From c8b9c84f80780119c2a035b3dfae81bb707c363b1925740747d73a906d1e2efa Mon Sep 17 00:00:00 2001
From: Dirk Mueller <dmueller@suse.com>
Date: Mon, 28 Oct 2024 10:18:30 +0000
Subject: [PATCH] - Update to version 2.6.0   * Add support for DNS over QUIC
 (DoQ) protocol.   * Lower dependency version requirement to improve
 compatibility.   * Other various bug fixes.

OBS-URL: https://build.opensuse.org/package/show/network/dnsdiag?expand=0&rev=16
---
 .gitattributes       |  23 +++++++++
 .gitignore           |   1 +
 dnsdiag-2.5.0.tar.gz |   3 ++
 dnsdiag-2.6.0.tar.gz |   3 ++
 dnsdiag.changes      | 109 +++++++++++++++++++++++++++++++++++++++++++
 dnsdiag.spec         |  96 +++++++++++++++++++++++++++++++++++++
 dnseval.1            |  41 ++++++++++++++++
 dnsping.1            |  52 +++++++++++++++++++++
 dnstraceroute.1      |  43 +++++++++++++++++
 9 files changed, 371 insertions(+)
 create mode 100644 .gitattributes
 create mode 100644 .gitignore
 create mode 100644 dnsdiag-2.5.0.tar.gz
 create mode 100644 dnsdiag-2.6.0.tar.gz
 create mode 100644 dnsdiag.changes
 create mode 100644 dnsdiag.spec
 create mode 100644 dnseval.1
 create mode 100644 dnsping.1
 create mode 100644 dnstraceroute.1

diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..9b03811
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..57affb6
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.osc
diff --git a/dnsdiag-2.5.0.tar.gz b/dnsdiag-2.5.0.tar.gz
new file mode 100644
index 0000000..a58922c
--- /dev/null
+++ b/dnsdiag-2.5.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7c5faa9d7c43ff8483c316f0b5adfd68950ae121c2861c92ec13c763fbdd29a5
+size 18871
diff --git a/dnsdiag-2.6.0.tar.gz b/dnsdiag-2.6.0.tar.gz
new file mode 100644
index 0000000..710f8ab
--- /dev/null
+++ b/dnsdiag-2.6.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2f96fff1dd47816ac937abaa129dfdf561c739f01be0246083b84057371d76e1
+size 19424
diff --git a/dnsdiag.changes b/dnsdiag.changes
new file mode 100644
index 0000000..eb56797
--- /dev/null
+++ b/dnsdiag.changes
@@ -0,0 +1,109 @@
+-------------------------------------------------------------------
+Sat Oct 26 19:31:45 UTC 2024 - Martin Hauke <mardnh@gmx.de>
+
+- Update to version 2.6.0
+  * Add support for DNS over QUIC (DoQ) protocol.
+  * Lower dependency version requirement to improve compatibility.
+  * Other various bug fixes.
+
+-------------------------------------------------------------------
+Thu Jun 20 12:16:30 UTC 2024 - Martin Hauke <mardnh@gmx.de>
+
+- Update to version 2.5.0
+  * Add RFC5001 NSID support (-n or --nsid).
+  * Display RFC8914 Extended DNS Errors when available (-E or --ede)
+  * Add ability to override default RR class (-C or --class).
+  * Display response TTL if applicable (-L or --ttl).
+  * Display first answer in RRSET, when available (-a or --answer).
+  * Add -x to display extra/expert information, implying Flags, EDE
+    and TTL.
+  * Display EDNS flags alongside other response flags, when available
+  * Always display RCODE with responses.
+  * Add more resolvers to the default list.
+  * Lots of bug fixes and UX improvements.
+  * Change default behavior of --edns to disabled by default.
+  * Always display flags in brackets.
