Tree - rpms/dnssec-trigger - src.fedoraproject.org

lkundrak / rpms / dnssec-trigger

Forked from rpms/dnssec-trigger 4 years ago
Files

Commit: e6bfbb9aba3f5f4283d80e78c9009b1afe72cc67
Blob Blame History Raw
From 47323af3dfd5afe38ebd90f550ad5d7dc078e860 Mon Sep 17 00:00:00 2001
From: wouter <wouter@14dc9c71-5cc2-e011-b339-0019d10b89f4>
Date: Thu, 12 Mar 2015 15:37:44 +0000
Subject: [PATCH] - Patches from Tomas Hozza (7): 	dnssec-trigger-script:
 Fix wrong default value in configuration 	dnssec-trigger-script: Fix
 formatting errors 	dnssec-trigger-script: Remove unused class 	Allow
 to select the default Python interpretter during build 	Fix
 01-dnssec-trigger NOT to hardcode shell path 	dnssec-trigger-script: Fix
 typo when adding search domains 	dnssec-trigger-control-setup: Use 3072
 bit keys

git-svn-id: http://www.nlnetlabs.nl/svn/dnssec-trigger/trunk@693 14dc9c71-5cc2-e011-b339-0019d10b89f4
---
 01-dnssec-trigger.in               |  2 +-
 Changelog                          | 10 ++++++++++
 Makefile.in                        |  3 +++
 config.h.in                        |  3 +++
 configure                          | 25 +++++++++++++++++++++++++
 configure.ac                       | 10 ++++++++++
 dnssec-trigger-control-setup.sh.in |  4 +++-
 dnssec-trigger-script.in           | 21 +++++----------------
 8 files changed, 60 insertions(+), 18 deletions(-)

diff --git a/01-dnssec-trigger.in b/01-dnssec-trigger.in
index f410723..8ece20e 100644
--- a/01-dnssec-trigger.in
+++ b/01-dnssec-trigger.in
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!0SHELL0
 #
 # Script to notify dnssec-trigger that the DNS configuration in NetworkManager
 # may have changed.
diff --git a/Makefile.in b/Makefile.in
index 8d4de79..5b356fc 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -20,6 +20,7 @@ endif
 
 SHELL=@SHELL@
 VERSION=@PACKAGE_VERSION@
+PYTHON=@PYTHON@
 srcdir=@srcdir@
 prefix=@prefix@
 exec_prefix=@exec_prefix@
@@ -223,6 +225,7 @@ networkmanager-hook:	01-dnssec-trigger dnssec-trigger-script
 
 dnssec-trigger-script:	$(srcdir)/dnssec-trigger-script.in Makefile
 	cp $< $@
+	sed -e 's?0PYTHON0?$(PYTHON)?' < $(srcdir)/dnssec-trigger-script.in > $@
 	chmod +x $@
 
 osx/RiggerStatusItem/log.c:	$(srcdir)/riggerd/log.c osx/RiggerStatusItem
diff --git a/config.h.in b/config.h.in
index e79b245..022d056 100644
--- a/config.h.in
+++ b/config.h.in
@@ -258,6 +258,9 @@
 /* default pidfile name for dnssec-trigger */
 #undef PIDFILE
 
+/* default Python interpreter path for all Python scripts */
+#undef PYTHON
+
 /* Define as the return type of signal handlers (`int' or `void'). */
 #undef RETSIGTYPE
 
diff --git a/configure b/configure
index 2082a49..a53d6b2 100755
--- a/configure
+++ b/configure
@@ -626,6 +626,7 @@ DATE
 LDNSLIBS
 ldnsdir
 unbound_control_path
+PYTHON
 pidfile
 configfile
 uidir
@@ -718,6 +719,7 @@ with_keydir
 with_uidir
 with_configfile
 with_pidfile
+with_python
 with_unbound_control
 with_ldns
 enable_rpath
@@ -1383,6 +1385,8 @@ Optional Packages:
                           keydir/dnssec-trigger.conf
   --with-pidfile=path     set the pidfile to use, default
                           /var/run/dnssec-trigger.pid
+  --with-python=path      set the path to Python interpreter to use for Python
+                          scripts, defaults /usr/bin/python
   --with-unbound-control=path
                           set the unbound-control to use, default what
                           configure finds in its path
@@ -7336,6 +7340,27 @@ _ACEOF
 
 
 
