Home Explore Help
Sign In
zorun
/
kea
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

[1165] add configuration items for zone_config. query_acl was renamed to
transfer_acl (for consistency) and is now used as the default transfer ACL.
related tests were added. also removed DEFAULT_RRCLASS, and retrieved the
default RR class from the spec.

JINMEI Tatuya 13 years ago
parent
219818389c
commit
c5d5522f83
4 changed files with 66 additions and 24 deletions
Split View Show Diff Stats
  1. 3 0
      src/bin/xfrout/tests/Makefile.am
  2. 11 8
      src/bin/xfrout/tests/xfrout_test.py.in
  3. 12 15
      src/bin/xfrout/xfrout.py.in
  4. 40 1
      src/bin/xfrout/xfrout.spec.pre.in

+ 3 - 0
src/bin/xfrout/tests/Makefile.am
View File 

@@ -10,6 +10,8 @@ LIBRARY_PATH_PLACEHOLDER += $(ENV_LIBRARY_PATH)=$(abs_top_builddir)/src/lib/cc/.
 
 endif
 
 
 # test using command-line arguments, so use check-local target instead of TESTS
 
+# We set B10_FROM_BUILD below, so that the test can refer to the in-source
 
+# spec file.
 
 check-local:
 
 if ENABLE_PYTHON_COVERAGE
 
 	touch $(abs_top_srcdir)/.coverage 
@@ -19,6 +21,7 @@ endif
 
 	for pytest in $(PYTESTS) ; do \
 
 	echo Running test: $$pytest ; \
 
 	chmod +x $(abs_builddir)/$$pytest ; \
 
+	B10_FROM_BUILD=$(abs_top_builddir) \
 
 	$(LIBRARY_PATH_PLACEHOLDER) \
 
 	PYTHONPATH=$(COMMON_PYTHON_PATH):$(abs_top_builddir)/src/bin/xfrout:$(abs_top_builddir)/src/lib/dns/python/.libs:$(abs_top_builddir)/src/lib/util/io/.libs \
 
 	$(PYCOVERAGE_RUN) $(abs_builddir)/$$pytest || exit ; \

+ 11 - 8
src/bin/xfrout/tests/xfrout_test.py.in
View File 

@@ -20,6 +20,7 @@ import unittest
 
 import os
 
 from isc.testutils.tsigctx_mock import MockTSIGContext
 
 from isc.cc.session import *
 
+import isc.config
 
 from pydnspp import *
 
 from xfrout import *
 
 import xfrout
 
@@ -241,7 +242,7 @@ class TestXfroutSession(unittest.TestCase):
 
         # ACL check with a per zone ACL + default ACL.  The per zone ACL
 
         # should match the queryied zone, so it should be used.
 
         def acl_setter(acl):
 
-            zone_key = ('example.com.', 'IN')
 
+            zone_key = ('IN', 'example.com.')
 
             self.xfrsess._zone_config[zone_key] = {}
 
             self.xfrsess._zone_config[zone_key]['transfer_acl'] = acl
 
             self.xfrsess._acl = isc.acl.dns.REQUEST_LOADER.load([
 
@@ -252,7 +253,7 @@ class TestXfroutSession(unittest.TestCase):
 
         # similar to the previous one, but the per zone doesn't match the
 
         # query.  The default should be used.
 
         def acl_setter(acl):
 
-            zone_key = ('example.org.', 'IN')
 
+            zone_key = ('IN', 'example.org.')
 
             self.xfrsess._zone_config[zone_key] = {}
 
             self.xfrsess._zone_config[zone_key]['transfer_acl'] = \
 
                 isc.acl.dns.REQUEST_LOADER.load([
 
@@ -273,8 +274,8 @@ class TestXfroutSession(unittest.TestCase):
 
         # will still be used.
 
         com_acl = isc.acl.dns.REQUEST_LOADER.load([
 
                 {"from": "127.0.0.1", "action": "REJECT"}])
 
-        self.xfrsess._zone_config[('example.com.', 'IN')] = {}
 
-        self.xfrsess._zone_config[('example.com.', 'IN')]['transfer_acl'] = \
 
+        self.xfrsess._zone_config[('IN', 'example.com.')] = {}
 
+        self.xfrsess._zone_config[('IN', 'example.com.')]['transfer_acl'] = \
 
             com_acl
 
         self.assertEqual(com_acl,
 
                          self.xfrsess._get_transfer_acl(Name('example.com'),
 
@@ -639,9 +640,11 @@ class TestXfroutSession(unittest.TestCase):
 
         # and it should not have sent anything else
 
         self.assertEqual(0, len(self.sock.sendqueue))
 
 
-class MyCCSession():
 
+class MyCCSession(isc.config.ConfigData):
 
     def __init__(self):
 
-        pass
 
+        module_spec = isc.config.module_spec_from_file(
 
+            xfrout.SPECFILE_LOCATION)
 
+        ConfigData.__init__(self, module_spec)
 
 
     def get_remote_config_value(self, module_name, identifier):
 
         if module_name == "Auth" and identifier == "database_file":
 
@@ -738,13 +741,13 @@ class TestUnixSockServer(unittest.TestCase):
 
         self.assertEqual(self.unix.tsig_key_ring.size(), 0)
 
 
         # Load the ACL
 
-        self.unix.update_config_data({'query_acl': [{'from': '127.0.0.1',
 
+        self.unix.update_config_data({'transfer_acl': [{'from': '127.0.0.1',
 
                                                'action': 'ACCEPT'}]})
 
         self.check_loaded_ACL(self.unix._acl)
 
         # Pass a wrong data there and check it does not replace the old one
 
         self.assertRaises(isc.acl.acl.LoaderError,
 
                           self.unix.update_config_data,
 
-                          {'query_acl': ['Something bad']})
 
+                          {'transfer_acl': ['Something bad']})
 
         self.check_loaded_ACL(self.unix._acl)
 
 
     def test_zone_config_data(self):

+ 12 - 15
src/bin/xfrout/xfrout.py.in
View File 

@@ -86,10 +86,6 @@ TSIG_SIGN_EVERY_NTH = 96
 
 
 XFROUT_MAX_MESSAGE_SIZE = 65535
 
 
-# In practice, RR class is almost always fixed, so if and when we allow
 
-# it to be configured, it's convenient to make it optional.
 
