fixed bugs, updated create and get pkey

author: rexxnor <rexxnor+gnunet@brief.li> 2019-05-09 00:36:20 +0200
committer: rexxnor <rexxnor+gnunet@brief.li> 2019-05-09 00:36:20 +0200
commit: 523342ba45f078b64a4d10badb7df4e51f5145c1 (patch)
tree: d7cf8e5fa5c40ab985c46c42fb1fc15e07de7043 /ascension
parent: 428ca05b1384014a91fa66c3779c788afa9a3310 (diff)
download: ascension-523342ba45f078b64a4d10badb7df4e51f5145c1.tar.gz
ascension-523342ba45f078b64a4d10badb7df4e51f5145c1.zip
2 files changed, 58 insertions, 36 deletions
diff --git a/ascension/ascension.py b/ascension/ascension.py
index e6b6d93..63b2680 100644
--- a/ascension/ascension.py
+++ b/ascension/ascension.py
@@ -267,10 +267,10 @@ class Ascender():
                taskqueue.task_done()
        # End of worker
-        
        # Check if a delegated zone is available in GNS as per NS record
-        nsrecords = self.zone.iterate_rdatas(dns.rdatatype.NS)
+        nsrecords = self.zone.iterate_rdatasets(dns.rdatatype.NS)
        # This is broken if your NS is for ns.foo.YOURZONE as you add
        # the PKEY to YOURZONE instead of to the foo.YOURZONE subzone.
@@ -283,26 +283,35 @@ class Ascender():
        # foo.bar A IN 1.2.3.4
        # => bar PKEY GNS $NEWKEY     + mapping: bar => $NEWKEY
        # => foo[.bar] A GNS 1.2.3.4
-        gnspkey = list(filter(lambda record: for rec in record[2]: if str(rec).startswith('gns--pkey--'): return true; return false, nsrecords))
+        #gnspkey = list(filter(lambda record: for rec in record[2]: if str(rec).startswith('gns--pkey--'): return true; return false, nsrecords))
        for nsrecord in nsrecords:
            name = str(nsrecord[0])
-            ttl = nsrecord[1]
+            values = nsrecord[1]
-            values = nsrecord[2]
+            ttl = values.ttl
+            #if values.startswith('gns--pkey--'):
+            #    gnspkeys.add()
            gnspkeys = list(filter(lambda record: str(record).startswith('gns--pkey--'), values))
-            if len(gnspkeys) > 1:
-                logging.critical("Detected ambiguous PKEY records for label %s (not generating PKEY record)", name)
+            num_gnspkeys = len(gnspkeys)
+            if not num_gnspkeys:
+                # skip empty values
+                continue
+            if num_gnspkeys > 1:
+                logging.critical("Detected ambiguous PKEY records for label \
+                                  %s (not generating PKEY record)", name)
                continue
-            gnspkey = gnspkeys[0]
+            gnspkey = str(gnspkeys[0])
            # FIXME: check that this is actucally a well-formed PKEY string! (Crockford base32, sufficient length)
-            self.add_pkey_record_to_zone(pkey[11:], self.domain, name, ttl)
+            self.add_pkey_record_to_zone(gnspkey[11:], self.domain, name, ttl)
