Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
ISC Open Source Projects
Kea
Commits
ac91cd88
Commit
ac91cd88
authored
Feb 20, 2012
by
Michal 'vorner' Vaner
Browse files
[1643] Port xfrout to use global TSIG config
parent
73506bcb
Changes
3
Hide whitespace changes
Inline
Side-by-side
src/bin/xfrout/tests/xfrout_test.py.in
View file @
ac91cd88
...
...
@@ -1214,25 +1214,12 @@ class TestUnixSockServer(unittest.TestCase):
def test_update_config_data(self):
self.check_default_ACL()
tsig_key_str = 'example.com:SFuWd/q99SzF8Yzd1QbB9g=='
tsig_key_list = [tsig_key_str]
bad_key_list = ['bad..example.com:SFuWd/q99SzF8Yzd1QbB9g==']
self.unix.update_config_data({'transfers_out':10 })
self.assertEqual(self.unix._max_transfers_out, 10)
self.assertTrue(self.unix.tsig_key_ring is not None)
self.check_default_ACL()
self.unix.update_config_data({'transfers_out':9,
'tsig_key_ring':tsig_key_list})
self.unix.update_config_data({'transfers_out':9})
self.assertEqual(self.unix._max_transfers_out, 9)
self.assertEqual(self.unix.tsig_key_ring.size(), 1)
self.unix.tsig_key_ring.remove(Name("example.com."))
self.assertEqual(self.unix.tsig_key_ring.size(), 0)
# bad tsig key
config_data = {'transfers_out':9, 'tsig_key_ring': bad_key_list}
self.assertRaises(None, self.unix.update_config_data(config_data))
self.assertEqual(self.unix.tsig_key_ring.size(), 0)
# Load the ACL
self.unix.update_config_data({'transfer_acl': [{'from': '127.0.0.1',
...
...
src/bin/xfrout/xfrout.py.in
View file @
ac91cd88
...
...
@@ -34,6 +34,7 @@ import select
import errno
from optparse import OptionParser, OptionValueError
from isc.util import socketserver_mixin
import isc.server_common.tsig_keyring
from isc.log_messages.xfrout_messages import *
...
...
@@ -769,7 +770,7 @@ class UnixSockServer(socketserver_mixin.NoPollMixIn,
zone_config = self._zone_config
self._lock.release()
self.RequestHandlerClass(sock_fd, request_data, self,
self
.tsig_key
_
ring,
isc.server_common
.tsig_keyring
.keyring()
,
self._guess_remote(sock_fd), acl, zone_config)
def _remove_unused_sock_file(self, sock_file):
...
...
@@ -833,7 +834,6 @@ class UnixSockServer(socketserver_mixin.NoPollMixIn,
self._acl = new_acl
self._zone_config = new_zone_config
self._max_transfers_out = new_config.get('transfers_out')
self.set_tsig_key_ring(new_config.get('tsig_key_ring'))
except Exception as e:
self._lock.release()
raise e
...
...
@@ -870,21 +870,6 @@ class UnixSockServer(socketserver_mixin.NoPollMixIn,
zclass_str + ': ' + str(e))
return new_config
def set_tsig_key_ring(self, key_list):
"""Set the tsig_key_ring , given a TSIG key string list representation. """
# XXX add values to configure zones/tsig options
self.tsig_key_ring = TSIGKeyRing()
# If key string list is empty, create a empty tsig_key_ring
if not key_list:
return
for key_item in key_list:
try:
self.tsig_key_ring.add(TSIGKey(key_item))
except InvalidParameter as ipe:
logger.error(XFROUT_BAD_TSIG_KEY_STRING, str(key_item))
def get_db_file(self):
file, is_default = self._cc.get_remote_config_value("Auth", "database_file")
# this too should be unnecessary, but currently the
...
...
@@ -920,7 +905,8 @@ class XfroutServer:
self._cc = isc.config.ModuleCCSession(SPECFILE_LOCATION, self.config_handler, self.command_handler)
self._config_data = self._cc.get_full_config()
self._cc.start()
self._cc.add_remote_config(AUTH_SPECFILE_LOCATION);
self._cc.add_remote_config(AUTH_SPECFILE_LOCATION)
isc.server_common.tsig_keyring.init_keyring(self._cc)
self._start_xfr_query_listener()
self._start_notifier()
...
...
src/bin/xfrout/xfrout.spec.pre.in
View file @
ac91cd88
...
...
@@ -38,18 +38,6 @@
"item_optional": false,
"item_default": 1048576
},
{
"item_name": "tsig_key_ring",
"item_type": "list",
"item_optional": true,
"item_default": [],
"list_item_spec" :
{
"item_name": "tsig_key",
"item_type": "string",
"item_optional": true
}
},
{
"item_name": "transfer_acl",
"item_type": "list",
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment