1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
.. _example_examine:
DNSSEC validator
================
This example program performs DNSSEC validation of a DNS lookup.
Source code
-----------
::
#!/usr/bin/python
import os
from unbound import ub_ctx,RR_TYPE_A,RR_CLASS_IN
ctx = ub_ctx()
ctx.resolvconf("/etc/resolv.conf")
if (os.path.isfile("keys")):
ctx.add_ta_file("keys") #read public keys for DNSSEC verification
status, result = ctx.resolve("www.nic.cz", RR_TYPE_A, RR_CLASS_IN)
if status == 0 and result.havedata:
print "Result:", result.data.address_list
if result.secure:
print "Result is secure"
elif result.bogus:
print "Result is bogus"
else:
print "Result is insecure"
More detailed information can be seen in libUnbound DNSSEC tutorial `here`_.
.. _here: http://www.unbound.net/documentation/libunbound-tutorial-6.html
|
