a W×a:ã@s¨ddlmZddlmZddlmZmZddlmZm Z ddlm Z ddl Z ddl m Z ddlZddlZddlZddlZddlmZGdd „d eƒZGd d „d eƒZdS) é)Úprint_function)ÚTestCaseInTempDir)ÚdnsÚdnsp)ÚgensecÚtests)Ú credentialsN)Ú binary_typecsŽeZdZ‡fdd„Zdd„Zdd„Zdd„Zd d „Zdd d „Zdd„Z dd„Z dd„Z dd„Z d dd„Z d!dd„Zd"dd„Zd#dd„Z‡ZS)$ÚDNSTestcstt|ƒ ¡d|_dS©N)Úsuperr ÚsetUpÚtimeout©Úself©Ú __class__©ú6/usr/lib/python3/dist-packages/samba/tests/dns_base.pyr #sz DNSTest.setUpcCsgd¢}||S)zReturn a readable error code)ZOKZFORMERRZSERVFAILZNXDOMAINZNOTIMPZREFUSEDZYXDOMAINZYXRRSETZNXRRSETZNOTAUTHZNOTZONEZ0x0BZ0x0CZ0x0DZ0x0EZ0x0FZBADSIGZBADKEYr)rZerrcodeZ string_codesrrrÚerrstr'szDNSTest.errstrc Cs&| ||d| |¡| |¡f¡dS©z$Helper function to check return codezExpected RCODE %s, got %sN)Ú assertEqualr)rÚrcodeZexpectedrrrÚassert_rcode_equals@s ÿzDNSTest.assert_rcode_equalsc Cs2|jtj@}| ||d| |¡| |¡f¡dSr)Ú operationrZ DNS_RCODErr)rÚpacketrZ p_errcoderrrÚassert_dns_rcode_equalsEs  ÿzDNSTest.assert_dns_rcode_equalscCs&|jtj@}| ||d||f¡dS)zHelper function to check opcodezExpected OPCODE %s, got %sN)rrZ DNS_OPCODEr)rrÚopcodeZp_opcoderrrÚassert_dns_opcode_equalsKs  ÿz DNSTest.assert_dns_opcode_equalsNcCs4t ¡}|durt dd¡|_||_g|_g|_|S)z!Helper creating a dns.name_packetNriÿ)rÚ name_packetÚrandomZrandintÚidrÚ questionsÚ additional)rrZqidÚprrrÚmake_name_packetQszDNSTest.make_name_packetcCst|ƒ|_||_dS)z$Helper to finalize a dns.name_packetN)ÚlenZqdcountr")rrr"rrrÚfinish_name_packet[s zDNSTest.finish_name_packetcCst ¡}||_||_||_|S)z#Helper creating a dns.name_question)rZ name_questionÚnameZ question_typeZquestion_class)rr(ZqtypeZqclassÚqrrrÚmake_name_question`s zDNSTest.make_name_questioncCs*t ¡}t ¡}t|ƒ|_||_||_|Sr )rZ txt_recordrZ string_listr&ÚcountÚstrÚtxt)rZrecordsZ rdata_txtZs_listrrrÚmake_txt_recordhs  zDNSTest.make_txt_recordcCs|j ¡ ¡S)zHelper to get dns domain)ÚcredsZ get_realmÚlowerrrrrÚget_dns_domainpszDNSTest.get_dns_domainFc CsÄd}|dur|j}zšt |¡}|r0t| |¡ƒt tjtjd¡}| |¡|  |df¡|  |d¡|  dd¡}|r„t| |¡ƒt  t j|¡}||fW|durª| ¡Sn|dur¾| ¡0dS)z#send a DNS query and read the replyNré5i)rÚndrÚndr_packÚprintÚhexdumpÚsocketÚAF_INETZ SOCK_DGRAMÚ settimeoutÚconnectÚsendallÚrecvÚ ndr_unpackrrÚclose) rrÚhostÚdumprÚsÚ send_packetÚ recv_packetÚresponserrrÚdns_transaction_udpts.    