acidvegas/czds
acidvegas/czds
1
Fork 0
Code Issues Pull Requests Releases 2 Activity

Compare commits

base: acidvegas:main
Branches Tags
acidvegas:main
acidvegas:v1.1.0
acidvegas:v1.0.1
acidvegas:v1.0.0
..
compare: acidvegas:v1.0.0
Branches Tags
acidvegas:main
acidvegas:v1.1.0
acidvegas:v1.0.1
acidvegas:v1.0.0

No commits in common. "main" and "v1.0.0" have entirely different histories.
main ... v1.0.0

14 changed files with 126 additions and 361 deletions
Show Stats Expand all files Collapse all files

7
.gitignore vendored
View File

@ -1,7 +0,0 @@
.env
__pycache__
logs/*
*.log
.log.
*.egg-info
dist/

52
README.md
View File

@ -2,13 +2,6 @@
The [ICANN Centralized Zone Data Service](https://czds.icann.org) *(CZDS)* allows *approved* users to request and download DNS zone files in bulk, provided they represent a legitimate company or academic institution and their intended use is legal and ethical. Once ICANN approves the request, this tool streamlines the retrieval of extensive domain name system data, facilitating research and security analysis in the realm of internet infrastructure.
## Features
* Asynchronous downloads with configurable concurrency
* Support for both CSV and JSON report formats
* Optional gzip decompression of zone files
* Environment variable support for credentials
* Comprehensive error handling and logging
## Zone Information
Zone files are updated once every 24 hours, specifically from 00:00 UTC to 06:00 UTC. Access to these zones is granted in increments, and the total time for approval across all zones may extend to a month or longer. It is typical for more than 90% of requested zones to receive approval. Access to certain zone files may require additional application forms with the TLD organization. Please be aware that access to certain zones is time-bound, expiring at the beginning of the following year, or up to a decade after the initial approval has been confirmed.
@ -22,53 +15,36 @@ pip install czds-api
```
## Usage
### Command Line Interface
###### Command line
```bash
czds [-h] [-u USERNAME] [-p PASSWORD] [-z] [-c CONCURRENCY] [-d] [-k] [-r] [-s] [-f {csv,json}] [-o OUTPUT]
czds [--username <username> --password <password>] [--concurrency <int>]
```
#### Arguments
| Argument | Description | Default |
|-----------------------|----------------------------------------------|-------------------|
| `-h`, `--help` | Show help message and exit | |
| `-u`, `--username` | ICANN Username | `$CZDS_USER` |
| `-p`, `--password` | ICANN Password | `$CZDS_PASS` |
| `-z`, `--zones` | Download zone files | |
| `-c`, `--concurrency` | Number of concurrent downloads | `3` |
| `-d`, `--decompress` | Decompress zone files after download | |
| `-k`, `--keep` | Keep original gzip files after decompression | |
| `-r`, `--report` | Download the zone stats report | |
| `-s`, `--scrub` | Scrub username from the report | |
| `-f`, `--format` | Report output format (csv/json) | `csv` |
| `-o`, `--output` | Output directory | Current directory |
You can also set the `CZDS_USER` & `CZDS_PASS` environment variables to automatically authenticate:
### Environment Variables
```bash
export CZDS_USER='your_username'
export CZDS_PASS='your_password'
```
### Python Module
###### As a Python module
```python
import os
from czds import CZDS
async with CZDS(username, password) as client:
# Download zone stats report
await client.get_report('report.csv', scrub=True, format='json')
CZDS_client = CZDS(username, password)
# Download zone files
zone_links = await client.fetch_zone_links()
await client.download_zones(zone_links, 'zones', concurrency=3, decompress=True)
CZDS_client.download_report('report.csv')
zone_links = CZDS_client.fetch_zone_links()
os.makedirs('zones', exist_ok=True)
for zone_link in zone_links:
CZDS_client.download_zone(zone_link, 'zones')
```
## Zone Information
Zone files are updated once every 24 hours, specifically from 00:00 UTC to 06:00 UTC. Access to these zones is granted in increments, and the total time for approval across all zones may extend to a month or longer. It is typical for more than 90% of requested zones to receive approval. Access to certain zone files may require additional application forms with the TLD organization. Please be aware that access to certain zones is time-bound, expiring at the beginning of the following year, or up to a decade after the initial approval has been confirmed.
At the time of writing this repository, the CZDS offers access to 1,151 zones in total.
