mirror of
https://github.com/cwinfo/powerdns-admin.git
synced 2025-01-02 16:35:40 +00:00
Merge pull request #644 from eht16/add_ssl_verify_setting
Add new setting to verify outgoing SSL connections
This commit is contained in:
commit
e2207fd8d7
@ -24,11 +24,12 @@ def fetch_remote(remote_url,
|
|||||||
accept=None,
|
accept=None,
|
||||||
params=None,
|
params=None,
|
||||||
timeout=None,
|
timeout=None,
|
||||||
headers=None):
|
headers=None,
|
||||||
|
verify=True):
|
||||||
if data is not None and type(data) != str:
|
if data is not None and type(data) != str:
|
||||||
data = json.dumps(data)
|
data = json.dumps(data)
|
||||||
|
|
||||||
verify = False
|
verify = bool(verify) # enforce type boolean
|
||||||
|
|
||||||
our_headers = {
|
our_headers = {
|
||||||
'user-agent': 'powerdnsadmin/0',
|
'user-agent': 'powerdnsadmin/0',
|
||||||
@ -64,13 +65,15 @@ def fetch_json(remote_url,
|
|||||||
data=None,
|
data=None,
|
||||||
params=None,
|
params=None,
|
||||||
headers=None,
|
headers=None,
|
||||||
timeout=None):
|
timeout=None,
|
||||||
|
verify=True):
|
||||||
r = fetch_remote(remote_url,
|
r = fetch_remote(remote_url,
|
||||||
method=method,
|
method=method,
|
||||||
data=data,
|
data=data,
|
||||||
params=params,
|
params=params,
|
||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=timeout,
|
timeout=timeout,
|
||||||
|
verify=verify,
|
||||||
accept='application/json; q=1')
|
accept='application/json; q=1')
|
||||||
|
|
||||||
if method == "DELETE":
|
if method == "DELETE":
|
||||||
|
@ -81,7 +81,8 @@ class Domain(db.Model):
|
|||||||
'/servers/localhost/zones/{0}'.format(domain_name)),
|
'/servers/localhost/zones/{0}'.format(domain_name)),
|
||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(
|
timeout=int(
|
||||||
Setting().get('pdns_api_timeout')))
|
Setting().get('pdns_api_timeout')),
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
return jdata
|
return jdata
|
||||||
|
|
||||||
def get_domains(self):
|
def get_domains(self):
|
||||||
@ -94,7 +95,8 @@ class Domain(db.Model):
|
|||||||
urljoin(self.PDNS_STATS_URL,
|
urljoin(self.PDNS_STATS_URL,
|
||||||
self.API_EXTENDED_URL + '/servers/localhost/zones'),
|
self.API_EXTENDED_URL + '/servers/localhost/zones'),
|
||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(Setting().get('pdns_api_timeout')))
|
timeout=int(Setting().get('pdns_api_timeout')),
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
return jdata
|
return jdata
|
||||||
|
|
||||||
def get_id_by_name(self, name):
|
def get_id_by_name(self, name):
|
||||||
@ -125,7 +127,8 @@ class Domain(db.Model):
|
|||||||
urljoin(self.PDNS_STATS_URL,
|
urljoin(self.PDNS_STATS_URL,
|
||||||
self.API_EXTENDED_URL + '/servers/localhost/zones'),
|
self.API_EXTENDED_URL + '/servers/localhost/zones'),
|
||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(Setting().get('pdns_api_timeout')))
|
timeout=int(Setting().get('pdns_api_timeout')),
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
list_jdomain = [d['name'].rstrip('.') for d in jdata]
|
list_jdomain = [d['name'].rstrip('.') for d in jdata]
|
||||||
current_app.logger.info(
|
current_app.logger.info(
|
||||||
"Found {} entries in PowerDNS server".format(len(list_jdomain)))
|
"Found {} entries in PowerDNS server".format(len(list_jdomain)))
|
||||||
@ -233,6 +236,7 @@ class Domain(db.Model):
|
|||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(Setting().get('pdns_api_timeout')),
|
timeout=int(Setting().get('pdns_api_timeout')),
|
||||||
method='POST',
|
method='POST',
|
||||||
|
verify=Setting().get('verify_ssl_connections'),
|
||||||
data=post_data)
