????
Your IP : 18.226.34.223

Current Path : /lib/python3.9/site-packages/isc/__pycache__/
Current File : //lib/python3.9/site-packages/isc/__pycache__/policy.cpython-39.pyc
a

��g�`�
@s@ddlZddlmZddlmZddlTddlmZGdd�d�ZGdd�d�ZGdd	�d	e	�Z
Gd
d�d�Zedk�r<ddl
Z
e
jd
dkr�ee
jd�Ze��Ze��ed
d�Ze�e�nze
jd
dk�r<z4ee
jdddd�Zeejd�ee�d��Wn4e	�y:Zzeejd�WYdZ[n
dZ[00dS)�N)�*)�copyc@s�eZdZdZedZiZdZdZdZdZ	dZ
dd	�Zd
d�Zdd
�Z
dd�Zdd�Zdd�Zdd�Zdd�Zdd�Zdd�Zdd�ZdS)�	PolicyLex)
ZPOLICYZALGORITHM_POLICYZZONEZ	ALGORITHMZ	DIRECTORYZKEYTTLZKEY_SIZEZROLL_PERIODZPRE_PUBLISHZPOST_PUBLISHZCOVERAGEZSTANDBYZNONE)	Z
DATESUFFIXZKEYTYPEZALGNAME�STR�QSTRING�NUMBER�LBRACE�RBRACE�SEMIz 	z	(//|\#).*z\{z\}�;cCs|jj|j�d�7_dS)z\n+�
N��lexer�lineno�value�count��self�t�r�./usr/lib/python3.9/site-packages/isc/policy.py�	t_newline7szPolicyLex.t_newlinecCs|jj|j�d�7_dS)z/\*(.|\n)*?\*/rNr
rrrr�	t_comment;szPolicyLex.t_commentcCst�d|j��d���|_|S)z�(?i)(?<=[0-9 \t])(y(?:ears|ear|ea|e)?|mo(?:nths|nth|nt|n)?|w(?:eeks|eek|ee|e)?|d(?:ays|ay|a)?|h(?:ours|our|ou|o)?|mi(?:nutes|nute|nut|nu|n)?|s(?:econds|econd|econ|eco|ec|e)?)\bz(?i)(y|mo|w|d|h|mi|s)([a-z]*)�)�re�matchr�group�lowerrrrr�t_DATESUFFIX?szPolicyLex.t_DATESUFFIXcCs|j��|_|S)z(?i)\b(KSK|ZSK)\b�r�upperrrrr�	t_KEYTYPEDszPolicyLex.t_KEYTYPEcCs|j��|_|S)zg(?i)\b(DH|ECC|RSASHA1|NSEC3RSASHA1|RSASHA256|RSASHA512|ECDSAP256SHA256|ECDSAP384SHA384|ED25519|ED448)\brrrrr�	t_ALGNAMEIszPolicyLex.t_ALGNAMEcCs|j�|jd�|_|S)z[A-Za-z._-][\w._-]*r��reserved_map�getr�typerrrr�t_STRNszPolicyLex.t_STRcCs&|j�|jd�|_|jdd�|_|S)z"([^"\n]|(\\"))*"rr���r#rrrr�	t_QSTRINGSszPolicyLex.t_QSTRINGcCst|j�|_|S)z\d+)�intrrrrr�t_NUMBERYszPolicyLex.t_NUMBERcCs"td|jd�|j�d�dS)NzIllegal character '%s'rr)�printrr�skiprrrr�t_error^szPolicyLex.t_errorcKs^dtt�vrt�dd�}n
tdd�}|jD]}||j|���|�<q*tjfd|i|��|_dS)N�	maketrans�_�-�object)	�dir�strr/�reservedr$r�	translate�lexr)r�kwargsZtrans�rrrr�__init__bs

