Examples with Name org.xbill.DNS.Name used on opensource projects

Example 41 with Name

use of org.xbill.DNS.Name in project dim by 1and1.

the class ZoneVerifier method processNSEC3Chain.

private int processNSEC3Chain() {
    int errors = 0;
    NSEC3Record lastNSEC3 = null;
    NSEC3Record firstNSEC3 = null;
    for (Iterator<Map.Entry<Name, MarkRRset>> i = mNSEC3Map.entrySet().iterator(); i.hasNext(); ) {
        // which is different.
        if (lastNSEC3 != null) {
            if (compareNSEC3Hashes(lastNSEC3.getName(), lastNSEC3.getNext()) >= 0) {
                log.warning("NSEC3 for " + lastNSEC3.getName() + " has next name >= owner but is not the last NSEC3 in the chain.");
                errors++;
            }
        }
        Map.Entry<Name, MarkRRset> entry = i.next();
        Name n = entry.getKey();
        MarkRRset rrset = entry.getValue();
        // signed node.
        if (!rrset.getMark()) {
            log.warning("NSEC3 RR for " + n + " appears to be extra.");
            errors++;
        }
        NSEC3Record nsec3 = (NSEC3Record) rrset.first();
        // nsec3 map incorrectly.
        if (!n.equals(nsec3.getName())) {
            log.severe("The NSEC3 in the map for name " + n + " has name " + nsec3.getName());
            errors++;
        }
        // note the first NSEC3 in the chain.
        if (lastNSEC3 == null) {
            firstNSEC3 = nsec3;
        } else // Check that the prior NSEC3's next hashed name equals this row's hashed
        // owner name.
        {
            if (compareNSEC3Hashes(nsec3.getName(), lastNSEC3.getNext()) != 0) {
                String nextstr = mBase32.toString(lastNSEC3.getNext());
                log.warning("NSEC3 for " + lastNSEC3.getName() + " does not point to the next NSEC3 in the chain: " + nsec3.getName() + ", instead points to: " + nextstr);
                errors++;
            }
        }
        lastNSEC3 = nsec3;
    }
    // the ownername should be >= next name.
    if (compareNSEC3Hashes(lastNSEC3.getName(), lastNSEC3.getNext()) < 0) {
        String nextstr = mBase32.toString(lastNSEC3.getNext());
        log.warning("The last NSEC3 RR in the chain did not have an owner >= next: owner = " + lastNSEC3.getName() + " next = " + nextstr);
        errors++;
    }
    // check to make sure it links to the first NSEC in the chain
    if (compareNSEC3Hashes(firstNSEC3.getName(), lastNSEC3.getNext()) != 0) {
        log.warning("The last NSEC3 RR in the chain did not link to the first NSEC3");
        errors++;
    }
    return errors;
}

Example 42 with Name

use of org.xbill.DNS.Name in project dim by 1and1.

the class SignRRset method execute.

@SuppressWarnings("unchecked")
public void execute() throws Exception {
    // Read in the zone
    List<Record> records = ZoneUtils.readZoneFile(state.inputfile, null);
    if (records == null || records.size() == 0) {
        System.err.println("error: empty RRset file");
        state.usage();
    }
    // Construct the RRset. Complain if the records in the input file
    // consist of more than one RRset.
    RRset rrset = null;
    for (Record r : records) {
        // skip RRSIGs
        if (r.getType() == Type.RRSIG || r.getType() == Type.SIG) {
            continue;
        }
        // Handle the first record.
        if (rrset == null) {
            rrset = new RRset();
            rrset.addRR(r);
            continue;
        }
        // Ensure that the remaining records all belong to the same rrset.
        if (rrset.getName().equals(r.getName()) && rrset.getType() == r.getType() && rrset.getDClass() == r.getDClass()) {
            rrset.addRR(r);
        } else {
            System.err.println("Records do not all belong to the same RRset.");
            state.usage();
        }
    }
    if (rrset.size() == 0) {
        System.err.println("No records found in inputfile.");
        state.usage();
    }
    if (state.keyFiles.length == 0) {
        System.err.println("error: at least one keyfile must be specified");
        state.usage();
    }
    List<DnsKeyPair> keypairs = getKeys(state.keyFiles, 0, state.keyDirectory);
    // Make sure that all the keypairs have the same name.
    // This will be used as the zone name, too.
    Name keysetName = null;
    for (DnsKeyPair pair : keypairs) {
        if (keysetName == null) {
            keysetName = pair.getDNSKEYName();
            continue;
        }
        if (!pair.getDNSKEYName().equals(keysetName)) {
            System.err.println("Keys do not all have the same name.");
            state.usage();
        }
    }
    // default the output file, if not set.
    if (state.outputfile == null && !state.inputfile.equals("-")) {
        state.outputfile = state.inputfile + ".signed";
    }
    JCEDnsSecSigner signer = new JCEDnsSecSigner();
    List<RRSIGRecord> sigs = signer.signRRset(rrset, keypairs, state.start, state.expire);
    for (RRSIGRecord s : sigs) {
        rrset.addRR(s);
    }
    // write out the signed RRset
    List<Record> signed_records = new ArrayList<Record>();
    for (Iterator<Record> i = rrset.rrs(); i.hasNext(); ) {
        signed_records.add(i.next());
    }
    for (Iterator<Record> i = rrset.sigs(); i.hasNext(); ) {
        signed_records.add(i.next());
    }
    // write out the signed zone
    ZoneUtils.writeZoneFile(signed_records, state.outputfile);
    if (state.verifySigs) {
        log.fine("verifying generated signatures");
        boolean res = verifySigs(keysetName, signed_records, keypairs);
        if (res) {
            System.out.println("Generated signatures verified");
        // log.info("Generated signatures verified");
        } else {
            System.out.println("Generated signatures did not verify.");
        // log.warn("Generated signatures did not verify.");
        }
    }
}

