HEX
Server: Apache
System: Linux server2.voipitup.com.au 4.18.0-553.109.1.lve.el8.x86_64 #1 SMP Thu Mar 5 20:23:46 UTC 2026 x86_64
User: posscale (1027)
PHP: 8.2.30
Disabled: exec,passthru,shell_exec,system
$ pwd: /opt/saltstack/salt/lib/python3.10/site-packages/salt/utils/__pycache__/
Upload Files
File: //opt/saltstack/salt/lib/python3.10/site-packages/salt/utils/__pycache__/dns.cpython-310.pyc
o

�N�g���@s�dZddlZddlZddlZddlZddlZddlZddlZddlZddl	Z	ddl
Z
ddlZddlZddl
ZddlZddlZddlZddlZddlmZddlmZzddlZdZWneyedZYnwzddlZdZWneyydZYnwejj�d�duZ dZ!ejj�d	�duZ"ejj�d
�duZ#ejj�d�duZ$dej%j&j'iZ(e�)e*�Z+Gd
d�d�Z,dd�Z-dXdd�Z.dd�Z/dd�Z0dd�Z1dd�Z2dd�Z3dd�Z4dYdd �Z5dYd!d"�Z6dZd#d$�Z7d[d%d&�Z8dYd'd(�Z9d[d)d*�Z:						d\d+d,�Z;						d\d-d.�Z<d]d/d
�Z=d0d1�Z>d2d3�Z?d4d5�Z@d^d7d8�ZAd9d:�ZBd;d<�ZCd=d>�ZDd?d@�ZEd_dAdB�ZFd`dDdE�ZGdFdG�ZHdHdI�ZIdJdK�ZJdLdM�ZKdNdO�ZLdadPdQ�ZMdbdSdT�ZNdcdVdW�ZOdS)dz�
Compendium of generic DNS utilities
# Examples:
dns.lookup(name, rdtype, ...)
dns.query(name, rdtype, ...)

dns.srv_rec(data)
dns.srv_data('my1.example.com', 389, prio=10, weight=100)
dns.srv_name('ldap/tcp', 'example.com')

�N)�	ipaddress)�OrderedDictTF�digz)+search +fail +noall +answer +nocl +nottl�drill�host�nslookup�cmd.run_allc@sNeZdZdZdZed�Zed�Zed�Zed�Z	ed�Z
dZedd
d��Z
d	S)
�RFCzL
    Simple holding class for all RFC/IANA registered lists & standards
    )�issue�	issuewildZiodef))��rsa)�Zdsa)�Zecdsa)�Zed25519))r�sha1)r�sha256))rZpkixta)rZpkixee)rZdaneta)rZdaneee))r�cert)rZspki))r�full)rr)r�sha512)�tcpZudpZsctpNcsD�|vr�S|dkr�fdd�|��D�dSdd�|��D��S)N�incsg|]
\}}�|vr|�qS�r��.0�code�name��lookupr�B/opt/saltstack/salt/lib/python3.10/site-packages/salt/utils/dns.py�
<listcomp>rsz RFC.validate.<locals>.<listcomp>���cSsi|]\}}||�qSrrrrrr�
<dictcomp>u�z RFC.validate.<locals>.<dictcomp>)�items)r�ref�matchrrr�validatems
zRFC.validate�N)�__name__�
__module__�__qualname__�__doc__�CAA_TAGSr�
SSHFP_ALGO�
SSHFP_HASH�
TLSA_USAGE�TLSA_SELECT�
TLSA_MATCHING�	SRV_PROTO�staticmethodr'rrrrr	9s*�	��	��r	c	CsLzt|�}d|krdksJ�J�|WSttfy%td|����w)Nri��z
Invalid port )�int�
ValueError�AssertionError)�portrrr�_to_portxs�r9cCs�|�d�}d|vs
Jd��|s'trt�|�j}nt�d|���}t�	d||�|g}	|�
d�}|dkr7	|S||dd�}||krF	|S|�|�q+)	a0
    Split out a domain in its parents