|
data=post_data)
|
||||||
if 'error' in jdata.keys():
|
if 'error' in jdata.keys():
|
||||||
current_app.logger.error(jdata['error'])
|
current_app.logger.error(jdata['error'])
|
||||||
@ -265,7 +269,8 @@ class Domain(db.Model):
|
|||||||
'/servers/localhost/zones/{0}'.format(
|
'/servers/localhost/zones/{0}'.format(
|
||||||
domain_dict['name'])),
|
domain_dict['name'])),
|
||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(Setting().get('pdns_api_timeout')))
|
timeout=int(Setting().get('pdns_api_timeout')),
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
current_app.logger.error('Can not read domain from PDNS')
|
current_app.logger.error('Can not read domain from PDNS')
|
||||||
current_app.logger.error(e)
|
current_app.logger.error(e)
|
||||||
@ -325,6 +330,7 @@ class Domain(db.Model):
|
|||||||
timeout=int(
|
timeout=int(
|
||||||
Setting().get('pdns_api_timeout')),
|
Setting().get('pdns_api_timeout')),
|
||||||
method='PUT',
|
method='PUT',
|
||||||
|
verify=Setting().get('verify_ssl_connections'),
|
||||||
data=post_data)
|
data=post_data)
|
||||||
if 'error' in jdata.keys():
|
if 'error' in jdata.keys():
|
||||||
current_app.logger.error(jdata['error'])
|
current_app.logger.error(jdata['error'])
|
||||||
@ -368,6 +374,7 @@ class Domain(db.Model):
|
|||||||
timeout=int(
|
timeout=int(
|
||||||
Setting().get('pdns_api_timeout')),
|
Setting().get('pdns_api_timeout')),
|
||||||
method='PUT',
|
method='PUT',
|
||||||
|
verify=Setting().get('verify_ssl_connections'),
|
||||||
data=post_data)
|
data=post_data)
|
||||||
if 'error' in jdata.keys():
|
if 'error' in jdata.keys():
|
||||||
current_app.logger.error(jdata['error'])
|
current_app.logger.error(jdata['error'])
|
||||||
@ -494,7 +501,8 @@ class Domain(db.Model):
|
|||||||
'/servers/localhost/zones/{0}'.format(domain_name)),
|
'/servers/localhost/zones/{0}'.format(domain_name)),
|
||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(Setting().get('pdns_api_timeout')),
|
timeout=int(Setting().get('pdns_api_timeout')),
|
||||||
method='DELETE')
|
method='DELETE',
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
current_app.logger.info(
|
current_app.logger.info(
|
||||||
'Deleted domain successfully from PowerDNS: {0}'.format(
|
'Deleted domain successfully from PowerDNS: {0}'.format(
|
||||||
domain_name))
|
domain_name))
|
||||||
@ -587,7 +595,8 @@ class Domain(db.Model):
|
|||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(
|
timeout=int(
|
||||||
Setting().get('pdns_api_timeout')),
|
Setting().get('pdns_api_timeout')),
|
||||||
method='PUT')
|
method='PUT',
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
return {'status': 'ok', 'msg': r.get('result')}
|
return {'status': 'ok', 'msg': r.get('result')}
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
current_app.logger.error(
|
current_app.logger.error(
|
||||||
@ -617,7 +626,8 @@ class Domain(db.Model):
|
|||||||
domain.name)),
|
domain.name)),
|
||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(Setting().get('pdns_api_timeout')),
|
timeout=int(Setting().get('pdns_api_timeout')),
|
||||||
method='GET')
|
method='GET',
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
if 'error' in jdata:
|
if 'error' in jdata:
|
||||||
return {
|
return {
|
||||||
'status': 'error',
|
'status': 'error',
|
||||||
@ -655,6 +665,7 @@ class Domain(db.Model):
|
|||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(Setting().get('pdns_api_timeout')),
|
timeout=int(Setting().get('pdns_api_timeout')),
|
||||||
method='PUT',
|
method='PUT',
|
||||||
|
verify=Setting().get('verify_ssl_connections'),
|
||||||
