Current Path: > > opt > hc_python > > > lib64 > python3.12 > site-packages > dns
Operation : Linux premium131.web-hosting.com 4.18.0-553.44.1.lve.el8.x86_64 #1 SMP Thu Mar 13 14:29:12 UTC 2025 x86_64 Software : Apache Server IP : 162.0.232.56 | Your IP: 216.73.216.111 Domains : 1034 Domain(s) Permission : [ 0755 ]
| Name | Type | Size | Last Modified | Actions |
|---|---|---|---|---|
| __pycache__ | Directory | - | - | |
| dnssecalgs | Directory | - | - | |
| quic | Directory | - | - | |
| rdtypes | Directory | - | - | |
| __init__.py | File | 1663 bytes | April 04 2025 08:02:26. | |
| _asyncbackend.py | File | 2396 bytes | April 04 2025 08:02:26. | |
| _asyncio_backend.py | File | 9051 bytes | April 04 2025 08:02:26. | |
| _ddr.py | File | 5247 bytes | April 04 2025 08:02:26. | |
| _features.py | File | 2492 bytes | April 04 2025 08:02:26. | |
| _immutable_ctx.py | File | 2459 bytes | April 04 2025 08:02:26. | |
| _trio_backend.py | File | 8473 bytes | April 04 2025 08:02:26. | |
| asyncbackend.py | File | 2796 bytes | April 04 2025 08:02:26. | |
| asyncquery.py | File | 30821 bytes | April 04 2025 08:02:26. | |
| asyncresolver.py | File | 17852 bytes | April 04 2025 08:02:26. | |
| dnssec.py | File | 41717 bytes | April 04 2025 08:02:26. | |
| dnssectypes.py | File | 1799 bytes | April 04 2025 08:02:26. | |
| e164.py | File | 3978 bytes | April 04 2025 08:02:26. | |
| edns.py | File | 17089 bytes | April 04 2025 08:02:26. | |
| entropy.py | File | 4242 bytes | April 04 2025 08:02:26. | |
| enum.py | File | 3691 bytes | April 04 2025 08:02:26. | |
| exception.py | File | 5953 bytes | April 04 2025 08:02:26. | |
| flags.py | File | 2750 bytes | April 04 2025 08:02:26. | |
| grange.py | File | 2144 bytes | April 04 2025 08:02:26. | |
| immutable.py | File | 2017 bytes | April 04 2025 08:02:26. | |
| inet.py | File | 5772 bytes | April 04 2025 08:02:26. | |
| ipv4.py | File | 2552 bytes | April 04 2025 08:02:26. | |
| ipv6.py | File | 6554 bytes | April 04 2025 08:02:26. | |
| message.py | File | 68185 bytes | April 04 2025 08:02:26. | |
| name.py | File | 42778 bytes | April 04 2025 08:02:26. | |
| namedict.py | File | 4000 bytes | April 04 2025 08:02:26. | |
| nameserver.py | File | 10115 bytes | April 04 2025 08:02:26. | |
| node.py | File | 12663 bytes | April 04 2025 08:02:26. | |
| opcode.py | File | 2730 bytes | April 04 2025 08:02:26. | |
| py.typed | File | 0 bytes | April 04 2025 08:02:26. | |
| query.py | File | 56298 bytes | April 04 2025 08:02:26. | |
| rcode.py | File | 4156 bytes | April 04 2025 08:02:26. | |
| rdata.py | File | 31022 bytes | April 04 2025 08:02:26. | |
| rdataclass.py | File | 2984 bytes | April 04 2025 08:02:26. | |
| rdataset.py | File | 16664 bytes | April 04 2025 08:02:26. | |
| rdatatype.py | File | 7448 bytes | April 04 2025 08:02:26. | |
| renderer.py | File | 11254 bytes | April 04 2025 08:02:26. | |
| resolver.py | File | 73730 bytes | April 04 2025 08:02:26. | |
| reversename.py | File | 3828 bytes | April 04 2025 08:02:26. | |
| rrset.py | File | 9170 bytes | April 04 2025 08:02:26. | |
| serial.py | File | 3606 bytes | April 04 2025 08:02:26. | |
| set.py | File | 9213 bytes | April 04 2025 08:02:26. | |
| tokenizer.py | File | 23583 bytes | April 04 2025 08:02:26. | |
| transaction.py | File | 22589 bytes | April 04 2025 08:02:26. | |
| tsig.py | File | 11413 bytes | April 04 2025 08:02:26. | |
| tsigkeyring.py | File | 2633 bytes | April 04 2025 08:02:26. | |
| ttl.py | File | 2977 bytes | April 04 2025 08:02:26. | |
| update.py | File | 12243 bytes | April 04 2025 08:02:26. | |
| version.py | File | 1926 bytes | April 04 2025 08:02:26. | |
| versioned.py | File | 11765 bytes | April 04 2025 08:02:26. | |
| win32util.py | File | 8874 bytes | April 04 2025 08:02:26. | |
| wire.py | File | 2830 bytes | April 04 2025 08:02:26. | |
| xfr.py | File | 13271 bytes | April 04 2025 08:02:26. | |
| zone.py | File | 52086 bytes | April 04 2025 08:02:26. | |
| zonefile.py | File | 27926 bytes | April 04 2025 08:02:26. | |
| zonetypes.py | File | 690 bytes | April 04 2025 08:02:26. |
# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
#
# Support for Discovery of Designated Resolvers
import socket
import time
from urllib.parse import urlparse
import dns.asyncbackend
import dns.inet
import dns.name
import dns.nameserver
import dns.query
import dns.rdtypes.svcbbase
# The special name of the local resolver when using DDR
_local_resolver_name = dns.name.from_text("_dns.resolver.arpa")