    Leverages tldextract to take the TLDs from publicsuffix.org
    or makes a valiant approximation of that

    :param domain: dc2.ams2.example.com
    :param tld: Include TLD in list
    :return: [ 'dc2.ams2.example.com', 'ams2.example.com', 'example.com']
    �.zProvide a decent domainzC((?:(?:ac|biz|com?|info|edu|gov|mil|name|net|n[oi]m|org)\.)?[^.]+)$z9Without tldextract, dns.util resolves the TLD of %s to %sTrrN)�rstrip�HAS_TLDEXTRACT�
tldextract�extract�suffix�re�search�group�log�info�find�append)�domainZtld�res�idxrrr�_tree�s4
���
�
��rJcCsrg}dd�|D�}|r7t��t|�}t|�D]\}}||8}|dkr4|�|�|�d�|�|�nq|s|S)NcSsg|]}|d�qS)�weightr)rZrecrrrr ��z#_weighted_order.<locals>.<listcomp>rr)�random�sum�	enumeraterF�pop)�recsrH�weightsZrnd�i�wrrr�_weighted_order�s
��	rUcCsPt|t�rttt|�����|�}||}|St|ttf�r$t�	||�S||�Sr()
�
isinstance�dict�type�next�iter�keys�list�tupler	r')�rec_data�rec_castrHrrr�_cast�s
r`cCs�zR|�d�}t|�t|�ksJ�t|�t|�kr.t|�d}|d|�d�||d��g}t|�dkrDt|dtt|�����}|WSdd�t|��|�D�}|WSt	t
ttfyp}ztd�
||d�|������d}~ww)	z�
    schema = OrderedDict({
        'prio': int,
        'weight': int,
        'port': to_port,
        'name': str,
    })
    rec_data = '10 20 25 myawesome.nl'

    res = {'prio': 10, 'weight': 20, 'port': 25 'name': 'myawesome.nl'}
    � rr�NcSs i|]\\}}}|t||��qSr)r`)r�
field_namer_Z	rec_fieldrrrr"�s

��z_data2rec.<locals>.<dictcomp>z"Unable to cast "{0}" as "{2}": {1})�split�len�joinr`rYrZ�values�zipr$r7�AttributeError�	TypeErrorr6�formatr[)�schemar^Z
rec_fields�cutoffrH�errr�	_data2rec�s*
 ������rocCs�t|ttf�s
|g}t�}z7|D]1}t||�}|r||vsJ�|�|�}||vr,g||<t|�dkr:tt|�	���}||�
|�q|WSttfyc}ztd�
d�|�d�|���|���d}~ww)Nrz*Unable to cast "{}" as a group of "{}": {}�,ra)rVr\r]rrorPrerYrZrgrFr7r6rkrfr[)rlZ	recs_dataZ	group_keyrH�rdatarIrnrrr�_data2rec_group�s,