+# Check whether --with-python was given.
+if test "${with_python+set}" = set; then :
+  withval=$with_python;
+else
+  withval=""
+fi
+
+PYTHON="/usr/bin/python"
+if test -n "$withval"; then
+	PYTHON="$withval"
+fi
+python_esc="`echo $PYTHON | sed -e 's/\\\\/\\\\\\\\/g'`"
+
+
+cat >>confdefs.h <<_ACEOF
+#define PYTHON "$python_esc"
+_ACEOF
+
+
+
+
 # Check whether --with-unbound-control was given.
 if test "${with_unbound_control+set}" = set; then :
   withval=$with_unbound_control;
diff --git a/configure.ac b/configure.ac
index 1f9967b..4c1c716 100644
--- a/configure.ac
+++ b/configure.ac
@@ -504,6 +504,16 @@ ACX_ESCAPE_BACKSLASH($pidfile, pidfile_esc)
 AC_DEFINE_UNQUOTED([PIDFILE], ["$pidfile_esc"], [default pidfile name for dnssec-trigger])
 AC_SUBST(pidfile)
 
+AC_ARG_WITH([python], AC_HELP_STRING([--with-python=path],
+[set the path to Python interpreter to use for Python scripts, defaults /usr/bin/python]),, withval="")
+PYTHON="/usr/bin/python"
+if test -n "$withval"; then
+	PYTHON="$withval"
+fi
+ACX_ESCAPE_BACKSLASH($PYTHON, python_esc)
+AC_DEFINE_UNQUOTED([PYTHON], ["$python_esc"], [default Python interpreter path for all Python scripts])
+AC_SUBST(PYTHON)
+
 AC_ARG_WITH([unbound-control], AC_HELP_STRING([--with-unbound-control=path],
 [set the unbound-control to use, default what configure finds in its path]),, withval="")
 AC_MSG_CHECKING([for unbound-control])
diff --git a/dnssec-trigger-control-setup.sh.in b/dnssec-trigger-control-setup.sh.in
index 7d0387a..7cc305a 100644
--- a/dnssec-trigger-control-setup.sh.in
+++ b/dnssec-trigger-control-setup.sh.in
@@ -48,7 +48,9 @@ CLIENTNAME=dnssec-trigger-control
 DAYS=7200
 
 # size of keys in bits
-BITS=1536
+# recommendation for new systems is to use at least 3072 bits
+# http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report
+BITS=3072
 
 # hash algorithm
 HASH=sha256
diff --git a/dnssec-trigger-script.in b/dnssec-trigger-script.in
index 830baa9..7bf6c2e 100644
--- a/dnssec-trigger-script.in
+++ b/dnssec-trigger-script.in
@@ -1,4 +1,4 @@
-#!/usr/bin/python
+#!0PYTHON0
 # -*- coding: utf-8 -*-
 """
 @author: Tomas Hozza <thozza@redhat.com>
@@ -57,7 +57,7 @@ class Config:
         "use_vpn_global_forwarders": False,
         "use_resolv_conf_symlink": False,
         "use_resolv_secure_conf_symlink": False,
-        "use_private_address_ranges": TRUE,
+        "use_private_address_ranges": True,
         "set_search_domains": False,
         "keep_positive_answers": False,
     }
@@ -86,7 +86,7 @@ class Config:
 
 config = Config()
 if config.debug:
-    log.setLevel(logging.DEBUG);
+    log.setLevel(logging.DEBUG)
 
 class ConnectionList:
     """List of NetworkManager active connections"""
@@ -186,7 +186,7 @@ class Connection:
             pass
         try:
             self.servers += [self.ip6_to_str(connection.get_ip6_config().get_nameserver(i))
-                    for i in range(connection.get_ip6_config().get_num_nameservers())]
+                for i in range(connection.get_ip6_config().get_num_nameservers())]
         except AttributeError:
             pass
 
@@ -353,17 +353,6 @@ class Store:
                 zone_file.write("{}\n".format(zone))
         os.rename(self.path_tmp, self.path)
 
-class GlobalForwarders:
-    def __init__(self):
-        self.cache = set()
-        try:
-            with open(self.path) as zone_file:
-                for line in zone_file:
-                    line = line.strip()
-                    if line:
-                        self.cache.add(line)
-        except IOError:
-            pass
 
 class Application:
     resolvconf = "/etc/resolv.conf"
@@ -490,7 +479,7 @@ class Application:
         Called by dnssec-trigger.
         """
 
-        if config.add_search_domains:
+        if config.set_search_domains:
             zones = set(sum((connection.zones for connection in ConnectionList(self.client)), []))
             log.info("Search domains: " + ' '.join(zones))
             self.resolvconf_localhost_contents = self.__class__.resolvconf_localhost_contents
-- 
2.1.0
lkundrak / rpms / dnssec-trigger

Source Code

Files
