diff options
author | rexxnor <rexxnor+gnunet@brief.li> | 2019-05-09 00:36:20 +0200 |
---|---|---|
committer | rexxnor <rexxnor+gnunet@brief.li> | 2019-05-09 00:36:20 +0200 |
commit | 523342ba45f078b64a4d10badb7df4e51f5145c1 (patch) | |
tree | d7cf8e5fa5c40ab985c46c42fb1fc15e07de7043 /ascension | |
parent | 428ca05b1384014a91fa66c3779c788afa9a3310 (diff) | |
download | ascension-523342ba45f078b64a4d10badb7df4e51f5145c1.tar.gz ascension-523342ba45f078b64a4d10badb7df4e51f5145c1.zip |
fixed bugs, updated create and get pkey
Diffstat (limited to 'ascension')
-rw-r--r-- | ascension/ascension.py | 93 | ||||
-rw-r--r-- | ascension/test/basic_named.conf | 1 |
2 files changed, 58 insertions, 36 deletions
diff --git a/ascension/ascension.py b/ascension/ascension.py index e6b6d93..63b2680 100644 --- a/ascension/ascension.py +++ b/ascension/ascension.py | |||
@@ -267,10 +267,10 @@ class Ascender(): | |||
267 | 267 | ||
268 | taskqueue.task_done() | 268 | taskqueue.task_done() |
269 | # End of worker | 269 | # End of worker |
270 | 270 | ||
271 | 271 | ||
272 | # Check if a delegated zone is available in GNS as per NS record | 272 | # Check if a delegated zone is available in GNS as per NS record |
273 | nsrecords = self.zone.iterate_rdatas(dns.rdatatype.NS) | 273 | nsrecords = self.zone.iterate_rdatasets(dns.rdatatype.NS) |
274 | 274 | ||
275 | # This is broken if your NS is for ns.foo.YOURZONE as you add | 275 | # This is broken if your NS is for ns.foo.YOURZONE as you add |
276 | # the PKEY to YOURZONE instead of to the foo.YOURZONE subzone. | 276 | # the PKEY to YOURZONE instead of to the foo.YOURZONE subzone. |
@@ -283,26 +283,35 @@ class Ascender(): | |||
283 | # foo.bar A IN 1.2.3.4 | 283 | # foo.bar A IN 1.2.3.4 |
284 | # => bar PKEY GNS $NEWKEY + mapping: bar => $NEWKEY | 284 | # => bar PKEY GNS $NEWKEY + mapping: bar => $NEWKEY |
285 | # => foo[.bar] A GNS 1.2.3.4 | 285 | # => foo[.bar] A GNS 1.2.3.4 |
286 | gnspkey = list(filter(lambda record: for rec in record[2]: if str(rec).startswith('gns--pkey--'): return true; return false, nsrecords)) | 286 | #gnspkey = list(filter(lambda record: for rec in record[2]: if str(rec).startswith('gns--pkey--'): return true; return false, nsrecords)) |
287 | for nsrecord in nsrecords: | 287 | for nsrecord in nsrecords: |
288 | name = str(nsrecord[0]) | 288 | name = str(nsrecord[0]) |
289 | ttl = nsrecord[1] | 289 | values = nsrecord[1] |
290 | values = nsrecord[2] | 290 | ttl = values.ttl |
291 | #if values.startswith('gns--pkey--'): | ||
292 | # gnspkeys.add() | ||
291 | gnspkeys = list(filter(lambda record: str(record).startswith('gns--pkey--'), values)) | 293 | gnspkeys = list(filter(lambda record: str(record).startswith('gns--pkey--'), values)) |
292 | if len(gnspkeys) > 1: | 294 | |
293 | logging.critical("Detected ambiguous PKEY records for label %s (not generating PKEY record)", name) | 295 | num_gnspkeys = len(gnspkeys) |
296 | if not num_gnspkeys: | ||
297 | # skip empty values | ||
298 | continue | ||
299 | if num_gnspkeys > 1: | ||
300 | logging.critical("Detected ambiguous PKEY records for label \ | ||
301 | %s (not generating PKEY record)", name) | ||
294 | continue | 302 | continue |
295 | gnspkey = gnspkeys[0] | 303 | |
304 | gnspkey = str(gnspkeys[0]) | ||
296 | # FIXME: check that this is actucally a well-formed PKEY string! (Crockford base32, sufficient length) | 305 | # FIXME: check that this is actucally a well-formed PKEY string! (Crockford base32, sufficient length) |
297 | self.add_pkey_record_to_zone(pkey[11:], self.domain, name, ttl) | 306 | self.add_pkey_record_to_zone(gnspkey[11:], self.domain, name, ttl) |