            # FIXME: drop all NS records under this name later! => new map, if entry present during NS processing, skip!
-            
        # Unify all records under same label into a record set
        customrdataset = dict()
        for name, rdset in self.zone.iterate_rdatasets():
            # build lookup table for later GNS2DNS records
            name = str(name) # Name could be str or DNS.name.Name
-            if customrdataset.get(name)) is None:
+            if customrdataset.get(name) is None:
                work = list()
                work.append(rdset)
                customrdataset[name] = work
@@ -386,13 +395,23 @@ class Ascender():
    def resolve_glue(self,
                     authorityname: str) -> list:
-        rdsets = self.zone[dnsresolver].rdatasets
+        """
+        Resolves IP Adresses within zone
+        :param authorityname:
+        """
+        try:
+            rdsets = self.zone[authorityname].rdatasets
+        except KeyError:
+            return []
        value = []
        for rdataset in rdsets:
            if rdataset.rdtype in [dns.rdatatype.A, dns.rdatatype.AAAA]:
-                value.append("%s@%s" % (zonename, str(rdataset)))
+                for rdata in rdataset:
+                    value.append("%s.%s@%s" % (authorityname,
+                                               self.domain,
+                                               str(rdata)))
        return value
-            
    def transform_to_gns_format(self,
                                record: dns.rdata.Rdata,
                                rdtype: dns.rdata.Rdata,
@@ -430,18 +449,28 @@ class Ascender():
            else:
                value = "%s.%s" % (value, zonename)
        elif rdtype == 'NS':
-            nameserver = str(record)                   
+            nameserver = str(record.target)
+            if nameserver[-1] == ".":
+                nameserver = nameserver[:-1]
            if value[-1] == ".":
                # FQDN provided
-                if value.endswith("." + zonename):
+                if value.endswith(".%s." % zonename):
-                     # in bailiwick
+                    # in bailiwick
-                     value = resolve_glue (self, nameserver)
+                    value = self.resolve_glue(record.target)
                else:
                     # out of bailiwick
-                    value = '%s.%s@%s' % (str(label), zonename, dnsresolver)
+                    if label.startswith("@"):
+                        value = '%s@%s' % (zonename, nameserver)
+                    else:
+                        value = '%s.%s@%s' % (str(label), zonename, nameserver)
            else:
                # Name is relative to zone, must be in bailiwick
-                value = resolve_glue (self, nameserver)
+                value = self.resolve_glue(record.target)
+                if not value:
+                    if label.startswith("@"):
+                        value = '%s@%s.%s' % (self.domain, record.target, self.domain)
+                    else:
+                        value = '%s.%s@%s.%s' % (str(label), self.domain, record.target, self.domain)
            logging.info("transformed %s record to GNS2DNS format", rdtype)
            rdtype = 'GNS2DNS'
@@ -559,26 +588,14 @@ class Ascender():
        """
        try:
            ret = sp.run([GNUNET_ZONE_CREATION_COMMAND,
-                          '-C', zonestring],
+                          '-C', zonestring,
-                         stdout=sp.DEVNULL,
+                          '-V'],
+                         stdout=sp.PIPE,
                         stderr=sp.DEVNULL)
            logging.info("executed command: %s", " ".join(ret.args))
+            pkey_zone = ret.stdout.decode().strip()
        except sp.CalledProcessError:
            logging.info("Zone %s already exists!", zonestring)
-        # This is the most inefficient part of the zone hierarchy building
-        pkey_lookup = sp.Popen([GNUNET_ZONE_CREATION_COMMAND,
-                                '-d'],
-                               stdout=sp.PIPE)
-        pkey_line = sp.Popen(['grep', '^' + zonestring],
-                             stdin=pkey_lookup.stdout,
-                             stdout=sp.PIPE)
-        pkey_zone = sp.check_output(['cut', '-d',
-                                     ' ', '-f3'],
-                                    stdin=pkey_line.stdout)
-        pkey_zone = pkey_zone.decode().strip()
-        pkey_lookup.stdout.close()
-        pkey_line.stdout.close()
        return pkey_zone
    @staticmethod
@@ -675,6 +692,7 @@ def main():
    # Set to defaults to use before we get a SOA for the first time
    retry = 300
    refresh = 300
    # Main loop for actual daemon
    while True:
        gns_zone_serial = ascender.get_gns_zone_serial()
@@ -698,9 +716,11 @@ def main():
            continue
        if not gns_zone_serial:
            logging.info("GNS zone does not exist yet, performing full transfer.")
+            print("GNS zone does not exist yet, performing full transfer.")
            ascender.bootstrap_zone()
        elif gns_zone_serial == dns_zone_serial:
            logging.info("GNS zone is up to date.")
+            print("GNS zone is up to date.")
            if standalone:
                return 0
            time.sleep(refresh)
@@ -714,6 +734,7 @@ def main():
            continue
        else:
            logging.info("GNS zone is out of date, performing incremental transfer.")
