flo/nsupdate.info
1
0
Fork 0
Code Issues 1 Pull Requests 2 Packages Releases Activity

store update_secret as salted sha1 (use crypto code from django), fix bug: we also need to catch NoAnswer, not just NXDOMAIN.

Browse Source 
NoAnswer == there is a record, but not of the type (A or AAAA) we requested.
NXDOMAIN == there is no record at all.
This commit is contained in:
Thomas Waldmann 2013-09-29 00:34:26 +02:00
parent 553e02f243
commit d558e2ece2
3 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
nsupdate/api/views.py
View File

@ -5,6 +5,8 @@ logger = logging.getLogger(__name__)
from django.http import HttpResponse from django.http import HttpResponse
from django.conf import settings from django.conf import settings
from django.contrib.auth.hashers import check_password
from main.forms import * from main.forms import *
from main.models import Host from main.models import Host
import dns.inet import dns.inet
@ -61,10 +63,16 @@ def check_auth(username, password):
:param password: update password :param password: update password
:return: True if authenticated, False otherwise. :return: True if authenticated, False otherwise.
""" """
# in our case username == fqdn fqdn = username
hosts = Host.objects.filter(fqdn=username, update_secret=password) hosts = Host.objects.filter(fqdn=fqdn)
assert len(hosts) < 2 num_hosts = len(hosts)
return bool(hosts) if num_hosts == 0:
return False
if num_hosts > 1:
logging.error("fqdn %s has multiple entries" % fqdn)
return False
password_hash = hosts[0].update_secret
return check_password(password, password_hash)
def Response(content): def Response(content):

2
nsupdate/main/dnstools.py
View File

@ -27,7 +27,7 @@ def update(fqdn, ipaddr, ttl=60):
current_ipaddr = query_ns(fqdn, rdtype) current_ipaddr = query_ns(fqdn, rdtype)
# check if ip really changed # check if ip really changed
ok = ipaddr != current_ipaddr ok = ipaddr != current_ipaddr
except dns.resolver.NXDOMAIN: except (dns.resolver.NXDOMAIN, dns.resolver.NoAnswer):
# no dns entry yet, ok # no dns entry yet, ok
ok = True ok = True
if ok: if ok:

3
nsupdate/main/views.py
View File

@ -7,6 +7,7 @@ from django.conf import settings
from django.shortcuts import render, get_object_or_404 from django.shortcuts import render, get_object_or_404
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required
from django.contrib import messages from django.contrib import messages
from django.contrib.auth.hashers import make_password
from django.utils.decorators import method_decorator from django.utils.decorators import method_decorator
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
import dns.inet import dns.inet
@ -43,6 +44,7 @@ class OverviewView(CreateView):
def form_valid(self, form): def form_valid(self, form):
self.object = form.save(commit=False) self.object = form.save(commit=False)
self.object.created_by = self.request.user self.object.created_by = self.request.user
self.object.update_secret = make_password(self.object.update_secret, hasher='sha1')
self.object.save() self.object.save()
messages.add_message(self.request, messages.SUCCESS, 'Host added.') messages.add_message(self.request, messages.SUCCESS, 'Host added.')
return HttpResponseRedirect(self.get_success_url()) return HttpResponseRedirect(self.get_success_url())
@ -68,6 +70,7 @@ class HostView(UpdateView):
def form_valid(self, form): def form_valid(self, form):
self.object = form.save(commit=False) self.object = form.save(commit=False)
self.object.created_by = self.request.user self.object.created_by = self.request.user
self.object.update_secret = make_password(self.object.update_secret, hasher='sha1')
self.object.save() self.object.save()
messages.add_message(self.request, messages.SUCCESS, 'Host updated.') messages.add_message(self.request, messages.SUCCESS, 'Host updated.')
return HttpResponseRedirect(self.get_success_url()) return HttpResponseRedirect(self.get_success_url())