298 | # FIXME: drop all NS records under this name later! => new map, if entry present during NS processing, skip! | 307 | # FIXME: drop all NS records under this name later! => new map, if entry present during NS processing, skip! |
299 | 308 | ||
300 | # Unify all records under same label into a record set | 309 | # Unify all records under same label into a record set |
301 | customrdataset = dict() | 310 | customrdataset = dict() |
302 | for name, rdset in self.zone.iterate_rdatasets(): | 311 | for name, rdset in self.zone.iterate_rdatasets(): |
303 | # build lookup table for later GNS2DNS records | 312 | # build lookup table for later GNS2DNS records |
304 | name = str(name) # Name could be str or DNS.name.Name | 313 | name = str(name) # Name could be str or DNS.name.Name |
305 | if customrdataset.get(name)) is None: | 314 | if customrdataset.get(name) is None: |
306 | work = list() | 315 | work = list() |
307 | work.append(rdset) | 316 | work.append(rdset) |
308 | customrdataset[name] = work | 317 | customrdataset[name] = work |
@@ -386,13 +395,23 @@ class Ascender(): | |||
386 | 395 | ||
387 | def resolve_glue(self, | 396 | def resolve_glue(self, |
388 | authorityname: str) -> list: | 397 | authorityname: str) -> list: |
389 | rdsets = self.zone[dnsresolver].rdatasets | 398 | """ |
399 | Resolves IP Adresses within zone | ||
400 | :param authorityname: | ||
401 | """ | ||
402 | try: | ||
403 | rdsets = self.zone[authorityname].rdatasets | ||
404 | except KeyError: | ||
405 | return [] | ||
390 | value = [] | 406 | value = [] |
391 | for rdataset in rdsets: | 407 | for rdataset in rdsets: |
392 | if rdataset.rdtype in [dns.rdatatype.A, dns.rdatatype.AAAA]: | 408 | if rdataset.rdtype in [dns.rdatatype.A, dns.rdatatype.AAAA]: |
393 | value.append("%s@%s" % (zonename, str(rdataset))) | 409 | for rdata in rdataset: |
410 | value.append("%s.%s@%s" % (authorityname, | ||
411 | self.domain, | ||
412 | str(rdata))) | ||
394 | return value | 413 | return value |
395 | 414 | ||
396 | def transform_to_gns_format(self, | 415 | def transform_to_gns_format(self, |
397 | record: dns.rdata.Rdata, | 416 | record: dns.rdata.Rdata, |
398 | rdtype: dns.rdata.Rdata, | 417 | rdtype: dns.rdata.Rdata, |
@@ -430,18 +449,28 @@ class Ascender(): | |||
430 | else: | 449 | else: |
431 | value = "%s.%s" % (value, zonename) | 450 | value = "%s.%s" % (value, zonename) |
432 | elif rdtype == 'NS': | 451 | elif rdtype == 'NS': |
433 | nameserver = str(record) | 452 | nameserver = str(record.target) |
453 | if nameserver[-1] == ".": | ||
454 | nameserver = nameserver[:-1] | ||
434 | if value[-1] == ".": | 455 | if value[-1] == ".": |
435 | # FQDN provided | 456 | # FQDN provided |
436 | if value.endswith("." + zonename): | 457 | if value.endswith(".%s." % zonename): |
437 | # in bailiwick | 458 | # in bailiwick |
438 | value = resolve_glue (self, nameserver) | 459 | value = self.resolve_glue(record.target) |
439 | else: | 460 | else: |
440 | # out of bailiwick | 461 | # out of bailiwick |
441 | value = '%s.%s@%s' % (str(label), zonename, dnsresolver) | 462 | if label.startswith("@"): |
463 | value = '%s@%s' % (zonename, nameserver) | ||
464 | else: | ||
465 | value = '%s.%s@%s' % (str(label), zonename, nameserver) | ||
442 | else: | 466 | else: |
443 | # Name is relative to zone, must be in bailiwick | 467 | # Name is relative to zone, must be in bailiwick |
444 | value = resolve_glue (self, nameserver) | 468 | value = self.resolve_glue(record.target) |
469 | if not value: | ||
470 | if label.startswith("@"): | ||
471 | value = '%s@%s.%s' % (self.domain, record.target, self.domain) | ||
472 | else: | ||
473 | value = '%s.%s@%s.%s' % (str(label), self.domain, record.target, self.domain) | ||
445 | 474 | ||
446 | logging.info("transformed %s record to GNS2DNS format", rdtype) | 475 | logging.info("transformed %s record to GNS2DNS format", rdtype) |
