diff options
author | Bob Halley <halley@nominum.com> | 2011-04-05 15:04:02 +0100 |
---|---|---|
committer | Bob Halley <halley@nominum.com> | 2011-04-05 15:04:02 +0100 |
commit | bfbdc2d77c11c10de4a146abb64055f501e81150 (patch) | |
tree | 63f04c26c6f52f6fff9db0faa8a3a460de137739 /dns | |
parent | b0ce8393555c89e73e5a417840a6dd92edd77905 (diff) | |
download | dnspython-bfbdc2d77c11c10de4a146abb64055f501e81150.tar.gz |
remove old DNSSEC types
Diffstat (limited to 'dns')
-rw-r--r-- | dns/rdtypes/ANY/DNSKEY.py | 77 | ||||
-rw-r--r-- | dns/rdtypes/ANY/KEY.py | 20 | ||||
-rw-r--r-- | dns/rdtypes/ANY/NXT.py | 99 | ||||
-rw-r--r-- | dns/rdtypes/ANY/RRSIG.py | 141 | ||||
-rw-r--r-- | dns/rdtypes/ANY/SIG.py | 43 | ||||
-rw-r--r-- | dns/rdtypes/ANY/__init__.py | 3 | ||||
-rw-r--r-- | dns/rdtypes/__init__.py | 2 | ||||
-rw-r--r-- | dns/rdtypes/keybase.py | 149 | ||||
-rw-r--r-- | dns/rdtypes/sigbase.py | 155 |
9 files changed, 211 insertions, 478 deletions
diff --git a/dns/rdtypes/ANY/DNSKEY.py b/dns/rdtypes/ANY/DNSKEY.py index ad66ef0..dd41761 100644 --- a/dns/rdtypes/ANY/DNSKEY.py +++ b/dns/rdtypes/ANY/DNSKEY.py @@ -13,13 +13,82 @@ # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT # OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -import dns.rdtypes.keybase + +import struct + +import dns.exception +import dns.dnssec +import dns.rdata # flag constants SEP = 0x0001 REVOKE = 0x0080 ZONE = 0x0100 -class DNSKEY(dns.rdtypes.keybase.KEYBase): - """DNSKEY record""" - pass +class DNSKEY(dns.rdata.Rdata): + """DNSKEY record + + @ivar flags: the key flags + @type flags: int + @ivar protocol: the protocol for which this key may be used + @type protocol: int + @ivar algorithm: the algorithm used for the key + @type algorithm: int + @ivar key: the public key + @type key: string""" + + __slots__ = ['flags', 'protocol', 'algorithm', 'key'] + + def __init__(self, rdclass, rdtype, flags, protocol, algorithm, key): + super(DNSKEY, self).__init__(rdclass, rdtype) + self.flags = flags + self.protocol = protocol + self.algorithm = algorithm + self.key = key + + def to_text(self, origin=None, relativize=True, **kw): + return '%d %d %d %s' % (self.flags, self.protocol, self.algorithm, + dns.rdata._base64ify(self.key)) + + def from_text(cls, rdclass, rdtype, tok, origin = None, relativize = True): + flags = tok.get_uint16() + protocol = tok.get_uint8() + algorithm = dns.dnssec.algorithm_from_text(tok.get_string()) + chunks = [] + while 1: + t = tok.get().unescape() + if t.is_eol_or_eof(): + break + if not t.is_identifier(): + raise dns.exception.SyntaxError + chunks.append(t.value) + b64 = ''.join(chunks) + key = b64.decode('base64_codec') + return cls(rdclass, rdtype, flags, protocol, algorithm, key) + + from_text = classmethod(from_text) + + def to_wire(self, file, compress = None, origin = None): + header = struct.pack("!HBB", self.flags, self.protocol, self.algorithm) + file.write(header) + file.write(self.key) + + def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin = None): + if rdlen < 4: + raise dns.exception.FormError + header = struct.unpack('!HBB', wire[current : current + 4]) + current += 4 + rdlen -= 4 + key = wire[current : current + rdlen].unwrap() + return cls(rdclass, rdtype, header[0], header[1], header[2], + key) + + from_wire = classmethod(from_wire) + + def _cmp(self, other): + hs = struct.pack("!HBB", self.flags, self.protocol, self.algorithm) + ho = struct.pack("!HBB", other.flags, other.protocol, other.algorithm) + v = cmp(hs, ho) + if v == 0: + v = cmp(self.key, other.key) + return v diff --git a/dns/rdtypes/ANY/KEY.py b/dns/rdtypes/ANY/KEY.py deleted file mode 100644 index c8581ed..0000000 --- a/dns/rdtypes/ANY/KEY.py +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright (C) 2003-2007, 2009, 2010 Nominum, Inc. -# -# Permission to use, copy, modify, and distribute this software and its -# documentation for any purpose