[trac772] Propagate the ACL as well

49f1d2d2 · Michal 'vorner' Vaner · ed9c17ed · 49f1d2d2 · 49f1d2d2
Commit 49f1d2d2 authored Jul 13, 2011 by Michal 'vorner' Vaner
--- a/src/bin/xfrout/tests/xfrout_test.py.in
+++ b/src/bin/xfrout/tests/xfrout_test.py.in
@@ -118,7 +118,10 @@ class TestXfroutSession(unittest.TestCase):
    def setUp(self):
        self.sock = MySocket(socket.AF_INET,socket.SOCK_STREAM)
        self.xfrsess = MyXfroutSession(self.sock, None, Dbserver(),
-                                       TSIGKeyRing(), ('127.0.0.1', 12345))
+                                       TSIGKeyRing(), ('127.0.0.1', 12345),
+                                       # When not testing ACLs, simply accept
+                                       isc.acl.dns.REQUEST_LOADER.load(
+                                           [{"action": "ACCEPT"}]))
        self.mdata = bytes(b'\xd6=\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x07example\x03com\x00\x00\xfc\x00\x01')
        self.soa_record = (4, 3, 'example.com.', 'com.example.', 3600, 'SOA', None, 'master.example.com. admin.example.com. 1234 3600 1800 2419200 7200')


--- a/src/bin/xfrout/xfrout.py.in
+++ b/src/bin/xfrout/xfrout.py.in
@@ -95,7 +95,8 @@ def get_rrset_len(rrset):


 class XfroutSession():
-    def __init__(self, sock_fd, request_data, server, tsig_key_ring, remote):
+    def __init__(self, sock_fd, request_data, server, tsig_key_ring, remote,
+                 acl):
        self._sock_fd = sock_fd
        self._request_data = request_data
        self._server = server
@@ -103,6 +104,7 @@ class XfroutSession():
        self._tsig_ctx = None
        self._tsig_len = 0
        self._remote = remote
+        self._acl = acl
        self.handle()

    def create_tsig_ctx(self, tsig_record, tsig_key_ring):
@@ -493,7 +495,7 @@ class UnixSockServer(socketserver_mixin.NoPollMixIn, ThreadingUnixStreamServer):
        '''Finish one request by instantiating RequestHandlerClass.'''
        self.RequestHandlerClass(sock_fd, request_data, self,
                                 self.tsig_key_ring,
-                                 self._guess_remote(sock_fd))
+                                 self._guess_remote(sock_fd), self._acl)

    def _remove_unused_sock_file(self, sock_file):
        '''Try to remove the socket file. If the file is being used