Example 31 with Name
use of org.xbill.DNS.Name in project nhin-d by DirectProject.
the class DNSConnectionTest method testDNSSocketConnectionTCPWithProxyStore.
public void testDNSSocketConnectionTCPWithProxyStore() throws Exception {
DNSServerSettings settings = new DNSServerSettings();
settings.setPort(AvailablePortFinder.getNextAvailable(1024));
DNSServer server = new DNSServer(new ProxyDNSStore(), settings);
server.start();
// give the server a couple seconds to start
Thread.sleep(2000);
// turn on debug settings for the DNS client
Options.set("verbose", "true");
Lookup lu = new Lookup(new Name("google.com"), Type.A);
ExtendedResolver resolver = new ExtendedResolver(IPUtils.getDNSLocalIps());
resolver.setTCP(true);
resolver.setPort(settings.getPort());
// default retries is 3, limite to 2
lu.setResolver(resolver);
Record[] retRecords = lu.run();
assertNotNull(retRecords);
server.stop();
Thread.sleep(2000);
}
Also used :
ExtendedResolver(org.xbill.DNS.ExtendedResolver)
Lookup(org.xbill.DNS.Lookup)
Record(org.xbill.DNS.Record)
Name(org.xbill.DNS.Name)
Example 32 with Name
use of org.xbill.DNS.Name in project nhin-d by DirectProject.
the class RESTSmtpAgentConfigFunctional_Test method setUp.
/**
* Initialize the servers- LDAP and HTTP.
*/
@SuppressWarnings("unchecked")
@Override
public void setUp() throws Exception {
// check for Windows... it doens't like file://<drive>... turns it into FTP
File file = new File("./src/test/resources/bundles/testBundle.p7b");
if (file.getAbsolutePath().contains(":/"))
filePrefix = "file:///";
else
filePrefix = "file:///";
CertCacheFactory.getInstance().flushAll();
/*
* Setup the LDAP Server
*/
MutablePartitionConfiguration pcfg = new MutablePartitionConfiguration();
pcfg.setName("lookupTest");
pcfg.setSuffix("cn=lookupTest");
// Create some indices
Set<String> indexedAttrs = new HashSet<String>();
indexedAttrs.add("objectClass");
indexedAttrs.add("cn");
pcfg.setIndexedAttributes(indexedAttrs);
// Create a first entry associated to the partition
Attributes attrs = new BasicAttributes(true);
// First, the objectClass attribute
Attribute attr = new BasicAttribute("objectClass");
attr.add("top");
attrs.put(attr);
// Associate this entry to the partition
pcfg.setContextEntry(attrs);
// As we can create more than one partition, we must store
// each created partition in a Set before initialization
Set<MutablePartitionConfiguration> pcfgs = new HashSet<MutablePartitionConfiguration>();
pcfgs.add(pcfg);
//
//
//
// add the lookupTestPublic
//
//
pcfg = new MutablePartitionConfiguration();
pcfg.setName("lookupTestPublic");
pcfg.setSuffix("cn=lookupTestPublic");
// Create some indices
indexedAttrs = new HashSet<String>();
indexedAttrs.add("objectClass");
indexedAttrs.add("cn");
pcfg.setIndexedAttributes(indexedAttrs);
// Create a first entry associated to the partition
attrs = new BasicAttributes(true);
// First, the objectClass attribute
attr = new BasicAttribute("objectClass");
attr.add("top");
attrs.put(attr);
// Associate this entry to the partition
pcfg.setContextEntry(attrs);
// As we can create more than one partition, we must store
// each created partition in a Set before initialization
pcfgs.add(pcfg);
configuration.setContextPartitionConfigurations(pcfgs);
this.configuration.setWorkingDirectory(new File("LDAP-TEST"));
// add the private key schema
///
Set<AbstractBootstrapSchema> schemas = configuration.getBootstrapSchemas();
schemas.add(new PrivkeySchema());
configuration.setBootstrapSchemas(schemas);
super.setUp();
// import the ldif file
InputStream stream = TestUtils.class.getResourceAsStream("/ldifs/privCertsOnly.ldif");
if (stream == null)
throw new IOException("Failed to load ldif file");
importLdif(stream);
// setup the mock DNS SRV adapter
mockLookup = mock(Lookup.class);
LookupFactory.getFactory().addOverrideImplementation(mockLookup);
SRVRecord srvRecord = new SRVRecord(new Name("_ldap._tcp.example.com."), DClass.IN, 3600, 0, 1, port, new Name("localhost."));
when(mockLookup.run()).thenReturn(new Record[] { srvRecord });
// create the web service and proxy
ConfigServiceRunner.startConfigService();
proxy = new ConfigurationServiceProxy(ConfigServiceRunner.getConfigServiceURL());
