Skip to content

Commit 50346e3

Browse files
authored
Bugfix: dnsdist change rule type (#959)
1 parent 6b4e8d5 commit 50346e3

2 files changed

Lines changed: 51 additions & 37 deletions

File tree

app/ldap_protocol/dns/bind_to_pdns_migration_use_case.py

Lines changed: 36 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,19 @@ def __init__(
3232
self.pdns_manager = pdns_manager
3333
self.dns_settings = dns_settings
3434

35+
def _strip_record_name(self, record_name: str, zone_name: str) -> str:
36+
"""Strip trash from record name."""
37+
logger.debug(
38+
f"Stripping record name '{record_name}' for zone '{zone_name}'",
39+
)
40+
if record_name.startswith(("\\032", "\\@")) and record_name != "\\@":
41+
record_name = record_name.removeprefix("\\032").removeprefix("\\@")
42+
elif record_name == "\\@":
43+
record_name = zone_name
44+
return (
45+
record_name if not record_name.startswith(".") else record_name[1:]
46+
)
47+
3548
def parse_bind_config_file(
3649
self,
3750
) -> tuple[list[DNSMasterZoneDTO], list[DNSForwardZoneDTO]]:
@@ -58,12 +71,24 @@ def parse_bind_config_file(
5871
),
5972
)
6073
elif "type forward" in line:
61-
forward_zones.append(
62-
DNSForwardZoneDTO(
63-
id=zone_name,
64-
name=zone_name,
65-
),
74+
forward_zone = DNSForwardZoneDTO(
75+
id=zone_name,
76+
name=zone_name,
6677
)
78+
elif "forwarders" in line and forward_zone:
79+
forwarders_part = line.split("forwarders")[1]
80+
forwarders = [
81+
f
82+
for f in forwarders_part.strip(";")
83+
.strip(" ")
84+
.strip("{")
85+
.strip("}")
86+
.strip(" ")
87+
.split(";")[:-1]
88+
]
89+
forward_zone.servers = forwarders
90+
forward_zones.append(forward_zone)
91+
forward_zone = None
6792

6893
return master_zones, forward_zones
6994

@@ -94,7 +119,7 @@ def parse_zones_records(
94119

95120
for name, ttl, rdata in zone_obj.iterate_rdatas():
96121
try:
97-
DNSRecordType(rdata.rdtype.name)
122+
record_type = DNSRecordType(rdata.rdtype.name)
98123
except ValueError:
99124
logger.warning(
100125
f"Unsupported DNS record type {rdata.rdtype.name} in zone '{zone.name}'", # noqa: E501
@@ -103,8 +128,11 @@ def parse_zones_records(
103128

104129
zone_rrsets.append(
105130
DNSRRSetDTO(
106-
name=name.to_text(),
107-
type=DNSRecordType(rdata.rdtype.name),
131+
name=self._strip_record_name(
132+
name.to_text(),
133+
zone.name,
134+
),
135+
type=record_type,
108136
records=[
109137
DNSRecordDTO(
110138
content=rdata.to_text(),

app/ldap_protocol/dns/clients/power_dnsdist_client.py

Lines changed: 15 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -160,18 +160,7 @@ def add_zone_rule(self, domain: str) -> None:
160160
"""Add rule to redirect master zone DNS requests to auth server."""
161161
command = f"""
162162
addAction(
163-
QNameRule("*.{domain}"),
164-
PoolAction("master")
165-
)
166-
"""
167-
self._send_command(
168-
command,
169-
expected=DNSdistCommandTypes.GENERIC,
170-
)
171-
172-
command = f"""
173-
addAction(
174-
QNameRule("{domain}"),
163+
QNameSuffixRule("{domain}"),
175164
PoolAction("master")
176165
)
177166
"""
@@ -186,24 +175,21 @@ def add_zone_rule(self, domain: str) -> None:
186175

187176
def remove_zone_rule(self, domain: str) -> None:
188177
"""Remove redirect rule from dnsdist."""
189-
rule_matches = [
190-
f"qname=={domain}",
191-
f"qname==*.{domain}",
192-
]
193-
for rule_match in rule_matches:
194-
rules = self._get_all_rules()
195-
if not rules.count:
196-
DNSdistError(
197-
"Failed to delete existing rule in dnsdist: Not Found",
198-
)
178+
rules = self._get_all_rules()
179+
if not rules.count:
180+
raise DNSdistError(
181+
"Failed to delete existing rule in dnsdist: Not Found",
182+
)
199183

200-
for rule in rules.rules:
201-
if rule.match == rule_match:
202-
command = f"rmRule({rule.id})"
203-
self._send_command(
204-
command,
205-
expected=DNSdistCommandTypes.GENERIC,
206-
)
184+
for rule in rules.rules:
185+
rule_match = rule.match.split(" ")[-1]
186+
domain_match = domain if domain.endswith(".") else f"{domain}."
187+
if domain_match == rule_match:
188+
command = f"rmRule({rule.id})"
189+
self._send_command(
190+
command,
191+
expected=DNSdistCommandTypes.GENERIC,
192+
)
207193

208194
self._persist_config()
209195

0 commit comments

Comments
 (0)