#
# Processing is split up into I/O independent and I/O dependent parts to
# make supporting sync and async versions easy.
#
class _SVCBInfo:
def __init__(self, bootstrap_address, port, hostname, nameservers):
self.bootstrap_address = bootstrap_address
self.port = port
self.hostname = hostname
self.nameservers = nameservers
def ddr_check_certificate(self, cert):
"""Verify that the _SVCBInfo's address is in the cert's subjectAltName (SAN)"""
for name, value in cert["subjectAltName"]:
if name == "IP Address" and value == self.bootstrap_address:
return True
return False
def make_tls_context(self):
ssl = dns.query.ssl
ctx = ssl.create_default_context()
ctx.minimum_version = ssl.TLSVersion.TLSv1_2
return ctx
def ddr_tls_check_sync(self, lifetime):
ctx = self.make_tls_context()
expiration = time.time() + lifetime
with socket.create_connection(
(self.bootstrap_address, self.port), lifetime
) as s:
with ctx.wrap_socket(s, server_hostname=self.hostname) as ts:
ts.settimeout(dns.query._remaining(expiration))
ts.do_handshake()
cert = ts.getpeercert()
return self.ddr_check_certificate(cert)
async def ddr_tls_check_async(self, lifetime, backend=None):
if backend is None:
backend = dns.asyncbackend.get_default_backend()
ctx = self.make_tls_context()
expiration = time.time() + lifetime
async with await backend.make_socket(
dns.inet.af_for_address(self.bootstrap_address),
socket.SOCK_STREAM,
0,
None,
(self.bootstrap_address, self.port),
lifetime,
ctx,
self.hostname,
) as ts:
cert = await ts.getpeercert(dns.query._remaining(expiration))
return self.ddr_check_certificate(cert)
def _extract_nameservers_from_svcb(answer):
bootstrap_address = answer.nameserver
if not dns.inet.is_address(bootstrap_address):
return []
infos = []
for rr in answer.rrset.processing_order():
nameservers = []
param = rr.params.get(dns.rdtypes.svcbbase.ParamKey.ALPN)
if param is None:
continue
alpns = set(param.ids)
host = rr.target.to_text(omit_final_dot=True)
port = None
param = rr.params.get(dns.rdtypes.svcbbase.ParamKey.PORT)
if param is not None:
port = param.port
# For now we ignore address hints and address resolution and always use the
# bootstrap address
if b"h2" in alpns:
param = rr.params.get(dns.rdtypes.svcbbase.ParamKey.DOHPATH)
if param is None or not param.value.endswith(b"{?dns}"):
continue
path = param.value[:-6].decode()
if not path.startswith("/"):
path = "/" + path
if port is None:
port = 443
url = f"https://{host}:{port}{path}"
# check the URL
try:
urlparse(url)
nameservers.append(dns.nameserver.DoHNameserver(url, bootstrap_address))
except Exception:
# continue processing other ALPN types
pass
if b"dot" in alpns:
if port is None:
port = 853
nameservers.append(
dns.nameserver.DoTNameserver(bootstrap_address, port, host)
)
if b"doq" in alpns:
if port is None:
port = 853
nameservers.append(
dns.nameserver.DoQNameserver(bootstrap_address, port, True, host)
)
if len(nameservers) > 0:
infos.append(_SVCBInfo(bootstrap_address, port, host, nameservers))
return infos
def _get_nameservers_sync(answer, lifetime):
"""Return a list of TLS-validated resolver nameservers extracted from an SVCB
answer."""
nameservers = []
infos = _extract_nameservers_from_svcb(answer)
for info in infos:
try:
if info.ddr_tls_check_sync(lifetime):
nameservers.extend(info.nameservers)
except Exception:
pass
return nameservers
async def _get_nameservers_async(answer, lifetime):
"""Return a list of TLS-validated resolver nameservers extracted from an SVCB
answer."""
nameservers = []
infos = _extract_nameservers_from_svcb(answer)
for info in infos:
try:
if await info.ddr_tls_check_async(lifetime):
nameservers.extend(info.nameservers)
except Exception:
pass
return nameservers
SILENT KILLER Tool