+
+-------------------------------------------------------------------
+Sat Feb  4 15:41:21 UTC 2023 - Martin Hauke <mardnh@gmx.de>
+
+- Update to version 2.1.0
+  * Add -m flag to enforce cache-miss
+  * Add -r flag to clear RD flag (disable recursion)
+  * Remove support for python 3.4 - 3.6
+  * Other minor quality of life improvements
+
+-------------------------------------------------------------------
+Thu May 13 13:47:08 UTC 2021 - Martin Hauke <mardnh@gmx.de>
+
+- Update to version 2.0.2
+  * Bugfix release
+- Update to version 2.0.1
+  * Add support for DNSSEC
+  * Add -F to display flags for each response (dnsping)
+  * Display full response in verbose mode (dnsping)
+  * Add DoT (DNS over TLS) support (dnsping, dnseval)
+  * Add DoH (DNS over HTTPS) support (dnsping, dnseval)
+  * Add TCP support
+  * Improved JSON output support for dnseval
+  * Refactor and PEP8 cleanup
+  * Do not use system resolver when not needed
+  * Add support for user defined source IP address
+  * Add user-specified destination port (-p/--port)
+  * Improve error handling
+  * Display last response code for each entry
+  * Rework custom socket and custom TTL support
+  * Rework time calculation logic to eliminate an extra DNS
+    request that was just sent for timing (dnstraceroute)
+  * Update docs (output samples, use cases, etc)
+  * Use proper terminology (in code) to reduce confusion
+
+-------------------------------------------------------------------
+Sun Apr  4 20:13:35 UTC 2021 - Martin Hauke <mardnh@gmx.de>
+
+- Update to version 2.0.0
+  * Add support for DNSSEC
+  * Add -F to display flags for each response (dnsping)
+  * Display full response in verbose mode (dnsping)
+  * Add DoT (DNS over TLS) support (dnsping, dnseval)
+  * Add DoH (DNS over HTTPS) support (dnsping, dnseval)
+  * Add TCP support
+  * Refactor and PEP8 cleanup
+  * Do not use system resolver when not needed
+  * Add support for user defined source IP address
+  * Add user-specified destination port (-p/--port)
+  * Improve error handling
+  * Display last response code for each entry
+  * Rework custom socket and custom TTL support
+  * Rework time calculation logic to eliminate an extra DNS
+    request that was just sent for timing (dnstraceroute)
+  * Update docs (output samples, use cases, etc)
+  * Use proper terminology (in code) to reduce confusion
+
+-------------------------------------------------------------------
+Sun Jan 19 16:06:15 UTC 2020 - Martin Hauke <mardnh@gmx.de>
+
+- Update to version 1.7.0
+  * Add JSON export
+  * Ignore unrelated ICMP messages
+  * Fix statistics calculation
+  * -c 0 for infinite ping
+  * Flush output messages
+  * Update sample public resolver data
+
+-------------------------------------------------------------------
+Sun Jun  9 15:32:34 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
+
+- Generalize description. Fix a few missing words.
+
+-------------------------------------------------------------------
+Sun Jun  2 19:04:28 UTC 2019 - Sebastian Wagner <sebix+novell.com@sebix.at>
+
+- rename to dnsdiag instead of python-dnsdiag
+- Update to version 1.6.4:
+ * no upstream changelog available
+
+-------------------------------------------------------------------
+Fri Nov  3 07:59:09 UTC 2017 - mardnh@gmx.de
+
+- Initial package, version 1.6.3
diff --git a/dnsdiag.spec b/dnsdiag.spec
new file mode 100644
index 0000000..0a91ab5
--- /dev/null
+++ b/dnsdiag.spec
@@ -0,0 +1,96 @@
+#
+# spec file for package dnsdiag
+#
+# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2017-2024, Martin Hauke <mardnh@gmx.de>
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+%bcond_without test
+Name:           dnsdiag
+Version:        2.6.0
+Release:        0
+Summary:        DNS request auditing toolset
+License:        BSD-3-Clause
+Group:          Development/Languages/Python
+#Git-Clone:     https://github.com/farrokhi/dnsdiag.git
+URL:            https://dnsdiag.org/
+Source:         https://files.pythonhosted.org/packages/source/d/dnsdiag/dnsdiag-%{version}.tar.gz
+Source1:        dnseval.1
+Source2:        dnsping.1
+Source3:        dnstraceroute.1
+BuildRequires:  fdupes
+BuildRequires:  python-rpm-macros
+BuildRequires:  python3-setuptools
+Requires:       python3-cryptography >= 42.0.5
+Requires:       python3-cymruwhois >= 1.6
+Requires:       python3-dnspython >= 2.6.1
+Requires:       python3-h2 >= 4.1.0
+Requires:       python3-httpx >= 0.27.0
+BuildArch:      noarch
+%if %{with test}
+BuildRequires:  python3-cymruwhois >= 1.6
+BuildRequires:  python3-dnspython >= 2.6.1
+%endif
+
+%description
+A set of tools to perform basic audits on DNS requests and responses
+to make sure DNS is working as expected. Dnsping can be used to
+measure the response time of a given DNS server for arbitrary
+requests. Just like a traditional ping utility, it provides similar
+functionality for DNS requests.