����rrcGs
d�|�S)Nra)rf�rqrrr�	_rec2datas
rtcCs0|�tj�}|�d�r|�d�r|dd�S|S)N)�"�'rr!)�strip�string�
whitespace�
startswith�endswith)�datarrr�_data_cleansr}cCsVdt�d|�d�}|r|d�dd�|D��7}|dur4|r(tt|�t|��}nt|�}|d|�d�7}|r:|d	7}td
|�d|��ddd
�}d|dvrUtd|����|ddkrnt�d|d|d�	t
jd��dS|dstgSd}g}|d��D]"}|�
dd�\}	}
}|
dkr�|dkr�q~|
dkr�d}q~|�t|��q~|r�|r�|s�dS|S)z�
    Use dig to lookup addresses
    :param name: Name of record to search
    :param rdtype: DNS record type
    :param timeout: server response timeout
    :param servers: [] of servers to use
    :return: [] of records or False if error
    zdig z -t rarbcS�g|]}d|�d��qS��@rar�rZsrvrrrr �z_lookup_dig.<locals>.<listcomp>Nz+time=z+dnssec +adflag rF�quiet��python_shell�output_loglevelzignoring invalid type�stderr�Invalid DNS type �retcoderzdig returned (%s): %s�;�stdoutr�CNAME�RRSIGT)�DIG_OPTIONSrfr5�floatre�__salt__r6rC�warningrwrxry�
splitlinesrdrFr})r�rdtype�timeout�servers�secure�cmd�	validatedrH�line�_Zrtyperqrrr�_lookup_digsJ	��r�cCsZd}|r|d7}||�d|�d�7}|r |d�dd�|D��7}td||dd	d
�}|ddkr=t�d
|d|d�dSt|d���}d}g}zPd}	d|	vrXt|�}	d|	vsP	t|�}	|	��}	|	rh|	�d�rin/|	�	dd�dd�\}
}|
dkr~|dkr~qX|
dkr�d}qX|
|kr�t
d|����|�t|��qYWn	t
y�Ynw|r�|r�|s�dS|S)z�
    Use drill to lookup addresses
    :param name: Name of record to search
    :param rdtype: DNS record type
    :param timeout: command return timeout
    :param servers: [] of servers to use
    :return: [] of records or False if error
    zdrill z	-D -o ad rarbcSr~rrr�rrrr Rr�z!_lookup_drill.<locals>.<listcomp>rFr�)r�r�r�r�rzdrill returned (%s): %sr�r�zANSWER SECTIONTz;;Nr���r�r�r�)rfr�rCr�rZr�rYrwrzrdr6rFr}�
StopIteration)rr�r�r�r�r��
lookup_resr�rHr�Zl_typeZl_recrrr�
_lookup_drillDsT	���
�r�cCsz|dkrtj}n|dkrtj}ntd|�d���|rt�d�zdd�t�|d|d	tj�D�}|WStjy<Yd
Sw)z�
    Use Python's socket interface to lookup addresses
    :param name: Name of record to search
    :param rdtype: A or AAAA
    :param timeout: ignored
    :return: [] of addresses or False if error
    �A�AAAAr�z for gai lookupz<Ignoring timeout on gai resolver; fix resolv.conf to do thatcSsg|]}|dd�qS)rrr)r�sockrrrr ��
��z_lookup_gai.<locals>.<listcomp>NrF)	�socket�AF_INET�AF_INET6r6rCrD�getaddrinfo�SOCK_RAW�gaierror)rr�r�Zsock_t�	addressesrrr�_lookup_gai|s
��r�c	Cs8d|�d�}|r|dt|��d�7}||7}|dur!|d|��7}td|ddd�}d	|d
vr7td|����|dd
krJt�d|d|d
�dSd|dvrRgSg}|dur\|dn|d�d�d}|��D]0}|dkrtd|vrtqi|�dd�d}dD]}|�|�r�|t|�dd�}nq~|�	t
|��qi|S)z�
    Use host to lookup addresses
    :param name: Name of record to search
    :param server: Server to query
    :param rdtype: DNS record type
    :param timeout: server response wait
    :return: [] of records or False if error
    zhost -t raz-W NrFr�r�zinvalid typer�r�r�rzhost returned (%s): %szhas nor�z

r!r�zis an aliasr)�record�addressz
handled byz	alias forr)r5r�r6rCr�rdr�rzrerFr})	rr�r��serverr�rHZ_stdoutr��prefixrrr�_lookup_host�s6	"
�r�cCs�tj��}|durt|�|_|r||_|r|jtjj7_zdd�|j	||dd�D�}|WStj
jy>td|����tjj
tjjtjjtjjfySYdSw)z�
    Use dnspython to lookup addresses
    :param name: Name of record to search
    :param rdtype: DNS record type
    :param timeout: query timeout
    :param server: [] of server(s) to try in order
    :return: [] of records or False if error
    NcSsg|]}t|����qSr)r}Zto_text)rZrrrrrr �r�z%_lookup_dnspython.<locals>.<listcomp>F)Zraise_on_no_answerr�)�dns�resolverZResolverr�Zlifetime�nameserversZ	ednsflags�flagsZDO�queryZ	rdatatypeZUnknownRdatatyper6ZNXDOMAINZYXDOMAINZ
NoNameservers�	exceptionZTimeout)rr�r�r�r�r�rHrrr�_lookup_dnspython�s,
	