with or without fee is hereby granted, -# provided that the above copyright notice and this permission notice -# appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES -# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR -# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT -# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -import dns.rdtypes.keybase - -class KEY(dns.rdtypes.keybase.KEYBase): - """KEY record""" - pass diff --git a/dns/rdtypes/ANY/NXT.py b/dns/rdtypes/ANY/NXT.py deleted file mode 100644 index 0bfe2f3..0000000 --- a/dns/rdtypes/ANY/NXT.py +++ /dev/null @@ -1,99 +0,0 @@ -# Copyright (C) 2003-2007, 2009, 2010 Nominum, Inc. -# -# Permission to use, copy, modify, and distribute this software and its -# documentation for any purpose with or without fee is hereby granted, -# provided that the above copyright notice and this permission notice -# appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES -# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR -# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT -# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -import dns.exception -import dns.rdata -import dns.rdatatype -import dns.name - -class NXT(dns.rdata.Rdata): - """NXT record - - @ivar next: the next name - @type next: dns.name.Name object - @ivar bitmap: the type bitmap - @type bitmap: string - @see: RFC 2535""" - - __slots__ = ['next', 'bitmap'] - - def __init__(self, rdclass, rdtype, next, bitmap): - super(NXT, self).__init__(rdclass, rdtype) - self.next = next - self.bitmap = bitmap - - def to_text(self, origin=None, relativize=True, **kw): - next = self.next.choose_relativity(origin, relativize) - bits = [] - for i in xrange(0, len(self.bitmap)): - byte = ord(self.bitmap[i]) - for j in xrange(0, 8): - if byte & (0x80 >> j): - bits.append(dns.rdatatype.to_text(i * 8 + j)) - text = ' '.join(bits) - return '%s %s' % (next, text) - - def from_text(cls, rdclass, rdtype, tok, origin = None, relativize = True): - next = tok.get_name() - next = next.choose_relativity(origin, relativize) - bitmap = ['\x00', '\x00', '\x00', '\x00', - '\x00', '\x00', '\x00', '\x00', - '\x00', '\x00', '\x00', '\x00', - '\x00', '\x00', '\x00', '\x00' ] - while 1: - token = tok.get().unescape() - if token.is_eol_or_eof(): - break - if token.value.isdigit(): - nrdtype = int(token.value) - else: - nrdtype = dns.rdatatype.from_text(token.value) - if nrdtype == 0: - raise dns.exception.SyntaxError("NXT with bit 0") - if nrdtype > 127: - raise dns.exception.SyntaxError("NXT with bit > 127") - i = nrdtype // 8 - bitmap[i] = chr(ord(bitmap[i]) | (0x80 >> (nrdtype % 8))) - bitmap = dns.rdata._truncate_bitmap(bitmap) - return cls(rdclass, rdtype, next, bitmap) - - from_text = classmethod(from_text) - - def to_wire(self, file, compress = None, origin = None): - self.next.to_wire(file, None, origin) - file.write(self.bitmap) - - def to_digestable(self, origin = None): - return self.next.to_digestable(origin) + self.bitmap - - def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin = None): - (next, cused) = dns.name.from_wire(wire[: current + rdlen], current) - current += cused - rdlen -= cused - bitmap = wire[current : current + rdlen].unwrap() - if not origin is None: - next = next.relativize(origin) - return cls(rdclass, rdtype, next, bitmap) - - from_wire = classmethod(from_wire) - - def choose_relativity(self, origin = None, relativize = True): - self.next = self.next.choose_relativity(origin, relativize) - - def _cmp(self, other): - v = cmp(self.next, other.next) - if v == 0: - v = cmp(self.bitmap, other.bitmap) - return v diff --git a/dns/rdtypes/ANY/RRSIG.py b/dns/rdtypes/ANY/RRSIG.py index 0e4816f..d760cec 100644 --- a/dns/rdtypes/ANY/RRSIG.py +++ b/dns/rdtypes/ANY/RRSIG.py @@ -13,8 +13,143 @@ # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT # OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -import