FS-3110 --comment-only phase 1 to replace udns with ldns in mod_enum may need to rerun bootstrap

2025-08-13 09:36:46 +00:00 · 2011-03-24 16:26:37 -05:00
parent 047110cd56
commit 1773b890eb
275 changed files with 115723 additions and 8338 deletions
--- a/libs/ldns/contrib/python/examples/ldns-dnssec.py
+++ b/libs/ldns/contrib/python/examples/ldns-dnssec.py
@@ -0,0 +1,45 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+import ldns
+import sys
+
+debug = True
+
+# Check args
+argc = len(sys.argv)
+name = "www.nic.cz"
+if argc < 2:
+   print "Usage:", sys.argv[0], "domain [resolver_addr]"
+   sys.exit(1)
+else:
+   name = sys.argv[1]
+
+# Create resolver
+resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
+resolver.set_dnssec(True)
+
+# Custom resolver
+if argc > 2:
+   # Clear previous nameservers
+   ns = resolver.pop_nameserver()
+   while ns != None:
+      ns = resolver.pop_nameserver()
+   ip = ldns.ldns_rdf.new_frm_str(sys.argv[2], ldns.LDNS_RDF_TYPE_A)
+   resolver.push_nameserver(ip)
+
+# Resolve DNS name
+pkt = resolver.query(name, ldns.LDNS_RR_TYPE_A, ldns.LDNS_RR_CLASS_IN)
+if pkt and pkt.answer():
+
+   # Debug
+   if debug:
+      print "NS returned:", pkt.get_rcode(), "(AA: %d AD: %d)" % ( pkt.ad(), pkt.ad() )
+
+   # SERVFAIL indicated bogus name
+   if pkt.get_rcode() is ldns.LDNS_RCODE_SERVFAIL:
+      print name, "is bogus"
+
+   # Check AD (Authenticated) bit
+   if pkt.get_rcode() is ldns.LDNS_RCODE_NOERROR:
+      if pkt.ad(): print name, "is secure"
+      else:        print name, "is insecure"