mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-20 23:49:30 +01:00
Merge pull request #633 from k0ste/2.9dev_newfeature
DNS CAA: drill query support.
This commit is contained in:
commit
502601c95e
@ -11677,6 +11677,9 @@ get_caa_rr_record() {
|
||||
if which dig &> /dev/null; then
|
||||
raw_caa="$(dig $1 type257 +short)"
|
||||
# empty if no CAA record
|
||||
elif which drill &> /dev/null; then
|
||||
a="$1"
|
||||
raw_caa="$(drill $a type257 | awk '/'"^${a}"'.*CAA/ { print $5,$6,$7 }')"
|
||||
elif which host &> /dev/null; then
|
||||
raw_caa="$(host -t type257 $1)"
|
||||
if egrep -wvq "has no CAA|has no TYPE257" <<< "$raw_caa"; then
|
||||
@ -11689,7 +11692,7 @@ get_caa_rr_record() {
|
||||
fi
|
||||
else
|
||||
return 1
|
||||
# No dig, host, or nslookup --> complaint was elsewhere already and except for one which has drill only we don't get here
|
||||
# No dig, drill, host, or nslookup --> complaint was elsewhere already
|
||||
fi
|
||||
OPENSSL_CONF="$saved_openssl_conf" # see https://github.com/drwetter/testssl.sh/issues/134
|
||||
debugme echo $raw_caa
|
||||
@ -11719,7 +11722,6 @@ get_caa_rr_record() {
|
||||
|
||||
# to do:
|
||||
# 4: check whether $1 is a CNAME and take this
|
||||
# 5: query with drill
|
||||
return 0
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user