Home Explore Help
Sign In
zorun
/
kea
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

[1643] Port xfrout to use global TSIG config

Michal 'vorner' Vaner 13 years ago
parent
73506bcbd6
commit
ac91cd885b
3 changed files with 5 additions and 44 deletions
Unified View Show Diff Stats
  1. 1 14
      src/bin/xfrout/tests/xfrout_test.py.in
  2. 4 18
      src/bin/xfrout/xfrout.py.in
  3. 0 12
      src/bin/xfrout/xfrout.spec.pre.in

+ 1 - 14
src/bin/xfrout/tests/xfrout_test.py.in
View File 

@@ -1214,25 +1214,12 @@ class TestUnixSockServer(unittest.TestCase):
 
 
 
     def test_update_config_data(self):
 
     def test_update_config_data(self):
 
         self.check_default_ACL()
 
         self.check_default_ACL()
 
-        tsig_key_str = 'example.com:SFuWd/q99SzF8Yzd1QbB9g=='
 
-        tsig_key_list = [tsig_key_str]
 
-        bad_key_list = ['bad..example.com:SFuWd/q99SzF8Yzd1QbB9g==']
 
         self.unix.update_config_data({'transfers_out':10 })
 
         self.unix.update_config_data({'transfers_out':10 })
 
         self.assertEqual(self.unix._max_transfers_out, 10)
 
         self.assertEqual(self.unix._max_transfers_out, 10)
 
-        self.assertTrue(self.unix.tsig_key_ring is not None)
 
         self.check_default_ACL()
 
         self.check_default_ACL()
 
 
 
-        self.unix.update_config_data({'transfers_out':9,
 
-                                      'tsig_key_ring':tsig_key_list})
 
+        self.unix.update_config_data({'transfers_out':9})
 
         self.assertEqual(self.unix._max_transfers_out, 9)
 
         self.assertEqual(self.unix._max_transfers_out, 9)
 
-        self.assertEqual(self.unix.tsig_key_ring.size(), 1)
 
-        self.unix.tsig_key_ring.remove(Name("example.com."))
 
-        self.assertEqual(self.unix.tsig_key_ring.size(), 0)
 
-
 
-        # bad tsig key
 
-        config_data = {'transfers_out':9, 'tsig_key_ring': bad_key_list}
 
-        self.assertRaises(None, self.unix.update_config_data(config_data))
 
-        self.assertEqual(self.unix.tsig_key_ring.size(), 0)
 
 
 
         # Load the ACL
 
         # Load the ACL
 
         self.unix.update_config_data({'transfer_acl': [{'from': '127.0.0.1',
 
         self.unix.update_config_data({'transfer_acl': [{'from': '127.0.0.1',

+ 4 - 18
src/bin/xfrout/xfrout.py.in
View File 

@@ -34,6 +34,7 @@ import select
 
 import errno
 
 import errno
 
 from optparse import OptionParser, OptionValueError
 
 from optparse import OptionParser, OptionValueError
 
 from isc.util import socketserver_mixin
 
 from isc.util import socketserver_mixin
 
+import isc.server_common.tsig_keyring
 
 
 
 from isc.log_messages.xfrout_messages import *
 
 from isc.log_messages.xfrout_messages import *
 
 
 
@@ -769,7 +770,7 @@ class UnixSockServer(socketserver_mixin.NoPollMixIn,
 
         zone_config = self._zone_config
 
         zone_config = self._zone_config
 
         self._lock.release()
 
         self._lock.release()
 
         self.RequestHandlerClass(sock_fd, request_data, self,
 
         self.RequestHandlerClass(sock_fd, request_data, self,
 
-                                 self.tsig_key_ring,
 
+                                 isc.server_common.tsig_keyring.keyring(),
 
                                  self._guess_remote(sock_fd), acl, zone_config)
 
                                  self._guess_remote(sock_fd), acl, zone_config)
 
 
 
     def _remove_unused_sock_file(self, sock_file):
 
     def _remove_unused_sock_file(self, sock_file):
 
@@ -833,7 +834,6 @@ class UnixSockServer(socketserver_mixin.NoPollMixIn,
 
             self._acl = new_acl
 
             self._acl = new_acl
 
             self._zone_config = new_zone_config
 
             self._zone_config = new_zone_config
 
             self._max_transfers_out = new_config.get('transfers_out')
 
             self._max_transfers_out = new_config.get('transfers_out')
 
-            self.set_tsig_key_ring(new_config.get('tsig_key_ring'))
 
         except Exception as e:
 
         except Exception as e:
 
             self._lock.release()
 
             self._lock.release()
 
             raise e
 
             raise e
 
@@ -870,21 +870,6 @@ class UnixSockServer(socketserver_mixin.NoPollMixIn,
 
                                             zclass_str + ': ' + str(e))
 
                                             zclass_str + ': ' + str(e))
 
         return new_config
 
         return new_config
 
 
 
-    def set_tsig_key_ring(self, key_list):
 
-        """Set the tsig_key_ring , given a TSIG key string list representation. """
 
-
 
-        # XXX add values to configure zones/tsig options
 
-        self.tsig_key_ring = TSIGKeyRing()
 
-        # If key string list is empty, create a empty tsig_key_ring
 
-        if not key_list:
 
-            return
 
-
 
-        for key_item in key_list:
 
-            try:
 
-                self.tsig_key_ring.add(TSIGKey(key_item))
 
-            except InvalidParameter as ipe:
 
-                logger.error(XFROUT_BAD_TSIG_KEY_STRING, str(key_item))
 
-
 
     def get_db_file(self):
 
     def get_db_file(self):
 
         file, is_default = self._cc.get_remote_config_value("Auth", "database_file")
 
         file, is_default = self._cc.get_remote_config_value("Auth", "database_file")
 
         # this too should be unnecessary, but currently the
 
         # this too should be unnecessary, but currently the
 
@@ -920,7 +905,8 @@ class XfroutServer:
 
         self._cc = isc.config.ModuleCCSession(SPECFILE_LOCATION, self.config_handler, self.command_handler)
 
         self._cc = isc.config.ModuleCCSession(SPECFILE_LOCATION, self.config_handler, self.command_handler)
 
         self._config_data = self._cc.get_full_config()
 
         self._config_data = self._cc.get_full_config()
 
         self._cc.start()
 
         self._cc.start()
 
-        self._cc.add_remote_config(AUTH_SPECFILE_LOCATION);
 
+        self._cc.add_remote_config(AUTH_SPECFILE_LOCATION)
 
+        isc.server_common.tsig_keyring.init_keyring(self._cc)
 
         self._start_xfr_query_listener()
 
         self._start_xfr_query_listener()
 
         self._start_notifier()
 
         self._start_notifier()

+ 0 - 12
src/bin/xfrout/xfrout.spec.pre.in
View File 

@@ -39,18 +39,6 @@
 
          "item_default": 1048576
 
          "item_default": 1048576
 
        },
 
        },
 
        {
 
        {
 
-         "item_name": "tsig_key_ring",
 
-         "item_type": "list",
 
-         "item_optional": true,
 
-         "item_default": [],
 
-         "list_item_spec" :
 
-         {
 
-             "item_name": "tsig_key",
 
-             "item_type": "string",
 
-             "item_optional": true
 
-         }
 
-       },
 
-       {
 
          "item_name": "transfer_acl",
 
          "item_name": "transfer_acl",
 
          "item_type": "list",
 
          "item_type": "list",
 
          "item_optional": false,
 
          "item_optional": false,