use of org.minidns.dnsname.DnsName in project minidns by MiniDNS.
the class DNSMessageTest method testMXLookup.
@Test
public void testMXLookup() throws Exception {
DNSMessage m = getMessageFromResource("gmail-mx");
assertFalse(m.authoritativeAnswer);
List<Record<? extends Data>> answers = m.answerSection;
assertEquals(5, answers.size());
Map<Integer, DNSName> mxes = new TreeMap<>();
for (Record<? extends Data> r : answers) {
assertCsEquals("gmail.com", r.name);
Data d = r.getPayload();
assertTrue(d instanceof MX);
assertEquals(TYPE.MX, d.getType());
mxes.put(((MX) d).priority, ((MX) d).target);
}
assertCsEquals("gmail-smtp-in.l.google.com", mxes.get(5));
assertCsEquals("alt1.gmail-smtp-in.l.google.com", mxes.get(10));
assertCsEquals("alt2.gmail-smtp-in.l.google.com", mxes.get(20));
assertCsEquals("alt3.gmail-smtp-in.l.google.com", mxes.get(30));
assertCsEquals("alt4.gmail-smtp-in.l.google.com", mxes.get(40));
}
use of org.minidns.dnsname.DnsName in project minidns by MiniDNS.
the class DNSNameTest method rawFieldsKeepCase.
@Test
public void rawFieldsKeepCase() {
String mixedCaseDnsName = "UP.low.UP.low.UP";
DNSName mixedCase = DNSName.from(mixedCaseDnsName);
assertEquals(mixedCaseDnsName, mixedCase.getRawAce());
}
use of org.minidns.dnsname.DnsName in project minidns by MiniDNS.
the class DNSSECClient method verifyNsec.
private Set<UnverifiedReason> verifyNsec(DNSMessage dnsMessage) throws IOException {
Set<UnverifiedReason> result = new HashSet<>();
Question q = dnsMessage.questions.get(0);
boolean validNsec = false;
boolean nsecPresent = false;
DNSName zone = null;
List<Record<? extends Data>> nameserverRecords = dnsMessage.authoritySection;
for (Record<? extends Data> nameserverRecord : nameserverRecords) {
if (nameserverRecord.type == TYPE.SOA)
zone = nameserverRecord.name;
}
if (zone == null)
throw new DNSSECValidationFailedException(q, "NSECs must always match to a SOA");
for (Record<? extends Data> record : nameserverRecords) {
UnverifiedReason reason;
switch(record.type) {
case NSEC:
nsecPresent = true;
reason = verifier.verifyNsec(record, q);
break;
case NSEC3:
nsecPresent = true;
reason = verifier.verifyNsec3(zone, record, q);
break;
default:
continue;
}
if (reason != null) {
result.add(reason);
} else {
validNsec = true;
}
}
if (nsecPresent && !validNsec) {
throw new DNSSECValidationFailedException(q, "Invalid NSEC!");
}
List<Record<? extends Data>> toBeVerified = dnsMessage.copyAuthority();
VerifySignaturesResult verifiedSignatures = verifySignatures(q, nameserverRecords, toBeVerified);
if (validNsec && verifiedSignatures.reasons.isEmpty()) {
result.clear();
} else {
result.addAll(verifiedSignatures.reasons);
}
if (!toBeVerified.isEmpty() && toBeVerified.size() != nameserverRecords.size()) {
throw new DNSSECValidationFailedException(q, "Only some nameserver records are signed!");
}
return result;
}
use of org.minidns.dnsname.DnsName in project minidns by MiniDNS.
the class Verifier method verifyNsec3.
public UnverifiedReason verifyNsec3(DNSName zone, Record<? extends Data> nsec3record, Question q) {
NSEC3 nsec3 = (NSEC3) nsec3record.payloadData;
DigestCalculator digestCalculator = algorithmMap.getNsecDigestCalculator(nsec3.hashAlgorithm);
if (digestCalculator == null) {
return new AlgorithmNotSupportedReason(nsec3.hashAlgorithmByte, nsec3.getType(), nsec3record);
}
byte[] bytes = nsec3hash(digestCalculator, nsec3.salt, q.name.getBytes(), nsec3.iterations);
String s = Base32.encodeToString(bytes);
DNSName computedNsec3Record = DNSName.from(s + "." + zone);
if (nsec3record.name.equals(computedNsec3Record)) {
for (TYPE type : nsec3.types) {
if (type.equals(q.type)) {
return new NSECDoesNotMatchReason(q, nsec3record);
}
}
return null;
}
if (nsecMatches(s, nsec3record.name.getHostpart(), Base32.encodeToString(nsec3.nextHashed))) {
return null;
}
return new NSECDoesNotMatchReason(q, nsec3record);
}
use of org.minidns.dnsname.DnsName in project minidns by MiniDNS.
the class InetAddressUtilTest method testReverseInet6Address.
@Test
public void testReverseInet6Address() {
Inet6Address inet6Address = InetAddressUtil.ipv6From(VALID_IPV6[0]);
DNSName reversedIpv6Address = InetAddressUtil.reverseIpAddressOf(inet6Address);
assertEquals(DNSName.from("3.0.a.2.0.0.0.4.2.0.0.0.5.f.2.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0"), reversedIpv6Address);
}
Aggregations