ g3 = is_generate3.match(side)
+ if g3:
+ mod, sign, offset, width = g1.groups()
+ if sign == '':
+ sign = '+'
+ width = g1.groups()[2]
+ base = 'd'
+
+ if not (g1 or g2 or g3):
+ mod = ''
+ sign = '+'
+ offset = 0
+ width = 0
+ base = 'd'
+
+ if base != 'd':
+ raise NotImplementedError()
+
+ return mod, sign, offset, width, base
+
+ def _generate_line(self):
+ # range lhs [ttl] [class] type rhs [ comment ]
+ """Process one line containing the GENERATE statement from a DNS
+ master file."""
+ if self.current_origin is None:
+ raise UnknownOrigin
+
+ token = self.tok.get()
+ # Range (required)
+ try:
+ start, stop, step = dns.grange.from_text(token.value)
+ token = self.tok.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError
+ except:
+ raise dns.exception.SyntaxError
+
+ # lhs (required)
+ try:
+ lhs = token.value
+ token = self.tok.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError
+ except:
+ raise dns.exception.SyntaxError
+
+ # TTL
+ try:
+ ttl = dns.ttl.from_text(token.value)
+ self.last_ttl = ttl
+ self.last_ttl_known = True
+ token = self.tok.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError
+ except dns.ttl.BadTTL:
+ if not (self.last_ttl_known or self.default_ttl_known):
+ raise dns.exception.SyntaxError("Missing default TTL value")
+ if self.default_ttl_known:
+ ttl = self.default_ttl
+ else:
+ ttl = self.last_ttl
+ # Class
+ try:
+ rdclass = dns.rdataclass.from_text(token.value)
+ token = self.tok.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError
+ except dns.exception.SyntaxError:
+ raise dns.exception.SyntaxError
+ except Exception:
+ rdclass = self.zone.rdclass
+ if rdclass != self.zone.rdclass:
+ raise dns.exception.SyntaxError("RR class is not zone's class")
+ # Type
+ try:
+ rdtype = dns.rdatatype.from_text(token.value)
+ token = self.tok.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError
+ except Exception:
+ raise dns.exception.SyntaxError("unknown rdatatype '%s'" %
+ token.value)
+
+ # lhs (required)
+ try:
+ rhs = token.value
+ except:
+ raise dns.exception.SyntaxError
+
+ lmod, lsign, loffset, lwidth, lbase = self._parse_modify(lhs)
+ rmod, rsign, roffset, rwidth, rbase = self._parse_modify(rhs)
+ for i in range(start, stop + 1, step):
+ # +1 because bind is inclusive and python is exclusive
+
+ if lsign == u'+':
+ lindex = i + int(loffset)
+ elif lsign == u'-':
+ lindex = i - int(loffset)
+
+ if rsign == u'-':
+ rindex = i - int(roffset)
+ elif rsign == u'+':
+ rindex = i + int(roffset)
+
+ lzfindex = str(lindex).zfill(int(lwidth))
+ rzfindex = str(rindex).zfill(int(rwidth))
+
+ name = lhs.replace(u'$%s' % (lmod), lzfindex)
+ rdata = rhs.replace(u'$%s' % (rmod), rzfindex)
+
+ self.last_name = dns.name.from_text(name, self.current_origin)
+ name = self.last_name
+ if not name.is_subdomain(self.zone.origin):
+ self._eat_line()
+ return
+ if self.relativize:
+ name = name.relativize(self.zone.origin)
+
+ n = self.zone.nodes.get(name)
+ if n is None:
+ n = self.zone.node_factory()
+ self.zone.nodes[name] = n
+ try:
+ rd = dns.rdata.from_text(rdclass, rdtype, rdata,
+ self.current_origin, False)
+ except dns.exception.SyntaxError:
+ # Catch and reraise.
+ (ty, va) = sys.exc_info()[:2]
+ raise va
+ except:
+ # All exceptions that occur in the processing of rdata
+ # are treated as syntax errors. This is not strictly
+ # correct, but it is correct almost all of the time.
+ # We convert them to syntax errors so that we can emit
+ # helpful filename:line info.