+            print("GNS zone is out of date, performing incremental transfer.")
        try:
            ascender.zone = dns.zone.from_xfr(ascender.zonegenerator,
diff --git a/ascension/test/basic_named.conf b/ascension/test/basic_named.conf
index 932ca4d..eb66bba 100644
--- a/ascension/test/basic_named.conf
+++ b/ascension/test/basic_named.conf
@@ -1,4 +1,5 @@
 options {
+    port 5000;
    directory ".";
    pid-file "/run/named/named.pid";
author	rexxnor <rexxnor+gnunet@brief.li>	2019-05-09 00:36:20 +0200
committer	rexxnor <rexxnor+gnunet@brief.li>	2019-05-09 00:36:20 +0200
commit	523342ba45f078b64a4d10badb7df4e51f5145c1 (patch)
tree	d7cf8e5fa5c40ab985c46c42fb1fc15e07de7043 /ascension
parent	428ca05b1384014a91fa66c3779c788afa9a3310 (diff)
download	ascension-523342ba45f078b64a4d10badb7df4e51f5145c1.tar.gz ascension-523342ba45f078b64a4d10badb7df4e51f5145c1.zip

diff --git a/ascension/ascension.py b/ascension/ascension.py index e6b6d93..63b2680 100644 --- a/ascension/ascension.py +++ b/ascension/ascension.py
@@ -267,10 +267,10 @@ class Ascender():
267		267
268	taskqueue.task_done()	268	taskqueue.task_done()
269	# End of worker	269	# End of worker
270		270
271		271
272	# Check if a delegated zone is available in GNS as per NS record	272	# Check if a delegated zone is available in GNS as per NS record
273	nsrecords = self.zone.iterate_rdatas(dns.rdatatype.NS)	273	nsrecords = self.zone.iterate_rdatasets(dns.rdatatype.NS)
274		274
275	# This is broken if your NS is for ns.foo.YOURZONE as you add	275	# This is broken if your NS is for ns.foo.YOURZONE as you add
276	# the PKEY to YOURZONE instead of to the foo.YOURZONE subzone.	276	# the PKEY to YOURZONE instead of to the foo.YOURZONE subzone.
@@ -283,26 +283,35 @@ class Ascender():
283	# foo.bar A IN 1.2.3.4	283	# foo.bar A IN 1.2.3.4
284	# => bar PKEY GNS $NEWKEY + mapping: bar => $NEWKEY	284	# => bar PKEY GNS $NEWKEY + mapping: bar => $NEWKEY
285	# => foo[.bar] A GNS 1.2.3.4	285	# => foo[.bar] A GNS 1.2.3.4
286	gnspkey = list(filter(lambda record: for rec in record[2]: if str(rec).startswith('gns--pkey--'): return true; return false, nsrecords))	286	#gnspkey = list(filter(lambda record: for rec in record[2]: if str(rec).startswith('gns--pkey--'): return true; return false, nsrecords))
287	for nsrecord in nsrecords:	287	for nsrecord in nsrecords:
288	name = str(nsrecord[0])	288	name = str(nsrecord[0])
289	ttl = nsrecord[1]	289	values = nsrecord[1]
290	values = nsrecord[2]	290	ttl = values.ttl
		291	#if values.startswith('gns--pkey--'):
		292	# gnspkeys.add()
291	gnspkeys = list(filter(lambda record: str(record).startswith('gns--pkey--'), values))	293	gnspkeys = list(filter(lambda record: str(record).startswith('gns--pkey--'), values))
292	if len(gnspkeys) > 1:	294
293	logging.critical("Detected ambiguous PKEY records for label %s (not generating PKEY record)", name)	295	num_gnspkeys = len(gnspkeys)
		296	if not num_gnspkeys:
		297	# skip empty values
		298	continue
		299	if num_gnspkeys > 1:
		300	logging.critical("Detected ambiguous PKEY records for label \
		301	%s (not generating PKEY record)", name)
294	continue	302	continue
295	gnspkey = gnspkeys[0]	303
		304	gnspkey = str(gnspkeys[0])
296	# FIXME: check that this is actucally a well-formed PKEY string! (Crockford base32, sufficient length)	305	# FIXME: check that this is actucally a well-formed PKEY string! (Crockford base32, sufficient length)
297	self.add_pkey_record_to_zone(pkey[11:], self.domain, name, ttl)	306	self.add_pkey_record_to_zone(gnspkey[11:], self.domain, name, ttl)
298	# FIXME: drop all NS records under this name later! => new map, if entry present during NS processing, skip!	307	# FIXME: drop all NS records under this name later! => new map, if entry present during NS processing, skip!