+
+Dnstraceroute can be used to trace the path a DNS request takes to
+its destination. Its purpose is to detect whether a request is
+redirected or hijacked. This can be done by comparing different DNS
+queries being sent to the same DNS server using dnstraceroute and
+observe if there is any difference between the path.
+
+dnseval evaluates multiple DNS resolvers and helps choosing the best
+DNS server for the network. It is recommended to use one's own DNS
+resolver as opposed to a third-party DNS server. dnseval can compare
+different DNS servers from a performance (latency) and reliability
+(loss) point of view for when DNS forwarders need to be used instead
+of a resolver.
+
+%prep
+%setup -q -n dnsdiag-%{version}
+sed -e '/^#!\//, 1d' -i util/*.py
+
+%build
+%python3_build
+
+%install
+%python3_install
+%fdupes %{buildroot}%{python3_sitelib}
+mv %{buildroot}%{_bindir}/dnseval.py %{buildroot}%{_bindir}/dnseval
+mv %{buildroot}%{_bindir}/dnstraceroute.py %{buildroot}%{_bindir}/dnstraceroute
+mv %{buildroot}%{_bindir}/dnsping.py %{buildroot}%{_bindir}/dnsping
+install -d -m0755 %{buildroot}%{_mandir}/man1/
+install -m0644 %{SOURCE1} %{buildroot}%{_mandir}/man1/
+install -m0644 %{SOURCE2} %{buildroot}%{_mandir}/man1/
+install -m0644 %{SOURCE3} %{buildroot}%{_mandir}/man1/
+
+%files
+%doc README.md
+%license LICENSE
+%{_bindir}/dnseval
+%{_bindir}/dnstraceroute
+%{_bindir}/dnsping
+%{_mandir}/man1/dnseval.1%{?ext_man}
+%{_mandir}/man1/dnstraceroute.1%{?ext_man}
+%{_mandir}/man1/dnsping.1%{?ext_man}
+%{python3_sitelib}/*
+
+%changelog
diff --git a/dnseval.1 b/dnseval.1
new file mode 100644
index 0000000..bcebadc
--- /dev/null
+++ b/dnseval.1
@@ -0,0 +1,41 @@
+.\" (C) Copyright 2016 Ana Custura <ana@netstat.org.uk>
+.TH DNSEVAL "1" "December 3 2016" "User Commands"
+.SH NAME
+dnseval: \-  bulk ping utility that sends an arbitrary DNS query to a list of DNS servers
+.SH DESCRIPTION
+dnseval is a bulk ping utility that sends an arbitrary DNS query to a given list of DNS servers. This script is meant for comparing response time of multiple DNS servers at once
+.SH USAGE
+usage: dnseval [\-h] [\-f server\-list] [\-c count] [\-t type] [\-w wait] hostname
+.SH OPTIONS
+.TP
+\fB\-h\fR  \fB\-\-help\fR
+show this help
+.TP
+\fB\-f\fR  \fB\-\-file\fR
+dns server list to use (default: system resolvers)
+.TP
+\fB\-c\fR  \fB\-\-count\fR
+number of requests to send (default: 10)
+.TP
+\fB\-w\fR  \fB\-\-wait\fR
+maximum wait time for a reply (default: 5)
+.TP
+\fB\-t\fR  \fB\-\-type\fR
+DNS request record type (default: A)
+.TP
+\fB\-h\fR  \fB\-\-help\fR
+show this help
+.TP
+\fB\-f\fR  \fB\-\-file\fR
+dns server list to use (default: system resolvers)
+.TP
+\fB\-c\fR  \fB\-\-count\fR
+number of requests to send (default: 10)
+.TP
+\fB\-w\fR  \fB\-\-wait\fR
+maximum wait time for a reply (default: 5)
+.TP
+\fB\-t\fR  \fB\-\-type\fR
+DNS request record type (default: A)
+.SH "SEE ALSO"
+The full documentation for dnseval can be found at https://dnsdiag.org/
diff --git a/dnsping.1 b/dnsping.1
new file mode 100644
index 0000000..693ee25
--- /dev/null
+++ b/dnsping.1
@@ -0,0 +1,52 @@
+.\" (C) Copyright 2016 Ana Custura <ana@netstat.org.uk>
+.TH DNSPING "1" "December 3 2016" "User Commands"
+.SH NAME
+dnsping \- DNS ping utility
+.SH DESCRIPTION
+dnsping pings a DNS resolver by sending an arbitrary DNS query for given number of times.
