32 lines
1,017 B
Python
Executable file
32 lines
1,017 B
Python
Executable file
#!/usr/bin/python3
|
|
|
|
import json
|
|
import os
|
|
import re
|
|
import subprocess
|
|
|
|
|
|
path = os.path.dirname(os.path.abspath(__file__))
|
|
try:
|
|
with open(path + '/dnssec_domains.json') as dnssec_zones:
|
|
zones = json.load(dnssec_zones)
|
|
except:
|
|
zones = []
|
|
|
|
if __name__ == '__main__':
|
|
ds_records = {}
|
|
for zone in zones:
|
|
ds = subprocess.check_output(['drill', '-s', '@localhost', '-t', 'DNSKEY', zone]).decode('utf-8')
|
|
try:
|
|
m = re.search(r'id = (\d+) \(ksk\)', ds)
|
|
tag = m.group(1)
|
|
ds = ds.split('\n')
|
|
ds = ds[ds.index('; equivalent DS records for key ' + tag + ':')+2].split('\t')
|
|
except:
|
|
print('Unable to find ksk for', zone)
|
|
continue
|
|
ds[0] = ds[0][ds[0][2:].index(' ')+3:]
|
|
ds[-1:] = ds[-1].split(' ')
|
|
ds_records[zone] = {'subzone': ds[0], 'ttl': ds[1], 'id': ds[4], 'algo': ds[5], 'type': ds[6], 'fp': ds[7]}
|
|
with open('dnssec.json', 'w') as dnssec:
|
|
json.dump(ds_records, dnssec)
|