a àMÒeö+ã@sldZddlZddlZddlZddlZddlZddlZddlZdZ dZ dZ dZ ej dd„ƒZGdd „d ƒZdS) z*Help for building DNS wire format messageséNéééc cs”| d|¡| ¡}dV| ¡}||}|dkrzN| ||¡z| | |d¡¡Wntyttjj‚Yn0W| |¡n | |¡0dS)NórZbig)ÚwriteÚtellÚseekÚto_bytesÚ OverflowErrorÚdnsÚ exceptionÚ FormError)ÚoutputZ length_lengthÚstartÚendÚlength©rú0/usr/lib/python3.9/site-packages/dns/renderer.pyÚprefixed_length#s rc@sÐeZdZdZd)dd„Zdd„Zd d „Zejd d „ƒZ ejd d„ƒZ e j j fdd„Zdd„Zdd„Zd*dd„Zd+dd„Ze jjfdd„Ze jjfdd„Zdd„Zdd „Zd!d"„Zedd#œd$d%„Zdd&œd'd(„ZdS),ÚRendererašHelper class for building DNS wire-format messages. Most applications can use the higher-level L{dns.message.Message} class and its to_wire() method to generate wire-format messages. This class is for those applications which need finer control over the generation of messages. Typical use:: r = dns.renderer.Renderer(id=1, flags=0x80, max_size=512) r.add_question(qname, qtype, qclass) r.add_rrset(dns.renderer.ANSWER, rrset_1) r.add_rrset(dns.renderer.ANSWER, rrset_2) r.add_rrset(dns.renderer.AUTHORITY, ns_rrset) r.add_rrset(dns.renderer.ADDITIONAL, ad_rrset_1) r.add_rrset(dns.renderer.ADDITIONAL, ad_rrset_2) r.add_edns(0, 0, 4096) r.write_header() r.add_tsig(keyname, secret, 300, 1, 0, '', request_mac) wire = r.get_wire() If padding is going to be used, then the OPT record MUST be written after everything else in the additional section except for the TSIG (if any). output, an io.BytesIO, where rendering is written id: the message id flags: the message flags max_size: the maximum size of the message origin: the origin to use when rendering relative names compress: the compression table section: an int, the section currently being rendered counts: list of the number of RRs in each section mac: the MAC of the rendered message (if TSIG was used) NréÿÿcCsrt ¡|_|dur"t dd¡|_n||_||_||_||_i|_ t |_ gd¢|_ |j  d¡d|_d|_d|_dS)zInitialize a new renderer.Nrr)rrrrs ÚF)ÚioÚBytesIOrÚrandomZrandintÚidÚflagsÚmax_sizeÚoriginÚcompressÚQUESTIONÚsectionÚcountsrZmacÚreservedÚ was_padded)ÚselfrrrrrrrÚ__init__bs   zRenderer.__init__cCsV|j |¡|j ¡g}|j ¡D]\}}||kr$| |¡q$|D] }|j|=qDdS)z™Truncate the output buffer at offset *where*, and remove any compression table entries that pointed beyond the truncation point. N)rrÚtruncaterÚitemsÚappend)r%ÚwhereZkeys_to_deleteÚkÚvrrrÚ _rollbackus   zRenderer._rollbackcCs&|j|kr"|j|krtjj‚||_dS)aSet the renderer's current section. Sections must be rendered order: QUESTION, ANSWER, AUTHORITY, ADDITIONAL. Sections may be empty. Raises dns.exception.FormError if an attempt was made to set a section value less than the current section. N)r!r r r )r%r!rrrÚ _set_section„s  zRenderer._set_sectionccs6|j ¡}|V|j ¡|jkr2| |¡tjj‚dS©N)rrrr-r r ZTooBig)r%rrrrÚ _track_size“s   zRenderer._track_sizec cs@|j ¡}z"|j |¡dVW|j |¡n|j |¡0dSr/)rrr)r%r*ÚcurrentrrrÚ_temporarily_seek_to›s   zRenderer._temporarily_seek_tocCsr| t¡| ¡:| |j|j|j¡|j t  d||¡¡Wdƒn1sR0Y|j td7<dS)zAdd a question to the message.z!HHNr) r.r r0Úto_wirerrrrÚstructÚpackr")r%ZqnameZrdtypeÚrdclassrrrÚ add_question¤s   4zRenderer.add_questioncKsd| |¡| ¡,|j|j|j|jfi|¤Ž}Wdƒn1sD0Y|j||7<dS)zŠAdd the rrset to the specified section. Any keyword arguments are passed on to the rdataset's to_wire() routine. N©r.r0r3rrrr")r%r!ZrrsetÚkwÚnrrrÚ add_rrset­s  :zRenderer.add_rrsetcKsf| |¡| ¡.