dns.rdtypes.sigbase +import calendar +import struct +import time -class RRSIG(dns.rdtypes.sigbase.SIGBase): - """RRSIG record""" +import dns.dnssec +import dns.exception +import dns.rdata +import dns.rdatatype + +class BadSigTime(dns.exception.DNSException): + """Raised when a SIG or RRSIG RR's time cannot be parsed.""" pass + +def sigtime_to_posixtime(what): + if len(what) != 14: + raise BadSigTime + year = int(what[0:4]) + month = int(what[4:6]) + day = int(what[6:8]) + hour = int(what[8:10]) + minute = int(what[10:12]) + second = int(what[12:14]) + return calendar.timegm((year, month, day, hour, minute, second, + 0, 0, 0)) + +def posixtime_to_sigtime(what): + return time.strftime('%Y%m%d%H%M%S', time.gmtime(what)) + +class RRSIG(dns.rdata.Rdata): + """RRSIG record + + @ivar type_covered: the rdata type this signature covers + @type type_covered: int + @ivar algorithm: the algorithm used for the sig + @type algorithm: int + @ivar labels: number of labels + @type labels: int + @ivar original_ttl: the original TTL + @type original_ttl: long + @ivar expiration: signature expiration time + @type expiration: long + @ivar inception: signature inception time + @type inception: long + @ivar key_tag: the key tag + @type key_tag: int + @ivar signer: the signer + @type signer: dns.name.Name object + @ivar signature: the signature + @type signature: string""" + + __slots__ = ['type_covered', 'algorithm', 'labels', 'original_ttl', + 'expiration', 'inception', 'key_tag', 'signer', + 'signature'] + + def __init__(self, rdclass, rdtype, type_covered, algorithm, labels, + original_ttl, expiration, inception, key_tag, signer, + signature): + super(RRSIG, self).__init__(rdclass, rdtype) + self.type_covered = type_covered + self.algorithm = algorithm + self.labels = labels + self.original_ttl = original_ttl + self.expiration = expiration + self.inception = inception + self.key_tag = key_tag + self.signer = signer + self.signature = signature + + def covers(self): + return self.type_covered + + def to_text(self, origin=None, relativize=True, **kw): + return '%s %d %d %d %s %s %d %s %s' % ( + dns.rdatatype.to_text(self.type_covered), + self.algorithm, + self.labels, + self.original_ttl, + posixtime_to_sigtime(self.expiration), + posixtime_to_sigtime(self.inception), + self.key_tag, + self.signer, + dns.rdata._base64ify(self.signature) + ) + + def from_text(cls, rdclass, rdtype, tok, origin = None, relativize = True): + type_covered = dns.rdatatype.from_text(tok.get_string()) + algorithm = dns.dnssec.algorithm_from_text(tok.get_string()) + labels = tok.get_int() + original_ttl = tok.get_ttl() + expiration = sigtime_to_posixtime(tok.get_string()) + inception = sigtime_to_posixtime(tok.get_string()) + key_tag = tok.get_int() + signer = tok.get_name() + signer = signer.choose_relativity(origin, relativize) + chunks = [] + while 1: + t = tok.get().unescape() + if t.is_eol_or_eof(): + break + if not t.is_identifier(): + raise dns.exception.SyntaxError + chunks.append(t.value) + b64 = ''.join(chunks) + signature = b64.decode('base64_codec') + return cls(rdclass, rdtype, type_covered, algorithm, labels, + original_ttl, expiration, inception, key_tag, signer, + signature) + + from_text = classmethod(from_text) + + def to_wire(self, file, compress = None, origin = None): + header = struct.pack('!HBBIIIH', self.type_covered, + self.algorithm, self.labels, + self.original_ttl, self.expiration, + self.inception, self.key_tag) + file.write(header) + self.signer.to_wire(file, None, origin) + file.write(self.signature) + + def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin = None): + header = struct.unpack('!HBBIIIH', wire[current : current + 18]) + current += 18 + rdlen -= 18 + (signer, cused) = dns.name.from_wire(wire[: current + rdlen], current) + current += cused + rdlen -= cused + if not origin is None: + signer = signer.relativize(origin) + signature = wire[current : current + rdlen].unwrap() + return cls(rdclass, rdtype, header[0], header[1], header[2], + header[3], header[4], header[5], header[6], signer, + signature) + + from_wire = classmethod(from_wire) + + def choose_relativity(self, origin = None, relativize = True): + self.signer = self.signer.choose_relativity(origin, relativize) + + def _cmp(self, other): + return self._wire_cmp(other) diff --git a/dns/rdtypes/ANY/SIG.py b/dns/rdtypes/ANY/SIG.py deleted file mode 100644 index 47686a9..0000000 --- a/dns/rdtypes/ANY/SIG.py +++ /dev/null @@ -1,43 +0,0 @@ -# Copyright (C) 2003-2007, 2009, 2010 Nominum, Inc. -# -# Permission to use, copy, modify, and distribute this software and its -# documentation for any purpose with or without fee is hereby granted, -# provided that the above copyright notice and this permission notice -# appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES -# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR -# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT -# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -import struct - -import dns.rdtypes.sigbase - -class SIG(dns.rdtypes.sigbase.SIGBase): - """SIG record""" - def to_digestable(self, origin = None): - return struct.pack('!HBBIIIH', self.type_covered, - self.algorithm, self.labels, - self.original_ttl, self.expiration, - self.inception, self.key_tag) + \ - self.signer.to_digestable(origin) + \ - self.signature - def _cmp(self, other): - hs = struct.pack('!HBBIIIH', self.type_covered, - self.algorithm, self.labels, - self.original_ttl, self.expiration, - self.inception, self.key_tag) - ho = struct.pack('!HBBIIIH', other.type_covered, - other.algorithm, other.labels, - other.original_ttl, other.expiration, - other.inception, other.key_tag) - v = cmp(hs, ho) - if v == 0: - v = cmp(self.signer, other.signer) - if v == 0: - v = cmp(self.signature, other.signature) - return v diff --git a/dns/rdtypes/ANY/__init__.py b/dns/rdtypes/ANY/__init__.py index 0815dd5..76815c4 100644 --- a/dns/rdtypes/ANY/__init__.py +++ b/dns/rdtypes/ANY/__init__.py @@ -27,19 +27,16 @@ __all__ = [ 'HINFO', 'HIP', 'ISDN', - 'KEY', 'LOC', 'MX', 'NS', 'NSEC', 'NSEC3', 'NSEC3PARAM', - 'NXT', 'PTR', 'RP', 'RRSIG', 'RT', - 'SIG', 'SOA', 'SPF', 'SSHFP', diff --git a/dns/rdtypes/__init__.py b/dns/rdtypes/__init__.py index 13282be..fcc056f 100644 --- a/dns/rdtypes/__init__.py +++ b/dns/rdtypes/__init__.py @@ -20,6 +20,4 @@ __all__ = [ 'IN', 'mxbase', 'nsbase', - 'sigbase', - 'keybase', ] diff --git a/dns/rdtypes/keybase.py b/dns/rdtypes/keybase.py deleted file mode 100644 index 1006705..0000000 --- a/dns/rdtypes/keybase.py +++ /dev/null @@ -1,149 +0,0 @@ -# Copyright (C) 2004-2007, 2009, 2010 Nominum, Inc. -# -# Permission to use, copy, modify, and distribute this software and its -# documentation for any purpose with or without fee is hereby granted, -# provided that the above copyright notice and this permission notice -# appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES -# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR -# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT -# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -import struct - -import dns.exception -import dns.dnssec -import dns.rdata - -_flags_from_text = { - 'NOCONF': (0x4000, 0xC000), - 'NOAUTH': (0x8000, 0xC000), - 'NOKEY': (0xC000, 0xC000), - 'FLAG2': (0x2000, 0x2000), - 'EXTEND': (0x1000, 0x1000), - 'FLAG4': (0x0800, 0x0800), - 'FLAG5': (0x0400, 0x0400), - 'USER': (0x0000, 0x0300), - 'ZONE': (0x0100, 0x0300), - 'HOST': (0x0200, 0x0300), - 'NTYP3': (0x0300, 0x0300), - 'FLAG8': (0x0080, 0x0080), - 'FLAG9': (0x0040, 0x0040), - 'FLAG10': (0x0020, 0x0020), - 'FLAG11': (0x0010, 0x0010), - 'SIG0': (0x0000, 0x000f), - 'SIG1': (0x0001, 0x000f), - 'SIG2': (0x0002, 0x000f), - 'SIG3': (0x0003, 0x000f), - 'SIG4': (0x0004, 0x000f), - 'SIG5': (0x0005, 0x000f), - 'SIG6': (0x0006, 0x000f), - 'SIG7': (0x0007, 