1,079 have been approved, 55 are still pending *(after 3 months)*, 10 have been revoked because the TLDs are longer active, and 6 have been denied. Zones that have expired automatically had the expiration extended for me without doing anything, aside from 13 zones that remained expired. I have included a recent [stats file](./extras/stats.csv) directly from my ICANN account.
## Respects & extras
While ICANN does have an official [czds-api-client-python](https://github.com/icann/czds-api-client-python) repository, I rewrote it from scratch to be more streamline & included a [POSIX version](./extras/czds) for portability. There is some [official documentation](https://raw.githubusercontent.com/icann/czds-api-client-java/master/docs/ICANN_CZDS_api.pdf) that was referenced in the creation of the POSIX version. Either way, big props to ICANN for allowing me to use the CZDS for research purposes!

2
czds/__init__.py
View File

@ -5,7 +5,7 @@
from .client import CZDS
__version__ = '1.1.0'
__version__ = '1.0.0'
__author__ = 'acidvegas'
__email__ = 'acid.vegas@acid.vegas'
__github__ = 'https://github.com/acidvegas/czds'

93
czds/__main__.py
View File

@ -3,7 +3,7 @@
# czds/__main__.py
import argparse
import asyncio
import concurrent.futures
import getpass
import logging
import os
@ -12,70 +12,67 @@ import time
from .client import CZDS
async def main():
'''Entry point for the command line interface'''
def main(username: str, password: str, concurrency: int) -> None:
'''
Main function to download all zone files
# Create argument parser
parser = argparse.ArgumentParser(description='ICANN API for the Centralized Zones Data Service')
:param username: ICANN Username
:param password: ICANN Password
:param concurrency: Number of concurrent downloads
'''
# Authentication
parser.add_argument('-u', '--username', default=os.getenv('CZDS_USER'), help='ICANN Username')
parser.add_argument('-p', '--password', default=os.getenv('CZDS_PASS'), help='ICANN Password')
# Zone download options
parser.add_argument('-z', '--zones', action='store_true', help='Download zone files')
parser.add_argument('-c', '--concurrency', type=int, default=3, help='Number of concurrent downloads')
parser.add_argument('-d', '--decompress', action='store_true', help='Decompress zone files after download')
parser.add_argument('-k', '--keep', action='store_true', help='Keep the original gzip files after decompression')
# Report options
parser.add_argument('-r', '--report', action='store_true', help='Download the zone stats report')
parser.add_argument('-s', '--scrub', action='store_true', help='Scrub the username from the report')
parser.add_argument('-f', '--format', choices=['csv', 'json'], default='csv', help='Report output format')
# Output options
parser.add_argument('-o', '--output', default=os.getcwd(), help='Output directory')
# Parse arguments
args = parser.parse_args()
logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(name)s - %(levelname)s - %(message)s')
# Get username and password
username = args.username or input('ICANN Username: ')
password = args.password or getpass.getpass('ICANN Password: ')
# Create output directory
now = time.strftime('%Y-%m-%d')
output_directory = os.path.join(args.output, 'zones', now)
os.makedirs(output_directory, exist_ok=True)
logging.info('Authenticating with ICANN API...')
async with CZDS(username, password) as client:
# Download zone stats report if requested
if args.report:
CZDS_client = CZDS(username, password)
logging.debug('Created CZDS client')
output_directory = os.path.join(os.getcwd(), 'zones', now)
os.makedirs(output_directory, exist_ok=True)
logging.info('Fetching zone stats report...')
try:
output = os.path.join(output_directory, '.report.csv')
await client.get_report(output, scrub=args.scrub, format=args.format)
logging.info(f'Zone stats report saved to {output}')
return
CZDS_client.download_report(os.path.join(output_directory, '.report.csv'))
except Exception as e:
raise Exception(f'Failed to download zone stats report: {e}')
# Download zone files if requested
if args.zones:
logging.info('Fetching zone links...')
try:
zone_links = await client.fetch_zone_links()
zone_links = CZDS_client.fetch_zone_links()
except Exception as e:
raise Exception(f'Failed to fetch zone links: {e}')
logging.info(f'Downloading {len(zone_links):,} zone files...')
await client.download_zones(zone_links, output_directory, args.concurrency, decompress=args.decompress, cleanup=not args.keep)
logging.info(f'Fetched {len(zone_links):,} zone links')
logging.info('Downloading zone files...')
