func calculateScanDurations(numberOfDomains int, scanDAO dao.ScanDAO) (
totalDuration time.Duration, domainsPerSecond int64,
) {
beginTimer := time.Now()
scan.ScanDomains()
totalDuration = time.Since(beginTimer)
totalDurationSeconds := int64(totalDuration / time.Second)
if totalDurationSeconds > 0 {
domainsPerSecond = int64(numberOfDomains) / totalDurationSeconds
} else {
domainsPerSecond = int64(numberOfDomains)
}
// As we are running a lot of scans at the same time, and the scan information unique
// key is the start time of the scan, we must clear the database to avoid log messages
// of scan insert errors
scanDAO.RemoveAll()
return
}
func brDomainWithoutDNSSEC(domainDAO dao.DomainDAO) {
domain := model.Domain{
FQDN: "br.",
Nameservers: []model.Nameserver{
{
Host: "a.dns.br.",
IPv4: net.ParseIP("200.160.0.10"),
IPv6: net.ParseIP("2001:12ff::10"),
},
{
Host: "b.dns.br.",
IPv4: net.ParseIP("200.189.41.10"),
},
{
Host: "c.dns.br.",
IPv4: net.ParseIP("200.192.233.10"),
},
{
Host: "d.dns.br.",
IPv4: net.ParseIP("200.219.154.10"),
IPv6: net.ParseIP("2001:12f8:4::10"),
},
{
Host: "f.dns.br.",
IPv4: net.ParseIP("200.219.159.10"),
},
},
// We are going to add the current DNSKEYs from .br but we are not going to check it.
// This is because there's a strange case that when it found a problem on a DS (such
// as bit SEP) it does not check other nameservers
DSSet: []model.DS{
{
Keytag: 41674,
Algorithm: model.DSAlgorithmRSASHA1,
DigestType: model.DSDigestTypeSHA256,
Digest: "6ec74914376b4f383ede3840088ae1d7bf13a19bfc51465cc2da57618889416a",
},
{
Keytag: 57207,
Algorithm: model.DSAlgorithmRSASHA1,
DigestType: model.DSDigestTypeSHA256,
Digest: "d46f059860d31a0965f925ac6ff97ed0975f33a14e2d01ec5ab5dd543624d307",
},
},
}
var err error
if err = domainDAO.Save(&domain); err != nil {
utils.Fatalln("Error saving the domain", err)
}
scan.ScanDomains()
domain, err = domainDAO.FindByFQDN(domain.FQDN)
if err != nil {
utils.Fatalln("Didn't find scanned domain", err)
}
for _, nameserver := range domain.Nameservers {
if nameserver.LastStatus != model.NameserverStatusOK {
utils.Fatalln(fmt.Sprintf("Fail to validate a supposedly well configured nameserver '%s'. Found status: %s",
nameserver.Host, model.NameserverStatusToString(nameserver.LastStatus)), nil)
}
}
if err := domainDAO.RemoveByFQDN(domain.FQDN); err != nil {
utils.Fatalln(fmt.Sprintf("Error removing domain %s", domain.FQDN), err)
}
}
func domainWithNoErrors(domainDAO dao.DomainDAO) {
domain, dnskey, rrsig, lastCheckAt, lastOKAt := generateSignAndSaveDomain("br.", domainDAO)
dns.HandleFunc("br.", func(w dns.ResponseWriter, dnsRequestMessage *dns.Msg) {
defer w.Close()
if dnsRequestMessage.Question[0].Qtype == dns.TypeSOA {
dnsResponseMessage := &dns.Msg{
MsgHdr: dns.MsgHdr{
Authoritative: true,
},
Question: dnsRequestMessage.Question,
Answer: []dns.RR{
&dns.SOA{
Hdr: dns.RR_Header{
Name: "br.",
Rrtype: dns.TypeSOA,
Class: dns.ClassINET,
Ttl: 86400,
},
Ns: "ns1.br.",
Mbox: "rafael.justo.net.br.",
Serial: 2013112600,
Refresh: 86400,
Retry: 86400,
Expire: 86400,
Minttl: 900,
},
},
}
dnsResponseMessage.SetReply(dnsRequestMessage)
w.WriteMsg(dnsResponseMessage)
} else if dnsRequestMessage.Question[0].Qtype == dns.TypeDNSKEY {
dnsResponseMessage := &dns.Msg{
MsgHdr: dns.MsgHdr{
Authoritative: true,
},
Question: dnsRequestMessage.Question,
Answer: []dns.RR{
dnskey,
rrsig,
},
}
dnsResponseMessage.SetReply(dnsRequestMessage)
w.WriteMsg(dnsResponseMessage)
}
})
scan.ScanDomains()
domain, err := domainDAO.FindByFQDN(domain.FQDN)
if err != nil {
utils.Fatalln("Didn't find scanned domain", err)
}
for _, nameserver := range domain.Nameservers {
if nameserver.LastStatus != model.NameserverStatusOK {
utils.Fatalln(fmt.Sprintf("Fail to validate a supposedly well configured nameserver '%s'. Found status: %s",
nameserver.Host, model.NameserverStatusToString(nameserver.LastStatus)), nil)
}
if nameserver.LastCheckAt.Before(lastCheckAt) ||
nameserver.LastCheckAt.Equal(lastCheckAt) {
utils.Fatalln(fmt.Sprintf("Last check date was not updated in nameserver '%s'",
nameserver.Host), nil)
}
if nameserver.LastOKAt.Before(lastOKAt) || nameserver.LastOKAt.Equal(lastOKAt) {
utils.Fatalln(fmt.Sprintf("Last OK date was not updated in nameserver '%s'",
nameserver.Host), nil)
}
}
for _, ds := range domain.DSSet {
if ds.LastStatus != model.DSStatusOK {
utils.Fatalln(fmt.Sprintf("Fail to validate a supposedly well configured DS %d. "+
"Found status: %s", ds.Keytag, model.DSStatusToString(ds.LastStatus)), nil)
}
if ds.LastCheckAt.Before(lastCheckAt) || ds.LastCheckAt.Equal(lastCheckAt) {
utils.Fatalln(fmt.Sprintf("Last check date was not updated in DS %d",
ds.Keytag), nil)
}
if ds.LastOKAt.Before(lastOKAt) || ds.LastOKAt.Equal(lastOKAt) {
utils.Fatalln(fmt.Sprintf("Last OK date was not updated in DS %d",
ds.Keytag), nil)
}
}
if err := domainDAO.RemoveByFQDN(domain.FQDN); err != nil {
utils.Fatalln(fmt.Sprintf("Error removing domain %s", domain.FQDN), err)
}
}