299		308
300	# Unify all records under same label into a record set	309	# Unify all records under same label into a record set
301	customrdataset = dict()	310	customrdataset = dict()
302	for name, rdset in self.zone.iterate_rdatasets():	311	for name, rdset in self.zone.iterate_rdatasets():
303	# build lookup table for later GNS2DNS records	312	# build lookup table for later GNS2DNS records
304	name = str(name) # Name could be str or DNS.name.Name	313	name = str(name) # Name could be str or DNS.name.Name
305	if customrdataset.get(name)) is None:	314	if customrdataset.get(name) is None:
306	work = list()	315	work = list()
307	work.append(rdset)	316	work.append(rdset)
308	customrdataset[name] = work	317	customrdataset[name] = work
@@ -386,13 +395,23 @@ class Ascender():
386		395
387	def resolve_glue(self,	396	def resolve_glue(self,
388	authorityname: str) -> list:	397	authorityname: str) -> list:
389	rdsets = self.zone[dnsresolver].rdatasets	398	"""
		399	Resolves IP Adresses within zone
		400	:param authorityname:
		401	"""
		402	try:
		403	rdsets = self.zone[authorityname].rdatasets
		404	except KeyError:
		405	return []
390	value = []	406	value = []
391	for rdataset in rdsets:	407	for rdataset in rdsets:
392	if rdataset.rdtype in [dns.rdatatype.A, dns.rdatatype.AAAA]:	408	if rdataset.rdtype in [dns.rdatatype.A, dns.rdatatype.AAAA]:
393	value.append("%s@%s" % (zonename, str(rdataset)))	409	for rdata in rdataset:
		410	value.append("%s.%s@%s" % (authorityname,
		411	self.domain,
		412	str(rdata)))
394	return value	413	return value
395		414
396	def transform_to_gns_format(self,	415	def transform_to_gns_format(self,
397	record: dns.rdata.Rdata,	416	record: dns.rdata.Rdata,
398	rdtype: dns.rdata.Rdata,	417	rdtype: dns.rdata.Rdata,
@@ -430,18 +449,28 @@ class Ascender():
430	else:	449	else:
431	value = "%s.%s" % (value, zonename)	450	value = "%s.%s" % (value, zonename)
432	elif rdtype == 'NS':	451	elif rdtype == 'NS':
433	nameserver = str(record)	452	nameserver = str(record.target)
		453	if nameserver[-1] == ".":
		454	nameserver = nameserver[:-1]
434	if value[-1] == ".":	455	if value[-1] == ".":
435	# FQDN provided	456	# FQDN provided
436	if value.endswith("." + zonename):	457	if value.endswith(".%s." % zonename):
437	# in bailiwick	458	# in bailiwick
438	value = resolve_glue (self, nameserver)	459	value = self.resolve_glue(record.target)
439	else:	460	else:
440	# out of bailiwick	461	# out of bailiwick
441	value = '%s.%s@%s' % (str(label), zonename, dnsresolver)	462	if label.startswith("@"):
		463	value = '%s@%s' % (zonename, nameserver)
		464	else:
		465	value = '%s.%s@%s' % (str(label), zonename, nameserver)
442	else:	466	else:
443	# Name is relative to zone, must be in bailiwick	467	# Name is relative to zone, must be in bailiwick
444	value = resolve_glue (self, nameserver)	468	value = self.resolve_glue(record.target)
		469	if not value:
		470	if label.startswith("@"):
		471	value = '%s@%s.%s' % (self.domain, record.target, self.domain)
		472	else:
		473	value = '%s.%s@%s.%s' % (str(label), self.domain, record.target, self.domain)
445		474
446	logging.info("transformed %s record to GNS2DNS format", rdtype)	475	logging.info("transformed %s record to GNS2DNS format", rdtype)
