From 7a9a2b71ca0fd7c1520807222411598e405afb19 Mon Sep 17 00:00:00 2001
From: lare <lare@lare.cc>
Date: Tue, 6 Jun 2023 09:01:50 +0200
Subject: [PATCH 1/2] replace duplicate "ssh-rsa" in ssh auth methods

---
 data/mntner/FUNNYBUNNY-MNT | 2 +-
 data/mntner/SBCHILD-MNT    | 2 +-
 data/mntner/YUUTAW-MNT     | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/data/mntner/FUNNYBUNNY-MNT b/data/mntner/FUNNYBUNNY-MNT
index 25b919322..54fa40b63 100644
--- a/data/mntner/FUNNYBUNNY-MNT
+++ b/data/mntner/FUNNYBUNNY-MNT
@@ -4,4 +4,4 @@ tech-c:             FUNNYBUNNY-DN42
 mnt-by:             FUNNYBUNNY-MNT
 source:             DN42
 auth:               pgp-fingerprint 1B341129F9E067135DB97B25F3318BD72088FF7F
-auth:               ssh-rsa ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDM3cwGEzHS/IgdH1DvYHRew5FpAoxjU+qjra9GreHPJVYopv6ZXFh2m9FHoucoEcWns2xreUKpabmQrQ1yR4tT0+j1CEJfKpxz/sHY6A8I4sLLHUoN0mmzifZckBCVVgUit3xf+r8rvow0HVr892jwQN8QZ+Cl6uxv59x4zQS1hG/d85w+E5dPapGwyGsMUF8XZTzYUz5EZgdOEe0XDD796maZjJLwNVDRQBDffuOdbXAiFefZsNM+QMupNXxMIHtmB9QNprZ3JzRo+t+9UjusCmCPVlq4blZF8HxoZuW4XeHKd8zxkg/8tNQUsQ37mjoyrT4GGpV2TPmgaMoFgG0mS5nBo9AKhB2gYqPyRZ11Vo34DMJ4UgdPZ9pG5ja+gidfbXnR2r+E7csdGK7fwtMAQoUvYNzmtCEJNuU7gtNps9e4/rvQSRBeZrbYJZOgy2phqEEl59UaBhEmYtXlR5yGsy0qRVeI2KMA2WFM5CDyIiWkoKCQWYvFkG21lUDJmMTUiqAHvcfAMDZBtX8fIJt/yRwz5VS9oSaBZF4i5EhxiNM/o/dcZsfC67v6t8MBWEb/3UPAG4tiC4mHs8IcMkt/28Hka+Wu5kwk/DpYDF8pZNI3k02W/kPuAXejNRNfpQ1ZhTQGFlfe8/mL7eO3exFAxjP3YZBBkMdSUXYhJ4TLqw== 
+auth:               ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDM3cwGEzHS/IgdH1DvYHRew5FpAoxjU+qjra9GreHPJVYopv6ZXFh2m9FHoucoEcWns2xreUKpabmQrQ1yR4tT0+j1CEJfKpxz/sHY6A8I4sLLHUoN0mmzifZckBCVVgUit3xf+r8rvow0HVr892jwQN8QZ+Cl6uxv59x4zQS1hG/d85w+E5dPapGwyGsMUF8XZTzYUz5EZgdOEe0XDD796maZjJLwNVDRQBDffuOdbXAiFefZsNM+QMupNXxMIHtmB9QNprZ3JzRo+t+9UjusCmCPVlq4blZF8HxoZuW4XeHKd8zxkg/8tNQUsQ37mjoyrT4GGpV2TPmgaMoFgG0mS5nBo9AKhB2gYqPyRZ11Vo34DMJ4UgdPZ9pG5ja+gidfbXnR2r+E7csdGK7fwtMAQoUvYNzmtCEJNuU7gtNps9e4/rvQSRBeZrbYJZOgy2phqEEl59UaBhEmYtXlR5yGsy0qRVeI2KMA2WFM5CDyIiWkoKCQWYvFkG21lUDJmMTUiqAHvcfAMDZBtX8fIJt/yRwz5VS9oSaBZF4i5EhxiNM/o/dcZsfC67v6t8MBWEb/3UPAG4tiC4mHs8IcMkt/28Hka+Wu5kwk/DpYDF8pZNI3k02W/kPuAXejNRNfpQ1ZhTQGFlfe8/mL7eO3exFAxjP3YZBBkMdSUXYhJ4TLqw== 
