61 lines
1.4 KiB
Bash
61 lines
1.4 KiB
Bash
#!/bin/bash
|
|
|
|
grep -o 'sdns://[^ ]*' extra-resolvers.md > input_sdns.txt
|
|
|
|
INPUT_FILE="input_sdns.txt"
|
|
OUTPUT_FILE="valid_sdns.txt"
|
|
|
|
> "$OUTPUT_FILE"
|
|
|
|
CONFIG_FILE="dnscrypt-proxy.toml"
|
|
LOG_FILE="dnscrypt-proxy.log"
|
|
|
|
echo "🔹 Starting DNSSEC server verification..."
|
|
|
|
wait_for_dnscrypt() {
|
|
for i in {1..10}; do
|
|
if dnscrypt-proxy -resolve example.com &> /dev/null; then
|
|
return 0
|
|
fi
|
|
sleep 1
|
|
done
|
|
return 1
|
|
}
|
|
|
|
while read -r stamp; do
|
|
echo "Verifying $stamp ..."
|
|
|
|
cat <<EOF > "$CONFIG_FILE"
|
|
listen_addresses = ['127.0.0.1:5353']
|
|
server_names = ['test-server']
|
|
[static]
|
|
[static.'test-server']
|
|
stamp = '$stamp'
|
|
EOF
|
|
|
|
dnscrypt-proxy -config "$CONFIG_FILE" &> "$LOG_FILE" &
|
|
DNSCRYPT_PID=$!
|
|
if ! wait_for_dnscrypt; then
|
|
echo "❌ dnscrypt-proxy execution failed for $stamp"
|
|
echo ""
|
|
kill $DNSCRYPT_PID 2>/dev/null
|
|
continue
|
|
fi
|
|
|
|
if dnscrypt-proxy -resolve sigok.ippacket.stream | grep -E "DNSSEC\s*:\s*yes"; then
|
|
echo "$stamp" >> "$OUTPUT_FILE"
|
|
echo "✅ DNSSEC supported"
|
|
echo ""
|
|
else
|
|
echo "❌ No DNSSEC"
|
|
echo ""
|
|
fi
|
|
|
|
kill $DNSCRYPT_PID 2>/dev/null
|
|
wait $DNSCRYPT_PID 2>/dev/null
|
|
done < "$INPUT_FILE"
|
|
|
|
echo "🔹 Process completed. The SDNS with DNSSEC are in '$OUTPUT_FILE'."
|
|
echo "🔹 Cleaning temporary files..."
|
|
rm -f "$LOG_FILE" "$CONFIG_FILE"
|