summaryrefslogtreecommitdiff
path: root/reconfigure
diff options
context:
space:
mode:
authorAndrew Shadura <andrew@shadura.me>2015-08-20 15:58:31 +0200
committerAndrew Shadura <andrew@shadura.me>2015-08-20 15:58:31 +0200
commit52702d36437649ace8a54d49d4d4292184a528d6 (patch)
treed674dfbcaba50712618f6ae3cd168cce53adb13c /reconfigure
parentfec1da7e6ea8a3b3b03befa4ff8dd31d539f163d (diff)
Imported Upstream version 0.1.59+git20140824
Diffstat (limited to 'reconfigure')
-rw-r--r--reconfigure/__init__.py2
-rw-r--r--reconfigure/items/netatalk.py2
-rw-r--r--reconfigure/items/supervisor.py5
-rw-r--r--reconfigure/items/util.py2
-rw-r--r--reconfigure/parsers/bind9.py9
-rw-r--r--reconfigure/tests/configs/netatalk_tests.py1
-rw-r--r--reconfigure/tests/configs/supervisor_tests.py5
-rw-r--r--reconfigure/tests/parsers/bind9_tests.py133
8 files changed, 144 insertions, 15 deletions
diff --git a/reconfigure/__init__.py b/reconfigure/__init__.py
index a0036bc..12867ba 100644
--- a/reconfigure/__init__.py
+++ b/reconfigure/__init__.py
@@ -1 +1 @@
-__version__ = "0.1.50"
+__version__ = "0.1.59"
diff --git a/reconfigure/items/netatalk.py b/reconfigure/items/netatalk.py
index b3863d9..c4230d9 100644
--- a/reconfigure/items/netatalk.py
+++ b/reconfigure/items/netatalk.py
@@ -36,4 +36,4 @@ GlobalData.bind_property(
ShareData.bind_name('name')
ShareData.bind_attribute('comment', 'comment', path=lambda x: x.get('path'), default='')
for f, d in zip(ShareData.fields, ShareData.defaults):
- ShareData.bind_property(f, f.replace(' ', '_'), default=d)
+ ShareData.bind_property(f, f.replace(' ', '_'), default=d, default_remove=[d, None])
diff --git a/reconfigure/items/supervisor.py b/reconfigure/items/supervisor.py
index b1d201c..a7d2c07 100644
--- a/reconfigure/items/supervisor.py
+++ b/reconfigure/items/supervisor.py
@@ -1,5 +1,6 @@
from reconfigure.nodes import Node, PropertyNode
from reconfigure.items.bound import BoundData
+from reconfigure.items.util import tf_getter, tf_setter
class SupervisorData (BoundData):
@@ -8,7 +9,7 @@ class SupervisorData (BoundData):
class ProgramData (BoundData):
fields = ['command', 'autostart', 'autorestart', 'startsecs', 'startretries', \
- 'user', 'directory', 'umask', 'environment']
+ 'user', 'directory', 'umask', 'environment', 'stopasgroup', 'killasgroup']
def template(self):
return Node('program:new',
@@ -21,3 +22,5 @@ ProgramData.bind_name('name', getter=lambda x: x[8:], setter=lambda x: 'program:
ProgramData.bind_attribute('comment', 'comment')
for i in range(0, len(ProgramData.fields)):
ProgramData.bind_property(ProgramData.fields[i], ProgramData.fields[i], default_remove=[None, ''])
+ProgramData.bind_property('stopasgroup', 'stopasgroup', default_remove=[False], getter=tf_getter, setter=tf_setter)
+ProgramData.bind_property('killasgroup', 'killasgroup', default_remove=[False], getter=tf_getter, setter=tf_setter)
diff --git a/reconfigure/items/util.py b/reconfigure/items/util.py
index adb0902..94f8b0e 100644
--- a/reconfigure/items/util.py
+++ b/reconfigure/items/util.py
@@ -1,4 +1,6 @@
yn_getter = lambda x: x == 'yes'
yn_setter = lambda x: 'yes' if x else 'no'
+tf_getter = lambda x: x == 'true'
+tf_setter = lambda x: 'true' if x else 'false'
onezero_getter = lambda x: x == '1'
onezero_setter = lambda x: '1' if x else '0'
diff --git a/reconfigure/parsers/bind9.py b/reconfigure/parsers/bind9.py
index 123a799..ab089c4 100644
--- a/reconfigure/parsers/bind9.py
+++ b/reconfigure/parsers/bind9.py
@@ -8,14 +8,13 @@ class BIND9Parser (NginxParser):
"""
tokens = [
- (r"[\w_]+\s*?.*?{", lambda s, t: ('section_start', t)),
- (r"[\w\d_:.]+?.*?;", lambda s, t: ('option', t)),
- (r"\".*?\"\s*;", lambda s, t: ('option', t)),
- (r"\s", lambda s, t: 'whitespace'),
- (r"$^", lambda s, t: 'newline'),
+ (r"(acl|key|masters|server|trusted-keys|managed-keys|controls|logging|lwres|options|view|zone|inet|channel|category|listen-on|search|avoid-v4-udp-ports|avoid-v6-udp-ports|blackhole|listen-on|listen-on-v6|allow-recursion|allow-recursion-on|sortlist|topology|rrset-order|dual-stack-servers|disable-algorithms|dns64|forwarders|rrset-order|update-policy|also-notify|allow-notify|rate-limit)\s+?([^\s{}]*\s*)*{", lambda s, t: ('section_start', t)),
(r"\#.*?\n", lambda s, t: ('comment', t)),
(r"//.*?\n", lambda s, t: ('comment', t)),
(r"/\*.*?\*/", lambda s, t: ('comment', t)),
+ (r"((([^\s{};#]+)|({\s*([^\s{};#]+;\s*)*}))\s*?)+;", lambda s, t: ('option', t)),
+ (r"\s", lambda s, t: 'whitespace'),
+ (r"$^", lambda s, t: 'newline'),
(r"\};", lambda s, t: 'section_end'),
]
token_section_end = '};'
diff --git a/reconfigure/tests/configs/netatalk_tests.py b/reconfigure/tests/configs/netatalk_tests.py
index c3bf1a6..7d6d563 100644