zPolicyLex.__init__cCs*|j�|�|j��}|sq&t|�qdS�N)r�input�tokenr,)r�textrrrr�testks

zPolicyLex.testN)�__name__�
__module__�__qualname__r5�tokensr$Zt_ignoreZt_ignore_olcommentZt_LBRACEZt_RBRACEZt_SEMIrrrr!r"r'r)r+r.r:r?rrrrrs&		rc	@s�eZdZdZdZdZdZdZdZdZ	dZ
dZdZdZ
dZdZdZdZdZddgddgddgddgddddd�Zddd�Zd	d
�Zdd�Zd
d�Zdd�Zdd�ZdS)�PolicyFNiii)�RSASHA1�NSEC3RSASHA1�	RSASHA256�	RSASHA512�ECDSAP256SHA256�ECDSAP384SHA384�ED25519�ED448cCs||_||_||_dSr;)�name�	algorithm�parent)rrMrNrOrrrr:�szPolicy.__init__cCsFd|jrdp"|jrdp"|jr dp"d|jp*d|jr8|jjp:d|jrRdt|j�dpTd|jp\d|jrlt|j�pnd|j	r~t|j	�p�d|j
r�t|j
�p�d|jr�t|j�p�d|jr�t|j�p�d|j
r�t|j
�p�d|jr�t|j�p�d|jr�t|j�p�d|jr�t|j�p�d|j�rt|j��pd|j�r(t|j��p*d|j�r>t|j��p@dfS)	Na%spolicy %s:
	inherits %s
	directory %s
	algorithm %s
	coverage %s
	ksk_keysize %s
	zsk_keysize %s
	ksk_rollperiod %s
	zsk_rollperiod %s
	ksk_prepublish %s
	ksk_postpublish %s
	zsk_prepublish %s
	zsk_postpublish %s
	ksk_standby %s
	zsk_standby %s
	keyttl %s
zconstructed zzone z
algorithm �ZUNKNOWN�None�")�is_constructed�is_zone�is_algrMrO�	directoryr4rN�coverage�ksk_keysize�zsk_keysize�ksk_rollperiod�zsk_rollperiod�ksk_prepublish�ksk_postpublish�zsk_prepublish�zsk_postpublish�ksk_standby�zsk_standby�keyttl�rrrr�__repr__�s2
����zPolicy.__repr__cCs |d|ko|dkSS)Nrrr)rZkey_sizeZ
size_rangerrrZ
__verify_size�szPolicy.__verify_sizecCs|jSr;)rMrcrrr�get_name�szPolicy.get_namecCs|jSr;)rSrcrrr�constructed�szPolicy.constructedcCs�|jr:|jdur:|j|jkr:t|j�dd|j|jffS|jrj|jdurj|j|jkrjdd|j|jffS|jr�|jdur�|j|jkr�dd|j|jffS|jr�|jdur�|j|jkr�dd|j|jffS|j�r|j�r|j�r|j|j|jk�rdd|j|j|jffS|j�rR|j�rR|j�rR|j|j|jk�rRdd|j|j|jffS|jdu�r�|j�	|j�}|du�r�|�
|j|��s�dd	|j|ffS|�
|j|��s�dd
|j|ffS|jdv�r�d|_d|_dS)
zr Check if the values in the policy make sense
        :return: True/False if the policy passes validation
        NFz6KSK pre-publish period (%d) exceeds rollover period %dz7KSK post-publish period (%d) exceeds rollover period %dz6ZSK pre-publish period (%d) exceeds rollover period %dz7ZSK post-publish period (%d) exceeds rollover period %dzGKSK pre/post-publish periods (%d/%d) combined exceed rollover period %dzGZSK pre/post-publish periods (%d/%d) combined exceed rollover period %dz&KSK key size %d outside valid range %sz&ZSK key size %d outside valid range %s)rIrJrKrL)TrP)
rZr\r,r]r[r^r_rN�valid_key_sz_per_algor%�_Policy__verify_sizerXrY)rZkey_sz_rangerrr�validate�s��
�

���
�
���
�
���
�
��������������
��zPolicy.validate)NNN)r@rArBrTrUrSrZr[r\r^r]r_rXrYr`rarbrWrVrgr:rdrhrerfrirrrrrDvs>�	
&rDc@seZdZdS)�PolicyExceptionN)r@rArBrrrrrjsrjc@s.eZdZiZiZiZdZdZdZdEdd�Z	dd�Z
dd�Zd	d
�Zdd�Z
d
d�Zdd�Zdd�Zdd�Zdd�Zdd�Zdd�Zdd�Zdd�Zdd �Zd!d"�Zd#d$�Zd%d&�Zd'd(�Zd)d*�Zd+d,�Zd-d.�Zd/d0�Zd1d2�Z d3d4�Z!d5d6�Z"d7d8�Z#d9d:�Z$d;d<�Z%d=d>�Z&d?d@�Z'dAdB�Z(dCdD�Z)dS)F�
dnssec_policyNTcKst�|_|jj|_d|vr"d|d<d|vr2d|d<tjfd|i|��|_|�d�t�}d|_d|_d|_	d|_
t|�|jd<d|jd_d|jd_
t|�|jd	<d	|jd	_d	|jd	_
t|�|jd
<d
|jd
_d
|jd
_
t|�|jd<d|jd_d|jd_
t|�|jd<d|jd_d|jd_
d|jd_	d|jd_
t|�|jd
<d
|jd
_d
|jd
_
d|jd
_	d|jd
_
t|�|jd<d|jd_d|jd_
d|jd_	d|jd_
t|�|jd<d|jd_d|jd_
d|jd_	d|jd_
|�r|�|�dS)N�debugF�write_tables�moduleapolicy global { algorithm rsasha256;
                                      key-size ksk 2048;
                                      key-size zsk 2048;
                                      roll-period ksk 0;
                                      roll-period zsk 1y;
                                      pre-publish ksk 1mo;
                                      pre-publish zsk 1mo;
                                      post-publish ksk 1mo;
                                      post-publish zsk 1mo;
                                      standby ksk 0;
                                      standby zsk 0;
                                      keyttl 1h;
                                      coverage 6mo; };
                      policy default { policy global; };TirErFrGrHrIrJrKrL)r�plexrC�yacc�parser�setuprDrNrUrXrYr�
alg_policyrM�load)r�filenamer8�prrrr:"s^

