mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-10-24 21:41:00 +02:00
Merge pull request #633 from k0ste/2.9dev_newfeature
DNS CAA: drill query support.
This commit is contained in:
commit
502601c95e
@ -11677,6 +11677,9 @@ get_caa_rr_record() {
|
|||||||
if which dig &> /dev/null; then
|
if which dig &> /dev/null; then
|
||||||
raw_caa="$(dig $1 type257 +short)"
|
raw_caa="$(dig $1 type257 +short)"
|
||||||
# empty if no CAA record
|
# empty if no CAA record
|
||||||
|
elif which drill &> /dev/null; then
|
||||||
|
a="$1"
|
||||||
|
raw_caa="$(drill $a type257 | awk '/'"^${a}"'.*CAA/ { print $5,$6,$7 }')"
|
||||||
elif which host &> /dev/null; then
|
elif which host &> /dev/null; then
|
||||||
raw_caa="$(host -t type257 $1)"
|
raw_caa="$(host -t type257 $1)"
|
||||||
if egrep -wvq "has no CAA|has no TYPE257" <<< "$raw_caa"; then
|
if egrep -wvq "has no CAA|has no TYPE257" <<< "$raw_caa"; then
|
||||||
@ -11689,7 +11692,7 @@ get_caa_rr_record() {
|
|||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
return 1
|
return 1
|
||||||
# No dig, host, or nslookup --> complaint was elsewhere already and except for one which has drill only we don't get here
|
# No dig, drill, host, or nslookup --> complaint was elsewhere already
|
||||||
fi
|
fi
|
||||||
OPENSSL_CONF="$saved_openssl_conf" # see https://github.com/drwetter/testssl.sh/issues/134
|
OPENSSL_CONF="$saved_openssl_conf" # see https://github.com/drwetter/testssl.sh/issues/134
|
||||||
debugme echo $raw_caa
|
debugme echo $raw_caa
|
||||||
@ -11719,7 +11722,6 @@ get_caa_rr_record() {
|
|||||||
|
|
||||||
# to do:
|
# to do:
|
||||||
# 4: check whether $1 is a CNAME and take this
|
# 4: check whether $1 is a CNAME and take this
|
||||||
# 5: query with drill
|
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user