U mÃfö+ã@sldZddlZddlZddlZddlZddlZddlZddlZdZ dZ dZ dZ ej dd„ƒZGdd „d ƒZdS) z*Help for building DNS wire format messageséNéééc csŒ| d|¡| ¡}dV| ¡}||}|dkrˆzF| ||¡z| | |d¡¡Wntk rvtjj‚YnXW5| |¡XdS)NórÚbig)ÚwriteÚtellÚseekÚto_bytesÚ OverflowErrorÚdnsÚ exceptionÚ FormError)ÚoutputZ length_lengthÚstartÚendÚlength©rú:/opt/hc_python/lib/python3.8/site-packages/dns/renderer.pyÚprefixed_length#src@sÐeZdZdZd)dd„Zdd„Zd d „Zejd d „ƒZ ejd d„ƒZ e j j fdd„Zdd„Zdd„Zd*dd„Zd+dd„Ze jjfdd„Ze jjfdd„Zdd„Zdd „Zd!d"„Zedd#œd$d%„Zdd&œd'd(„ZdS),ÚRendererašHelper class for building DNS wire-format messages. Most applications can use the higher-level L{dns.message.Message} class and its to_wire() method to generate wire-format messages. This class is for those applications which need finer control over the generation of messages. Typical use:: r = dns.renderer.Renderer(id=1, flags=0x80, max_size=512) r.add_question(qname, qtype, qclass) r.add_rrset(dns.renderer.ANSWER, rrset_1) r.add_rrset(dns.renderer.ANSWER, rrset_2) r.add_rrset(dns.renderer.AUTHORITY, ns_rrset) r.add_rrset(dns.renderer.ADDITIONAL, ad_rrset_1) r.add_rrset(dns.renderer.ADDITIONAL, ad_rrset_2) r.add_edns(0, 0, 4096) r.write_header() r.add_tsig(keyname, secret, 300, 1, 0, '', request_mac) wire = r.get_wire() If padding is going to be used, then the OPT record MUST be written after everything else in the additional section except for the TSIG (if any). output, an io.BytesIO, where rendering is written id: the message id flags: the message flags max_size: the maximum size of the message origin: the origin to use when rendering relative names compress: the compression table section: an int, the section currently being rendered counts: list of the number of RRs in each section mac: the MAC of the rendered message (if TSIG was used) NréÿÿcCsvt ¡|_|dkr"t dd¡|_n||_||_||_||_i|_ t |_ ddddg|_ |j  d¡d|_d|_d|_dS)zInitialize a new renderer.Nrrs ÚF)ÚioÚBytesIOrÚrandomÚrandintÚidÚflagsÚmax_sizeÚoriginÚcompressÚQUESTIONÚsectionÚcountsrÚmacÚreservedÚ was_padded)Úselfrrrr rrrÚ__init__bs  zRenderer.__init__cCsV|j |¡|j ¡g}|j ¡D]\}}||kr$| |¡q$|D] }|j|=qDdS)z™Truncate the output buffer at offset *where*, and remove any compression table entries that pointed beyond the truncation point. N)rr Útruncater!ÚitemsÚappend)r(ÚwhereZkeys_to_deleteÚkÚvrrrÚ _rollbackus   zRenderer._rollbackcCs&|j|kr"|j|krtjj‚||_dS)aSet the renderer's current section. Sections must be rendered order: QUESTION, ANSWER, AUTHORITY, ADDITIONAL. Sections may be empty. Raises dns.exception.FormError if an attempt was made to set a section value less than the current section. N)r#r r r)r(r#rrrÚ _set_section„s  zRenderer._set_sectionccs6|j ¡}|V|j ¡|jkr2| |¡tjj‚dS©N)rrrr0r r ZTooBig)r(rrrrÚ _track_size“s   zRenderer._track_sizec cs4|j ¡}z|j |¡dVW5|j |¡XdSr2)rrr )r(r-ÚcurrentrrrÚ_temporarily_seek_to›s    zRenderer._temporarily_seek_toc Cs^| t¡| ¡0| |j|j|j¡|j t  d||¡¡W5QRX|j td7<dS)zAdd a question to the message.z!HHrN) r1r"r3Úto_wirerr!r rÚstructÚpackr$)r(ZqnameZrdtypeÚrdclassrrrÚ add_question¤s    zRenderer.add_questionc KsL| |¡| ¡|j|j|j|jf|Ž}W5QRX|j||7<dS)zŠAdd the rrset to the specified section. Any