summaryrefslogtreecommitdiff
path: root/contrib/python/ldns_dnssec.i
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/python/ldns_dnssec.i')
-rw-r--r--contrib/python/ldns_dnssec.i457
1 files changed, 457 insertions, 0 deletions
diff --git a/contrib/python/ldns_dnssec.i b/contrib/python/ldns_dnssec.i
new file mode 100644
index 0000000..3c29bb4
--- /dev/null
+++ b/contrib/python/ldns_dnssec.i
@@ -0,0 +1,457 @@
+/******************************************************************************
+ * ldns_dnssec.i: DNSSEC zone, name, rrs
+ *
+ * Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
+ * Karel Slany (slany AT fit.vutbr.cz)
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * * Neither the name of the organization nor the names of its
+ * contributors may be used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ ******************************************************************************/
+%nodefaultctor ldns_dnssec_rrs; //no default constructor & destructor
+%nodefaultdtor ldns_dnssec_rrs;
+
+%newobject ldns_dnssec_rrs_new;
+%delobject ldns_dnssec_rrs_free;
+
+%extend ldns_dnssec_rrs {
+ %pythoncode %{
+
+ def __init__(self):
+ """Creates a new entry for 1 pointer to an rr and 1 pointer to the next rrs.
+
+ :returns: (ldns_dnssec_rrs) the allocated data
+ """
+ self.this = _ldns.ldns_dnssec_rrs_new()
+ if not self.this:
+ raise Exception("Can't create rrs instance")
+
+ __swig_destroy__ = _ldns.ldns_dnssec_rrs_free
+
+ #LDNS_DNSSEC_RRS_METHODS_#
+ def add_rr(self,rr):
+ """Adds an RR to the list of RRs.
+
+ The list will remain ordered
+
+ :param rr:
+ the RR to add
+ :returns: (ldns_status) LDNS_STATUS_OK on success
+ """
+ return _ldns.ldns_dnssec_rrs_add_rr(self,rr)
+ #parameters: ldns_dnssec_rrs *,ldns_rr *,
+ #retvals: ldns_status
+ #_LDNS_DNSSEC_RRS_METHODS#
+ %}
+}
+
+// ================================================================================
+// DNNSEC RRS
+// ================================================================================
+%nodefaultctor ldns_dnssec_rrsets; //no default constructor & destructor
+%nodefaultdtor ldns_dnssec_rrsets;
+
+%newobject ldns_dnssec_rrsets_new;
+%delobject ldns_dnssec_rrsets_free;
+
+%extend ldns_dnssec_rrsets {
+ %pythoncode %{
+ def __init__(self):
+ """Creates a new list (entry) of RRsets.
+
+ :returns: (ldns_dnssec_rrsets \*) instance
+ """
+ self.this = _ldns.ldns_dnssec_rrsets_new()
+ if not self.this:
+ raise Exception("Can't create rrsets instance")
+
+ __swig_destroy__ = _ldns.ldns_dnssec_rrsets_free
+
+ def print_to_file(self, file, follow):
+ """Print the given list of rrsets to the given file descriptor.
+
+ :param file: file pointer
+ :param follow: if set to false, only print the first RRset
+ """
+ _ldns.ldns_dnssec_rrsets_print(file,self,follow)
+ #parameters: FILE *,ldns_dnssec_rrsets *,bool,
+ #retvals:
+
+ #LDNS_DNSSEC_RRSETS_METHODS_#
+ def add_rr(self,rr):
+ """Add an ldns_rr to the corresponding RRset in the given list of RRsets.
+
+ If it is not present, add it as a new RRset with 1 record.
+
+ :param rr:
+ the rr to add to the list of rrsets
+ :returns: (ldns_status) LDNS_STATUS_OK on success
+ """
+ return _ldns.ldns_dnssec_rrsets_add_rr(self,rr)
+ #parameters: ldns_dnssec_rrsets *,ldns_rr *,
+ #retvals: ldns_status
+
+ def set_type(self,atype):
+ """Sets the RR type of the rrset (that is head of the given list).
+
+ :param atype:
+ :returns: (ldns_status) LDNS_STATUS_OK on success
+ """
+ return _ldns.ldns_dnssec_rrsets_set_type(self,atype)
+ #parameters: ldns_dnssec_rrsets *,ldns_rr_type,
+ #retvals: ldns_status
+
+ def type(self):
+ """Returns the rr type of the rrset (that is head of the given list).