+ (ty, va) = sys.exc_info()[:2]
+ raise dns.exception.SyntaxError("caught exception %s: %s" %
+ (str(ty), str(va)))
+
+ rd.choose_relativity(self.zone.origin, self.relativize)
+ covers = rd.covers()
+ rds = n.find_rdataset(rdclass, rdtype, covers, True)
+ rds.add(rd, ttl)
+
+ def read(self):
+ """Read a DNS master file and build a zone object.
+
+ @raises dns.zone.NoSOA: No SOA RR was found at the zone origin
+ @raises dns.zone.NoNS: No NS RRset was found at the zone origin
+ """
+
+ try:
+ while 1:
+ token = self.tok.get(True, True)
+ if token.is_eof():
+ if self.current_file is not None:
+ self.current_file.close()
+ if len(self.saved_state) > 0:
+ (self.tok,
+ self.current_origin,
+ self.last_name,
+ self.current_file,
+ self.last_ttl,
+ self.last_ttl_known,
+ self.default_ttl,
+ self.default_ttl_known) = self.saved_state.pop(-1)
+ continue
+ break
+ elif token.is_eol():
+ continue
+ elif token.is_comment():
+ self.tok.get_eol()
+ continue
+ elif token.value[0] == u'$':
+ c = token.value.upper()
+ if c == u'$TTL':
+ token = self.tok.get()
+ if not token.is_identifier():
+ raise dns.exception.SyntaxError("bad $TTL")
+ self.default_ttl = dns.ttl.from_text(token.value)
+ self.default_ttl_known = True
+ self.tok.get_eol()
+ elif c == u'$ORIGIN':
+ self.current_origin = self.tok.get_name()
+ self.tok.get_eol()
+ if self.zone.origin is None:
+ self.zone.origin = self.current_origin
+ elif c == u'$INCLUDE' and self.allow_include:
+ token = self.tok.get()
+ filename = token.value
+ token = self.tok.get()
+ if token.is_identifier():
+ new_origin =\
+ dns.name.from_text(token.value,
+ self.current_origin)
+ self.tok.get_eol()
+ elif not token.is_eol_or_eof():
+ raise dns.exception.SyntaxError(
+ "bad origin in $INCLUDE")
+ else:
+ new_origin = self.current_origin
+ self.saved_state.append((self.tok,
+ self.current_origin,
+ self.last_name,
+ self.current_file,
+ self.last_ttl,
+ self.last_ttl_known,
+ self.default_ttl,
+ self.default_ttl_known))
+ self.current_file = open(filename, 'r')
+ self.tok = dns.tokenizer.Tokenizer(self.current_file,
+ filename)
+ self.current_origin = new_origin
+ elif c == u'$GENERATE':
+ self._generate_line()
+ else:
+ raise dns.exception.SyntaxError(
+ "Unknown master file directive '" + c + "'")
+ continue
+ self.tok.unget(token)
+ self._rr_line()
+ except dns.exception.SyntaxError as detail:
+ (filename, line_number) = self.tok.where()
+ if detail is None:
+ detail = "syntax error"
+ raise dns.exception.SyntaxError(
+ "%s:%d: %s" % (filename, line_number, detail))
+
+ # Now that we're done reading, do some basic checking of the zone.
+ if self.check_origin:
+ self.zone.check_origin()
+
+
+def from_text(text, origin=None, rdclass=dns.rdataclass.IN,
+ relativize=True, zone_factory=Zone, filename=None,
+ allow_include=False, check_origin=True):
+ """Build a zone object from a master file format string.
+
+ @param text: the master file format input
+ @type text: string.
+ @param origin: The origin of the zone; if not specified, the first
+ $ORIGIN statement in the master file will determine the origin of the
+ zone.
+ @type origin: dns.name.Name object or string
+ @param rdclass: The zone's rdata class; the default is class IN.
+ @type rdclass: int
+ @param relativize: should names be relativized? The default is True
+ @type relativize: bool
+ @param zone_factory: The zone factory to use
+ @type zone_factory: function returning a Zone
+ @param filename: The filename to emit when describing where an error
+ occurred; the default is ''.
+ @type filename: string
+ @param allow_include: is $INCLUDE allowed?