with concurrent.futures.ThreadPoolExecutor(max_workers=concurrency) as executor:
future_to_url = {executor.submit(CZDS_client.download_zone, url, output_directory): url for url in sorted(zone_links)}
for future in concurrent.futures.as_completed(future_to_url):
url = future_to_url[future]
try:
filepath = future.result()
logging.info(f'Completed downloading {url} to file {filepath}')
except Exception as e:
logging.error(f'{url} generated an exception: {e}')
if __name__ == '__main__':
asyncio.run(main())
parser = argparse.ArgumentParser(description='ICANN API for the Centralized Zones Data Service')
parser.add_argument('-u', '--username', default=os.getenv('CZDS_USER'), help='ICANN Username')
parser.add_argument('-p', '--password', default=os.getenv('CZDS_PASS'), help='ICANN Password')
parser.add_argument('-c', '--concurrency', type=int, default=3, help='Number of concurrent downloads')
args = parser.parse_args()
logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(name)s - %(levelname)s - %(message)s')
username = args.username or input('ICANN Username: ')
password = args.password or getpass.getpass('ICANN Password: ')
main(username, password, args.concurrency)

168
czds/client.py
View File

@ -2,19 +2,9 @@
# ICANN API for the Centralized Zones Data Service - developed by acidvegas (https://git.acid.vegas/czds)
# czds/client.py
import asyncio
import json
import os
import gzip
try:
import aiohttp
except ImportError:
raise ImportError('missing aiohttp library (pip install aiohttp)')
try:
import aiofiles
except ImportError:
raise ImportError('missing aiofiles library (pip install aiofiles)')
import urllib.request
class CZDS:
@ -29,166 +19,86 @@ class CZDS:
'''
self.username = username
self.password = password
self.headers = None # Store the authorization header for reuse
self.session = None # Store the client session for reuse
self.headers = {'Authorization': f'Bearer {self.authenticate(username, password)}'}
async def __aenter__(self):
'''Async context manager entry'''
def authenticate(self, username: str, password: str) -> str:
'''
Authenticate with the ICANN API and return the access token
self.session = aiohttp.ClientSession()
self.headers = {'Authorization': f'Bearer {await self.authenticate()}'}
return self
async def __aexit__(self, exc_type, exc_val, exc_tb):
'''Async context manager exit'''
if self.session:
await self.session.close()
async def authenticate(self) -> str:
'''Authenticate with the ICANN API and return the access token'''
:param username: ICANN Username
:param password: ICANN Password
'''
try:
data = {'username': self.username, 'password': self.password}
data = json.dumps({'username': username, 'password': password}).encode('utf-8')
headers = {'Content-Type': 'application/json'}
request = urllib.request.Request('https://account-api.icann.org/api/authenticate', data=data, headers=headers)
async with self.session.post('https://account-api.icann.org/api/authenticate', json=data) as response:
if response.status != 200:
raise Exception(f'Authentication failed: {response.status} {await response.text()}')
result = await response.json()
return result['accessToken']
with urllib.request.urlopen(request) as response:
response = response.read().decode('utf-8')
return json.loads(response)['accessToken']
except Exception as e:
raise Exception(f'Failed to authenticate with ICANN API: {e}')
async def fetch_zone_links(self) -> list:
def fetch_zone_links(self) -> list:
'''Fetch the list of zone files available for download'''
async with self.session.get('https://czds-api.icann.org/czds/downloads/links', headers=self.headers) as response:
request = urllib.request.Request('https://czds-api.icann.org/czds/downloads/links', headers=self.headers)
with urllib.request.urlopen(request) as response:
if response.status != 200:
raise Exception(f'Failed to fetch zone links: {response.status} {await response.text()}')
raise Exception(f'Failed to fetch zone links: {response.status} {response.reason}')
return await response.json()
return json.loads(response.read().decode('utf-8'))
async def get_report(self, filepath: str = None, scrub: bool = True, format: str = 'csv') -> str | dict:
def download_report(self, filepath: str):
'''
Downloads the zone report stats from the API and scrubs the report for privacy
:param filepath: Filepath to save the scrubbed report
:param scrub: Whether to scrub the username from the report
:param format: Output format ('csv' or 'json')
:return: Report content as CSV string or JSON dict
'''
async with self.session.get('https://czds-api.icann.org/czds/requests/report', headers=self.headers) as response:
request = urllib.request.Request('https://czds-api.icann.org/czds/requests/report', headers=self.headers)
with urllib.request.urlopen(request) as response:
if response.status != 200:
raise Exception(f'Failed to download the zone stats report: {response.status} {await response.text()}')
raise Exception(f'Failed to download the zone stats report: {response.status} {response.reason}')