diff --git a/data/mntner/SBCHILD-MNT b/data/mntner/SBCHILD-MNT
index ad8056670..92fe7be67 100644
--- a/data/mntner/SBCHILD-MNT
+++ b/data/mntner/SBCHILD-MNT
@@ -4,5 +4,5 @@ tech-c:             SBCHILD-DN42
 mnt-by:             SBCHILD-MNT
 source:             DN42
 auth:               pgp-fingerprint C00126C9AC1C19A1F1EED1B575C946814004D47B
-auth:               ssh-rsa ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDDXoWCCA4jjMUr0A7pPRH5lOFNYFWqLJBywuHwTOupKnXn+D2RCEAz4ahHrHPGeRgEOxmPX6a2Xc9j27gRTKdBWCqPnppXxCkEXauosYrjeKK3E4WSfMC2oQ58oNJSP1tRZLKeK3W+ulFz5Yqz5Gb6xdlmruDg2yNjVsT7wvt87WPpQSHvTum5Fj13YSw/7spV9nyJDhXkjuyR3d+asY196pLSArrH5GOpcrdH+BUE+x8t4O8dwt/3wEXZYCecpvEDdRp0LgRSvpN3pVnXqQRlrjDBk6+UA4UWR1Q5gvBSZdBzhq71gTd31lcJoSA9oibW97k+8ZVOdMesusR0/vVXq3ez1jEcT7f4FxqwS09EEczeUMDp4C9QZ3h9p8WszBzX/tmRn7Di7735skcPJTg7F2XAIC/NNfx3Fnq9eA3Bt97m/jSiniqOxX9mngcj7leaEKqW44yqtdphoPFKkAkBX1WmxJbYUhTMjxKA0yRHbBMPm+f4njfkKSf+1XfjApGPhdx/MGStVryT03dZy9aypDGJvYAe3c2wuZ/e96DdHPWyTDgAPrxS0+VXkmuJMRsI5mhuuY/o8YZmyCJwTFBVpJGumX/FFtMnSIUXvXiw2F2WCji+WueMVXRDdJWyrhOWRw/Xxq/L85Qnd8rBzENsYhl8WkBbt1jkgt2Ym7X1MQ==
+auth:               ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDDXoWCCA4jjMUr0A7pPRH5lOFNYFWqLJBywuHwTOupKnXn+D2RCEAz4ahHrHPGeRgEOxmPX6a2Xc9j27gRTKdBWCqPnppXxCkEXauosYrjeKK3E4WSfMC2oQ58oNJSP1tRZLKeK3W+ulFz5Yqz5Gb6xdlmruDg2yNjVsT7wvt87WPpQSHvTum5Fj13YSw/7spV9nyJDhXkjuyR3d+asY196pLSArrH5GOpcrdH+BUE+x8t4O8dwt/3wEXZYCecpvEDdRp0LgRSvpN3pVnXqQRlrjDBk6+UA4UWR1Q5gvBSZdBzhq71gTd31lcJoSA9oibW97k+8ZVOdMesusR0/vVXq3ez1jEcT7f4FxqwS09EEczeUMDp4C9QZ3h9p8WszBzX/tmRn7Di7735skcPJTg7F2XAIC/NNfx3Fnq9eA3Bt97m/jSiniqOxX9mngcj7leaEKqW44yqtdphoPFKkAkBX1WmxJbYUhTMjxKA0yRHbBMPm+f4njfkKSf+1XfjApGPhdx/MGStVryT03dZy9aypDGJvYAe3c2wuZ/e96DdHPWyTDgAPrxS0+VXkmuJMRsI5mhuuY/o8YZmyCJwTFBVpJGumX/FFtMnSIUXvXiw2F2WCji+WueMVXRDdJWyrhOWRw/Xxq/L85Qnd8rBzENsYhl8WkBbt1jkgt2Ym7X1MQ==