-DEFAULT_RRCLASS = RRClass.IN()
 
-
 
 def get_rrset_len(rrset):
 
     """Returns the wire length of the given RRset"""
 
     bytes = bytearray()
 
@@ -182,7 +178,7 @@ class XfroutSession():
 
         # Internally zone names are managed in lower cased label characters,
 
         # so we first need to convert the name.
 
         zone_name_lower = Name(zone_name.to_text(), True)
 
-        config_key = (zone_name_lower.to_text(), zone_class.to_text())
 
+        config_key = (zone_class.to_text(), zone_name_lower.to_text())
 
         if config_key in self._zone_config and \
 
                 'transfer_acl' in self._zone_config[config_key]:
 
             return self._zone_config[config_key]['transfer_acl']
 
@@ -417,8 +413,8 @@ class UnixSockServer(socketserver_mixin.NoPollMixIn,
 
         self._shutdown_event = shutdown_event
 
         self._write_sock, self._read_sock = socket.socketpair()
 
         self._common_init()
 
-        self.update_config_data(config_data)
 
         self._cc = cc
 
+        self.update_config_data(config_data)
 
 
     def _common_init(self):
 
         self._lock = threading.Lock()
 
@@ -586,11 +582,11 @@ class UnixSockServer(socketserver_mixin.NoPollMixIn,
 
         remain.  This should be fixed.
 
         '''
 
         logger.info(XFROUT_NEW_CONFIG)
 
-        if 'query_acl' in new_config:
 
-            self._acl = REQUEST_LOADER.load(new_config['query_acl'])
 
-        if 'zone_config' in new_config:
 
-            self._zone_config = \
 
-                self.__create_zone_config(new_config.get('zone_config'))
 
+        if 'transfer_acl' in new_config:
 
+            self._acl = REQUEST_LOADER.load(new_config['transfer_acl'])
 
+        zone_config = new_config.get('zone_config')
 
+        if zone_config is not None:
 
+            self._zone_config = self.__create_zone_config(zone_config)
 
         self._lock.acquire()
 
         self._max_transfers_out = new_config.get('transfers_out')
 
         self.set_tsig_key_ring(new_config.get('tsig_key_ring'))
 
@@ -602,10 +598,11 @@ class UnixSockServer(socketserver_mixin.NoPollMixIn,
 
         for zconf in zone_config_list:
 
             # convert the class, origin (name) pair.  First build pydnspp
 
             # object to reject invalid input.
 
-            if 'class' in zconf:
 
-                zclass = RRClass(zconf['class'])
 
-            else:
 
-                zclass = DEFAULT_RRCLASS
 
+            zclass_str = zconf.get('class')
 
+            if zclass_str is None:
 
+                #zclass_str = 'IN' # temporary
 
+                zclass_str = self._cc.get_default_value('zone_config/class')
 
+            zclass = RRClass(zclass_str)
 
             zorigin = Name(zconf['origin'], True)
 
             config_key = (zclass.to_text(), zorigin.to_text())

+ 40 - 1
src/bin/xfrout/xfrout.spec.pre.in
View File 

@@ -51,7 +51,7 @@
 
          }
 
        },
 
        {
 
-         "item_name": "query_acl",
 
+         "item_name": "transfer_acl",
 
          "item_type": "list",
 
          "item_optional": false,
 
          "item_default": [{"action": "ACCEPT"}],
 
@@ -61,6 +61,45 @@
 
              "item_type": "any",
 
              "item_optional": true
 
          }
 
+       },
 
+       {
 
+         "item_name": "zone_config",
 
+         "item_type": "list",
 
+         "item_optional": true,
 
+         "item_default": [],
 
+         "list_item_spec":
 
+         {
 
+             "item_name": "zone_config_element",
 
+             "item_type": "map",
 
+             "item_optional": true,
 
+             "item_default": { "origin": "" },
 
+	     "map_item_spec": [
 
+	       {
 
+	           "item_name": "origin",
 
+		   "item_type": "string",
 
+                   "item_optional": false,
 
+	           "item_default": ""
 
+	       },
 
+	       {
 
+	           "item_name": "class",
 
+		   "item_type": "string",
 
+                   "item_optional": false,
 
+	           "item_default": "IN"
 
+	       },
 
+	       {
 
+	           "item_name": "transfer_acl",
 
+		   "item_type": "list",
 
+                   "item_optional": true,
 
+		   "item_default": [{"action": "ACCEPT"}],
 
+		   "list_item_spec":
 
+		   {
 
+		       "item_name": "acl_element",
 
+		       "item_type": "any",
 
+		       "item_optional": true
 
+		   }
 
+	       }
 
+	     ]
 
+         }
 
        }
 
       ],
 
       "commands": [