From 862f5319771c363d73398c594d2756afc0336b06 Mon Sep 17 00:00:00 2001 From: Christoph Egger Date: Fri, 28 Oct 2016 18:18:35 +0200 Subject: [PATCH 1/1] Utility for TLSA lookup --- check_dane/resolve.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/check_dane/resolve.py b/check_dane/resolve.py index df490b7..ab930f7 100644 --- a/check_dane/resolve.py +++ b/check_dane/resolve.py @@ -5,7 +5,7 @@ import logging from datetime import datetime from unbound import ub_ctx, ub_strerror -from unbound import RR_TYPE_A, RR_TYPE_AAAA, RR_TYPE_RRSIG +from unbound import RR_TYPE_A, RR_TYPE_AAAA, RR_TYPE_RRSIG, RR_TYPE_SRV from ldns import ldns_wire2pkt from ldns import LDNS_SECTION_ANSWER @@ -64,6 +64,16 @@ def dnssec_verify_rrsig_validity(data, warn=-1, critical=0): return 1 +def srv_lookup(name, resolver): + retval = [] + result = resolver.resolve(name, rrtype=RR_TYPE_SRV) + for bytevalue in result.data.raw: + priority, weight, port = struct.unpack("!HHH", bytevalue[:6]) + hostname = '.'.join(result.data.dname2str(bytevalue[6:])) + retval.append(((hostname, port), {'priority': priority, 'weight': weight})) + return retval + + class ResolverException(BaseException): def __init__(self, message): BaseException.__init__(self) -- 2.39.5