 remarks:            sbchild-dn42 test network
diff --git a/data/mntner/YUUTAW-MNT b/data/mntner/YUUTAW-MNT
index 9425e075b..af45808d5 100644
--- a/data/mntner/YUUTAW-MNT
+++ b/data/mntner/YUUTAW-MNT
@@ -5,5 +5,5 @@ mnt-by:             YUUTAW-MNT
 source:             DN42
 auth:               pgp-fingerprint 4E484CFCA6566A5D8CA32906CE99BB92E87D12A1
 auth:               pgp-fingerprint F99854A5DAA0D15DF2FEF89CBCD2B4B9E853C284
-auth:               ssh-rsa ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPExvE8PILYvMm0pPX+w7D9P47jpX183hLo7plc/eRVhZiu21egvjZ69DDAgABY97Ki2hgiZ2nBaURCVjbo0mBCBboSIo4F6jdBbG7VK4c3QwA+i/rhgoAJsE6jFAEWvM/1FOoYc7FL0tfHjKRa5/Z0XOiCRCPOLGrq8PnxADsSrXqJrLL9dpC6xbV3pzdaeOlKgn23J74C3kbQ/2iZjSPJ6bt8C0IV7DAGKRwzovLy3dpzCR3U8Wo++FPvNBTYtK53ZLVjaOkFotn4JGs0yNwaUEm88t8qyUdBaZmkfJkdymY9Xs1aaZ81W+BX0XfEyTrWQoHY5fefJYCFcgeUcJnqc12JDMukmLkDcWrpjsp/kiwpkbyTz5z4Nwr0gOqnOMIbRxegKwGOjJgyHkpygdAmiXsMPLlNPzyOHN1yugWrrryLAsDwWxxOek1mPvmDItqtpA3EKzMYd4d/wJgXXjZ/sK20U8lMjepg2CNNWEdR8twAj6/F3Pj6MW7OOV/8MuCCRKKKar/1pJ3zbjWYBgohOmE6og7Mxn0Lxs+/8ZYW9ONTRxgeUwSLNSarwKpWvTdOTFTzs8d+1k2Dk3PsQofpbQbz3B8jxAt095CBKbKJyEAf9j2diuJnAry4s8VHCV4oMQtBjvc0cEd5JuUYOaTLPu4gZ5+OoeCkQ5hERoM2Q==
+auth:               ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPExvE8PILYvMm0pPX+w7D9P47jpX183hLo7plc/eRVhZiu21egvjZ69DDAgABY97Ki2hgiZ2nBaURCVjbo0mBCBboSIo4F6jdBbG7VK4c3QwA+i/rhgoAJsE6jFAEWvM/1FOoYc7FL0tfHjKRa5/Z0XOiCRCPOLGrq8PnxADsSrXqJrLL9dpC6xbV3pzdaeOlKgn23J74C3kbQ/2iZjSPJ6bt8C0IV7DAGKRwzovLy3dpzCR3U8Wo++FPvNBTYtK53ZLVjaOkFotn4JGs0yNwaUEm88t8qyUdBaZmkfJkdymY9Xs1aaZ81W+BX0XfEyTrWQoHY5fefJYCFcgeUcJnqc12JDMukmLkDcWrpjsp/kiwpkbyTz5z4Nwr0gOqnOMIbRxegKwGOjJgyHkpygdAmiXsMPLlNPzyOHN1yugWrrryLAsDwWxxOek1mPvmDItqtpA3EKzMYd4d/wJgXXjZ/sK20U8lMjepg2CNNWEdR8twAj6/F3Pj6MW7OOV/8MuCCRKKKar/1pJ3zbjWYBgohOmE6og7Mxn0Lxs+/8ZYW9ONTRxgeUwSLNSarwKpWvTdOTFTzs8d+1k2Dk3PsQofpbQbz3B8jxAt095CBKbKJyEAf9j2diuJnAry4s8VHCV4oMQtBjvc0cEd5JuUYOaTLPu4gZ5+OoeCkQ5hERoM2Q==
 remarks:            pin-sha256:JRa1o3uaPo3xxVpC5vWlFeM9p0pBOhF0lvXYqdBXNCg=

