[Git][NTPsec/ntpsec][master] Address GitLab issue #314: Forward-confirmed reverse DNS

Eric S. Raymond gitlab at mg.gitlab.com
Mon Aug 14 00:44:36 UTC 2017 

Eric S. Raymond pushed to branch master at NTPsec / ntpsec


Commits:
fd65110b by Eric S. Raymond at 2017-08-13T20:43:43-04:00
Address GitLab issue #314: Forward-confirmed reverse DNS

- - - - -


1 changed file:

- pylib/util.py


Changes:

=====================================
pylib/util.py
=====================================
--- a/pylib/util.py
+++ b/pylib/util.py
@@ -470,7 +470,6 @@ def f8dot3(f):
 # A hack to avoid repeatedly hammering on DNS when ntpmon runs.
 canonicalization_cache = {}
 
-
 def canonicalize_dns(inhost, family=socket.AF_UNSPEC):
     "Canonicalize a hostname or numeric IP address."
     if inhost in canonicalization_cache:
@@ -1087,10 +1086,24 @@ class MRUSummary:
             rscode = 'L'
         else:
             rscode = '.'
-        (dns, port) = portsplit(entry.addr)
+        (ip, port) = portsplit(entry.addr)
         try:
-            if self.showhostnames:
-                dns = canonicalize_dns(dns)
+            if not self.showhostnames:
+                dns = ip
+            else:
+                dns = canonicalize_dns(ip)
+                # Forward-confirm the returned DNS
+                confirmed = False
+                try:
+                    ai = socket.getaddrinfo(dns, None)
+                    for (family, socktype, proto, canonname, sockaddr) in ai:
+                        if sockaddr and sockaddr[0] == ip:
+                            confirmed = True
+                            break
+                except socket.gaierror as e:
+                    pass
+                if not confirmed:
+                    dns = "%s (%s)" % (ip, dns)
             if not self.wideremote:
                 # truncate for narrow display
                 dns = dns[:40]
@@ -1100,7 +1113,7 @@ class MRUSummary:
                       ntp.magic.PKT_VERSION(entry.mv),
                       entry.ct, port[1:], dns)
             return stats
-        except TypeError:
+        except ValueError:
             # This can happen when ntpd ships a corrupt varlist
             return ''
 



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/fd65110bdb8168352b760ad9a0d8bd7f1e198e5c

---
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/fd65110bdb8168352b760ad9a0d8bd7f1e198e5c
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20170814/3aecb180/attachment.html>

More information about the vc mailing list