�
��r�cCs�d|�d|��}|dur|dt|���7}|dur |d|��7}td|ddd�}|d	d
krFt�d|d	|d��d
�tjd��dSt|d���}g}z}t	|�}d|vr`t
d|����	||vrfnt	|�}qa	|��}|rw|�d�rxnT|dkr�d|vr�|��d
dd
�}t	|�}qk|dkr�|�d�}n%|�d�r�t	|�}|�dd�}n|�|�r�d|vr�|�dd�}n|�d�}|�
t|d
��t	|�}qlWn	ty�Ynw|dkr�d�|dd��gS|S)z�
    Use nslookup to lookup addresses
    :param name: Name of record to search
    :param rdtype: DNS record type
    :param timeout: server response timeout
    :param server: server to query
    :return: [] of records or False if error
    znslookup -query=raNz
 -timeout=rFr�r�r�rznslookup returned (%s): %sr�r!r�zunknown query typer�T�*r�zcanonical name�SOA�=zName:�:r)r5r�rCr�r�rwrxryrZrYr6rzrdrFr}r�rf)rr�r�r�r�r�rHr�rrr�_lookup_nslookup�sf	��


��r�c	si}�p	|�dd��|p|�dd�}�p|�dd��|p!|�dd�}|��}dtt|d	v�|f�fd
ttfdttfdtt	fd
t
toD|fdtt
oK|ff}	z�dkr_tdd�|	D��\�}
nt�fdd�|	D��}
Wnty}t�d�||�YdSwd|i}�r�t�ttf�s��g��dvr��|d<n|r�|t��}�fdd�}||
�}
|s�|g}n;d}
|dvr�|�d�d}
|�d|
�d}
||
d�}|d|
��t||�}|dkr�fdd�|D�}|r�|t|�}|r�||d<|r�||d<|D]�|
dd�i|��}|�r
|Sq�|S)aI
    Lookup DNS records and return their data

    :param name: name to lookup
    :param rdtype: DNS record type
    :param method: gai (getaddrinfo()), dnspython, dig, drill, host, nslookup or auto (default)
    :param servers: (list of) server(s) to try in-order
    :param timeout: query timeout or a valiant approximation of that
    :param walk: Walk the DNS upwards looking for the record type or name/recordtype if walk='name'.
    :param walk_tld: Include the final domain in the walk
    :param secure: return only DNSSEC secured responses
    :return: [] of record data
    �method�autor�Nr�r�FZgai)r�r��	dnspythonrrrrcss"�|]\}}}|r||fVqdSr(r�r�rnameZrcbZrtestrrr�	<genexpr>Ws� zlookup.<locals>.<genexpr>c3s&�|]\}}}|�kr|r|VqdSr(rr�)r�rrr�\s���zZUnable to lookup %s/%s: Resolver method %s invalid, unsupported or unable to perform queryr�)r�rrcst�����fdd��}|S)Ncs,�D]}�dd|i|��}|r|SqdS)Nr�rr)�
res_kwargsr�Zs_res)�resolv_funcr�rr�_wrapper{s��z-lookup.<locals>._multi_srvr.<locals>._wrapper)�	functools�wraps)r�r�)r�)r�r�_multi_srvrzszlookup.<locals>._multi_srvrr)�SRV�TLSAr:rrcsg|]}�|�qSrr)rrG)r�rrr �rLzlookup.<locals>.<listcomp>r)�get�upperr��anyr��
HAS_DNSPYTHONr��HAS_DIGr��	HAS_DRILLr��HAS_HOSTr��HAS_NSLOOKUPrYr�rC�errorrVr\r]rerErJ)rr�r�r�r��walk�walk_tldr��optsZ
query_methodsr�r�r�rIrGrHr)r�r�r�rr*s��	
�
������


