Add error handling in delete_record function around unrecognized/malformed keys.
This commit is contained in:
parent
d4d4afdaa1
commit
46a91e2fdf
|
@ -23,3 +23,11 @@ class RecordException(Exception):
|
||||||
"""
|
"""
|
||||||
|
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
class KeyringException(Exception):
|
||||||
|
"""
|
||||||
|
Thrown when there is a problem creating the keyring.
|
||||||
|
* When the length/padding of the TSIG data is incorrect.
|
||||||
|
"""
|
||||||
|
|
||||||
|
pass
|
||||||
|
|
|
@ -9,6 +9,7 @@ import socket
|
||||||
import dns.query
|
import dns.query
|
||||||
import dns.reversename
|
import dns.reversename
|
||||||
import dns.update
|
import dns.update
|
||||||
|
import dns.tsig
|
||||||
|
|
||||||
# App Imports
|
# App Imports
|
||||||
from binder import exceptions, keyutils, models
|
from binder import exceptions, keyutils, models
|
||||||
|
@ -83,8 +84,12 @@ def delete_record(dns_server, rr_list, key_name):
|
||||||
if key_name is None:
|
if key_name is None:
|
||||||
keyring = None
|
keyring = None
|
||||||
else:
|
else:
|
||||||
this_key = models.Key.objects.get(name=key_name)
|
try:
|
||||||
keyring = keyutils.create_keyring(this_key.name, this_key.data)
|
this_key = models.Key.objects.get(name=key_name)
|
||||||
|
keyring = keyutils.create_keyring(this_key.name, this_key.data)
|
||||||
|
except exceptions.KeyringException, err:
|
||||||
|
return([{ "description" : "Error in deletion process",
|
||||||
|
"output" : err }])
|
||||||
|
|
||||||
delete_response = []
|
delete_response = []
|
||||||
for current_rr in rr_list:
|
for current_rr in rr_list:
|
||||||
|
@ -93,8 +98,12 @@ def delete_record(dns_server, rr_list, key_name):
|
||||||
domain = re_record.group(2)
|
domain = re_record.group(2)
|
||||||
dns_update = dns.update.Update(domain, keyring = keyring)
|
dns_update = dns.update.Update(domain, keyring = keyring)
|
||||||
dns_update.delete(record)
|
dns_update.delete(record)
|
||||||
output = dns.query.tcp(dns_update, dns_server)
|
try:
|
||||||
delete_response.append({ "description" : "Delete record %s" % current_rr,
|
output = dns.query.tcp(dns_update, dns_server)
|
||||||
|
except dns.tsig.PeerBadKey:
|
||||||
|
output = "The DNS server does not know about the TSIG key: %s" % key_name
|
||||||
|
|
||||||
|
delete_response.append({ "description" : "Delete Record: %s" % current_rr,
|
||||||
"output" : output })
|
"output" : output })
|
||||||
|
|
||||||
return delete_response
|
return delete_response
|
||||||
|
|
|
@ -1,5 +1,10 @@
|
||||||
|
import binascii
|
||||||
|
|
||||||
import dns.tsigkeyring
|
import dns.tsigkeyring
|
||||||
|
|
||||||
|
from binder import exceptions
|
||||||
|
|
||||||
|
|
||||||
def create_keyring(key_name, key_data):
|
def create_keyring(key_name, key_data):
|
||||||
"""Return a tsigkeyring object from key name and key data.
|
"""Return a tsigkeyring object from key name and key data.
|
||||||
|
|
||||||
|
@ -11,8 +16,10 @@ def create_keyring(key_name, key_data):
|
||||||
keyring object with the key name and TSIG secret.
|
keyring object with the key name and TSIG secret.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
keyring = dns.tsigkeyring.from_text({
|
try:
|
||||||
key_name : key_data
|
keyring = dns.tsigkeyring.from_text({
|
||||||
})
|
key_name : key_data
|
||||||
|
})
|
||||||
|
except binascii.Error, err:
|
||||||
|
raise exceptions.KeyringException("Error creating keyring. Verify correct key data for key: %s. Reason: %s" % (key_name, err))
|
||||||
return keyring
|
return keyring
|
||||||
|
|
Loading…
Reference in New Issue