+
+ :returns: (ldns_rr_type) the rr type
+ """
+ return _ldns.ldns_dnssec_rrsets_type(self)
+ #parameters: ldns_dnssec_rrsets *,
+ #retvals: ldns_rr_type
+ #_LDNS_DNSSEC_RRSETS_METHODS#
+ %}
+}
+
+// ================================================================================
+// DNNSEC NAME
+// ================================================================================
+%nodefaultctor ldns_dnssec_name; //no default constructor & destructor
+%nodefaultdtor ldns_dnssec_name;
+
+%newobject ldns_dnssec_name_new;
+%delobject ldns_dnssec_name_free;
+
+%extend ldns_dnssec_name {
+ %pythoncode %{
+ def __init__(self):
+ """Create a new instance of dnssec name."""
+ self.this = _ldns.ldns_dnssec_name_new()
+ if not self.this:
+ raise Exception("Can't create dnssec name instance")
+
+ __swig_destroy__ = _ldns.ldns_dnssec_name_free
+
+ def print_to_file(self,file):
+ """Prints the RRs in the dnssec name structure to the given file descriptor.
+
+ :param file: file pointer
+ """
+ _ldns.ldns_dnssec_name_print(file, self)
+ #parameters: FILE *,ldns_dnssec_name *,
+
+ @staticmethod
+ def new_frm_rr(raiseException=True):
+ """Create a new instace of dnssec name for the given RR.
+
+ :returns: (ldns_dnssec_name) instance
+ """
+ name = _ldns.ldns_dnssec_name_new_frm_rr(self)
+ if (not name) and (raiseException):
+ raise Exception("Can't create dnssec name")
+ return name
+
+ #LDNS_DNSSEC_NAME_METHODS_#
+ def add_rr(self,rr):
+ """Inserts the given rr at the right place in the current dnssec_name No checking is done whether the name matches.
+
+ :param rr:
+ The RR to add
+ :returns: (ldns_status) LDNS_STATUS_OK on success, error code otherwise
+ """
+ return _ldns.ldns_dnssec_name_add_rr(self,rr)
+ #parameters: ldns_dnssec_name *,ldns_rr *,
+ #retvals: ldns_status
+
+ def find_rrset(self,atype):
+ """Find the RRset with the given type in within this name structure.
+
+ :param atype:
+ :returns: (ldns_dnssec_rrsets \*) the RRset, or NULL if not present
+ """
+ return _ldns.ldns_dnssec_name_find_rrset(self,atype)
+ #parameters: ldns_dnssec_name *,ldns_rr_type,
+ #retvals: ldns_dnssec_rrsets *
+
+ def name(self):
+ """Returns the domain name of the given dnssec_name structure.
+
+ :returns: (ldns_rdf \*) the domain name
+ """
+ return _ldns.ldns_dnssec_name_name(self)
+ #parameters: ldns_dnssec_name *,
+ #retvals: ldns_rdf *
+
+ def set_name(self,dname):
+ """Sets the domain name of the given dnssec_name structure.
+
+ :param dname:
+ the domain name to set it to. This data is *not* copied.
+ """
+ _ldns.ldns_dnssec_name_set_name(self,dname)
+ #parameters: ldns_dnssec_name *,ldns_rdf *,
+ #retvals:
+
+ def set_nsec(self,nsec):
+ """Sets the NSEC(3) RR of the given dnssec_name structure.
+
+ :param nsec:
+ the nsec rr to set it to. This data is *not* copied.
+ """
+ _ldns.ldns_dnssec_name_set_nsec(self,nsec)
+ #parameters: ldns_dnssec_name *,ldns_rr *,
+ #retvals:
+ #_LDNS_DNSSEC_NAME_METHODS#
+ %}
+}
+
+// ================================================================================
+// DNNSEC ZONE
+// ================================================================================
+%nodefaultctor ldns_dnssec_zone; //no default constructor & destructor
+%nodefaultdtor ldns_dnssec_zone;
+
+%newobject ldns_dnssec_zone_new;
+%delobject ldns_dnssec_zone_free;
+
+%inline %{
+ldns_status ldns_dnssec_zone_sign_defcb(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int cbtype)
+{
+ if (cbtype == 0)
+ return ldns_dnssec_zone_sign(zone, new_rrs, key_list, ldns_dnssec_default_add_to_signatures, NULL);
+ if (cbtype == 1)
+ return ldns_dnssec_zone_sign(zone, new_rrs, key_list, ldns_dnssec_default_leave_signatures, NULL);
+ if (cbtype == 2)
+ return ldns_dnssec_zone_sign(zone, new_rrs, key_list, ldns_dnssec_default_delete_signatures, NULL);
+
+ return ldns_dnssec_zone_sign(zone, new_rrs, key_list, ldns_dnssec_default_replace_signatures, NULL);
+}
+
+ldns_status ldns_dnssec_zone_add_rr_(ldns_dnssec_zone *zone, ldns_rr *rr)
+{
+ ldns_rr *new_rr;
+ ldns_status status;
+
+ new_rr = ldns_rr_clone(rr);
+
+ /*
+ * A clone of the RR is created to be stored in the DNSSEC zone.
+ * The Python engine frees a RR object as soon it's reference count
+ * reaches zero. The code must avoid double freeing or accessing of freed
+ * memory.
+ */
+
+ status = ldns_dnssec_zone_add_rr(zone, new_rr);
+
+ if (status != LDNS_STATUS_OK) {
+ ldns_rr_free(new_rr);
+ }
+
+ return status;
+}
+%}
+
+%extend ldns_dnssec_zone {
+ %pythoncode %{
+
+ def __init__(self):
+ """Creates a new dnssec_zone instance"""
+ self.this = _ldns.ldns_dnssec_zone_new()
+ if not self.this:
+ raise Exception("Can't create dnssec zone instance")
+
+ __swig_destroy__ = _ldns.ldns_dnssec_zone_free
+
+ def print_to_file(self,file):
+ """Prints the complete zone to the given file descriptor.
+
+ :param file: file pointer
+ """
+ _ldns.ldns_dnssec_zone_print(file, self)
+ #parameters: FILE *, ldns_dnssec_zone *,
+ #retvals:
+
+ def create_nsec3s(self,new_rrs,algorithm,flags,iterations,salt_length,salt):
+ """Adds NSEC3 records to the zone.
+
+ :param new_rrs:
+ :param algorithm:
+ :param flags:
+ :param iterations:
+ :param salt_length:
+ :param salt:
+ :returns: (ldns_status)
+ """
+ return _ldns.ldns_dnssec_zone_create_nsec3s(self,new_rrs,algorithm,flags,iterations,salt_length,salt)
+ #parameters: ldns_dnssec_zone *,ldns_rr_list *,uint8_t,uint8_t,uint16_t,uint8_t,uint8_t *,
+ #retvals: ldns_status
+
+ def create_nsecs(self,new_rrs):
+ """Adds NSEC records to the given dnssec_zone.
+
+ :param new_rrs:
+ ldns_rr's created by this function are added to this rr list, so the caller can free them later
+ :returns: (ldns_status) LDNS_STATUS_OK on success, an error code otherwise
+ """
+ return _ldns.ldns_dnssec_zone_create_nsecs(self,new_rrs)
+ #parameters: ldns_dnssec_zone *,ldns_rr_list *,
+ #retvals: ldns_status
+
+ def create_rrsigs(self,new_rrs,key_list,func,arg):
+ """Adds signatures to the zone.
+
+ :param new_rrs:
+ the RRSIG RRs that are created are also added to this list, so the caller can free them later
+ :param key_list:
+ list of keys to sign with.
+ :param func:
+ Callback function to decide what keys to use and what to do with old signatures
+ :param arg:
+ Optional argument for the callback function
+ :returns: (ldns_status) LDNS_STATUS_OK on success, error otherwise
+ """
+ return _ldns.ldns_dnssec_zone_create_rrsigs(self,new_rrs,key_list,func,arg)
+ #parameters: ldns_dnssec_zone *,ldns_rr_list *,ldns_key_list *,int(*)(ldns_rr *, void *),void *,
+ #retvals: ldns_status
+
+ def sign_cb(self,new_rrs,key_list,func,arg):
+ """signs the given zone with the given keys (with callback function)
+
+ :param new_rrs:
+ newly created resource records are added to this list, to free them later
+ :param key_list:
+ the list of keys to sign the zone with
+ :param func:
+ callback function that decides what to do with old signatures.
