Ticket #6797: twisted_names_trunk_CERT.diff

File twisted_names_trunk_CERT.diff, 7.0 KB (added by Aaron Spike, 7 years ago)

Patch implementing DNS CERT resource record

  • twisted/internet/interfaces.py

     
    570570        """
    571571
    572572
     573    def lookupCertificate(name, timeout=None):
     574        """
     575        Perform a CERT record lookup.
     576
     577        @type name: C{str}
     578        @param name: DNS name to resolve.
     579
     580        @type timeout: Sequence of C{int}
     581        @param timeout: Number of seconds after which to reissue the query.
     582            When the last timeout expires, the query is considered failed.
     583
     584        @rtype: L{Deferred}
     585        @return: A L{Deferred} which fires with a three-tuple of lists of
     586            L{twisted.names.dns.RRHeader} instances.  The first element of the
     587            tuple gives answers.  The second element of the tuple gives
     588            authorities.  The third element of the tuple gives additional
     589            information.  The L{Deferred} may instead fail with one of the
     590            exceptions defined in L{twisted.names.error} or with
     591            C{NotImplementedError}.
     592        """
     593
     594
    573595    def lookupNamingAuthorityPointer(name, timeout=None):
    574596        """
    575597        Perform a NAPTR record lookup.
  • twisted/names/client.py

     
    725725
    726726
    727727
     728def lookupCertificate(name, timeout=None):
     729    return getResolver().lookupCertificate(name, timeout)
     730
     731
     732
    728733def lookupResponsibility(name, timeout=None):
    729734    return getResolver().lookupResponsibility(name, timeout)
    730735
  • twisted/names/common.py

     
    149149        return self._lookup(name, dns.IN, dns.SPF, timeout)
    150150
    151151
     152    def lookupCertificate(self, name, timeout=None):
     153        return self._lookup(name, dns.IN, dns.CERT, timeout)
     154
     155
    152156    def lookupResponsibility(self, name, timeout=None):
    153157        return self._lookup(name, dns.IN, dns.RP, timeout)
    154158
     
    240244    dns.MX:    'lookupMailExchange',
    241245    dns.TXT:   'lookupText',
    242246    dns.SPF:   'lookupSenderPolicy',
     247    dns.CERT:   'lookupCertificate',
    243248
    244249    dns.RP:    'lookupResponsibility',
    245250    dns.AFSDB: 'lookupAFSDatabase',
  • twisted/names/dns.py

     
    1414__all__ = [
    1515    'IEncodable', 'IRecord',
    1616
    17     'A', 'A6', 'AAAA', 'AFSDB', 'CNAME', 'DNAME', 'HINFO',
     17    'A', 'A6', 'AAAA', 'AFSDB', 'CERT', 'CNAME', 'DNAME', 'HINFO',
    1818    'MAILA', 'MAILB', 'MB', 'MD', 'MF', 'MG', 'MINFO', 'MR', 'MX',
    1919    'NAPTR', 'NS', 'NULL', 'OPT', 'PTR', 'RP', 'SOA', 'SPF', 'SRV', 'TXT',
    2020    'WKS',
     
    116116AAAA = 28
    117117SRV = 33
    118118NAPTR = 35
     119CERT = 37
    119120A6 = 38
    120121DNAME = 39
    121122OPT = 41
     
    146147    AAAA: 'AAAA',
    147148    SRV: 'SRV',
    148149    NAPTR: 'NAPTR',
     150    CERT: 'CERT',
    149151    A6: 'A6',
    150152    DNAME: 'DNAME',
    151153    OPT: 'OPT',
     
