nathanwoodburn/debug-tools
1
0
Fork 0
generated from nathanwoodburn/python-webserver-template
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Update tools to allow custom DNS server
Some checks failed
Build Docker / BuildImage (push) Failing after 32s
Details

Browse Source
This commit is contained in:
Nathan Woodburn
2025-10-30 11:55:48 +11:00
parent 6a68432a08
commit 8b95ee8332
2 changed files with 18 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Dockerfile
View File

@@ -9,7 +9,11 @@ COPY requirements.txt /app
RUN --mount=type=cache,target=/root/.cache/pip \
python3 -m pip install -r requirements.txt
COPY . /app
# Copy application files
COPY *.py /app/
COPY templates/ /app/templates/
COPY hsd_ksk /app
# Optionally mount /data to store the data
# VOLUME /data

20
tools.py
View File

@@ -14,22 +14,24 @@ from bs4 import BeautifulSoup
import requests_doh
import urllib3
import socket
import os
resolver = dns.resolver.Resolver()
resolver.nameservers = ["194.50.5.28","194.50.5.27","194.50.5.26"]
resolver.port = 53
resolver.nameservers = os.getenv("DNS_SERVERS", "194.50.5.27").split(",")
resolver.port = int(os.getenv("DNS_PORT", "53"))
DoHsession = requests_doh.DNSOverHTTPSSession("hnsdoh")
# Disable warnings
urllib3.disable_warnings()
def check_ssl(domain: str):
def check_ssl(domain: str):
domain_check = False
returns = {"success": False,"valid":False}
try:
# Query the DNS record
response = resolver.resolve(domain, "A")
response = resolver.resolve(domain, "A",lifetime=10)
records = []
for record in response:
records.append(str(record))
@@ -146,7 +148,7 @@ def check_ssl(domain: str):
try:
# Check for TLSA record
response = resolver.resolve("_443._tcp."+domain, "TLSA")
response = resolver.resolve("_443._tcp."+domain, "TLSA",lifetime=10)
tlsa_records = []
for record in response:
tlsa_records.append(str(record))
@@ -166,6 +168,9 @@ def check_ssl(domain: str):
return returns
# Catch all exceptions
except dns.exception.Timeout:
returns["message"] = f"DNS resolution timed out for {domain}. Please check your internet connection or try again later."
return returns
except Exception as e:
returns["message"] = f"An error occurred: {e}"
return returns
@@ -174,8 +179,9 @@ def check_ssl(domain: str):
def validate_dnssec(domain):
# Pick a random resolver
resolverIP = resolver.nameservers[0]
resolverPort = resolver.port
# delv @194.50.5.28 -a hsd-ksk nathan.woodburn A +rtrace +vtrace
command = f"delv @{resolverIP} -a hsd-ksk {domain} A +rtrace +vtrace"
command = f"delv @{resolverIP} -p {resolverPort} -a hsd-ksk {domain} A +rtrace +vtrace"
result = subprocess.run(command, shell=True, capture_output=True, text=True)
if "; fully validated" in result.stdout or "; negative response, fully validated" in result.stdout:
return {"valid": True, "message": "DNSSEC is valid", "output": result.stderr + result.stdout}
@@ -189,7 +195,7 @@ def curl(url: str):
url = "http://" + url
try:
# curl --doh-url https://hnsdoh.com/dns-query {url} --insecure
command = f"curl --doh-url https://hnsdoh.com/dns-query {url} --insecure --silent"
command = f"curl --doh-url https://hnsdoh.com/dns-query {url} --insecure --silent -A 'Woodburn'"
response = subprocess.run(command, shell=True, capture_output=True, text=True, timeout=10)
if response.returncode != 0:
return {"success": False, "error": response.stderr}