certService = new DefaultCertificateService(ConfigServiceRunner.getRestAPIBaseURL(), HttpClientFactory.createHttpClient(), new OpenServiceSecurityManager());
}
Also used :
BasicAttribute(javax.naming.directory.BasicAttribute)
BasicAttributes(javax.naming.directory.BasicAttributes)
Attribute(javax.naming.directory.Attribute)
BasicAttribute(javax.naming.directory.BasicAttribute)
DefaultCertificateService(org.nhind.config.rest.impl.DefaultCertificateService)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
BasicAttributes(javax.naming.directory.BasicAttributes)
Attributes(javax.naming.directory.Attributes)
OpenServiceSecurityManager(org.nhindirect.common.rest.OpenServiceSecurityManager)
IOException(java.io.IOException)
PrivkeySchema(org.nhindirect.ldap.PrivkeySchema)
Name(org.xbill.DNS.Name)
AbstractBootstrapSchema(org.apache.directory.server.core.schema.bootstrap.AbstractBootstrapSchema)
MutablePartitionConfiguration(org.apache.directory.server.core.configuration.MutablePartitionConfiguration)
Lookup(org.nhindirect.stagent.cert.impl.util.Lookup)
SRVRecord(org.xbill.DNS.SRVRecord)
File(java.io.File)
ConfigurationServiceProxy(org.nhind.config.ConfigurationServiceProxy)
HashSet(java.util.HashSet)
Example 33 with Name
use of org.xbill.DNS.Name in project nhin-d by DirectProject.
the class DNSCertificateStore method lookupDNS.
protected Collection<X509Certificate> lookupDNS(String name) {
String domain;
String lookupName = name.replace('@', '.');
Collection<X509Certificate> retVal = new ArrayList<X509Certificate>();
// get the domain of the address
int index;
if ((index = name.indexOf("@")) > -1)
domain = name.substring(index + 1);
else
domain = name;
try {
// try the configured servers first
Lookup lu = new Lookup(new Name(lookupName), Type.CERT);
// default retries is 3, limite to 2
lu.setResolver(createExResolver(servers.toArray(new String[servers.size()]), retries, timeout));
lu.setSearchPath((String[]) null);
Record[] retRecords = null;
try {
retRecords = lu.run();
} catch (Exception e) {
LOGGER.warn("Error using recusive DNS CERT lookup for name " + lookupName + "\r\nFalling back to looking up NS record for a targeted search", e);
}
if (retRecords == null || retRecords.length == 0) {
Name tempDomain;
// try to find the resource's name server records
// the address may be an alias so check if there is a CNAME record
lu = new Lookup(new Name(lookupName), Type.CNAME);
lu.setResolver(createExResolver(servers.toArray(new String[servers.size()]), retries, timeout));
lu.setSearchPath((String[]) null);
retRecords = lu.run();
if (retRecords != null && retRecords.length > 0) {
CNAMERecord cnameRect = (CNAMERecord) retRecords[0];
tempDomain = cnameRect.getTarget();
} else
// not a CNAME
tempDomain = new Name(domain);
// look for a name server records
while (tempDomain.labels() > 1) {
lu = new Lookup(tempDomain, Type.NS);
lu.setResolver(createExResolver(servers.toArray(new String[servers.size()]), retries, timeout));
lu.setSearchPath((String[]) null);
retRecords = lu.run();
if (retRecords != null && retRecords.length > 0)
break;
tempDomain = new Name(tempDomain.toString().substring((tempDomain.toString().indexOf(".") + 1)));
}
if (retRecords == null || retRecords.length == 0)
// can't find a name server... bail
return retVal;
String[] remoteServers = new String[retRecords.length];
for (int i = 0; i < remoteServers.length - 0; ++i) {
remoteServers[i] = ((NSRecord) retRecords[i]).getTarget().toString();
}
// search the name servers for the cert
lu = new Lookup(new Name(lookupName), Type.CERT);
ExtendedResolver remoteResolver = createExResolver(remoteServers, 2, 3);
if (remoteResolver.getResolvers().length > 0) {
lu.setResolver(remoteResolver);
lu.setSearchPath((String[]) null);
// CLEAR THE CACHE!!! We are seeing instances where an NXRRSET is cached because
// a DNS provider is trying to handle a request that it should be delegating
// The purpose of bypassing the DNS provider and going directly to the NS server
// is to avoid issues like this
/*
* Change of heart on clearing the DNS cache. Covering up the NXRRSET hides potential issues
* with incorrect DNS configuration. It is important that NXRRSET issues are discovered and corrected
* so all participants in the community participate in a consistent manner.