447	rdtype = 'GNS2DNS'	476	rdtype = 'GNS2DNS'
@@ -559,26 +588,14 @@ class Ascender():
559	"""	588	"""
560	try:	589	try:
561	ret = sp.run([GNUNET_ZONE_CREATION_COMMAND,	590	ret = sp.run([GNUNET_ZONE_CREATION_COMMAND,
562	'-C', zonestring],	591	'-C', zonestring,
563	stdout=sp.DEVNULL,	592	'-V'],
		593	stdout=sp.PIPE,
564	stderr=sp.DEVNULL)	594	stderr=sp.DEVNULL)
565	logging.info("executed command: %s", " ".join(ret.args))	595	logging.info("executed command: %s", " ".join(ret.args))
		596	pkey_zone = ret.stdout.decode().strip()
566	except sp.CalledProcessError:	597	except sp.CalledProcessError:
567	logging.info("Zone %s already exists!", zonestring)	598	logging.info("Zone %s already exists!", zonestring)
568
569	# This is the most inefficient part of the zone hierarchy building
570	pkey_lookup = sp.Popen([GNUNET_ZONE_CREATION_COMMAND,
571	'-d'],
572	stdout=sp.PIPE)
573	pkey_line = sp.Popen(['grep', '^' + zonestring],
574	stdin=pkey_lookup.stdout,
575	stdout=sp.PIPE)
576	pkey_zone = sp.check_output(['cut', '-d',
577	' ', '-f3'],
578	stdin=pkey_line.stdout)
579	pkey_zone = pkey_zone.decode().strip()
580	pkey_lookup.stdout.close()
581	pkey_line.stdout.close()
582	return pkey_zone	599	return pkey_zone
583		600
584	@staticmethod	601	@staticmethod
@@ -675,6 +692,7 @@ def main():
675	# Set to defaults to use before we get a SOA for the first time	692	# Set to defaults to use before we get a SOA for the first time
676	retry = 300	693	retry = 300
677	refresh = 300	694	refresh = 300
		695
678	# Main loop for actual daemon	696	# Main loop for actual daemon
679	while True:	697	while True:
680	gns_zone_serial = ascender.get_gns_zone_serial()	698	gns_zone_serial = ascender.get_gns_zone_serial()
@@ -698,9 +716,11 @@ def main():
698	continue	716	continue
699	if not gns_zone_serial:	717	if not gns_zone_serial:
700	logging.info("GNS zone does not exist yet, performing full transfer.")	718	logging.info("GNS zone does not exist yet, performing full transfer.")
		719	print("GNS zone does not exist yet, performing full transfer.")
701	ascender.bootstrap_zone()	720	ascender.bootstrap_zone()
702	elif gns_zone_serial == dns_zone_serial:	721	elif gns_zone_serial == dns_zone_serial:
703	logging.info("GNS zone is up to date.")	722	logging.info("GNS zone is up to date.")
		723	print("GNS zone is up to date.")
704	if standalone:	724	if standalone:
705	return 0	725	return 0
706	time.sleep(refresh)	726	time.sleep(refresh)
@@ -714,6 +734,7 @@ def main():
714	continue	734	continue
715	else:	735	else:
716	logging.info("GNS zone is out of date, performing incremental transfer.")	736	logging.info("GNS zone is out of date, performing incremental transfer.")
		737	print("GNS zone is out of date, performing incremental transfer.")
717		738
718	try:	739	try:
719	ascender.zone = dns.zone.from_xfr(ascender.zonegenerator,	740	ascender.zone = dns.zone.from_xfr(ascender.zonegenerator,


diff --git a/ascension/test/basic_named.conf b/ascension/test/basic_named.conf index 932ca4d..eb66bba 100644 --- a/ascension/test/basic_named.conf +++ b/ascension/test/basic_named.conf
@@ -1,4 +1,5 @@
1	options {	1	options {
		2	port 5000;
2	directory ".";	3	directory ".";
3	pid-file "/run/named/named.pid";	4	pid-file "/run/named/named.pid";
4		5