zdnssec_policy.__init__cCs\||_d|_t|��.}|��}d|jj_|j�|�Wd�n1sH0Yd|_dS�NTr)	ru�initial�open�readrorrrq�parse)rru�fr>rrrrtos

*zdnssec_policy.loadcCs d|_d|jj_|j�|�dSrw)rxrorrrqr{)rr>rrrrrys
zdnssec_policy.setupc	Ks|��}d}||jvr |j|}|durBt|jd�}||_d|_|jdur~|jpZ|jd}|rn|jsn|j}q\|rx|jpzd|_|j|jvr�|j|j}nt	d��|j
dur�|jp�|jd}|dur�|j
s�|j}q�|o�|j
|_
|jdu�r$|jp�|jd}|�r|j�s|j}q�|�r|j�p |j|_|jdu�rr|j�p@|jd}|j�r\|j�s\|j}�qB|�rj|j�pn|j|_|j
du�r�|j�p�|jd}|j�r�|j
�s�|j}�q�|�r�|j
�p�|j
|_
|jdu�r|j�p�|jd}|j�r�|j�s�|j}�q�|�r|j�p
|j|_|jdu�r\|j�p*|jd}|j�rF|j�sF|j}�q,|�rT|j�pX|j|_|jdu�r�|j�px|jd}|j�r�|j�s�|j}�qz|�r�|j�p�|j|_|jdu�r�|j�p�|jd}|j�r�|j�s�|j}�q�|�r�|j�p�|j|_|jdu�rF|j�p|jd}|j�r0|j�s0|j}�q|�r>|j�pB|j|_|jdu�r�|j�pb|jd}|j�r~|j�s~|j}�qd|�r�|j�p�|j|_|jdu�r�|j�p�|jd}|du�r�|j�s�|j}�q�|�o�|j|_d|v�s�|d�s|��\}}|�st	|��dS|S)N�defaultTzalgorithm not foundZ
novalidate)r�zone_policyr�named_policyrMrSrNrOrsrjrVrWrXrYrZr[r\r^r]r_rbri)	r�zoner8�zrvrOZapZvalid�msgrrr�policy~s�







��
��
��
��
��
��
zdnssec_policy.policycCsdS)zBpolicylist : init policy
                      | policylist policyNr�rrvrrr�p_policylist�szdnssec_policy.p_policylistcCs
d|_dS)zinit :FN)rxr�rrr�p_init�szdnssec_policy.p_initcCsdS)zTpolicy : alg_policy
                  | zone_policy
                  | named_policyNrr�rrr�p_policy�szdnssec_policy.p_policycCs|d|d<dS)zAname : STR
                | KEYTYPE
                | DATESUFFIXrrNrr�rrr�p_name�szdnssec_policy.p_namecCs,|d��|d<t�d|d�s(td��dS)zcdomain : STR
                  | QSTRING
                  | KEYTYPE
                  | DATESUFFIXrrz^[\w.-][\w.-]*$zinvalid domainN)�striprrrjr�rrr�p_domain�szdnssec_policy.p_domaincCst�|_dS)znew_policy :N)rD�currentr�rrr�p_new_policyszdnssec_policy.p_new_policycCs(|d|j_d|j_|j|j|d<dS)zFalg_policy : ALGORITHM_POLICY ALGNAME new_policy alg_option_group SEMI�TN)r�rMrUrsr�rrr�p_alg_policy
szdnssec_policy.p_alg_policycCs8|d�d�|j_d|j_|j|j|d�d���<dS)z=zone_policy : ZONE domain new_policy policy_option_group SEMIr��.TN)�rstripr�rMrTr~rr�rrr�
p_zone_policyszdnssec_policy.p_zone_policycCs$|d|j_|j|j|d��<dS)z>named_policy : POLICY name new_policy policy_option_group SEMIr�N)r�rMrrr�rrr�p_named_policyszdnssec_policy.p_named_policycCs|d|d<dS)zduration : NUMBERrrNrr�rrr�p_duration_1szdnssec_policy.p_duration_1cCsd|d<dS)zduration : NONENrrr�rrr�p_duration_2#szdnssec_policy.p_duration_2cCs�|ddkr|dd|d<n�|ddkr<|dd|d<n�|ddkrZ|dd	|d<n||dd
krx|dd|d<n^|ddkr�|dd
|d<n@|ddkr�|dd|d<n"|ddkr�|d|d<ntd��dS)zduration : NUMBER DATESUFFIXr��yri�3�r�moi�'�wi�:	�di�Q�hi�mi�<�szinvalid durationN)rjr�rrr�p_duration_3(szdnssec_policy.p_duration_3cCsdS)z6policy_option_group : LBRACE policy_option_list RBRACENrr�rrr�p_policy_option_group;sz#dnssec_policy.p_policy_option_groupcCsdS)zmpolicy_option_list : policy_option SEMI
                              | policy_option_list policy_option SEMINrr�rrr�p_policy_option_list?sz"dnssec_policy.p_policy_option_listcCsdS)a�policy_option : parent_option
                         | directory_option
                         | coverage_option
                         | rollperiod_option
                         | prepublish_option
                         | postpublish_option
                         | keysize_option
                         | algorithm_option
                         | keyttl_option
                         | standby_optionNrr�rrr�p_policy_optionDszdnssec_policy.p_policy_optioncCsdS)z0alg_option_group : LBRACE alg_option_list RBRACENrr�rrr�p_alg_option_groupQsz dnssec_policy.p_alg_option_groupcCsdS)z^alg_option_list : alg_option SEMI
                           | alg_option_list alg_option SEMINrr�rrr�p_alg_option_listUszdnssec_policy.p_alg_option_listcCsdS)aalg_option : coverage_option
                      | rollperiod_option
                      | prepublish_option
                      | postpublish_option
                      | keyttl_option
                      | keysize_option
                      | standby_optionNrr�rrr�p_alg_optionZszdnssec_policy.p_alg_optioncCs|j|d��|j_dS)zparent_option : POLICY namer�N)rrr�rOr�rrr�p_parent_optiondszdnssec_policy.p_parent_optioncCs|d|j_dS)z$directory_option : DIRECTORY QSTRINGr�N)r�rVr�rrr�p_directory_optionhsz dnssec_policy.p_directory_optioncCs|d|j_dS)z#coverage_option : COVERAGE durationr�N)r�rWr�rrr�p_coverage_optionlszdnssec_policy.p_coverage_optioncCs*|ddkr|d|j_n|d|j_dS)z0rollperiod_option : ROLL_PERIOD KEYTYPE durationr��KSK�N)r�rZr[r�rrr�p_rollperiod_optionpsz!dnssec_policy.p_rollperiod_optioncCs*|ddkr|d|j_n|d|j_dS)z0prepublish_option : PRE_PUBLISH KEYTYPE durationr�r�r�N)r�r\r^r�rrr�p_prepublish_optionwsz!dnssec_policy.p_prepublish_optioncCs*|ddkr|d|j_n|d|j_dS)z2postpublish_option : POST_PUBLISH KEYTYPE durationr�r�r�N)r�r]r_r�rrr�p_postpublish_option~sz"dnssec_policy.p_postpublish_optioncCs*|ddkr|d|j_n|d|j_dS)z(keysize_option : KEY_SIZE KEYTYPE NUMBERr�r�r�N)r�rXrYr�rrr�p_keysize_option�szdnssec_policy.p_keysize_optioncCs*|ddkr|d|j_n|d|j_dS)z'standby_option : STANDBY KEYTYPE NUMBERr�r�r�N)r�r`rar�rrr�p_standby_option�szdnssec_policy.p_standby_optioncCs|d|j_dS)zkeyttl_option : KEYTTL durationr�N)r�rbr�rrr�p_keyttl_option�szdnssec_policy.p_keyttl_optioncCs|d|j_dS)z$algorithm_option : ALGORITHM ALGNAMEr�N)r�rNr�rrr�p_algorithm_option�sz dnssec_policy.p_algorithm_optioncCsd|r.td|jpd|jrdnd|j|jf�n2|js`td|jp@d|jrJdnd|rV|jpXdf��dS)Nz%s%s%d:syntax error near '%s'rP�:z%s%s%d:unexpected end of inputr)r,rurrrxrjr�rrr�p_error�s����zdnssec_policy.p_error)N)*r@rArBrsrr~r�rurxr:rtrrr�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�rrrrrksN
M
h


rk�__main__rr7r�)rlr{T)rmrlr}znonexistent.zone)rZply.lexr7Zply.yaccrp�stringrrrD�	Exceptionrjrkr@�sys�argvry�filerzr>�closeror?�ppr,rr��e�argsrrrr�<module>s6`"