*/
//lu.setCache(new Cache(DClass.IN));
retRecords = lu.run();
} else {
// null out NS records
retRecords = null;
}
}
if (retRecords != null) {
retVal = new ArrayList<X509Certificate>();
for (Record rec : retRecords) {
if (rec instanceof CERTRecord) {
CERTRecord certRec = (CERTRecord) rec;
switch(certRec.getCertType()) {
case CERTRecord.PKIX:
{
Certificate certToAdd = convertPKIXRecordToCert(certRec);
if (// may not be an X509Cert
certToAdd != null && certToAdd instanceof X509Certificate)
retVal.add((X509Certificate) certToAdd);
break;
}
case CERTRecord.URI:
{
Certificate certToAdd = convertIPKIXRecordToCert(certRec);
if (// may not be an X509Cert
certToAdd != null && certToAdd instanceof X509Certificate)
retVal.add((X509Certificate) certToAdd);
break;
}
default:
{
LOGGER.warn("Unknown CERT type " + certRec.getCertType() + " encountered for lookup name" + lookupName);
}
}
}
}
} else if (// if this is an email address, do the search again and the host level
domain.length() < name.length())
retVal = lookupDNS(domain);
} catch (Exception e) {
e.printStackTrace();
throw new NHINDException("", e);
}
// add or update the local cert store
if (retVal != null && retVal.size() > 0 && localStoreDelegate != null) {
for (X509Certificate cert : retVal) {
if (localStoreDelegate != null) {
if (localStoreDelegate.contains(cert))
localStoreDelegate.update(cert);
else
localStoreDelegate.add(cert);
}
}
try {
if (cache != null)
cache.put(name, retVal);
} catch (CacheException e) {
/*
* TODO: handle exception
*/
}
}
return retVal;
}
Also used :
ExtendedResolver(org.xbill.DNS.ExtendedResolver)
CacheException(org.apache.jcs.access.exception.CacheException)
ArrayList(java.util.ArrayList)
NHINDException(org.nhindirect.stagent.NHINDException)
X509Certificate(java.security.cert.X509Certificate)
CacheException(org.apache.jcs.access.exception.CacheException)
NHINDException(org.nhindirect.stagent.NHINDException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
MalformedURLException(java.net.MalformedURLException)
UnknownHostException(java.net.UnknownHostException)
Name(org.xbill.DNS.Name)
CNAMERecord(org.xbill.DNS.CNAMERecord)
CERTRecord(org.xbill.DNS.CERTRecord)
Lookup(org.xbill.DNS.Lookup)
CNAMERecord(org.xbill.DNS.CNAMERecord)
CERTRecord(org.xbill.DNS.CERTRecord)
NSRecord(org.xbill.DNS.NSRecord)
Record(org.xbill.DNS.Record)
NSRecord(org.xbill.DNS.NSRecord)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Example 34 with Name
use of org.xbill.DNS.Name in project nhin-d by DirectProject.
the class LDAPPublicCertUtil_createLDAPUrl_Test method testCreateLDAPUrl_singleSRVRecord.
public void testCreateLDAPUrl_singleSRVRecord() throws Exception {
LdapPublicCertUtilImpl impl = new LdapPublicCertUtilImpl();
SRVRecord rec = new SRVRecord(new Name("test.com."), DClass.IN, 3600, 0, 1, 339, new Name("ldap.test.com."));
String url = impl.createLDAPUrl(new Record[] { rec });
String[] urls = url.split(" ");
assertEquals(1, urls.length);
assertTrue(urls[0].startsWith("ldap://ldap.test.com"));
}Example 35 with Name
use of org.xbill.DNS.Name in project nhin-d by DirectProject.
the class LdapCertificateStoreTest method setUp.
/**
* Initialize the server.