Example 43 with Name

use of org.xbill.DNS.Name in project dim by 1and1.

the class ZoneFormat method determineNSEC3Owners.

private static void determineNSEC3Owners(List<Record> zone) throws NoSuchAlgorithmException {
    // Put the zone into a consistent (name and RR type) order.
    Collections.sort(zone, new RecordComparator());
    // first, find the NSEC3PARAM record -- this is an inefficient linear
    // search, although it should be near the head of the list.
    NSEC3PARAMRecord nsec3param = null;
    HashMap<String, String> map = new HashMap<String, String>();
    base32 b32 = new base32(base32.Alphabet.BASE32HEX, false, true);
    Name zonename = null;
    for (Record r : zone) {
        if (r.getType() == Type.SOA) {
            zonename = r.getName();
            continue;
        }
        if (r.getType() == Type.NSEC3PARAM) {
            nsec3param = (NSEC3PARAMRecord) r;
            break;
        }
    }
    // If we couldn't determine a zone name, we have an issue.
    if (zonename == null)
        return;
    // If there wasn't one, we have nothing to do.
    if (nsec3param == null)
        return;
    // Next pass, calculate a mapping between ownernames and hashnames
    Name last_name = null;
    for (Record r : zone) {
        if (r.getName().equals(last_name))
            continue;
        if (r.getType() == Type.NSEC3)
            continue;
        Name n = r.getName();
        byte[] hash = nsec3param.hashName(n);
        String hashname = b32.toString(hash);
        map.put(hashname, n.toString().toLowerCase());
        last_name = n;
        // inefficiently create hashes for the possible ancestor ENTs
        for (int i = zonename.labels() + 1; i < n.labels(); ++i) {
            Name parent = new Name(n, n.labels() - i);
            byte[] parent_hash = nsec3param.hashName(parent);
            String parent_hashname = b32.toString(parent_hash);
            if (!map.containsKey(parent_hashname)) {
                map.put(parent_hashname, parent.toString().toLowerCase());
            }
        }
    }
    // Final pass, assign the names if we can
    for (ListIterator<Record> i = zone.listIterator(); i.hasNext(); ) {
        Record r = i.next();
        if (r.getType() != Type.NSEC3)
            continue;
        NSEC3Record nsec3 = (NSEC3Record) r;
        String hashname = nsec3.getName().getLabelString(0).toLowerCase();
        String ownername = (String) map.get(hashname);
        NSEC3Record new_nsec3 = new NSEC3Record(nsec3.getName(), nsec3.getDClass(), nsec3.getTTL(), nsec3.getHashAlgorithm(), nsec3.getFlags(), nsec3.getIterations(), nsec3.getSalt(), nsec3.getNext(), nsec3.getTypes(), ownername);
        i.set(new_nsec3);
    }
}

Example 44 with Name

use of org.xbill.DNS.Name in project dim by 1and1.

the class NameTest method test_toString_escaped.

public void test_toString_escaped() throws TextParseException {
    String in = "my.escaped.junk\\128.label.";
    Name n = new Name(in);
    assertEquals(in, n.toString());
}

Example 45 with Name

use of org.xbill.DNS.Name in project dim by 1and1.

the class NameTest method test_relativize_null_origin.

public void test_relativize_null_origin() throws TextParseException {
    Name sub = Name.fromString("a.b.c.");
    Name dom = null;
    Name n = sub.relativize(dom);
    assertEquals(sub, n);
}