ýÿzDNSTest.dns_transaction_udpc Csd}|dur|j}z°t |¡}|r0t| |¡ƒt tjtjd¡}| |¡|  |df¡t   dt |ƒ¡}||7}|  |¡| dd¡}|ršt| |¡ƒt tj|dd…¡} W|durÖ| ¡n|durÔ| ¡0t | ¡} | | |dd…¡| |dd…fS)z?send a DNS query and read the reply, also return the raw packetNrr2z!Hié)rr3r4r5r6r7r8Z SOCK_STREAMr9r:ÚstructZpackr&r;r<r=rrr>r) rrr?r@rrArBZ tcp_packetrCrDZ my_packetrrrÚdns_transaction_tcp‹s0     ÿ  zDNSTest.dns_transaction_tcpc Cs¨| tj¡}g}|p| ¡}| |tjtj¡}| |¡| ||¡g}t  ¡}d||f|_ tj |_ tj|_ d|_d|_| |¡} | |_| |¡t|ƒ|_||_|S)Nú%s.%sé„éÿÿ)r%rÚDNS_OPCODE_UPDATEr1r*Ú DNS_QTYPE_SOAÚ DNS_QCLASS_INÚappendr'Úres_recr(Ú DNS_QTYPE_TXTÚrr_typeÚrr_classÚttlÚlengthr.Úrdatar&ÚnscountÚnsrecs) rÚprefixÚ txt_arrayZdomainr$Úupdatesr(ÚuÚrrVrrrÚmake_txt_updateªs&       zDNSTest.make_txt_updatec Cs˜d||p| ¡f}| tj¡}g}| |tjtj¡}| |¡| ||¡|j ||j d\}} |  |tj ¡|  |jd¡|  |jdjjj|¡dS)NrI)r?ér)r1r%rÚDNS_OPCODE_QUERYr*rQrNrOr'rEÚ server_iprÚ DNS_RCODE_OKrZancountÚanswersrVr-r,) rrYrZZzoner(r$r"r)rDÚresponse_packetrrrÚcheck_query_txtÂs   ÿzDNSTest.check_query_txt)N)FN)FN)N)N)Ú__name__Ú __module__Ú __qualname__r rrrrr%r'r*r.r1rErHr^reÚ __classcell__rrrrr !s   ÿ ÿ  r csReZdZ‡fdd„Zddd„Zddd„Zd d „Zd d „Zd d„Zddd„Z ‡Z S)Ú DNSTKeyTestcstt|ƒ ¡i|_t ¡|jd<|_|j|jd<t  ¡|_ |j   |j¡|j   t  d¡¡|j  t  d¡¡|j  tj¡d| ¡|_dS)NÚlp_ctxZtarget_hostnameZUSERNAMEZPASSWORDz tkeytsig.%s)r rjr ÚsettingsrZ env_loadparmrkÚserverrZ Credentialsr/ZguessZ set_usernameZenv_get_var_valueZ set_passwordZset_kerberos_stateZMUST_USE_KERBEROSr1Ú newrecnamerrrrr Ós  zDNSTKeyTest.setUpNcCsÜ|dur|j}dt ¡| ¡f|_| tj¡}| |jtj tj ¡}g}|  |¡|  ||¡t  ¡}|j|_tj |_tj |_d|_d|_t ¡}d|_tt ¡ƒ|_tt ¡ƒd|_tj|_d|_d|_tj |j ¡|_!|j! "|¡|j! #d¡|j! $|j%¡|j! &tj'¡|j! (d¡d }d }|j! )|¡\}} | *|¡d d „t+| ƒDƒ} | |_,t-| ƒ|_.||_/|g} d |_0| |_1| 2||j3¡\} } | 4| tj5¡| j6dj/}t7t8|j,ƒƒ} |j! )| ¡\}}| 9|¡| :| | ¡dS)z4Do a TKEY transaction and establish a gensec contextNrIrrKúgss-tsigirZspnegoFócSs"g|]}t|tƒr|nt|ƒ‘qSr©Ú isinstanceÚintÚord©Ú.0ÚxrrrÚ rpz*DNSTKeyTest.tkey_trans..r_);r/ÚuuidZuuid4r1Úkey_namer%rr`r*ZDNS_QTYPE_TKEYrNrOr'rPr(rRrSrTrUÚ tkey_recordÚ algorithmrsÚtimeZ inceptionZ expirationZDNS_TKEY_MODE_GSSAPIÚmodeÚerrorÚ other_sizerZSecurityZ start_clientrlÚgZset_credentialsZset_target_serviceZset_target_hostnamermZ want_featureZ FEATURE_SIGNZstart_mech_by_nameÚupdateZ assertFalseÚlistZkey_datar&Zkey_sizerVÚarcountr#rHrarrbrcr Ú bytearrayZ assertTrueÚ verify_packet)rr/r$r)r"r]rVZfinishedZclient_to_serverZserver_to_clientÚdatar#rDrdr{rrrÚ tkey_transàsb þ        ÿ  zDNSTKeyTest.tkey_transrpc Cs| |jdjtj¡|jdj}tt|jƒƒ}t |j ƒd}t t   |¡ƒ|d}dd„|Dƒ}|| d…=t |dtƒr†d|d<n tdƒ|d<tt|ƒƒ} t ¡} |j | _tj| _d| _|j| _|j| _|j| _|j| _d| _d| _t   | ¡} || | } |j | | |¡dS)NrrFé cSs"g|]}t|tƒr|nt|ƒ‘qSrrqrurrrrx,rpz-DNSTKeyTest.verify_packet..é )rr#rRrÚDNS_QTYPE_TSIGrVr r…Úmacr&rzr3r4rrrsÚchrÚ fake_tsig_recr(ÚDNS_QCLASS_ANYrSrTÚ time_prefixr}Úalgorithm_nameÚfudgerr€rZ check_packet) rrDrdZ request_macÚ tsig_recordrŒZ key_name_lenZtsig_record_lenZresponse_packet_listZresponse_packet_wo_tsigÚ fake_tsigÚfake_tsig_packetr‡rrrr†s0       zDNSTKeyTest.verify_packetc Cst |¡}t ¡}||_tj|_d|_d|_t t   ¡ƒ|_ d|_ d|_ d|_ d|_t |¡}||}|j ||¡}dd„t|ƒDƒ}t ¡} d| _ d| _|j | _ d| _ |j| _d| _ d| _|| _t|ƒ| _t ¡} || _tj| _tj| _d| _d| _| | _| g} | |_d|_|S)z2Sign a packet, calculate a MAC and add TSIG recordrroé,cSs"g|]}t|tƒr|nt|ƒ‘qSrrqrurrrrxWrpz+DNSTKeyTest.sign_packet..rKr_)r3r4rrŽr(rrSrTrrsr}r‘r’rr€rÚ sign_packetrƒr“r!Ú original_idrŒr&Úmac_sizerPr‹rRrUrVr#r„) rrrzZ packet_datar”r•r‡rŒÚmac_listrVr]r#rrrr—EsH   zDNSTKeyTest.sign_packetcCs¤dd„tdƒDƒ}t ¡}d|_d|_tt ¡ƒ|_d|_|j|_ d|_ d|_ ||_ t |ƒ|_t ¡}||_tj|_tj|_d|_d|_||_|g}||_d|_d S) zOAdd bad signature for a packet by bitflipping the final byte in the MACcSs"g|]}t|tƒr|nt|ƒ‘qSrrqrurrrrxvrpz/DNSTKeyTest.bad_sign_packet..Zbadmacrorr–rKr_N)rƒrr“r‘rrsr}r’r!r˜rr€rŒr&r™rPr(r‹rRrrSrTrUrVr#r„)rrrzršrVr]r#rrrÚbad_sign_packetrs* zDNSTKeyTest.bad_sign_packetcCsT| tj¡}g}| |tjtj¡}| |¡| ||¡| ||j ¡\}}|j d@S)Né) r%rr`r*rQrNrOr'rErar)rr(r$r"r)rDrdrrrÚ search_records    ÿzDNSTKeyTest.search_recordFc Cs²tj}d}|rtj}d}| tj¡}| | ¡tjtj¡}g}| |¡|  ||¡g}t  ¡}|j |_ tj |_||_||_d|_| dg¡} | |_| |¡t|ƒ|_||_|S)zCreate a DNS update requestrJrrKz"This is a test")rrNZDNS_QCLASS_NONEr%rLr*r1rMrOr'rPrnr(rQrRrSrTrUr.rVr&rWrX) rÚdeleterSrTr$r)r"r[r]rVrrrÚmake_update_request›s4  þ     zDNSTKeyTest.make_update_request)N)rp)F) rfrgrhr rˆr†r—r›rrŸrirrrrrjÒs ? &- rj)Z __future__rZ samba.testsrZ samba.dcerpcrrZsambarrrrGZ samba.ndrr3r r7ryr}Z samba.compatr r rjrrrrÚs     2