Hi,
i wrote a little script using dnspython to update DNS dynamically. It
worked fined with verion 1.6 and stopped working with 1.8.
I started to investigate the Exception raised:
Traceback (most recent call last):
File "/usr/local/bin/dnsUpdater.py", line 63, in ?
if not rec.add(): print '\n'.join(rec.getLog())
File "/usr/lib/python2.4/site-packages/dnsmanagement.py", line 123,
in add
return transaction.commit()
File "/usr/lib/python2.4/site-packages/dnsmanagement.py", line 51, in
commit
rsp = self.__doUpdate(tr)
File "/usr/lib/python2.4/site-packages/dnsmanagement.py", line 43, in
__doUpdate
port=self.__port, timeout=self.__timeout)
File "/usr/lib/python2.4/site-packages/dns/query.py", line 113, in udp
wire = q.to_wire()
File "/usr/lib/python2.4/site-packages/dns/update.py", line 241, in
to_wire
return super(Update, self).to_wire(origin, max_size)
File "/usr/lib/python2.4/site-packages/dns/message.py", line 418, in
to_wire
self.keyalgorithm)
File "/usr/lib/python2.4/site-packages/dns/renderer.py", line 286, in
add_tsig
algorithm=algorithm)
File "/usr/lib/python2.4/site-packages/dns/tsig.py", line 73, in sign
ctx = hmac.new(secret, digestmod=digestmod)
File "/usr/lib64/python2.4/hmac.py", line 107, in new
return HMAC(key, msg, digestmod)
File "/usr/lib64/python2.4/hmac.py", line 42, in __init__
self.outer = digestmod.new()
AttributeError: 'builtin_function_or_method' object has no attribute 'new'
and found that the module tsig.py was creating the hashes with the
buildin function of the md5/sha module
instead of a "kind" of the HashlibWrapper when using hashlib and python 2.5+
after fixing this i identified two additional bugs in update.py and
resolver.py when calling "use_tsig", where the method
expect as third (unnamed) argument the fudge and not the keyalgorithom.
i attached a patch which solves these problems in 1.8 for me.
please have a look and merge it into the master trunk if it fit's your
coding.
thanks for dnspython it's great
regards
Michael Lang
--- update.py 2010-01-26 01:39:45.000000000 +0100
+++ dns/update.py 2010-07-19 23:14:28.000000000 +0200
@@ -56,7 +56,7 @@
self.find_rrset(self.question, self.origin, rdclass, dns.rdatatype.SOA,
create=True, force_unique=True)
if not keyring is None:
- self.use_tsig(keyring, keyname, keyalgorithm)
+ self.use_tsig(keyring, keyname, algorithm=keyalgorithm)
def _add_rr(self, name, ttl, rd, deleting=None, section=None):
"""Add a single RR to the update section."""
--- resolver.py 2010-01-26 01:39:45.000000000 +0100
+++ dns/resolver.py 2010-07-19 23:15:42.000000000 +0200
@@ -593,7 +593,7 @@
return answer
request = dns.message.make_query(qname, rdtype, rdclass)
if not self.keyname is None:
- request.use_tsig(self.keyring, self.keyname, self.keyalgorithm)
+ request.use_tsig(self.keyring, self.keyname,
algorithm=self.keyalgorithm)
request.use_edns(self.edns, self.ednsflags, self.payload)
response = None
#
--- tsig.py 2010-01-26 01:39:45.000000000 +0100
+++ dns/tsig.py 2010-07-19 23:23:55.000000000 +0200
@@ -202,9 +202,21 @@
hashes[name] = HashlibWrapper(hashes[name])
except ImportError:
- import md5, sha
- hashes[dns.name.from_text('HMAC-MD5.SIG-ALG.REG.INT')] = md5.md5
- hashes[dns.name.from_text('hmac-sha1')] = sha.sha
+ import md5, sha, sys
+ if sys.hexversion < 0x02050000:
+ # hashlib doesn't conform to PEP 247: API for
+ # Cryptographic Hash Functions, which hmac before python
+ # 2.5 requires, so add the necessary items.
+ class HashlibWrapper:
+ def __init__(self, basehash):
+ self.basehash = basehash
+ self.digest_size = self.basehash.digest_size
+
+ def new(self, *args, **kwargs):
+ return self.basehash.new(*args, **kwargs)
+
+ hashes[dns.name.from_text('HMAC-MD5.SIG-ALG.REG.INT')] =
HashlibWrapper(md5)
+ hashes[dns.name.from_text('hmac-sha1')] = HashlibWrapper(sha)
if isinstance(algorithm, (str, unicode)):
algorithm = dns.name.from_text(algorithm)
_______________________________________________
dnspython-bugs mailing list
[email protected]
http://howl.play-bow.org/mailman/listinfo.cgi/dnspython-bugs
