BIND 10 #815: TSIG: update XFRIN to use TSIG

BIND 10 Development do-not-reply at isc.org
Tue May 10 05:37:35 UTC 2011 

#815: TSIG: update XFRIN to use TSIG
-------------------------------------+-------------------------------------
                   Reporter:         |                 Owner:  jelte
  stephen                            |                Status:  reviewing
                       Type:         |             Milestone:
  enhancement                        |  Sprint-20110517
                   Priority:  minor  |            Resolution:
                  Component:  xfrin  |             Sensitive:  0
                   Keywords:         |           Sub-Project:  DNS
            Defect Severity:  N/A    |  Estimated Difficulty:  5.0
Feature Depending on Ticket:  tsig   |           Total Hours:  0
        Add Hours to Ticket:  0      |
                  Internal?:  0      |
-------------------------------------+-------------------------------------
Changes (by zzchen_pku):

 * owner:  zzchen_pku => jelte


Comment:

 Replying to [comment:8 jelte]:
 > xfrin.py.in:98: if tsig_key_str:
 > When you check for a value to be None or not, it's usually best to do so
 explicitely (i.e. if tsig_key_str is not None:), although in this case it
 might not matter (with this code the tsig_ctx will not be set if the
 method is passed an empty string, which may very well be intentional as it
 would fail on parsing that string anyway, but imo it's usually better to
 be explicit about it)
 Updated, thanks for your suggestion.
 > kind of the same thing on line 137, although here i don't really get why
 the if is there in the first place (with the default for the second
 argument of msg.to_wire() set to None, you could just pass the _tsig_ctx
 whether it's None or not, and not do a check here), or is this a python
 wrapper limitation?
 Right, python wrapper doesn't accept 'None' parameter in this case.
 >
 > xfrin_test.py:
 >
 > are we sure that strip_mutable_tsig_data will not fail with its direct
 array addressing? Related question: should we provide the functionality to
 'tweak current time' to do this?
 Yes, it's another way to do this, but I have no idea how to 'tweak current
 time'?
 > And I'm not sure if it's possible right now, since not everything is
 done yet, but we should probably also test some actual tsig use and
 failure scenarios and see if xfrin daemon fails gracefully with bad tsigs
 Added some unittest.  I'd add more test cases after python wrapper has
 been completed, or do you have any suggestions which scenarios should be
 considered now?

-- 
Ticket URL: <http://bind10.isc.org/ticket/815#comment:9>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development

More information about the bind10-tickets mailing list