Skip to content

rohitpaulk/srv_hijacker

Repository files navigation

srv_hijacker

A python module that patches socket to query a certain DNS server for SRV records when creating connections.

Installation

pip install srv-hijacker

Usage

This module exposes exactly one function:

import srv_hijacker

srv_hijacker.hijack(
    host_regex=r'service.consul$',
    srv_dns_host='127.0.0.1',
    srv_dns_port=8600,
    libraries_to_patch=['psycopg2']
)

Note: Only connections that match the host_regex are patched. All other connections are the same as before.

srv_dns_host and srv_dns_port are optional, if not provided the default nameservers and ports configured.

Additionally, A list of supported third party libraries can be given with libraries_to_patch argument. The libraries are patched according to their specific DNS resolution method, or PatchError is raised if the library is not supported.

See srv_hijacker.PATCHABLE_LIBS for a list of all supported libraries.

Running Tests

  • Run make run_consul to boot up a DNS server to test against
  • Run make test

Compatibility

Only confirmed to work with Python 3.7. Tests use requests, which uses socket internally.

Background

The use case this was designed for is to transparently patch requests so that calls to endpoints like your_service.service.consul hit consul's DNS server and use the host + port given in the SRV query.