data=post_data)
|
data=post_data)
|
||||||
if 'error' in jdata:
|
if 'error' in jdata:
|
||||||
return {
|
return {
|
||||||
@ -674,6 +685,7 @@ class Domain(db.Model):
|
|||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(Setting().get('pdns_api_timeout')),
|
timeout=int(Setting().get('pdns_api_timeout')),
|
||||||
method='POST',
|
method='POST',
|
||||||
|
verify=Setting().get('verify_ssl_connections'),
|
||||||
data=post_data)
|
data=post_data)
|
||||||
if 'error' in jdata:
|
if 'error' in jdata:
|
||||||
return {
|
return {
|
||||||
@ -719,7 +731,8 @@ class Domain(db.Model):
|
|||||||
domain.name, key_id)),
|
domain.name, key_id)),
|
||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(Setting().get('pdns_api_timeout')),
|
timeout=int(Setting().get('pdns_api_timeout')),
|
||||||
method='DELETE')
|
method='DELETE',
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
if jdata != True:
|
if jdata != True:
|
||||||
return {
|
return {
|
||||||
'status':
|
'status':
|
||||||
@ -740,6 +753,7 @@ class Domain(db.Model):
|
|||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(Setting().get('pdns_api_timeout')),
|
timeout=int(Setting().get('pdns_api_timeout')),
|
||||||
method='PUT',
|
method='PUT',
|
||||||
|
verify=Setting().get('verify_ssl_connections'),
|
||||||
data=post_data)
|
data=post_data)
|
||||||
if 'error' in jdata:
|
if 'error' in jdata:
|
||||||
return {
|
return {
|
||||||
@ -796,6 +810,7 @@ class Domain(db.Model):
|
|||||||
timeout=int(
|
timeout=int(
|
||||||
Setting().get('pdns_api_timeout')),
|
Setting().get('pdns_api_timeout')),
|
||||||
method='PUT',
|
method='PUT',
|
||||||
|
verify=Setting().get('verify_ssl_connections'),
|
||||||
data=post_data)
|
data=post_data)
|
||||||
|
|
||||||
if 'error' in jdata.keys():
|
if 'error' in jdata.keys():
|
||||||
|
@ -52,7 +52,8 @@ class Record(object):
|
|||||||
'/servers/localhost/zones/{0}'.format(domain)),
|
'/servers/localhost/zones/{0}'.format(domain)),
|
||||||
timeout=int(
|
timeout=int(
|
||||||
Setting().get('pdns_api_timeout')),
|
Setting().get('pdns_api_timeout')),
|
||||||
headers=headers)
|
headers=headers,
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
current_app.logger.error(
|
current_app.logger.error(
|
||||||
"Cannot fetch domain's record data from remote powerdns api. DETAIL: {0}"
|
"Cannot fetch domain's record data from remote powerdns api. DETAIL: {0}"
|
||||||
@ -96,6 +97,7 @@ class Record(object):
|
|||||||
timeout=int(
|
timeout=int(
|
||||||
Setting().get('pdns_api_timeout')),
|
Setting().get('pdns_api_timeout')),
|
||||||
method='PATCH',
|
method='PATCH',
|
||||||
|
verify=Setting().get('verify_ssl_connections'),
|
||||||
data=rrset)
|
data=rrset)
|
||||||
current_app.logger.debug(jdata)
|
current_app.logger.debug(jdata)
|
||||||
return {'status': 'ok', 'msg': 'Record was added successfully'}
|
return {'status': 'ok', 'msg': 'Record was added successfully'}
|
||||||
@ -281,6 +283,7 @@ class Record(object):
|
|||||||
'/servers/localhost/zones/{0}'.format(domain_name)),
|
'/servers/localhost/zones/{0}'.format(domain_name)),
|
||||||
headers=headers,
|
headers=headers,
|
||||||
method='PATCH',
|
method='PATCH',
|
||||||
|
verify=Setting().get('verify_ssl_connections'),
|
||||||
data=del_rrsets)
|
data=del_rrsets)
|
||||||
if 'error' in jdata1.keys():
|
if 'error' in jdata1.keys():
|
||||||
current_app.logger.error(
|
current_app.logger.error(
|
||||||
@ -300,6 +303,7 @@ class Record(object):
|
|||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(Setting().get('pdns_api_timeout')),
|
timeout=int(Setting().get('pdns_api_timeout')),
|