�rc
s�����||||||d�}�dkr|�d�st|�}�dkr8dd�t|dfi|��D�}	|	s7t|�fi|��}	n	t|�fi|��}	tttttt	t
ttd�	�|	rS��vrU|	S�d	vre��fd
d�|	D�}
|
S�dvrs��|	d�}
|
S��|	�}
|
S)
a�
    Query DNS for information.
    Where `lookup()` returns record data, `query()` tries to interpret the data and return its results

    :param name: name to lookup
    :param rdtype: DNS record type
    :param method: gai (getaddrinfo()), pydns, dig, drill, host, nslookup or auto (default)
    :param servers: (list of) server(s) to try in-order
    :param timeout: query timeout or a valiant approximation of that
    :param secure: return only DNSSEC secured response
    :param walk: Walk the DNS upwards looking for the record type or name/recordtype if walk='name'.
    :param walk_tld: Include the top-level domain in the walk
    :return: [] of records
    )r�r�r�r�r�r�ZPTRZarpa�SPFcSsg|]	}|�d�r|�qS)�v=spf)rz)rZanswerrrrr �s��zquery.<locals>.<listcomp>ZTXT)	r�r�ZCAAZMXr�r�r��SSHFPr�)r�r�r�r�csg|]}��|��qSrr)rrH�r�Zrec_maprrr �r�)r�r�r)
r�r{�ptr_namer�a_rec�aaaa_rec�caa_rec�mx_rec�soa_rec�spf_rec�srv_rec�	sshfp_rec�tlsa_rec)rr�r�r�r�r�r�r�Zqargs�qresrHrr�rr��sL�	�����r�cKsLi}|rt|dfi|��}|r||d<|r$t|dfi|��}|r$||d<|S)z�
    Return a list of addresses for name

    ip6:
        Return IPv6 addresses
    ip4:
        Return IPv4 addresses

    the rest is passed on to lookup()
    r��ip6r��ip4r)rr�r��kwargsrHrrrr�scC�tdtjff�}t||�S)z}
    Validate and parse DNS record data for an A record
    :param rdata: DNS record data
    :return: { 'address': ip }
    r�)rr�IPv4Addressro�rq�rschemarrrr��
r�cCr�)z�
    Validate and parse DNS record data for an AAAA record
    :param rdata: DNS record data
    :return: { 'address': ip }
    r�)rr�IPv6Addressror�rrrr�r�r�cCs�tddd�fdtjfddd�ff�}t||d�}dD]3}|�|d�}|s%qt|�D]#\}}d	|vr2q)|�d	d
�\}}tdd�t�|�D��}||i||<q)q|S)
zz
    Validate and parse DNS record data for a CAA record
    :param rdata: DNS record data
    :return: dict w/fields
    r�cSst|�dkr	dgSgS)Nr�critical)r5)�flagrrr�<lambda>!r#zcaa_rec.<locals>.<lambda>�tag�valuecSs
|�d�S)Nz',")rw��valrrrr�#s
)r
rFr�rcss�|]}|�d�VqdS)r�N)rd)r�paramrrrr�1s�zcaa_rec.<locals>.<genexpr>)	rr	r-rrr�rOrdrW�shlex)�rdatasr�rHr�Ztag_resrIr��paramsrrrr�s&