+ This function takes an ldns_rr and an optional arg argument, and returns one of four values:
+
+ * LDNS_SIGNATURE_LEAVE_ADD_NEW - leave the signature and add a new one for the corresponding key
+
+ * LDNS_SIGNATURE_REMOVE_ADD_NEW - remove the signature and replace is with a new one from the same key
+
+ * LDNS_SIGNATURE_LEAVE_NO_ADD - leave the signature and do not add a new one with the corresponding key
+
+ * LDNS_SIGNATURE_REMOVE_NO_ADD - remove the signature and do not replace
+
+ :param arg:
+ optional argument for the callback function
+ :returns: (ldns_status) LDNS_STATUS_OK on success, an error code otherwise
+ """
+ return _ldns.ldns_dnssec_zone_sign(self,new_rrs,key_list,func,arg)
+ #parameters: ldns_dnssec_zone *,ldns_rr_list *,ldns_key_list *,int(*)(ldns_rr *, void *),void *,
+ #retvals: ldns_status
+
+ def sign(self,new_rrs,key_list, cbtype=3):
+ """signs the given zone with the given keys
+
+ :param new_rrs:
+ newly created resource records are added to this list, to free them later
+ :param key_list:
+ the list of keys to sign the zone with
+ :param cb_type:
+ specifies how to deal with old signatures, possible values:
+
+ * 0 - ldns_dnssec_default_add_to_signatures,
+
+ * 1 - ldns_dnssec_default_leave_signatures,
+
+ * 2 - ldns_dnssec_default_delete_signatures,
+
+ * 3 - ldns_dnssec_default_replace_signatures
+
+ :returns: (ldns_status) LDNS_STATUS_OK on success, an error code otherwise
+ """
+ return _ldns.ldns_dnssec_zone_sign_defcb(self,new_rrs,key_list, cbtype)
+ #parameters: ldns_dnssec_zone *,ldns_rr_list *,ldns_key_list *,
+ #retvals: ldns_status
+
+ def sign_nsec3(self,new_rrs,key_list,func,arg,algorithm,flags,iterations,salt_length,salt):
+ """signs the given zone with the given new zone, with NSEC3
+
+ :param new_rrs:
+ newly created resource records are added to this list, to free them later
+ :param key_list:
+ the list of keys to sign the zone with
+ :param func:
+ callback function that decides what to do with old signatures
+ :param arg:
+ optional argument for the callback function
+ :param algorithm:
+ the NSEC3 hashing algorithm to use
+ :param flags:
+ NSEC3 flags
+ :param iterations:
+ the number of NSEC3 hash iterations to use
+ :param salt_length:
+ the length (in octets) of the NSEC3 salt
+ :param salt:
+ the NSEC3 salt data
+ :returns: (ldns_status) LDNS_STATUS_OK on success, an error code otherwise
+ """
+ return _ldns.ldns_dnssec_zone_sign_nsec3(self,new_rrs,key_list,func,arg,algorithm,flags,iterations,salt_length,salt)
+ #parameters: ldns_dnssec_zone *,ldns_rr_list *,ldns_key_list *,int(*)(ldns_rr *, void *),void *,uint8_t,uint8_t,uint16_t,uint8_t,uint8_t *,
+ #retvals: ldns_status
+
+ #LDNS_DNSSEC_ZONE_METHODS_#
+ def add_empty_nonterminals(self):
+ """Adds explicit dnssec_name structures for the empty nonterminals in this zone.
+
+ (this is needed for NSEC3 generation)
+
+ :returns: (ldns_status)
+ """
+ return _ldns.ldns_dnssec_zone_add_empty_nonterminals(self)
+ #parameters: ldns_dnssec_zone *,
+ #retvals: ldns_status
+
+ def add_rr(self,rr):
+ """Adds the given RR to the zone.
+
+ It find whether there is a dnssec_name with that name present.
+ If so, add it to that, if not create a new one.
+ Special handling of NSEC and RRSIG provided.
+
+ :param rr:
+ The RR to add
+ :returns: (ldns_status) LDNS_STATUS_OK on success, an error code otherwise
+ """
+ return _ldns.ldns_dnssec_zone_add_rr_(self,rr)
+ #parameters: ldns_dnssec_zone *,ldns_rr *,
+ #retvals: ldns_status
+
+ def find_rrset(self,dname,atype):
+ """Find the RRset with the given name and type in the zone.
+
+ :param dname:
+ the domain name of the RRset to find
+ :param atype:
+ :returns: (ldns_dnssec_rrsets \*) the RRset, or NULL if not present
+ """
+ return _ldns.ldns_dnssec_zone_find_rrset(self,dname,atype)
+ #parameters: ldns_dnssec_zone *,ldns_rdf *,ldns_rr_type,
+ #retvals: ldns_dnssec_rrsets *
+
+ #_LDNS_DNSSEC_ZONE_METHODS#
+ %}
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-09 21:37:29 +0000