diff options
author | Martin Kosek <mkosek@redhat.com> | 2012-05-11 14:38:09 +0200 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2012-05-24 13:55:56 +0200 |
commit | f1ed123caddd7525a0081c4a9de931cabdfda43f (patch) | |
tree | f615dabc3535203fbd2777166dbe150f6d31197e /ipapython/config.py | |
parent | 6bb462e26a814e683b3ec5b39d2ff9a1db8fa4ec (diff) | |
download | freeipa-f1ed123caddd7525a0081c4a9de931cabdfda43f.tar.gz freeipa-f1ed123caddd7525a0081c4a9de931cabdfda43f.tar.xz freeipa-f1ed123caddd7525a0081c4a9de931cabdfda43f.zip |
Replace DNS client based on acutil with python-dns
IPA client and server tool set used authconfig acutil module to
for client DNS operations. This is not optimal DNS interface for
several reasons:
- does not provide native Python object oriented interface
but but rather C-like interface based on functions and
structures which is not easy to use and extend
- acutil is not meant to be used by third parties besides
authconfig and thus can break without notice
Replace the acutil with python-dns package which has a feature rich
interface for dealing with all different aspects of DNS including
DNSSEC. The main target of this patch is to replace all uses of
acutil DNS library with a use python-dns. In most cases, even
though the larger parts of the code are changed, the actual
functionality is changed only in the following cases:
- redundant DNS checks were removed from verify_fqdn function
in installutils to make the whole DNS check simpler and
less error-prone. Logging was improves for the remaining
checks
- improved logging for ipa-client-install DNS discovery
https://fedorahosted.org/freeipa/ticket/2730
https://fedorahosted.org/freeipa/ticket/1837
Diffstat (limited to 'ipapython/config.py')
-rw-r--r-- | ipapython/config.py | 64 |
1 files changed, 38 insertions, 26 deletions
diff --git a/ipapython/config.py b/ipapython/config.py index d4c724dc..d428b1e2 100644 --- a/ipapython/config.py +++ b/ipapython/config.py @@ -20,9 +20,11 @@ import ConfigParser from optparse import Option, Values, OptionParser, IndentedHelpFormatter, OptionValueError from copy import copy +from dns import resolver, rdatatype +from dns.exception import DNSException +import dns.name import socket -import ipapython.dnsclient import re import urlparse @@ -163,7 +165,7 @@ def __parse_config(discover_server = True): pass def __discover_config(discover_server = True): - rl = 0 + servers = [] try: if not config.default_realm: try: @@ -177,34 +179,44 @@ def __discover_config(discover_server = True): return False if not config.default_domain: - #try once with REALM -> domain - dom_name = str(config.default_realm).lower() - name = "_ldap._tcp."+dom_name+"." - rs = ipapython.dnsclient.query(name, ipapython.dnsclient.DNS_C_IN, ipapython.dnsclient.DNS_T_SRV) - rl = len(rs) - if rl == 0: - #try cycling on domain components of FQDN - dom_name = socket.getfqdn() - while rl == 0: - tok = dom_name.find(".") - if tok == -1: + # try once with REALM -> domain + domain = str(config.default_realm).lower() + name = "_ldap._tcp." + domain + + try: + servers = resolver.query(name, rdatatype.SRV) + except DNSException: + # try cycling on domain components of FQDN + try: + domain = dns.name.from_text(socket.getfqdn()) + except DNSException: return False - dom_name = dom_name[tok+1:] - name = "_ldap._tcp." + dom_name + "." - rs = ipapython.dnsclient.query(name, ipapython.dnsclient.DNS_C_IN, ipapython.dnsclient.DNS_T_SRV) - rl = len(rs) - config.default_domain = dom_name + while True: + domain = domain.parent() + + if str(domain) == '.': + return False + name = "_ldap._tcp.%s" % domain + try: + servers = resolver.query(name, rdatatype.SRV) + break + except DNSException: + pass + + config.default_domain = str(domain).rstrip(".") if discover_server: - if rl == 0: - name = "_ldap._tcp."+config.default_domain+"." - rs = ipapython.dnsclient.query(name, ipapython.dnsclient.DNS_C_IN, ipapython.dnsclient.DNS_T_SRV) - - for r in rs: - if r.dns_type == ipapython.dnsclient.DNS_T_SRV: - rsrv = r.rdata.server.rstrip(".") - config.default_server.append(rsrv) + if not servers: + name = "_ldap._tcp.%s." % config.default_domain + try: + servers = resolver.query(name, rdatatype.SRV) + except DNSException: + pass + + for server in servers: + hostname = str(server.target).rstrip(".") + config.default_server.append(hostname) except: pass |