keyword arguments are passed on to the rdataset's to_wire() routine. N©r1r3r6rr!r r$)r(r#ZrrsetÚkwÚnrrrÚ add_rrset­s  "zRenderer.add_rrsetc KsN| |¡| ¡ |j||j|j|jf|Ž}W5QRX|j||7<dS)zÁAdd the rdataset to the specified section, using the specified name as the owner name. Any keyword arguments are passed on to the rdataset's to_wire() routine. Nr;)r(r#ÚnameZrdatasetr<r=rrrÚ add_rdataset¹s  $zRenderer.add_rdatasetc Csœ|rŒ|j}|dkst‚|d}|j ¡||}||}|rJd||}nd}t|jƒ} |  tj  tjj j |¡¡tj j  ||j| ¡}d|_| t|¡dS)aMAdd *opt* to the additional section, applying padding if desired. The padding will take the specified precomputed OPT size and TSIG size into account. Note that we don't have reliable way of knowing how big a GSS-TSIG digest might be, so we we might not get an even multiple of the pad in that case.é rróTN)ÚttlÚAssertionErrorrrÚlistÚoptionsr,r ÚednsZ GenericOptionZ OptionTypeZPADDINGÚmessageÚMessageÚ _make_optr9r'r>Ú ADDITIONAL) r(ÚoptÚpadZopt_sizeZ tsig_sizerCZ opt_rdataZsize_without_paddingÚ remainderrFrrrÚadd_optÆs  zRenderer.add_optcCs4|dM}||d>O}tjj |||¡}| |¡dS)z&Add an EDNS OPT record to the message.lÿ~éN)r rHrIrJrO)r(rGZ ednsflagsÚpayloadrFrLrrrÚadd_ednsÝs zRenderer.add_ednsc Cs~|j ¡} t|tjjƒr|} ntj |||¡} tjj ||d|d|||¡} tj  | | | dt t   ¡ƒ|¡\} } |  | |¡dS)z$Add a TSIG signature to the message.rrBN© rÚgetvalueÚ isinstancer ÚtsigÚKeyrHrIZ _make_tsigÚsignÚintÚtimeÚ _write_tsig) r(ÚkeynameÚsecretÚfudgerÚ tsig_errorÚ other_dataÚ request_macÚ algorithmÚsÚkeyrVÚ_rrrÚadd_tsigæs ÿ$zRenderer.add_tsigc Cs‚|j ¡} t|tjjƒr|} ntj ||| ¡} tjj || d|d|||¡} tj  | | | dt t   ¡ƒ||d¡\} }|  | |¡|S)ayAdd a TSIG signature to the message. Unlike add_tsig(), this can be used for a series of consecutive DNS envelopes, e.g. for a zone transfer over TCP [RFC2845, 4.4]. For the first message in the sequence, give ctx=None. For each subsequent message, give the ctx that was returned from the add_multi_tsig() call for the previous message.rrBTrS) r(Úctxr\r]r^rr_r`rarbrcrdrVrrrÚadd_multi_tsigÿs2 ÿ ÿ zRenderer.add_multi_tsigc CsÌ|jr d}n|j}| t¡| ¡\| |j||j¡|j t   dt j j t jjd¡¡t|jdƒ| |j¡W5QRXW5QRX|jtd7<| d¡ |j t   d|jt¡¡W5QRXdS)Nz!HHIrrré z!H)r'r!r1rKr3r6rr rr7r8r Z rdatatypeZTSIGÚ rdataclassÚANYrr$r5)r(rVr\r!rrrr["s  ÿ  zRenderer._write_tsigc CsT| d¡@|j t d|j|j|jd|jd|jd|jd¡¡W5QRXdS)z¾Write the DNS message header. Writing the DNS message header is done after all sections have been rendered, but before the optional TSIG signature is added. rz!HHHHHHrrrN)r5rrr7r8rrr$©r(rrrÚ write_header4s ùÿzRenderer.write_headercCs |j ¡S)zReturn the wire format message.)rrTrlrrrÚget_wireIszRenderer.get_wire)ÚsizeÚreturncCsB|dkrtdƒ‚||jkr"tdƒ‚|j|7_|j|8_dS)zReserve *size* bytes.rz$reserved amount must be non-negativez)cannot reserve more than the maximum sizeN)Ú ValueErrorrr&)r(rorrrÚreserveNs  zRenderer.reserve)rpcCs|j|j7_d|_dS)zRelease the reserved bytes.rN)rr&rlrrrÚrelease_reservedWszRenderer.release_reserved)NrrN)rrr)N)Ú__name__Ú __module__Ú __qualname__Ú__doc__r)r0r1Ú contextlibÚcontextmanagerr3r5r rjÚINr:r>r@rOrRrVZdefault_algorithmrfrhr[rmrnrYrrrsrrrrr5s,,       ÷ #ö # r)rwrxrrr7rZZ dns.exceptionr Zdns.tsigr"ZANSWERZ AUTHORITYrKryrrrrrrÚs