���r��
cCstt|�|�S)z�
    Generate MX record data
    :param target: server
    :param preference: preference number
    :return: DNS record data
    )rtr5)�target�
preferencerrr�mx_data7sr�cCs tdtfdtff�}t||d�S)zz
    Validate and parse DNS record data for MX record(s)
    :param rdata: DNS record data
    :return: dict w/fields
    r�r)rr5�strrr�r�r�rrrr�As��r�cCs0zt�|�jWStyt�d|�YdSw)z_
    Return PTR name of given IP
    :param rdata: IP address
    :return: PTR record name
    z;Unable to generate PTR record; %s is not a valid IP addressF)r�
ip_address�reverse_pointerr6rCr�rsrrrr�Ps�r�c	Cs<tdtfdtfdtfdtfdtfdtfdtff�}t||�S)z{
    Validate and parse DNS record data for SOA record(s)
    :param rdata: DNS record data
    :return: dict w/fields
    Zmnamer��serialZrefreshZretryZexpireZminimum)rr�r5ror�rrrr�]s��
r�c	Cs*|�d�}|�d��d�std��t�}t�}|D]y}|�d�r:|�dd�\}}||vr4td|�d	���|�|�qi}|dd
vrN|d|d<|dd�}d
|vr[|�d
d�\}}nd|vrq|�d�}|d|�}||d�}nd}|||<|szq|dvr�t	�
|�}|jt|d�ks�J�||d<q|S)z{
    Validate and parse DNS record data for SPF record(s)
    :param rdata: DNS record data
    :return: dict w/fields
    rarr�zNot an SPF record)�expZredirectr�rz	Modifier z can only appear once)�+�-�~�?Z	qualifierNr��/)r�r�r!r�)
rdrPrzr6r�set�KeyError�addrEr�ip_interface�versionr5)	rqZ
spf_fieldsrH�modsZ	mech_spec�modr�ZmechrIrrrr�qs>


	


r�cCst||||�S)zw
    Generate SRV record data
    :param target:
    :param port:
    :param prio:
    :param weight:
    :return:
    )rt)r�r8�priorKrrr�srv_data�s	rrcCsHt�|tj�}t|t�s|��rt|�}|rd|}d|�d|�|��S)z�
    Generate SRV record name
    :param svc: ldap, 389 etc
    :param proto: tcp, udp, sctp etc.
    :param domain: name to append
    :return:
    r:r�z._)r	r'r3rVr5�isdigitr9)�svc�protorGrrr�srv_name�srcCs,tdtfdtfdtfdtff�}t||d�S)z{
    Validate and parse DNS record data for SRV record(s)
    :param rdata: DNS record data
    :return: dict w/fields
    rrKr8r)rr5r9r�rrr�rrrr��s��r�cCsLt�|tjd�}t�|tj�}t�|�}|�t�|��|�	�}t
|||�S)z�
    Generate an SSHFP record
    :param key_t: rsa/dsa/ecdsa/ed25519
    :param hash_t: sha1/sha256
    :param pub: the SSH public key
    r)r	r'r.r/�hashlib�new�update�base64�	b64decode�	hexdigestrt)Zkey_tZhash_t�pub�hasherZssh_fprrr�
sshfp_data�s
rcCs,tdtjfdtjfddd�ff�}t||�S)�|
    Validate and parse DNS record data for TLSA record(s)
    :param rdata: DNS record data
    :return: dict w/fields
    �	algorithmZfp_hashZfingerprintcSs|��Sr()�lowerr�rrrr��szsshfp_rec.<locals>.<lambda>)rr	r.r/ror�rrrr��s���
r�cCs|t�|tj�}t�|tj�}t�|tj�}t�|���}|dkr&t�	|�}nt
�tj|�}|�|�|�
�}t||||�S)z�
    Generate a TLSA rec
    :param pub: Pub key in PEM format
    :param usage:
    :param selector:
    :param matching:
    :return: TLSA data portion
    r)r	r'r0r1r2�ssl�PEM_cert_to_DER_certrw�binascii�b2a_hexrrrrrt)r�usage�selector�matchingZcert_fprrrr�	tlsa_data�s	
r)cCs0tdtjfdtjfdtjfdtff�}t||�S)rr&r'r(r)rr	r0r1r2r�ror�rrrr�s��
	r�c	CsHtt|||�d||d�}|sdSg}|��D]\}}|�t|��q|S)a�
    Find an SRV service in a domain or its parents
    :param svc: service to find (ldap, 389, etc)
    :param proto: protocol the service talks (tcp, udp, etc)
    :param domain: domain to start search in
    :param walk: walk the parents if domain doesn't provide the service
    :param secure: only return DNSSEC-validated results
    :return: [
        [ prio1server1, prio1server2 ],
        [ prio2server1, prio2server2 ],
    ] (the servers will already be weighted according to the SRV rules)
    r�)r�r�F)r�rr$rFrU)	rrrGr�r�r�rHr�rQrrr�service%s
r*�
/etc/servicescCs�i}tjj�|d���}|��D]�}tjj�|���}|r!|�d�r"qd|vr3|�	dd�\}}|��}nd}|�	�}|�
d��	d�\}}t|�}|D]W}|�|i�}|�|d�}	|	si||d�}
|rd||
d<|
||<n3|	d	}t
|ttf�rz|�|�n||g|	d	<|	�dd�}|r�|s�||	d<n
||kr�|�d
|��|	d<|||<qIqWd�n1s�wY|��D]\}
}
t|
�dkr�|
���
�||
<q�t|
���||
<q�|S)z�
    Parse through system-known services
    :return: {
        'svc': [
          {  'port': port
             'proto': proto,
             'desc': comment
          },
        ],
    }
    �r�#rNrF)r8r�descrz, )�salt�utils�files�fopen�	readlines�stringutils�
to_unicoderwrzrdrPr5r�rVr\r]rFr$rerg)Z
services_filerHZsvc_defsZsvc_defZcommentr8rrZsvc_resZpp_resrZ
curr_protoZ	curr_descr|rrr�services=sV
�


