Merge pull request #13 from Dunedan/fix-tsig-algorithms
Fix binder to work with TSIG keys not using dnspythons default algorithm
This commit is contained in:
Jeffrey Forman
commit
fb7d27da20
|
|
@ -85,16 +85,19 @@ def delete_record(dns_server, rr_list, key_name):
|
||||||
|
|
||||||
try:
|
try:
|
||||||
transfer_key = models.Key.objects.get(name=key_name)
|
transfer_key = models.Key.objects.get(name=key_name)
|
||||||
keyring = transfer_key.create_keyring()
|
|
||||||
except models.Key.DoesNotExist:
|
except models.Key.DoesNotExist:
|
||||||
keyring = None
|
keyring = None
|
||||||
|
algorithm = None
|
||||||
|
else:
|
||||||
|
keyring = transfer_key.create_keyring()
|
||||||
|
algorithm = transfer_key.algorithm
|
||||||
|
|
||||||
delete_response = []
|
delete_response = []
|
||||||
for current_rr in rr_list:
|
for current_rr in rr_list:
|
||||||
record_list = current_rr.split(".")
|
record_list = current_rr.split(".")
|
||||||
record = record_list[0]
|
record = record_list[0]
|
||||||
domain = ".".join(record_list[1:])
|
domain = ".".join(record_list[1:])
|
||||||
dns_update = dns.update.Update(domain, keyring = keyring)
|
dns_update = dns.update.Update(domain, keyring=keyring, keyalgorithm=algorithm)
|
||||||
dns_update.delete(record)
|
dns_update.delete(record)
|
||||||
output = send_dns_update(dns_update, dns_server, key_name)
|
output = send_dns_update(dns_update, dns_server, key_name)
|
||||||
|
|
||||||
|
|
@ -108,11 +111,14 @@ def create_update(dns_server, zone_name, record_name, record_type, record_data,
|
||||||
|
|
||||||
try:
|
try:
|
||||||
transfer_key = models.Key.objects.get(name=key_name)
|
transfer_key = models.Key.objects.get(name=key_name)
|
||||||
keyring = transfer_key.create_keyring()
|
|
||||||
except models.Key.DoesNotExist:
|
except models.Key.DoesNotExist:
|
||||||
keyring = None
|
keyring = None
|
||||||
|
algorithm = None
|
||||||
|
else:
|
||||||
|
keyring = transfer_key.create_keyring()
|
||||||
|
algorithm = transfer_key.algorithm
|
||||||
|
|
||||||
dns_update = dns.update.Update(zone_name, keyring = keyring)
|
dns_update = dns.update.Update(zone_name, keyring=keyring, keyalgorithm=algorithm)
|
||||||
dns_update.replace(record_name, ttl, record_type, record_data)
|
dns_update.replace(record_name, ttl, record_type, record_data)
|
||||||
output = send_dns_update(dns_update, dns_server, key_name)
|
output = send_dns_update(dns_update, dns_server, key_name)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -107,12 +107,15 @@ class BindServer(models.Model):
|
||||||
|
|
||||||
try:
|
try:
|
||||||
transfer_key = Key.objects.get(name=self.default_transfer_key)
|
transfer_key = Key.objects.get(name=self.default_transfer_key)
|
||||||
keyring = transfer_key.create_keyring()
|
|
||||||
except Key.DoesNotExist:
|
except Key.DoesNotExist:
|
||||||
keyring = None
|
keyring = None
|
||||||
|
algorithm = None
|
||||||
|
else:
|
||||||
|
keyring = transfer_key.create_keyring()
|
||||||
|
algorithm = transfer_key.algorithm
|
||||||
|
|
||||||
try:
|
try:
|
||||||
zone = dns.zone.from_xfr(dns.query.xfr(self.hostname, zone_name, keyring=keyring))
|
zone = dns.zone.from_xfr(dns.query.xfr(self.hostname, zone_name, keyring=keyring, keyalgorithm=algorithm))
|
||||||
except dns.tsig.PeerBadKey:
|
except dns.tsig.PeerBadKey:
|
||||||
# The incorrect TSIG key was selected for transfers.
|
# The incorrect TSIG key was selected for transfers.
|
||||||
raise exceptions.TransferException("Unable to list zone records because of a TSIG key mismatch.")
|
raise exceptions.TransferException("Unable to list zone records because of a TSIG key mismatch.")
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue