b/9ddlmZddlmZmZddlmZmZddlmZddl Z ddl m Z ddl Z ddl Z ddlZddlZGddeZGdd eZdS) )TestCaseInTempDir)dnsdnsp)gensectests) credentialsNczeZdZfdZdZdZdZdZddZdZ d Z d Z d Z dd Z ddZddZddZxZS)DNSTestcdtt|d|_dSN)superr setUptimeoutself __class__s 6/usr/lib/python3/dist-packages/samba/tests/dns_base.pyrz DNSTest.setUp!s* gt""$$$ cgd}||S)zReturn a readable error code)OKFORMERRSERVFAILNXDOMAINNOTIMPREFUSEDYXDOMAINYXRRSETNXRRSETNOTAUTHNOTZONE0x0B0x0C0x0D0x0E0x0FBADSIGBADKEY)rerrcode string_codess rerrstrzDNSTest.errstr%s    *G$$rc |||d||d||dSz$Helper function to check return codezExpected RCODE , got N) assertEqualr+)rrcodeexpecteds rassert_rcode_equalszDNSTest.assert_rcode_equals>s[ ;;x0000$++e2D2D2D+F G G G G Grc |jtjz}|||d||d||dSr-) operationr DNS_RCODEr/r+)rpacketr0 p_errcodes rassert_dns_rcode_equalszDNSTest.assert_dns_rcode_equalsCsj$s}4  EE;;u----t{{9/E/E/E,G H H H H Hrch|jtjz}|||d|d|dS)zHelper function to check opcodezExpected OPCODE r.N)r4r DNS_OPCODEr/)rr6opcodep_opcodes rassert_dns_opcode_equalsz DNSTest.assert_dns_opcode_equalsIsI#cn4 66!6688,- . . . . .rNctj}|tjdd|_||_g|_g|_|S)z!Helper creating a dns.name_packetNri)r name_packetrandomrandintidr4 questions additional)rr;qidps rmake_name_packetzDNSTest.make_name_packetOsA O   ;>#v..AD   rc<t||_||_dS)z$Helper to finalize a dns.name_packetN)lenqdcountrC)rr6rCs rfinish_name_packetzDNSTest.finish_name_packetYsY$rcVtj}||_||_||_|S)z#Helper creating a dns.name_question)r name_questionname question_typequestion_class)rrNqtypeqclassqs rmake_name_questionzDNSTest.make_name_question^s+    !rctj}tj}t ||_||_||_|Sr )r txt_recordr string_listrIcountstrtxt)rrecords rdata_txts_lists rmake_txt_recordzDNSTest.make_txt_recordfs>N$$ !##7||   rcX|jS)zHelper to get dns domain)creds get_realmlower)rs rget_dns_domainzDNSTest.get_dns_domainns"z##%%++---rFcd}||j} tj|}|r"t||t jt jt jd}||| |df| |d| dd}|r"t||tj tj|}||f||SS#||wwxYw)z#send a DNS query and read the replyNr5i)rndrndr_packprinthexdumpsocketAF_INET SOCK_DGRAM settimeoutconnectsendallrecv ndr_unpackrr?close) rr6hostdumprs send_packet recv_packetresponses rdns_transaction_udpzDNSTest.dns_transaction_udprs"  ?lG ,v..K 1dll;//000 fnf.?CCA LL ! ! ! IItRj ! ! ! IIk1 % % %&&q//K 1dll;//000~co{CCHk*} q} s DD%%D>cRd}||j} tj|}|r"t||t jt jt jd}||| |dftj dt|}||z }| ||dd}|r"t||tjt j|dd} ||n#||wwxYwtj| } || |dd| |ddfS)z?send a DNS query and read the reply, also return the raw packetNrrez!Hi)rrfrgrhrirjrk SOCK_STREAMrmrnstructpackrIrorprqrr?rrr/) rr6rsrtrrurv tcp_packetrwrx my_packets rdns_transaction_tcpzDNSTest.dns_transaction_tcps  ?lG ,v..K 1dll;//000 fnf.@!DDA LL ! ! ! IItRj ! ! !T3{+;+;<|d|p|}|tj}g}||tjtj}|||||| ||j \}} | |tj | |jd| |jdjjj|dS)Nr)rsr)rcrGrDNS_OPCODE_QUERYrTrrrrKry server_ipr8 DNS_RCODE_OKr/ancountanswersrrZrY) rrrrrNrFrCrSrxresponse_packets rcheck_query_txtzDNSTest.check_query_txts &&$"?$*=*=*?*?"?@  ! !#"6 7 7  # #D#*;S=N O O 9---  $ $QT^ $ < < $? $$Xs/?@@@ )1--- )!,26:IFFFFFrr )FN)Nr)__name__ __module__ __qualname__rr+r2r8r=rGrKrTr^rcryrrr __classcell__rs@rr r s,%%%2GGG HHH ... %%% ... 15015++++>0 G G G G G G G Grr cHeZdZfdZd dZd dZdZdZdZd d Z xZ S) DNSTKeyTestcdtt|i|_t jx|jd<|_|j|jd<tj |_ |j |j|j t j d|j t j d|j tjd|z|_dS)Nlp_ctxtarget_hostnameUSERNAMEPASSWORDz tkeytsig.%s)r rrsettingsr env_loadparmrserverr Credentialsr`guess set_usernameenv_get_var_value set_passwordset_kerberos_stateMUST_USE_KERBEROSrc newrecnamers rrzDNSTKeyTest.setUps k4  &&((( 050B0D0DD h$++/; '( ,..  %%%  7 C CDDD  7 C CDDD %%k&CDDD'$*=*=*?*??rNc||j}tjd||_|t j}||jt j t j }g}| || ||t j }|j|_t j |_t j |_d|_d|_t j}d|_t+t-j|_t+t-jdz|_t j|_d|_d|_t:j|j |_!|j!"||j!#d|j!$|j%|j!&t:j'|j!(dd }d }|j!)|\}} |*|d tW| D} | |_,t[| |_.||_/|g} d |_0| |_1|2||j3\} } |4| t j5| j6dj/}to|j,} |j!)| \}}|8||9| | dS) z4Do a TKEY transaction and establish a gensec contextNrrrgss-tsigirspnegoFrcZg|](}t|tr|nt|)Sr( isinstanceintord.0xs r z*DNSTKeyTest.tkey_trans.. s1TTTZ3''3SVVTTTrr):r`uuiduuid4rckey_namerGrrrTDNS_QTYPE_TKEYrrrKrrNrrrr tkey_record algorithmrtime inception expirationDNS_TKEY_MODE_GSSAPImodeerror other_sizerSecurity start_clientrgset_credentialsset_target_serviceset_target_hostnamer want_feature FEATURE_SIGNstart_mech_by_nameupdate assertFalselistkey_datarIkey_sizerarcountrDrrr8rrbytes assertTrue verify_packet)rr`rFrSrCrrfinishedclient_to_serverserver_to_clientdatarDrxrrs r tkey_transzDNSTKeyTest.tkey_transs =JE#':<<<<1D1D1F1F1FG  ! !#"6 7 7  # #DM$'$6$'$5 7 7  9--- KMM& & !!$dikk**ty{{++g5-  --dm<< u%%% !!%((( ""4;/// F/000 !!(+++'+v}}5E'F'F$# """TTTBR=S=STTTTS  !   $ $Q 7 7 $? $$Xs/?@@@&q)/  !566'+v}}5E'F'F$# !!! 8_55555rrc||jdjtj|jdj}t |j}t|j dz}ttj ||zdz}d|D}|| d=d|d<t |} tj } |j | _ tj| _d| _|j| _|j| _|j| _|j| _d| _d| _tj | } || z| z} |j| | |dS)Nrr{ cZg|](}t|tr|nt|)Sr(rrs rrz-DNSTKeyTest.verify_packet..*s1]]]Z3%7%7 CSVV]]]r )r/rDrrDNS_QTYPE_TSIGrrmacrIrrfrg fake_tsig_recrNDNS_QCLASS_ANYrr time_prefixralgorithm_namefudgerrr check_packet) rrxr request_mac tsig_recordr key_name_lentsig_record_lenresponse_packet_listresponse_packet_wo_tsig fake_tsigfake_tsig_packetrs rrzDNSTKeyTest.verify_packetsc ,Q/79KLLL)!,2 KO$$4=))A- cl;7788<G"L ^]_]]] /!1!2!2 3#$R #((<"="=%''   /  + 7 $) #.#=  %+   < 22447GG D$,,,,,rcRtj|}tj}||_tj|_d|_d|_ttj |_ d|_ d|_ d|_ d|_tj|}||z}|j||}dt#|D}tj} d| _ d| _|j | _ d| _ |j| _d| _ d| _|| _t-|| _tj} || _tj| _tj| _d| _d| _| | _| g} | |_d|_|S)z2Sign a packet, calculate a MAC and add TSIG recordrr,cZg|](}t|tr|nt|)Sr(rrs rrz+DNSTKeyTest.sign_packet..Rs1KKKAAs++7AAQKKKrrr)rfrgrrrNrrrrrrrrrrr sign_packetrrrB original_idrrImac_sizerrrrrrDr) rr6r packet_datarrrrmac_listrrrDs rrzDNSTKeyTest.sign_packet@snl6** %'' !  /  ! TY[[)) #-     < 22--f  t,,KKcKKK!!)^  "I  X KMM& ' S & rcdtdD}tj}d|_d|_t t j|_d|_|j|_ d|_ d|_ ||_ t||_tj}||_tj|_tj|_d|_d|_||_|g}||_d|_dS) zOAdd bad signature for a packet by bitflipping the final byte in the MACcZg|](}t|tr|nt|)Sr(rrs rrz/DNSTKeyTest.bad_sign_packet..qs1PPPAAs++7AAQPPPrbadmacrrrrrN)rrrrrrrrrBrrrrrIrrrNrrrrrrrrDr)rr6rrrrrDs rbad_sign_packetzDNSTKeyTest.bad_sign_packetmsQPhPPP!!)%%  "I  X KMM& ' S &rc@|tj}g}||tjtj}||||||||j \}}|j dzS)N) rGrrrTrrrrKryrr4)rrNrFrCrSrxrs r search_recordzDNSTKeyTest.search_records  ! !#"6 7 7  # #D#*;S=N O O 9---  $ $Q 7 7 $?!F**rFc|tj}d}|rtj}d}|tj}||tjtj}g}||| ||g}tj }|j |_ tj |_||_||_d|_|dg} | |_||t)||_||_|S)zCreate a DNS update requestrrrz"This is a test")rrDNS_QCLASS_NONErGrrTrcrrrKrrrNrrrrrr^rrIrr) rdeleterrrFrSrCrrrs rmake_update_requestzDNSTKeyTest.make_update_requests$  *HC  ! !#"7 8 8  # #D$7$7$9$9$'$5$'$5 7 7  9--- KMM%  $$&8%9::qLL rr )r)F) rrrrrrrr r rrrs@rrrs @ @ @ @ @=6=6=6=6~!-!-!-!-F+++Z: + + +rr) samba.testsr samba.dcerpcrrsambarrrr} samba.ndrrfr@rjrrr rr(rrrs&*)))))""""""""  nGnGnGnGnGnGnGnGbeeeee'eeeeer