...
 
Commits (1)
...@@ -37,3 +37,6 @@ dnssec_keygen=/usr/sbin/dnssec-keygen ...@@ -37,3 +37,6 @@ dnssec_keygen=/usr/sbin/dnssec-keygen
# path to the rndc binary # path to the rndc binary
rndc=/usr/sbin/rndc rndc=/usr/sbin/rndc
# charset of the filesystem
fscharset=utf-8
...@@ -45,6 +45,7 @@ DNSSEC_SETTIME = "/usr/sbin/dnssec-settime" ...@@ -45,6 +45,7 @@ DNSSEC_SETTIME = "/usr/sbin/dnssec-settime"
DNSSEC_DSFROMKEY = "/usr/sbin/dnssec-dsfromkey" DNSSEC_DSFROMKEY = "/usr/sbin/dnssec-dsfromkey"
DNSSEC_KEYGEN = "/usr/sbin/dnssec-keygen" DNSSEC_KEYGEN = "/usr/sbin/dnssec-keygen"
RNDC = "/usr/sbin/rndc" RNDC = "/usr/sbin/rndc"
FSCHARSET = "utf-8"
def _print(data, file=sys.stdout): def _print(data, file=sys.stdout):
...@@ -52,6 +53,11 @@ def _print(data, file=sys.stdout): ...@@ -52,6 +53,11 @@ def _print(data, file=sys.stdout):
data = data.decode("utf-8") data = data.decode("utf-8")
print(data, file=file) print(data, file=file)
def _Popen(*args, **kwargs):
if sys.version_info.major >= 3:
kwargs["encoding"] = FSCHARSET
return subprocess.Popen(*args, **kwargs)
def get_zones(zone_names=None): def get_zones(zone_names=None):
l = [] l = []
if zone_names is None: if zone_names is None:
...@@ -71,7 +77,7 @@ def settime(path, flag, date): ...@@ -71,7 +77,7 @@ def settime(path, flag, date):
"-i", str(int(INTERVAL.total_seconds())), "-i", str(int(INTERVAL.total_seconds())),
"-%s" % flag, date, path "-%s" % flag, date, path
] ]
p = subprocess.Popen(cmd, stderr=subprocess.PIPE, stdout=subprocess.PIPE) p = _Popen(cmd, stderr=subprocess.PIPE, stdout=subprocess.PIPE)
err = p.communicate()[1] err = p.communicate()[1]
if p.returncode != 0: if p.returncode != 0:
raise ValueError("err %s: %s" % (p.returncode, err)) raise ValueError("err %s: %s" % (p.returncode, err))
...@@ -98,7 +104,7 @@ def bind_chown(path): ...@@ -98,7 +104,7 @@ def bind_chown(path):
def bind_reload(): def bind_reload():
"""Reload bind config""" """Reload bind config"""
cmd = [RNDC, "reload"] cmd = [RNDC, "reload"]
p = subprocess.Popen(cmd) p = _Popen(cmd)
p.wait() p.wait()
...@@ -106,7 +112,7 @@ def nsec3(zone, salt="-"): ...@@ -106,7 +112,7 @@ def nsec3(zone, salt="-"):
"""Enable nsec3 for the zone ``zone``""" """Enable nsec3 for the zone ``zone``"""
cmd = [RNDC, "signing", "-nsec3param", "1", "0", "10", salt, zone] cmd = [RNDC, "signing", "-nsec3param", "1", "0", "10", salt, zone]
_print("Enabling nsec3 for zone %s: " % zone, file=sys.stdout) _print("Enabling nsec3 for zone %s: " % zone, file=sys.stdout)
p = subprocess.Popen(cmd, stdout=subprocess.PIPE) p = _Popen(cmd, stdout=subprocess.PIPE)
out = p.communicate()[0] out = p.communicate()[0]
_print(out, file=sys.stdout) _print(out, file=sys.stdout)
p.wait() p.wait()
...@@ -218,7 +224,7 @@ class Zone(object): ...@@ -218,7 +224,7 @@ class Zone(object):
"""Display the DS of the KSK of the zone""" """Display the DS of the KSK of the zone"""
for ksk in self.KSK: for ksk in self.KSK:
cmd = [DNSSEC_DSFROMKEY, ksk._path] cmd = [DNSSEC_DSFROMKEY, ksk._path]
p = subprocess.Popen(cmd) p = _Popen(cmd)
p.wait() p.wait()
def key(self, show_ksk=False, show_zsk=False): def key(self, show_ksk=False, show_zsk=False):
...@@ -387,7 +393,7 @@ class Key(object): ...@@ -387,7 +393,7 @@ class Key(object):
raise ValueError("typ must be KSK or ZSK") raise ValueError("typ must be KSK or ZSK")
cmd.extend(options) cmd.extend(options)
cmd.extend(["-K", path, name]) cmd.extend(["-K", path, name])
p = subprocess.Popen(cmd, stdout=subprocess.PIPE) p = _Popen(cmd, stdout=subprocess.PIPE)
p.wait() p.wait()
if p.returncode != 0: if p.returncode != 0:
raise ValueError("The key creation has failed") raise ValueError("The key creation has failed")
...@@ -400,7 +406,7 @@ class Key(object): ...@@ -400,7 +406,7 @@ class Key(object):
DNSSEC_KEYGEN, "-i", str(int(INTERVAL.total_seconds())), DNSSEC_KEYGEN, "-i", str(int(INTERVAL.total_seconds())),
"-S", self._path, "-K", os.path.dirname(self._path) "-S", self._path, "-K", os.path.dirname(self._path)
] ]
p = subprocess.Popen(cmd, stderr=subprocess.PIPE) p = _Popen(cmd, stderr=subprocess.PIPE)
err = p.communicate()[1] err = p.communicate()[1]
if p.returncode != 0: if p.returncode != 0:
raise ValueError("err %s: %s" % (p.returncode, err)) raise ValueError("err %s: %s" % (p.returncode, err))
...@@ -632,6 +638,8 @@ if __name__ == '__main__': ...@@ -632,6 +638,8 @@ if __name__ == '__main__':
DNSSEC_KEYGEN = config_parser.get("path", "dnssec_keygen") DNSSEC_KEYGEN = config_parser.get("path", "dnssec_keygen")
if config_parser.has_option("path", "rndc"): if config_parser.has_option("path", "rndc"):
RNDC = config_parser.get("path", "rndc") RNDC = config_parser.get("path", "rndc")
if config_parser.has_option("path", "fscharset"):
FSCHARSET = config_parser.get("path", "fscharset")
for path in [DNSSEC_SETTIME, DNSSEC_DSFROMKEY, DNSSEC_KEYGEN, RNDC]: for path in [DNSSEC_SETTIME, DNSSEC_DSFROMKEY, DNSSEC_KEYGEN, RNDC]:
if not os.path.isfile(path) or not os.access(path, os.X_OK): if not os.path.isfile(path) or not os.access(path, os.X_OK):
......