*/
@SuppressWarnings("unchecked")
@Override
public void setUp() throws Exception {
MutablePartitionConfiguration pcfg = new MutablePartitionConfiguration();
pcfg.setName("lookupTest");
pcfg.setSuffix("cn=lookupTest");
// Create some indices
Set<String> indexedAttrs = new HashSet<String>();
indexedAttrs.add("objectClass");
indexedAttrs.add("cn");
pcfg.setIndexedAttributes(indexedAttrs);
// Create a first entry associated to the partition
Attributes attrs = new BasicAttributes(true);
// First, the objectClass attribute
Attribute attr = new BasicAttribute("objectClass");
attr.add("top");
attrs.put(attr);
// Associate this entry to the partition
pcfg.setContextEntry(attrs);
// As we can create more than one partition, we must store
// each created partition in a Set before initialization
Set<MutablePartitionConfiguration> pcfgs = new HashSet<MutablePartitionConfiguration>();
pcfgs.add(pcfg);
// Create the public LDAP partition
pcfg = new MutablePartitionConfiguration();
pcfg.setName("lookupTestPublic");
pcfg.setSuffix("cn=lookupTestPublic");
// Create some indices
indexedAttrs = new HashSet<String>();
indexedAttrs.add("objectClass");
indexedAttrs.add("cn");
pcfg.setIndexedAttributes(indexedAttrs);
// Create a first entry associated to the partition
attrs = new BasicAttributes(true);
// First, the objectClass attribute
attr = new BasicAttribute("objectClass");
attr.add("top");
attrs.put(attr);
// Associate this entry to the partition
pcfg.setContextEntry(attrs);
// As we can create more than one partition, we must store
// each created partition in a Set before initialization
pcfgs.add(pcfg);
configuration.setContextPartitionConfigurations(pcfgs);
this.configuration.setWorkingDirectory(new File("LDAP-TEST"));
/*MutableAuthenticatorConfiguration authConfig = new MutableAuthenticatorConfiguration();
this.configuration.setAuthenticatorConfigurations(arg0)
*/
// add the private key schema
///
Set<AbstractBootstrapSchema> schemas = configuration.getBootstrapSchemas();
schemas.add(new PrivkeySchema());
configuration.setBootstrapSchemas(schemas);
super.setUp();
// import the ldif file
InputStream stream = LDAPResearchTest.class.getClassLoader().getResourceAsStream("ldifs/privCertsOnly.ldif");
if (stream == null)
throw new IOException("Failed to load ldif file");
importLdif(stream);
mockLookup = mock(Lookup.class);
LookupFactory.getFactory().addOverrideImplementation(mockLookup);
SRVRecord srvRecord = new SRVRecord(new Name("_ldap._tcp.example.com."), DClass.IN, 3600, 0, 1, port, new Name("localhost."));
when(mockLookup.run()).thenReturn(new Record[] { srvRecord });
CertCacheFactory.getInstance().flushAll();
}
Also used :
BasicAttribute(javax.naming.directory.BasicAttribute)
BasicAttributes(javax.naming.directory.BasicAttributes)
BasicAttribute(javax.naming.directory.BasicAttribute)
Attribute(javax.naming.directory.Attribute)
InputStream(java.io.InputStream)
BasicAttributes(javax.naming.directory.BasicAttributes)
Attributes(javax.naming.directory.Attributes)
IOException(java.io.IOException)
PrivkeySchema(org.nhindirect.ldap.PrivkeySchema)
Name(org.xbill.DNS.Name)
AbstractBootstrapSchema(org.apache.directory.server.core.schema.bootstrap.AbstractBootstrapSchema)
LDAPResearchTest(org.nhindirect.ldap.LDAPResearchTest)
MutablePartitionConfiguration(org.apache.directory.server.core.configuration.MutablePartitionConfiguration)
Lookup(org.nhindirect.stagent.cert.impl.util.Lookup)
SRVRecord(org.xbill.DNS.SRVRecord)
File(java.io.File)
HashSet(java.util.HashSet)
Aggregations
Name (org.xbill.DNS.Name)35
Record (org.xbill.DNS.Record)16
Message (org.xbill.DNS.Message)8
ARecord (org.xbill.DNS.ARecord)7
SRVRecord (org.xbill.DNS.SRVRecord)7
UnknownHostException (java.net.UnknownHostException)6
ExtendedResolver (org.xbill.DNS.ExtendedResolver)6
IOException (java.io.IOException)5
CNAMERecord (org.xbill.DNS.CNAMERecord)5
Lookup (org.xbill.DNS.Lookup)5
NSRecord (org.xbill.DNS.NSRecord)5
TextParseException (org.xbill.DNS.TextParseException)5
Zone (org.xbill.DNS.Zone)5
ArrayList (java.util.ArrayList)4
JSONArray (org.json.JSONArray)4
JSONException (org.json.JSONException)4
JSONObject (org.json.JSONObject)4
Lookup (org.nhindirect.stagent.cert.impl.util.Lookup)4
File (java.io.File)3
InputStream (java.io.InputStream)3