From a2721adfb6a386fa45a0712e0622c56002eab36c Mon Sep 17 00:00:00 2001
From: lare <lare@lare.cc>
Date: Tue, 6 Jun 2023 22:28:13 +0200
Subject: [PATCH 2/2] [validate-dns] dont skip further checks on warning only

---
 validate-my-dns.py | 25 +++++++++++++++----------
 1 file changed, 15 insertions(+), 10 deletions(-)

diff --git a/validate-my-dns.py b/validate-my-dns.py
index 814f97cb5..23fba5b31 100755
--- a/validate-my-dns.py
+++ b/validate-my-dns.py
@@ -36,7 +36,7 @@ import dns.exception
 REGISTRY_PATH = "."
 # amounts of seconds to wait for a reply
 TIMEOUT = 3
-# amount of threads to use when scanning dns servers
+# amount of threads to use when scanning dns servers: 0: disable ThreadPool (run everything in main thread), 1: enable ThreadPool with one thread, >1: Threadpool with n Threads
 THREADS = 16
 
 # --- end configuration
@@ -584,7 +584,7 @@ def main(mntner):
     # global _tmp_continue, _tmp_found
     # _tmp_found = False
     # _tmp_continue = "10.in-addr.arpa"
-    def threaded_check_dns(domain_name):
+    def check_dns(domain_name):
         global errors, summary
         # global _tmp_found, _tmp_continue
         # if domain_name == _tmp_continue:
@@ -641,10 +641,10 @@ def main(mntner):
                         f"WARN: master nserver '{master_ns}' returned by {ip}({nserver}) not in the list of the specified nservers of {domain_name}")
                     summary[domain_name][SUMMARY.WRONG_SOA] += 1
                     errors += 1
-                    continue
 
                 _ns = get_ns(domain_name, ip)
                 if _ns == False:
+                    # it is ok to just "continue", because that funcion already prints warnings/errors
                     continue
                 # print(f"DEBUG: response {_ns}")
                 if not f"{nserver}." in _ns:
@@ -652,7 +652,6 @@ def main(mntner):
                         f"WARN: returned nservers returned by {ip}({nserver}) for {domain_name} does not include it self")
                     summary[domain_name][SUMMARY.WRONG_NS] += 1
                     errors += 1
-                    continue
 
                 for _nserver in domains[domain_name]["nserver"]:
                     for _server in _ns:
@@ -709,12 +708,18 @@ def main(mntner):
                     summary[domain_name][SUMMARY.DNSSEC_FAIL] += 1
                     errors += 1
             # break
-
-    # create ThreadPool and run threaded_check_dns against all domains
-    pool = ThreadPool(processes=THREADS)
-    results = pool.map(threaded_check_dns, domains)
-    pool.close()
-    pool.join()
+    if THREADS < 0 or type(THREADS) != int:
+        # check if THREADS is set properly
+        raise ValueError("THREADS must be a positive integer or 0")
+    elif THREADS == 0:
+        for domain in domains:
+            check_dns(domain)
+    else:
+        # create ThreadPool and run check_dns faster against all domains
+        pool = ThreadPool(processes=THREADS)
+        results = pool.map(check_dns, domains)
+        pool.close()
+        pool.join()
 
     # --- show a summary as a table ---