--- a/reconfigure/tests/configs/netatalk_tests.py
+++ b/reconfigure/tests/configs/netatalk_tests.py
@@ -12,6 +12,7 @@ afp port=123
path=/home ;comment
valid users=root
ea=sys
+password=
"""
}
diff --git a/reconfigure/tests/configs/supervisor_tests.py b/reconfigure/tests/configs/supervisor_tests.py
index 644f78a..cd29e2a 100644
--- a/reconfigure/tests/configs/supervisor_tests.py
+++ b/reconfigure/tests/configs/supervisor_tests.py
@@ -11,6 +11,7 @@ chmod=0700
files=test""",
'test': """[program:test1]
command=cat
+stopasgroup=true
"""
}
result = {
@@ -26,7 +27,9 @@ command=cat
"user": None,
"startretries": None,
"directory": None,
- "autostart": None
+ "autostart": None,
+ "stopasgroup": True,
+ "killasgroup": None,
}
]
}
diff --git a/reconfigure/tests/parsers/bind9_tests.py b/reconfigure/tests/parsers/bind9_tests.py
index 0f2527e..3892319 100644
--- a/reconfigure/tests/parsers/bind9_tests.py
+++ b/reconfigure/tests/parsers/bind9_tests.py
@@ -7,11 +7,12 @@ class BIND9ParserTest (BaseParserTest):
parser = BIND9Parser()
source = """p1 asd;
-sec {
+key {
s1p1 asd;
/*s1p2 wqe;*/
- sec2 test {
+ zone
+ test {
::1;
s2p1 qwe;
};
@@ -23,11 +24,11 @@ sec {
return """
p1 asd;
-sec {
+key {
s1p1 asd;
# s1p2 wqe;
- sec2 test {
+ zone test {
::1;
s2p1 qwe;
};
@@ -38,10 +39,10 @@ sec {
None,
PropertyNode('p1', 'asd'),
Node(
- 'sec',
+ 'key',
PropertyNode('s1p1', 'asd'),
Node(
- 'sec2',
+ 'zone',
PropertyNode('', '::1'),
PropertyNode('s2p1', 'qwe'),
parameter='test',
@@ -53,3 +54,123 @@ sec {
del BaseParserTest
+
+
+
+import unittest
+
+class BIND9ParserHangTest (unittest.TestCase):
+ source = """
+options {
+ listen-on port 53 { 127.0.0.1; };
+ listen-on-v6 port 53 { ::1; };
+ directory "/var/named";
+ dump-file "/var/named/data/cache_dump.db";
+ statistics-file "/var/named/data/named_stats.txt";
+ memstatistics-file "/var/named/data/named_mem_stats.txt";
+ allow-query { localhost; };
+
+ /*
+ - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
+ - If you are building a RECURSIVE (caching) DNS server, you need to enable
+ recursion.
+ - If your recursive DNS server has a public IP address, you MUST enable access
+ control to limit queries to your legitimate users. Failing to do so will
+ cause your server to become part of large scale DNS amplification
+ attacks. Implementing BCP38 within your network would greatly
+ reduce such attack surface
+ */
+ recursion yes;
+
+ dnssec-enable yes;
+ dnssec-validation yes;
+ dnssec-lookaside auto;
+
+ /* Path to ISC DLV key */
+ bindkeys-file "/etc/named.iscdlv.key";
+
+ managed-keys-directory "/var/named/dynamic";
+
+ pid-file "/run/named/named.pid";
+ session-keyfile "/run/named/session.key";
+};
+
+logging {
+ channel default_debug {
+ file "data/named.run";
+ severity dynamic;
+ };
+};
+
+zone "." IN {
+ type hint;
+ file "named.ca";
+};
+
+zone "localhost.localdomain" IN {
+ type master;
+ file "named.localhost";
+ allow-update { none; };
+};
+
+zone "localhost" IN {
+ type master;
+ file "named.localhost";
+ allow-update { none; };
+};
+
+zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
+ type master;
+ file "named.loopback";
+ allow-update { none; };
+};
+
+zone "1.0.0.127.in-addr.arpa" IN {
+ type master;
+ file "named.loopback";
+ allow-update { none; };
+};
+
+zone "0.in-addr.arpa" IN {
+ type master;
+ file "named.empty";
+ allow-update { none; };
+};
+
+managed-keys {
+ # DNSKEY for the root zone.
+ # Updates are published on root-dnssec-announce@icann.org
+ . initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq QxA+Uk1ihz0=";
+};
+
+
+managed-keys {
+ # ISC DLV: See https://www.isc.org/solutions/dlv for details.
+ # NOTE: This key is activated by setting "dnssec-lookaside auto;"
+ # in named.conf.
+ dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2
+ brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+
+ 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5
+ ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk
+ Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM
+ QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt
+ TDN0YUuWrBNh";
+
+ # ROOT KEY: See https://data.iana.org/root-anchors/root-anchors.xml
+ # for current trust anchor information.
+ # NOTE: This key is activated by setting "dnssec-validation auto;"
+ # in named.conf.
+ . initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF
+ FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX
+ bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD
+ X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz
+ W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS
+ Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq
+ QxA+Uk1ihz0=";
+};
+
+"""
+
+ def test_hang(self):
+ BIND9Parser().parse(self.source)
+