content = await response.text()
content = response.read().decode('utf-8')
if scrub:
content = content.replace(self.username, 'nobody@no.name')
if format.lower() == 'json':
rows = [row.split(',') for row in content.strip().split('\n')]
header = rows[0]
content = [dict(zip(header, row)) for row in rows[1:]]
if filepath:
async with aiofiles.open(filepath, 'w') as file:
if format.lower() == 'json':
import json
await file.write(json.dumps(content, indent=4))
else:
await file.write(content)
return content
with open(filepath, 'w') as file:
file.write(content.replace(self.username, 'nobody@no.name'))
async def gzip_decompress(self, filepath: str, cleanup: bool = True):
'''
Decompress a gzip file in place
:param filepath: Path to the gzip file
:param cleanup: Whether to remove the original gzip file after decompression
'''
output_path = filepath[:-3] # Remove .gz extension
async with aiofiles.open(filepath, 'rb') as f_in:
content = await f_in.read()
with gzip.open(content, 'rb') as gz:
async with aiofiles.open(output_path, 'wb') as f_out:
await f_out.write(gz.read())
if cleanup:
os.remove(filepath)
async def download_zone(self, url: str, output_directory: str, decompress: bool = False, cleanup: bool = True, semaphore: asyncio.Semaphore = None):
def download_zone(self, url: str, output_directory: str) -> str:
'''
Download a single zone file
:param url: URL to download
:param output_directory: Directory to save the zone file
:param decompress: Whether to decompress the gzip file after download
:param cleanup: Whether to remove the original gzip file after decompression
:param semaphore: Optional semaphore for controlling concurrency
'''
async def _download():
async with self.session.get(url, headers=self.headers) as response:
if response.status != 200:
raise Exception(f'Failed to download {url}: {response.status} {await response.text()}')
request = urllib.request.Request(url, headers=self.headers)
if not (content_disposition := response.headers.get('Content-Disposition')):
with urllib.request.urlopen(request) as response:
if response.status != 200:
raise Exception(f'Failed to download {url}: {response.status} {response.reason}')
if not (content_disposition := response.getheader('Content-Disposition')):
raise ValueError('Missing Content-Disposition header')
filename = content_disposition.split('filename=')[-1].strip('"')
filepath = os.path.join(output_directory, filename)
async with aiofiles.open(filepath, 'wb') as file:
with open(filepath, 'wb') as file:
while True:
chunk = await response.content.read(8192)
chunk = response.read(1024)
if not chunk:
break
await file.write(chunk)
if decompress:
await self.gzip_decompress(filepath, cleanup)
filepath = filepath[:-3] # Remove .gz extension
file.write(chunk)
return filepath
if semaphore:
async with semaphore:
return await _download()
else:
return await _download()
async def download_zones(self, zone_links: list, output_directory: str, concurrency: int, decompress: bool = False, cleanup: bool = True):
'''
Download multiple zone files concurrently
:param zone_links: List of zone URLs to download
:param output_directory: Directory to save the zone files
:param concurrency: Number of concurrent downloads
:param decompress: Whether to decompress the gzip files after download
:param cleanup: Whether to remove the original gzip files after decompression
'''
os.makedirs(output_directory, exist_ok=True)
semaphore = asyncio.Semaphore(concurrency)
tasks = [self.download_zone(url, output_directory, decompress, cleanup, semaphore) for url in zone_links]
await asyncio.gather(*tasks)

90
czds_api.egg-info/PKG-INFO
View File

@ -1,90 +0,0 @@
Metadata-Version: 2.2
Name: czds-api
Version: 1.0.1
Summary: ICANN API for the Centralized Zones Data Service
Home-page: https://github.com/acidvegas/czds
Author: acidvegas
Author-email: acid.vegas@acid.vegas
Project-URL: Bug Tracker, https://github.com/acidvegas/czds/issues
Project-URL: Documentation, https://github.com/acidvegas/czds#readme
Project-URL: Source Code, https://github.com/acidvegas/czds
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: ISC License (ISCL)
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Topic :: Internet
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Python: >=3.6
Description-Content-Type: text/markdown
License-File: LICENSE
Dynamic: author
Dynamic: author-email
Dynamic: classifier
Dynamic: description
Dynamic: description-content-type
Dynamic: home-page
Dynamic: project-url
Dynamic: requires-python
Dynamic: summary
# ICANN Centralized Zone Data Service API
The [ICANN Centralized Zone Data Service](https://czds.icann.org) *(CZDS)* allows *approved* users to request and download DNS zone files in bulk, provided they represent a legitimate company or academic institution and their intended use is legal and ethical. Once ICANN approves the request, this tool streamlines the retrieval of extensive domain name system data, facilitating research and security analysis in the realm of internet infrastructure.