    15551557
    15561558
    15571559
     1560def _base64Format(bytes):
     1561    """
     1562    Base64 encode C{bytes} without any line breaks
     1563
     1564    @param bytes: The bytestring to encode.
     1565    @type bytes: L{bytes}
     1566
     1567    @return: The formatted base64 bytestring.
     1568    """
     1569    return nativeString(base64.encodestring(bytes).replace(b'\n', b''))
     1570
     1571
     1572
    15581573@implementer(IEncodable, IRecord)
     1574class Record_CERT(tputil.FancyStrMixin, tputil.FancyEqMixin):
     1575    """
     1576    A Certificate record.
     1577
     1578    @see: U{http://tools.ietf.org/html/rfc4398}
     1579
     1580    @ivar TYPE: CERT type code constant C{37}.
     1581    @ivar fancybasename: See L{tputil.FancyStrMixin}
     1582    @ivar showAttributes: See L{tputil.FancyStrMixin}
     1583    @ivar compareAttributes: See L{tputil.FancyEqMixin}
     1584
     1585    @ivar certType: See L{__init__}
     1586    @ivar keyTag: See L{__init__}
     1587    @ivar algorithm: See L{__init__}
     1588    @ivar certOrCRL: See L{__init__}
     1589    @ivar ttl: See L{__init__}
     1590    """
     1591
     1592    TYPE = CERT
     1593
     1594    fancybasename = 'CERT'
     1595
     1596    showAttributes = (
     1597        'certType', 'keyTag', 'algorithm',
     1598        ('certOrCRL', _base64Format), 'ttl')
     1599
     1600    compareAttributes = (
     1601        'certType', 'keyTag', 'algorithm',
     1602        'certOrCRL', 'ttl')
     1603
     1604    _fmt = '!HHB'
     1605    _fmt_size = struct.calcsize(_fmt)
     1606
     1607    def __init__(self, certType=1, keyTag=0,
     1608                 algorithm=5, certOrCRL=b'', ttl=None):
     1609        """
     1610        @param certType: an L{int} representing the certificate type
     1611            used in this CERT record. The default value (C{1}) represents
     1612            X.509 as per PKIX. See
     1613            U{https://www.iana.org/assignments/cert-rr-types/cert-rr-types.xhtml}
     1614        @type certType: L{int}
     1615
     1616        @param keyTag: Key tag value as described in RRSIG.
     1617            The default value (C{0}) is recommende if the
     1618            algorithm field is 0. See
     1619            U{https://tools.ietf.org/html/rfc4034#appendix-B}
     1620        @type keyTag: L{int}
     1621
     1622        @param algorithm: an L{int} representing the algorithm number
     1623            used in this CERT. The default value (C{5}) represents
     1624            RSA/SHA-1. These values are the same as used for DNSSEC. See
     1625            U{https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.txt}
     1626        @type algorithm: L{int}
     1627
     1628        @param certOrCRL: a base64 encoded string representing the
     1629            stored certificate or CRL.
     1630        @type certOrCRL: L{bytes}
     1631
     1632        @param ttl: The time-to-live of this record. TTL can be
     1633            supplied as an L{int} representing a period in seconds or
     1634            a human readable string can be supplied which will be
     1635            parsed by L{str2time}. Default is C{None}.
     1636        @type ttl: L{int} or L{str} or C{None}.
     1637        """
     1638        self.certType = certType
     1639        self.keyTag = keyTag
     1640        self.algorithm = algorithm
     1641        self.certOrCRL = certOrCRL
     1642        self.ttl = str2time(ttl)
     1643
     1644
     1645    def encode(self, strio, compDict=None):
     1646        strio.write(
     1647            struct.pack(self._fmt, self.certType, self.keyTag, self.algorithm))
     1648        strio.write(self.certOrCRL)
     1649
     1650
     1651    def decode(self, strio, length=None):
     1652        hdr = readPrecisely(strio, self._fmt_size)
     1653        self.certType, self.keyTag, self.algorithm = struct.unpack(self._fmt, hdr)
     1654
     1655        length -= self._fmt_size
     1656        self.certOrCRL = readPrecisely(strio, length)
     1657
     1658
     1659    def __hash__(self):
     1660        """
     1661        A has allowing this L{Record_CERT} to be used as a L{dict}
     1662        key.
     1663
     1664        @return: A L{hash} og the values of
     1665            L{Record_CERT.compareAttributes} except C{ttl}.
     1666        """
     1667        return hash(tuple(getattr(self, k)
     1668                          for k in self.compareAttributes
     1669                          if k != 'ttl'))
     1670
     1671
     1672
     1673@implementer(IEncodable, IRecord)
    15591674class Record_AFSDB(tputil.FancyStrMixin, tputil.FancyEqMixin):
    15601675    """
    15611676    Map from a domain name to the name of an AFS cell database server.