+ @type allow_include: bool
+ @param check_origin: should sanity checks of the origin node be done?
+ The default is True.
+ @type check_origin: bool
+ @raises dns.zone.NoSOA: No SOA RR was found at the zone origin
+ @raises dns.zone.NoNS: No NS RRset was found at the zone origin
+ @rtype: dns.zone.Zone object
+ """
+
+ # 'text' can also be a file, but we don't publish that fact
+ # since it's an implementation detail. The official file
+ # interface is from_file().
+
+ if filename is None:
+ filename = ''
+ tok = dns.tokenizer.Tokenizer(text, filename)
+ reader = _MasterReader(tok, origin, rdclass, relativize, zone_factory,
+ allow_include=allow_include,
+ check_origin=check_origin)
+ reader.read()
+ return reader.zone
+
+
+def from_file(f, origin=None, rdclass=dns.rdataclass.IN,
+ relativize=True, zone_factory=Zone, filename=None,
+ allow_include=True, check_origin=True):
+ """Read a master file and build a zone object.
+
+ @param f: file or string. If I{f} is a string, it is treated
+ as the name of a file to open.
+ @param origin: The origin of the zone; if not specified, the first
+ $ORIGIN statement in the master file will determine the origin of the
+ zone.
+ @type origin: dns.name.Name object or string
+ @param rdclass: The zone's rdata class; the default is class IN.
+ @type rdclass: int
+ @param relativize: should names be relativized? The default is True
+ @type relativize: bool
+ @param zone_factory: The zone factory to use
+ @type zone_factory: function returning a Zone
+ @param filename: The filename to emit when describing where an error
+ occurred; the default is '', or the value of I{f} if I{f} is a
+ string.
+ @type filename: string
+ @param allow_include: is $INCLUDE allowed?
+ @type allow_include: bool
+ @param check_origin: should sanity checks of the origin node be done?
+ The default is True.
+ @type check_origin: bool
+ @raises dns.zone.NoSOA: No SOA RR was found at the zone origin
+ @raises dns.zone.NoNS: No NS RRset was found at the zone origin
+ @rtype: dns.zone.Zone object
+ """
+
+ str_type = string_types
+ if PY3:
+ opts = 'r'
+ else:
+ opts = 'rU'
+
+ if isinstance(f, str_type):
+ if filename is None:
+ filename = f
+ f = open(f, opts)
+ want_close = True
+ else:
+ if filename is None:
+ filename = ''
+ want_close = False
+
+ try:
+ z = from_text(f, origin, rdclass, relativize, zone_factory,
+ filename, allow_include, check_origin)
+ finally:
+ if want_close:
+ f.close()
+ return z
+
+
+def from_xfr(xfr, zone_factory=Zone, relativize=True, check_origin=True):
+ """Convert the output of a zone transfer generator into a zone object.
+
+ @param xfr: The xfr generator
+ @type xfr: generator of dns.message.Message objects
+ @param relativize: should names be relativized? The default is True.
+ It is essential that the relativize setting matches the one specified
+ to dns.query.xfr().
+ @type relativize: bool
+ @param check_origin: should sanity checks of the origin node be done?
+ The default is True.
+ @type check_origin: bool
+ @raises dns.zone.NoSOA: No SOA RR was found at the zone origin
+ @raises dns.zone.NoNS: No NS RRset was found at the zone origin
+ @rtype: dns.zone.Zone object
+ """
+
+ z = None
+ for r in xfr:
+ if z is None:
+ if relativize:
+ origin = r.origin
+ else:
+ origin = r.answer[0].name
+ rdclass = r.answer[0].rdclass
+ z = zone_factory(origin, rdclass, relativize=relativize)
+ for rrset in r.answer:
+ znode = z.nodes.get(rrset.name)
+ if not znode:
+ znode = z.node_factory()
+ z.nodes[rrset.name] = znode
+ zrds = znode.find_rdataset(rrset.rdclass, rrset.rdtype,
+ rrset.covers, True)
+ zrds.update_ttl(rrset.ttl)
+ for rd in rrset:
+ rd.choose_relativity(z.origin, relativize)
+ zrds.add(rd)
+ if check_origin:
+ z.check_origin()
+ return z