## Zone Information
Zone files are updated once every 24 hours, specifically from 00:00 UTC to 06:00 UTC. Access to these zones is granted in increments, and the total time for approval across all zones may extend to a month or longer. It is typical for more than 90% of requested zones to receive approval. Access to certain zone files may require additional application forms with the TLD organization. Please be aware that access to certain zones is time-bound, expiring at the beginning of the following year, or up to a decade after the initial approval has been confirmed.
At the time of writing this repository, the CZDS offers access to 1,151 zones in total.
1,079 have been approved, 55 are still pending *(after 3 months)*, 10 have been revoked because the TLDs are longer active, and 6 have been denied. Zones that have expired automatically had the expiration extended for me without doing anything, aside from 13 zones that remained expired. I have included a recent [stats file](./extras/stats.csv) directly from my ICANN account.
## Installation
```bash
pip install czds-api
```
## Usage
###### Command line
```bash
czds [--username <username> --password <password>] [--concurrency <int>]
```
You can also set the `CZDS_USER` & `CZDS_PASS` environment variables to automatically authenticate:
```bash
export CZDS_USER='your_username'
export CZDS_PASS='your_password'
```
###### As a Python module
```python
import os
from czds import CZDS
CZDS_client = CZDS(username, password)
CZDS_client.download_report('report.csv')
zone_links = CZDS_client.fetch_zone_links()
os.makedirs('zones', exist_ok=True)
for zone_link in zone_links:
CZDS_client.download_zone(zone_link, 'zones')
```
## Respects & extras
While ICANN does have an official [czds-api-client-python](https://github.com/icann/czds-api-client-python) repository, I rewrote it from scratch to be more streamline & included a [POSIX version](./extras/czds) for portability. There is some [official documentation](https://raw.githubusercontent.com/icann/czds-api-client-java/master/docs/ICANN_CZDS_api.pdf) that was referenced in the creation of the POSIX version. Either way, big props to ICANN for allowing me to use the CZDS for research purposes!
___
###### Mirrors for this repository: [acid.vegas](https://git.acid.vegas/czds) • [SuperNETs](https://git.supernets.org/acidvegas/czds) • [GitHub](https://github.com/acidvegas/czds) • [GitLab](https://gitlab.com/acidvegas/czds) • [Codeberg](https://codeberg.org/acidvegas/czds)

11
czds_api.egg-info/SOURCES.txt
View File

@ -1,11 +0,0 @@
LICENSE
README.md
setup.py
czds/__init__.py
czds/__main__.py
czds/client.py
czds_api.egg-info/PKG-INFO
czds_api.egg-info/SOURCES.txt
czds_api.egg-info/dependency_links.txt
czds_api.egg-info/entry_points.txt
czds_api.egg-info/top_level.txt

1
czds_api.egg-info/dependency_links.txt
View File

@ -1 +0,0 @@

2
czds_api.egg-info/entry_points.txt
View File

@ -1,2 +0,0 @@
[console_scripts]
czds = czds.__main__:main

1
czds_api.egg-info/top_level.txt
View File

@ -1 +0,0 @@
czds

BIN
dist/czds_api-1.0.0-py3-none-any.whl vendored
View File

Binary file not shown.

BIN
dist/czds_api-1.0.0.tar.gz vendored
View File

Binary file not shown.

2
requirements.txt
View File

@ -1,2 +0,0 @@
aiohttp
aiofiles

6
setup.py
View File

@ -11,7 +11,7 @@ with open('README.md', 'r', encoding='utf-8') as fh:
setup(
name='czds-api',
version='1.1.0',
version='1.0.0',
author='acidvegas',
author_email='acid.vegas@acid.vegas',
description='ICANN API for the Centralized Zones Data Service',
@ -46,8 +46,4 @@ setup(
'czds=czds.__main__:main',
],
},
install_requires=[
'aiohttp>=3.8.0',
'aiofiles>=23.2.1',
],
)