dns_sprockets_lib package¶
Subpackages¶
- dns_sprockets_lib.loaders package
- dns_sprockets_lib.validators package
- Subpackages
- Submodules
- dns_sprockets_lib.validators.dnskey_bits module
- dns_sprockets_lib.validators.dnskey_origin module
- dns_sprockets_lib.validators.dnssectype_ambiguous module
- dns_sprockets_lib.validators.ns_origin module
- dns_sprockets_lib.validators.nsec3_chain module
- dns_sprockets_lib.validators.nsec3_missing module
- dns_sprockets_lib.validators.nsec3_orphan module
- dns_sprockets_lib.validators.nsec3param_origin module
- dns_sprockets_lib.validators.nsec_chain module
- dns_sprockets_lib.validators.nsec_missing module
- dns_sprockets_lib.validators.nsec_orphan module
- dns_sprockets_lib.validators.nsecx_ttls_match module
- dns_sprockets_lib.validators.rrsig_covers module
- dns_sprockets_lib.validators.rrsig_missing module
- dns_sprockets_lib.validators.rrsig_orphan module
- dns_sprockets_lib.validators.rrsig_signer_match module
- dns_sprockets_lib.validators.rrsig_time module
- dns_sprockets_lib.validators.rrsig_ttls_match module
- dns_sprockets_lib.validators.soa_origin module
- dns_sprockets_lib.validators.soa_unique module
- Module contents
- Subpackages
Submodules¶
dns_sprockets_lib.dns_sprockets_impl module¶
dns_sprockets_impl - DNS Zone validation tool implementation class.
-
class
DNSSprocketsImpl
(avail_loaders, avail_tests, args)[source]¶ Bases:
object
Performs zone validation.
dns_sprockets_lib.dns_utils module¶
dns_utils - Misc. DNS utility functions not present in dnspython.
-
calc_node_names
(node_names)[source]¶ Calculates list of node names in a zone, including any Empty Non-Terminals implied by wildcard records, ordered in DNSSEC name order. @param node_names The list of names from Zone.nodes.keys(). @return Sorted list of all node names.
-
dns_name_cmp_to_key
()[source]¶ Convert dns.name.Name.fullcompare method into a key= “function”, which is a class suitable for the key= argument for sort/sorted. @return Class that uses fullcompare() on dns.name.Name’s.
dns_sprockets_lib.dnssec_nsecx module¶
dnssec_nsec3 - Stuff for dealing with NSEC3-type zones.¶
(maybe contribute somehow to dnspython?)
-
covers
(nsecx_rdata, rrtype)[source]¶ Check to see if an NSECx covers a type.
Parameters: - nsec_rdata (obj) – An NSEC or NSEC3 instance.
- rrtype (int) – The dns.rdatatype to test.
Returns: True if the NSECx covers the type; False if not.
-
decode_salt
(hex_salt)[source]¶ Decodes hexedecimal representation of NSEC3-type “salt” values to binary.
Parameters: hex_salt (str) – The hex-encoded salt to decode. Returns: Binary value of the salt value. Return type: str, or None on failure
-
encode_salt
(bin_salt)[source]¶ Encodes binary NSEC3-type “salt” values to hexadecimal representation.
Parameters: bin_salt (str) – The binary salt to encode. Returns: Lowercase hexadecimal representation of the salt. Return type: str, or None on failure
-
get_covered_types
(nsecx_rdata)[source]¶ Gets list of types covered by an NSECx.
Parameters: nsecx_rdata (obj) – The NSEC or NSEC3 instance. Returns: List of dns.rdatatype’s that the NSECx covers.
-
hash_nsec3_name
(name, salt, algo, addl_iters, salt_is_binary=True)[source]¶ Hashes a domain name using indicated hashing algorithm / iterations.
Parameters: - name (str) – The domain name to hash.
- salt (str) – The salt to use (or empty string).
- algo (int) – The hashing algorithm to use.
- addl_iters (int) – The additional iterations to be applied.
- salt_is_binary (bool) – Set True if the salt is binary; False if hex-encoded.
Returns: The (lowercase) base32hex-encoded result.
Return type: str, or None on failure
dns_sprockets_lib.loader_classes module¶
loader_classes - Functions for dealing with zone loaders
dns_sprockets_lib.utils module¶
utils - “dns_sprockets” zone validation tool utility functions¶
-
camelcase_to_underscores
(name)[source]¶ Parameters: name (str) – Name to convert from camelcase to underscore style. Returns: Underscores-style string from camelcase-style.
-
process_optargs
(optargs, receiver_name, receiver)[source]¶ Adds plugin-specific optional arguments as attributes to a receiver instance. Arguments are pulled from the receiver’s ‘args’ attribute as fully-named (e.g. rrsig_missing_now) and stored in the receiver in “short form” (e.g. “now”). If not present in ‘args’, the optarg’s default value is used.
Parameters: - optargs (dict) – The optargs descriptor (e.g. {‘now’: (None, ‘Time to use for now’)}
- receiver_name (str) – The full name prefix (e.g. “rrsig_missing”).
- receiver (obj) – The instance that has .args and receives short-named attributes.
-
public_modules_in_package
(pkg, excludes=None)[source]¶ Scans a loaded package for “public” (i.e. no leading underscore) module names.
Parameters: - pkg (package) – The package to scan (e.g. sprocket_support.tests).
- excludes (list) – List of names to exclude.
Returns: List of module names in the package.
dns_sprockets_lib.validator_classes module¶
validator_classes - Functions for dealing with validators.
Module contents¶
__init__.py - Support library for “dns_sprockets” zone validator tool.