mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
nsupdate: fix zone lookup (#5818)
The SOA record for an existing zone is returned as an answer RR and not as an authority RR. It can be returned as an authority RR for subdomains of a zone. $ dig -t SOA example.com ;; ANSWER SECTION: example.com. 3530 IN SOA ns.icann.org. noc.dns.icann.org. 2022091184 7200 3600 1209600 3600 $ dig -t SOA www.example.com ;; AUTHORITY SECTION: example.com. 3600 IN SOA ns.icann.org. noc.dns.icann.org. 2022091184 7200 3600 1209600 3600
This commit is contained in:
parent
44172ddaa6
commit
5ad703ac64
2 changed files with 12 additions and 6 deletions
2
changelogs/fragments/5818-nsupdate-fix-zone-lookup.yml
Normal file
2
changelogs/fragments/5818-nsupdate-fix-zone-lookup.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
bugfixes:
|
||||||
|
- nsupdate - fix zone lookup. The SOA record for an existing zone is returned as an answer RR and not as an authority RR (https://github.com/ansible-collections/community.general/issues/5817, https://github.com/ansible-collections/community.general/pull/5818).
|
|
@ -269,12 +269,16 @@ class RecordManager(object):
|
||||||
if lookup.rcode() in [dns.rcode.SERVFAIL, dns.rcode.REFUSED]:
|
if lookup.rcode() in [dns.rcode.SERVFAIL, dns.rcode.REFUSED]:
|
||||||
self.module.fail_json(msg='Zone lookup failure: \'%s\' will not respond to queries regarding \'%s\'.' % (
|
self.module.fail_json(msg='Zone lookup failure: \'%s\' will not respond to queries regarding \'%s\'.' % (
|
||||||
self.module.params['server'], self.module.params['record']))
|
self.module.params['server'], self.module.params['record']))
|
||||||
try:
|
# If the response contains an Answer SOA RR whose name matches the queried name,
|
||||||
zone = lookup.authority[0].name
|
# this is the name of the zone in which the record needs to be inserted.
|
||||||
if zone == name:
|
for rr in lookup.answer:
|
||||||
return zone.to_text()
|
if rr.rdtype == dns.rdatatype.SOA and rr.name == name:
|
||||||
except IndexError:
|
return rr.name.to_text()
|
||||||
pass
|
# If the response contains an Authority SOA RR whose name is a subdomain of the queried name,
|
||||||
|
# this SOA name is the zone in which the record needs to be inserted.
|
||||||
|
for rr in lookup.authority:
|
||||||
|
if rr.rdtype == dns.rdatatype.SOA and name.fullcompare(rr.name)[0] == dns.name.NAMERELN_SUBDOMAIN:
|
||||||
|
return rr.name.to_text()
|
||||||
try:
|
try:
|
||||||
name = name.parent()
|
name = name.parent()
|
||||||
except dns.name.NoParent:
|
except dns.name.NoParent:
|
||||||
|
|
Loading…
Reference in a new issue