Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-31 12:51:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

DNS CAA: drill query support.

Browse Source
This commit is contained in:
Konstantin Shalygin 2017-02-14 22:18:27 +07:00
parent 67fb3feff8
commit cdc5e89b64
No known key found for this signature in database
GPG Key ID: DAB31F3D3E5BCB69
1 changed files with 44 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
testssl.sh
View File

@ -11671,6 +11671,9 @@ get_caa_rr_record() {
if which dig &> /dev/null; then
raw_caa="$(dig $1 type257 +short)"
# empty if no CAA record
elif which drill &> /dev/null; then
a="$1"
raw_caa="$(drill $a type257 | awk '/'"^${a}"'.*CAA/ { print $5,$6,$7 }')"
elif which host &> /dev/null; then
raw_caa="$(host -t type257 $1)"
if egrep -wvq "has no CAA|has no TYPE257" <<< "$raw_caa"; then
@ -11683,7 +11686,7 @@ get_caa_rr_record() {
fi
else
return 1
# No dig, host, or nslookup --> complaint was elsewhere already and except for one which has drill only we don't get here
# No dig, drill, host, or nslookup --> complaint was elsewhere already
fi
OPENSSL_CONF="$saved_openssl_conf" # see https://github.com/drwetter/testssl.sh/issues/134
debugme echo $raw_caa
@ -11713,7 +11716,6 @@ get_caa_rr_record() {
# to do:
# 4: check whether $1 is a CNAME and take this
# 5: query with drill
return 0
}