447 | rdtype = 'GNS2DNS' | 476 | rdtype = 'GNS2DNS' |
@@ -559,26 +588,14 @@ class Ascender(): | |||
559 | """ | 588 | """ |
560 | try: | 589 | try: |
561 | ret = sp.run([GNUNET_ZONE_CREATION_COMMAND, | 590 | ret = sp.run([GNUNET_ZONE_CREATION_COMMAND, |
562 | '-C', zonestring], | 591 | '-C', zonestring, |
563 | stdout=sp.DEVNULL, | 592 | '-V'], |
593 | stdout=sp.PIPE, | ||
564 | stderr=sp.DEVNULL) | 594 | stderr=sp.DEVNULL) |
565 | logging.info("executed command: %s", " ".join(ret.args)) | 595 | logging.info("executed command: %s", " ".join(ret.args)) |
596 | pkey_zone = ret.stdout.decode().strip() | ||
566 | except sp.CalledProcessError: | 597 | except sp.CalledProcessError: |
567 | logging.info("Zone %s already exists!", zonestring) | 598 | logging.info("Zone %s already exists!", zonestring) |
568 | |||
569 | # This is the most inefficient part of the zone hierarchy building | ||
570 | pkey_lookup = sp.Popen([GNUNET_ZONE_CREATION_COMMAND, | ||
571 | '-d'], | ||
572 | stdout=sp.PIPE) | ||
573 | pkey_line = sp.Popen(['grep', '^' + zonestring], | ||
574 | stdin=pkey_lookup.stdout, | ||
575 | stdout=sp.PIPE) | ||
576 | pkey_zone = sp.check_output(['cut', '-d', | ||
577 | ' ', '-f3'], | ||
578 | stdin=pkey_line.stdout) | ||
579 | pkey_zone = pkey_zone.decode().strip() | ||
580 | pkey_lookup.stdout.close() | ||
581 | pkey_line.stdout.close() | ||
582 | return pkey_zone | 599 | return pkey_zone |
583 | 600 | ||
584 | @staticmethod | 601 | @staticmethod |
@@ -675,6 +692,7 @@ def main(): | |||
675 | # Set to defaults to use before we get a SOA for the first time | 692 | # Set to defaults to use before we get a SOA for the first time |
676 | retry = 300 | 693 | retry = 300 |
677 | refresh = 300 | 694 | refresh = 300 |
695 | |||
678 | # Main loop for actual daemon | 696 | # Main loop for actual daemon |
679 | while True: | 697 | while True: |
680 | gns_zone_serial = ascender.get_gns_zone_serial() | 698 | gns_zone_serial = ascender.get_gns_zone_serial() |
@@ -698,9 +716,11 @@ def main(): | |||
698 | continue | 716 | continue |
699 | if not gns_zone_serial: | 717 | if not gns_zone_serial: |
700 | logging.info("GNS zone does not exist yet, performing full transfer.") | 718 | logging.info("GNS zone does not exist yet, performing full transfer.") |
719 | print("GNS zone does not exist yet, performing full transfer.") | ||
701 | ascender.bootstrap_zone() | 720 | ascender.bootstrap_zone() |
702 | elif gns_zone_serial == dns_zone_serial: | 721 | elif gns_zone_serial == dns_zone_serial: |
703 | logging.info("GNS zone is up to date.") | 722 | logging.info("GNS zone is up to date.") |
723 | print("GNS zone is up to date.") | ||
704 | if standalone: | 724 | if standalone: |
705 | return 0 | 725 | return 0 |
706 | time.sleep(refresh) | 726 | time.sleep(refresh) |
@@ -714,6 +734,7 @@ def main(): | |||
714 | continue | 734 | continue |
715 | else: | 735 | else: |
716 | logging.info("GNS zone is out of date, performing incremental transfer.") | 736 | logging.info("GNS zone is out of date, performing incremental transfer.") |
737 | print("GNS zone is out of date, performing incremental transfer.") | ||
717 | 738 | ||
718 | try: | 739 | try: |
719 | ascender.zone = dns.zone.from_xfr(ascender.zonegenerator, | 740 | ascender.zone = dns.zone.from_xfr(ascender.zonegenerator, |
diff --git a/ascension/test/basic_named.conf b/ascension/test/basic_named.conf index 932ca4d..eb66bba 100644 --- a/ascension/test/basic_named.conf +++ b/ascension/test/basic_named.conf | |||
@@ -1,4 +1,5 @@ | |||
1 | options { | 1 | options { |
2 | port 5000; | ||
2 | directory "."; | 3 | directory "."; |
3 | pid-file "/run/named/named.pid"; | 4 | pid-file "/run/named/named.pid"; |
4 | 5 | ||