[main.py] Intègre la gestion du DNSSEC

2018-12-29 13:35:18 +01:00 · 2018-12-29 13:35:18 +01:00 · 0bcb71e5f1
commit 0bcb71e5f1
parent 5bdcde4a02
3 changed files with 53 additions and 64 deletions
--- a/knot.py
+++ b/knot.py
@ -0,0 +1,35 @@
+import json
+import os
+import subprocess
+
+
+def get_ds(zone, verbose=False):
+    if verbose:
+        print("Getting CDS of %s:" % (zone,))
+        print("/usr/sbin/knotc zone-read %s @ CDS" % (zone,))
+    try:
+        cdss = subprocess.check_output(['/usr/sbin/knotc', 'zone-read', zone, '@', 'CDS'])[:-1].decode('utf-8').split('\n')
+    except subprocess.CalledProcessError:
+        return []
+    dss = []
+    if verbose:
+        print("CDS of %s = %s" % (zone, cdss))
+    for cds in cdss:
+        ds = {}
+        try:
+            cds = cds.split(' ')
+            ds['subzone'] = cds[1]
+            ds['id'] = cds[4]
+            ds['algo'] = cds[5]
+            ds['type'] = cds[6]
+            ds['fp'] = cds[7]
+        except:
+            if verbose:
+                print('Unable to find ksk for', zone)
+            continue
+        ds['ttl'] = 172800
+        if verbose:
+            print("DS record of %s : %s" % (zone, ds))
+            print("\n\n")
+        dss.append(ds)
+    return dss