Class: AuthDnsCheck::Client

Inherits:

Object

• Object
• AuthDnsCheck::Client

Defined in:

lib/auth_dns_check/client.rb

Overview

TODO:

IPv6 not supported

Client for performing authoritative DNS checks

Constant Summary

DEFAULT_TYPES =

Default record types for checks like all?

["A"]

Instance Attribute Summary

• #default ⇒ Object readonly

  default resolver for finding authoritative name servers.

• #overrides ⇒ Object readonly

  authoritative name server overrides.

Instance Method Summary

• #all?(fqdn, types: DEFAULT_TYPES) ⇒ Boolean

  Check authoritative agreement for a name.

• #has_ip?(fqdn, ip) ⇒ Boolean

  Check authoritative agreement for the specific address for a name.

• #initialize(overrides: {}, default: Resolv::DNS.new("/etc/resolv.conf")) ⇒ Client constructor

  Initialize a new Client.

Constructor Details

#initialize(overrides: {}, default: Resolv::DNS.new("/etc/resolv.conf")) ⇒ Client

Initialize a new Client

Parameters:

• overrides (Hash<String,Array<Resolv::DNS>>) (defaults to: {}) —

  authoritative name server overrides. Maps domain names to lists of name servers that should override those published for the domain. The special domain name Symbol :default may list the name servers that should override any other domain.

• default (Resolv::DNS) (defaults to: Resolv::DNS.new("/etc/resolv.conf")) —

  default resolver for finding authoritative name servers. Note that this is not the same as overrides[:default].

# File 'lib/auth_dns_check/client.rb', line 24

def initialize(overrides: {}, default: Resolv::DNS.new("/etc/resolv.conf"))
  @overrides = overrides
  @default = default
end

Instance Attribute Details

#default ⇒ Object (readonly)

default resolver for finding authoritative name servers

# File 'lib/auth_dns_check/client.rb', line 15

def default
  @default
end

#overrides ⇒ Object (readonly)

authoritative name server overrides

# File 'lib/auth_dns_check/client.rb', line 12

def overrides
  @overrides
end

Instance Method Details

#all?(fqdn, types: DEFAULT_TYPES) ⇒ Boolean

TODO:

Records of types other than A not yet supported

Check authoritative agreement for a name

Parameters:

• fqdn (String) —

  the name to check

Returns:

• (Boolean) —

  whether all authoritative agree that fqdn has the same non-empty set of records

Raises:

• (Error) —

  if authoritative name servers could not be found

# File 'lib/auth_dns_check/client.rb', line 35

def all?(fqdn, types: DEFAULT_TYPES)
  non_empty_set = false
  types.all? { |type|
    resources = get_resources(fqdn, type: type)
    resources.all? do |x|
      non_empty_set = true unless x.empty?
      x == resources.first
    end
  } && non_empty_set
end

#has_ip?(fqdn, ip) ⇒ Boolean

Check authoritative agreement for the specific address for a name

Parameters:

• fqdn (String) —

  the name to check

• ip (String) —

  the expected address

Returns:

• (Boolean) —

  whether all authoritative name servers agree that the only address of name is ip

Raises:

• (Error) —

  if authoritative name servers could not be found

# File 'lib/auth_dns_check/client.rb', line 52

def has_ip?(fqdn, ip)
  answers = get_addresses(fqdn)
  answers.all? do |x|
    x.any? and x.all? { |i| i == ip }
  end
end