diff options
author | Paul Sokolovsky <paul.sokolovsky@linaro.org> | 2014-03-04 09:30:29 +0800 |
---|---|---|
committer | Paul Sokolovsky <paul.sokolovsky@linaro.org> | 2014-03-28 01:35:33 +0200 |
commit | 0092fd3599f1d67e352deaa2f25c19b49d4866a4 (patch) | |
tree | e24996f9d5c9e9408598cfd169861a3c6b307bf1 /iploc.py | |
parent | bd08463adb709fa2cf8b7a5aaf6d42f1ee4dca83 (diff) |
iploc: Parse dnshistory DB records properly.
Based on dnshistory source: dnshistory-1.3/src/dnshistory.c:store_dns_records().
Change-Id: Ia78293bcc3b9e1488890e999798e6faf6438518b
Diffstat (limited to 'iploc.py')
-rw-r--r-- | iploc.py | 31 |
1 files changed, 19 insertions, 12 deletions
@@ -28,23 +28,30 @@ temp_user = "" def get_reverse_dns(ip_address): - # XXX: this works only with IPv4 addresses. + # XXX: this works only with IPv4 addresses (because dnshistory works only with IPv4) octets = str(ip_address).split('.') # The keys in the the reverse DNS db are stored as a char encoded string # made from the single octet of the IP address. key = ''.join(chr(int(x)) for x in octets) value = REVERSE_DNS_DB.get(key) - if value: - if len(value[20:]) > 1: - # The value obtained ends with a \x00 char: need to unpack it - # and retrieve only the reverse value. Just replacing it with an - # empty string might not work if the string is encoded. - value, _ = struct.unpack( - '{0}sc'.format(len(value[20:]) - 1), value[20:]) - else: - # Value found, but no reverse DNS name in the DB. - value = None - return value + struct_sz = struct.calcsize("li") + assert len(value) > struct_sz + last_date, num_rec = struct.unpack("li", value[:struct_sz]) + value = value[struct_sz:] + + assert num_rec > 0 + for i in xrange(num_rec): + # struct module doesn't support variable-length fields, + # so we need to do manual munging + date = struct.unpack_from("l", value) + value = value[struct.calcsize("l"):] + i = value.index("\0") + fqdn = value[:i] + value = value[i:] + + # Return last fqdn, which is the latest + # XXX: really should do time-based lookups for best precision + return fqdn def main(file_names): |