+It calculates minimum, maximum and average response time as well as jitter (stddev).
+.SH USAGE
+usage: dnsping [\-h] [\-q] [\-v] [\-s server] [\-p port] [\-P port] [\-S address] [\-c count] [\-t type] [\-w wait] hostname
+.SH OPTIONS
+.TP
+\fB\-h\fR  \fB\-\-help\fR
+Show this help
+.TP
+\fB\-q\fR  \fB\-\-quiet\fR
+Quiet
+.TP
+\fB\-v\fR  \fB\-\-verbose\fR
+Print actual dns response
+.TP
+\fB\-s\fR  \fB\-\-server\fR
+DNS server to use (default: first entry from \fI\,/etc/resolv.conf\/\fP)
+.TP
+\fB\-p\fR  \fB\-\-port\fR
+DNS server port number (default: 53)
+.TP
+\fB\-T\fR  \fB\-\-tcp\fR
+Use TCP instead of UDP
+.TP
+\fB\-4\fR  \fB\-\-ipv4\fR
+Use IPv4 as default network protocol
+.TP
+\fB\-6\fR  \fB\-\-ipv6\fR
+Use IPv6 as default network protocol
+.TP
+\fB\-P\fR  \fB\-\-srcport\fR
+Query source port number (default: 0)
+.TP
+\fB\-S\fR  \fB\-\-srcip\fR
+Query source IP address (default: default interface address)
+.TP
+\fB\-c\fR  \fB\-\-count\fR
+Number of requests to send (default: 10)
+.TP
+\fB\-w\fR  \fB\-\-wait\fR
+Maximum wait time for a reply (default: 5)
+.TP
+\fB\-t\fR  \fB\-\-type\fR
+DNS request record type (default: A)
+.PP
+.SH "SEE ALSO"
+For more documentation on dnsping see https://dnsdiag.org/.
diff --git a/dnstraceroute.1 b/dnstraceroute.1
new file mode 100644
index 0000000..d574872
--- /dev/null
+++ b/dnstraceroute.1
@@ -0,0 +1,43 @@
+.\" (C) Copyright 2016 Ana Custura <ana@netstat.org.uk>
+.TH DNSTRACEROUTE "1" "December 2016" "User Commands"
+.SH NAME
+dnstraceroute \- DNS traceroute utility
+.SH DESCRIPTION
+dnstraceroute is a traceroute utility to figure out the path that a DNS request is passing through to get to its destination. 
+Comparing it to a network traceroute can help identify if DNS traffic is routed via any unwanted path.
+.PP
+.SH USAGE
+usage: dnstraceroute [\-h] [\-q] [\-a] [\-s server] [\-p port] [\-c count] [\-t type] [\-w wait] hostname
+.SH OPTIONS
+.TP
+\fB\-h\fR  \fB\-\-help\fR
+Show this help
+.TP
+\fB\-q\fR  \fB\-\-quiet\fR
+Quiet
+.TP
+\fB\-e\fR  \fB\-\-expert\fR
+Print expert hints if available
+.TP
+\fB\-a\fR  \fB\-\-asn\fR
+Turn on AS# lookups for each hop encountered
+.TP
+\fB\-s\fR  \fB\-\-server\fR
+DNS server to use (default: first system resolver)
+.TP
+\fB\-p\fR  \fB\-\-port\fR
+DNS server port number (default: 53)
+.TP
+\fB\-c\fR  \fB\-\-count\fR
+Maximum number of hops (default: 30)
+.TP
+\fB\-w\fR  \fB\-\-wait\fR
+Maximum wait time for a reply (default: 5)
+.TP
+\fB\-t\fR  \fB\-\-type\fR
+DNS request record type (default: A)
+.TP
+\fB\-C\fR  \fB\-\-color\fR
+Print colorful output
+.SH SEE ALSO
+Full Documentation available at https://dnsdiag.org/