���)r6�/etc/resolv.confc
Cs�g}g}g}g}g}d}g}�z:tjj�|���
}|D�]}	tjj�|	�����}	z�|	d��|	dd�}
}t	t
�dd�|��}|
dkr�|d}z2t�
|�}
|
j}t|
�}
|
|vr_|�|
�|dkrm|
|vrm|�|
�n
|d	krz|
|vrz|�|
�Wn�ty�}z
t�d
||�WYd}~n�d}~ww|
dkr�|d}nt|
dkr�|}nm|
d
kr�|D]R}zt�|�}Wnty�}z
t�d
||�WYd}~q�d}~wwd|vr�|jdkr�t|j�}
tjj�|
�}tj|
�|��dd�}|jd	kr�	||vr�|�|�q�n|
dk�r|d|v�r|�|d�Wqt�yYqwWd�n	1�s)wY|�r:|�r:t�d|�|||dd�|D�|||d�WSt�yUiYSw)zN
    Parse a resolver configuration file (traditionally /etc/resolv.conf)
    rbrrNcSs|ddvS)Nr)r-r�r)�xrrrr��szparse_resolv.<locals>.<lambda>Z
nameserverr�z%s: %srGrA�sortlistrF)�strict�optionsz:%s: The domain and search keywords are mutually exclusive.cSsg|]}|j�qSr)�with_netmask)r�iprrrr �sz parse_resolv.<locals>.<listcomp>)r��ip4_nameservers�ip6_nameserversr:rGrAr<)r/r0r1r2r4r5rwrdr!r\�	itertools�	takewhilerrr
r�rFr6rCr��
ip_network�network_address�networkZnatural_ipv4_netmask�
IndexError�debug�OSError)�srcr�r?r@rAr:rGr<Zsrc_filer�Z	directive�arg�addrZip_addrr
�excZip_rawZip_net�maskrrr�parse_resolv}s�
�


���
��

��

��
����B�	�rN)F)NNNr()NN)NNNFFN)TT)r�)r�r�)rN)rNFN)r+)r7)Pr,rr$r�rrA�loggingrMr@r�r�r"rxZsalt.modules.cmdmodr/Zsalt.utils.filesZsalt.utils.networkZsalt.utils.pathZsalt.utils.stringutilsZsalt._compatrZsalt.utils.odictrZdns.resolverr�r��ImportErrorr=r<r0�path�whichr�r�r�r�r��modulesZcmdmodZrun_allr��	getLoggerr)rCr	r9rJrUr`rorrrtr}r�r�r�r�r�r�rr�rr�r�r�r�r�r�r�r�rrr�rr�r)r�r*r6rNrrrr�<module>s���
?
	'$

6
8

*
#H
�}
�
I





7


@
@ Telegram