0x000f), - 'SIG8': (0x0008, 0x000f), - 'SIG9': (0x0009, 0x000f), - 'SIG10': (0x000a, 0x000f), - 'SIG11': (0x000b, 0x000f), - 'SIG12': (0x000c, 0x000f), - 'SIG13': (0x000d, 0x000f), - 'SIG14': (0x000e, 0x000f), - 'SIG15': (0x000f, 0x000f), - } - -_protocol_from_text = { - 'NONE' : 0, - 'TLS' : 1, - 'EMAIL' : 2, - 'DNSSEC' : 3, - 'IPSEC' : 4, - 'ALL' : 255, - } - -class KEYBase(dns.rdata.Rdata): - """KEY-like record base - - @ivar flags: the key flags - @type flags: int - @ivar protocol: the protocol for which this key may be used - @type protocol: int - @ivar algorithm: the algorithm used for the key - @type algorithm: int - @ivar key: the public key - @type key: string""" - - __slots__ = ['flags', 'protocol', 'algorithm', 'key'] - - def __init__(self, rdclass, rdtype, flags, protocol, algorithm, key): - super(KEYBase, self).__init__(rdclass, rdtype) - self.flags = flags - self.protocol = protocol - self.algorithm = algorithm - self.key = key - - def to_text(self, origin=None, relativize=True, **kw): - return '%d %d %d %s' % (self.flags, self.protocol, self.algorithm, - dns.rdata._base64ify(self.key)) - - def from_text(cls, rdclass, rdtype, tok, origin = None, relativize = True): - flags = tok.get_string() - if flags.isdigit(): - flags = int(flags) - else: - flag_names = flags.split('|') - flags = 0 - for flag in flag_names: - v = _flags_from_text.get(flag) - if v is None: - raise dns.exception.SyntaxError('unknown flag %s' % flag) - flags &= ~v[1] - flags |= v[0] - protocol = tok.get_string() - if protocol.isdigit(): - protocol = int(protocol) - else: - protocol = _protocol_from_text.get(protocol) - if protocol is None: - raise dns.exception.SyntaxError('unknown protocol %s' % protocol) - - algorithm = dns.dnssec.algorithm_from_text(tok.get_string()) - chunks = [] - while 1: - t = tok.get().unescape() - if t.is_eol_or_eof(): - break - if not t.is_identifier(): - raise dns.exception.SyntaxError - chunks.append(t.value) - b64 = ''.join(chunks) - key = b64.decode('base64_codec') - return cls(rdclass, rdtype, flags, protocol, algorithm, key) - - from_text = classmethod(from_text) - - def to_wire(self, file, compress = None, origin = None): - header = struct.pack("!HBB", self.flags, self.protocol, self.algorithm) - file.write(header) - file.write(self.key) - - def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin = None): - if rdlen < 4: - raise dns.exception.FormError - header = struct.unpack('!HBB', wire[current : current + 4]) - current += 4 - rdlen -= 4 - key = wire[current : current + rdlen].unwrap() - return cls(rdclass, rdtype, header[0], header[1], header[2], - key) - - from_wire = classmethod(from_wire) - - def _cmp(self, other): - hs = struct.pack("!HBB", self.flags, self.protocol, self.algorithm) - ho = struct.pack("!HBB", other.flags, other.protocol, other.algorithm) - v = cmp(hs, ho) - if v == 0: - v = cmp(self.key, other.key) - return v diff --git a/dns/rdtypes/sigbase.py b/dns/rdtypes/sigbase.py deleted file mode 100644 index b3ffce5..0000000 --- a/dns/rdtypes/sigbase.py +++ /dev/null @@ -1,155 +0,0 @@ -# Copyright (C) 2004-2007, 2009, 2010 Nominum, Inc. -# -# Permission to use, copy, modify, and distribute this software and its -# documentation for any purpose with or without fee is hereby granted, -# provided that the above copyright notice and this permission notice -# appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES -# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR -# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT -# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -import calendar -import struct -import time - -import dns.dnssec -import dns.exception -import dns.rdata -import dns.rdatatype - -class BadSigTime(dns.exception.DNSException): - """Raised when a SIG or RRSIG RR's time cannot be parsed.""" - pass - -def sigtime_to_posixtime(what): - if len(what) != 14: - raise BadSigTime - year = int(what[0:4]) - month = int(what[4:6]) - day = int(what[6:8]) - hour = int(what[8:10]) - minute = int(what[10:12]) - second = int(what[12:14]) - return calendar.timegm((year, month, day, hour, minute, second, - 0, 0, 0)) - -def posixtime_to_sigtime(what): - return time.strftime('%Y%m%d%H%M%S', time.gmtime(what)) - -class SIGBase(dns.rdata.Rdata): - """SIG-like record base - - @ivar type_covered: the rdata type this signature covers - @type type_covered: int - @ivar algorithm: the algorithm used for the sig - @type algorithm: int - @ivar labels: number of labels - @type labels: int - @ivar original_ttl: the original TTL - @type original_ttl: long - @ivar expiration: signature expiration time - @type expiration: long - @ivar inception: signature inception time - @type inception: long - @ivar key_tag: the key tag - @type key_tag: int - @ivar signer: the signer - @type signer: dns.name.Name object - @ivar signature: the signature - @type signature: string""" - - __slots__ = ['type_covered', 'algorithm', 'labels', 'original_ttl', - 'expiration', 'inception', 'key_tag', 'signer', - 'signature'] - - def __init__(self, rdclass, rdtype, type_covered, algorithm, labels, - original_ttl, expiration, inception, key_tag, signer, - signature): - super(SIGBase, self).__init__(rdclass, rdtype) - self.type_covered = type_covered - self.algorithm = algorithm - self.labels = labels - self.original_ttl = original_ttl - self.expiration = expiration - self.inception = inception - self.key_tag = key_tag - self.signer = signer - self.signature = signature - - def covers(self): - return self.type_covered - - def to_text(self, origin=None, relativize=True, **kw): - return '%s %d %d %d %s %s %d %s %s' % ( - dns.rdatatype.to_text(self.type_covered), - self.algorithm, - self.labels, - self.original_ttl, - posixtime_to_sigtime(self.expiration), - posixtime_to_sigtime(self.inception), - self.key_tag, - self.signer, - dns.rdata._base64ify(self.signature) - ) - - def from_text(cls, rdclass, rdtype, tok, origin = None, relativize = True): - type_covered = dns.rdatatype.from_text(tok.get_string()) - algorithm = dns.dnssec.algorithm_from_text(tok.get_string()) - labels = tok.get_int() - original_ttl = tok.get_ttl() - expiration = sigtime_to_posixtime(tok.get_string()) - inception = sigtime_to_posixtime(tok.get_string()) - key_tag = tok.get_int() - signer = tok.get_name() - signer = signer.choose_relativity(origin, relativize) - chunks = [] - while 1: - t = tok.get().unescape() - if t.is_eol_or_eof(): - break - if not t.is_identifier(): - raise dns.exception.SyntaxError - chunks.append(t.value) - b64 = ''.join(chunks) - signature = b64.decode('base64_codec') - return cls(rdclass, rdtype, type_covered, algorithm, labels, - original_ttl, expiration, inception, key_tag, signer, - signature) - - from_text = classmethod(from_text) - - def to_wire(self, file, compress = None, origin = None): - header = struct.pack('!HBBIIIH', self.type_covered, - self.algorithm, self.labels, - self.original_ttl, self.expiration, - self.inception, self.key_tag) - file.write(header) - self.signer.to_wire(file, None, origin) - file.write(self.signature) - - def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin = None): - header = struct.unpack('!HBBIIIH', wire[current : current + 18]) - current += 18 - rdlen -= 18 - (signer, cused) = dns.name.from_wire(wire[: current + rdlen], current) - current += cused - rdlen -= cused - if not origin is None: - signer = signer.relativize(origin) - signature = wire[current : current + rdlen].unwrap() - return cls(rdclass, rdtype, header[0], header[1], header[2], - header[3], header[4], header[5], header[6], signer, - signature) - - from_wire = classmethod(from_wire) - - def choose_relativity(self, origin = None, relativize = True): - self.signer = self.signer.choose_relativity(origin, relativize) - - def _cmp(self, other): - return self._wire_cmp(other) |