|j||j|j|jfi|¤Ž}Wdƒn1sF0Y|j||7<dS)zÁAdd the rdataset to the specified section, using the specified name as the owner name. Any keyword arguments are passed on to the rdataset's to_wire() routine. Nr8)r%r!ÚnameZrdatasetr9r:rrrÚ add_rdataset¹s  <zRenderer.add_rdatasetc Cs|r€|j}|d}|j ¡||}||}|r>d||}nd}t|jƒ} |  tj tjj j |¡¡tj j   ||j| ¡}d|_| t|¡dS)aMAdd *opt* to the additional section, applying padding if desired. The padding will take the specified precomputed OPT size and TSIG size into account. Note that we don't have reliable way of knowing how big a GSS-TSIG digest might be, so we we might not get an even multiple of the pad in that case.rróTN)ÚttlrrÚlistÚoptionsr)r ÚednsZ GenericOptionZ OptionTypeZPADDINGÚmessageÚMessageÚ _make_optr6r$r;Ú ADDITIONAL) r%ÚoptZpadZopt_sizeZ tsig_sizer?Z opt_rdataZsize_without_paddingZ remainderrArrrÚadd_optÆs zRenderer.add_optcCs4|dM}||d>O}tjj |||¡}| |¡dS)z&Add an EDNS OPT record to the message.lÿ~éN)r rCrDrErH)r%rBZ ednsflagsZpayloadrArGrrrÚadd_ednsÝs zRenderer.add_ednsc Cs~|j ¡} t|tjjƒr|} ntj |||¡} tjj ||d|d|||¡} tj  | | | dt t   ¡ƒ|¡\} } |  | |¡dS)z$Add a TSIG signature to the message.rr>N© rÚgetvalueÚ isinstancer ÚtsigZKeyrCrDZ _make_tsigÚsignÚintÚtimeÚ _write_tsig) r%ÚkeynameÚsecretÚfudgerÚ tsig_errorÚ other_dataÚ request_macÚ algorithmÚsÚkeyrNÚ_rrrÚadd_tsigæs ÿ$zRenderer.add_tsigc Cs‚|j ¡} t|tjjƒr|} ntj ||| ¡} tjj || d|d|||¡} tj  | | | dt t   ¡ƒ||d¡\} }|  | |¡|S)ayAdd a TSIG signature to the message. Unlike add_tsig(), this can be used for a series of consecutive DNS envelopes, e.g. for a zone transfer over TCP [RFC2845, 4.4]. For the first message in the sequence, give ctx=None. For each subsequent message, give the ctx that was returned from the add_multi_tsig() call for the previous message.rr>TrK) r%ÚctxrSrTrUrrVrWrXrYrZr[rNrrrÚadd_multi_tsigÿs ÿÿ zRenderer.add_multi_tsigc Cs|jr d}n|j}| t¡| ¡z| |j||j¡|j t   dt j j t jjd¡¡t|jdƒ| |j¡Wdƒn1s†0YWdƒn1s¤0Y|jtd7<| d¡*|j t   d|jt¡¡Wdƒn1sú0YdS)Nz!HHIrrré z!H)r$rr.rFr0r3rrrr4r5r Z rdatatypeZTSIGÚ rdataclassÚANYrr"r2)r%rNrSrrrrrR"s  ÿH zRenderer._write_tsigc Csh| d¡J|j t d|j|j|jd|jd|jd|jd¡¡Wdƒn1sZ0YdS)z¾Write the DNS message header. Writing the DNS message header is done after all sections have been rendered, but before the optional TSIG signature is added. rz!HHHHHHrrrN)r2rrr4r5rrr"©r%rrrÚ write_header4s ùÿzRenderer.write_headercCs |j ¡S)zReturn the wire format message.)rrLrcrrrÚget_wireIszRenderer.get_wire)ÚsizeÚreturncCsB|dkrtdƒ‚||jkr"tdƒ‚|j|7_|j|8_dS)zReserve *size* bytes.rz$reserved amount must be non-negativez)cannot reserve more than the maximum sizeN)Ú ValueErrorrr#)r%rfrrrÚreserveNs  zRenderer.reserve)rgcCs|j|j7_d|_dS)zRelease the reserved bytes.rN)rr#rcrrrÚrelease_reservedWszRenderer.release_reserved)NrrN)rrr)N)Ú__name__Ú __module__Ú __qualname__Ú__doc__r&r-r.Ú contextlibÚcontextmanagerr0r2r raÚINr7r;r=rHrJrNZdefault_algorithmr]r_rRrdrerPrirjrrrrr5s,,       ÷ #ö # r)rnrorrr4rQZ dns.exceptionr Zdns.tsigr ZANSWERZ AUTHORITYrFrprrrrrrÚs