||||||
method='PATCH',
|
method='PATCH',
|
||||||
|
verify=Setting().get('verify_ssl_connections'),
|
||||||
data=new_rrsets)
|
data=new_rrsets)
|
||||||
if 'error' in jdata2.keys():
|
if 'error' in jdata2.keys():
|
||||||
current_app.logger.error(
|
current_app.logger.error(
|
||||||
@ -451,6 +455,7 @@ class Record(object):
|
|||||||
timeout=int(
|
timeout=int(
|
||||||
Setting().get('pdns_api_timeout')),
|
Setting().get('pdns_api_timeout')),
|
||||||
method='PATCH',
|
method='PATCH',
|
||||||
|
verify=Setting().get('verify_ssl_connections'),
|
||||||
data=data)
|
data=data)
|
||||||
current_app.logger.debug(jdata)
|
current_app.logger.debug(jdata)
|
||||||
return {'status': 'ok', 'msg': 'Record was removed successfully'}
|
return {'status': 'ok', 'msg': 'Record was removed successfully'}
|
||||||
@ -522,6 +527,7 @@ class Record(object):
|
|||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(Setting().get('pdns_api_timeout')),
|
timeout=int(Setting().get('pdns_api_timeout')),
|
||||||
method='PATCH',
|
method='PATCH',
|
||||||
|
verify=Setting().get('verify_ssl_connections'),
|
||||||
data=data)
|
data=data)
|
||||||
current_app.logger.debug("dyndns data: {0}".format(data))
|
current_app.logger.debug("dyndns data: {0}".format(data))
|
||||||
return {'status': 'ok', 'msg': 'Record was updated successfully'}
|
return {'status': 'ok', 'msg': 'Record was updated successfully'}
|
||||||
@ -544,7 +550,8 @@ class Record(object):
|
|||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(
|
timeout=int(
|
||||||
Setting().get('pdns_api_timeout')),
|
Setting().get('pdns_api_timeout')),
|
||||||
method='GET')
|
method='GET',
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
serial = jdata['serial']
|
serial = jdata['serial']
|
||||||
|
|
||||||
domain = Domain.query.filter(Domain.name == domain).first()
|
domain = Domain.query.filter(Domain.name == domain).first()
|
||||||
|
@ -33,7 +33,8 @@ class Server(object):
|
|||||||
'/servers/{0}/config'.format(self.server_id)),
|
'/servers/{0}/config'.format(self.server_id)),
|
||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(Setting().get('pdns_api_timeout')),
|
timeout=int(Setting().get('pdns_api_timeout')),
|
||||||
method='GET')
|
method='GET',
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
return jdata
|
return jdata
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
current_app.logger.error(
|
current_app.logger.error(
|
||||||
@ -54,7 +55,8 @@ class Server(object):
|
|||||||
'/servers/{0}/statistics'.format(self.server_id)),
|
'/servers/{0}/statistics'.format(self.server_id)),
|
||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(Setting().get('pdns_api_timeout')),
|
timeout=int(Setting().get('pdns_api_timeout')),
|
||||||
method='GET')
|
method='GET',
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
return jdata
|
return jdata
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
current_app.logger.error(
|
current_app.logger.error(
|
||||||
@ -77,7 +79,8 @@ class Server(object):
|
|||||||
headers=headers,
|
headers=headers,
|
||||||
timeout=int(
|
timeout=int(
|
||||||
Setting().get('pdns_api_timeout')),
|
Setting().get('pdns_api_timeout')),
|
||||||
method='GET')
|
method='GET',
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
return jdata
|
return jdata
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
current_app.logger.error(
|
current_app.logger.error(
|
||||||
|
@ -33,6 +33,7 @@ class Setting(db.Model):
|
|||||||
'pdns_api_key': '',
|
'pdns_api_key': '',
|
||||||
'pdns_api_timeout': 30,
|
'pdns_api_timeout': 30,
|
||||||
'pdns_version': '4.1.1',
|
'pdns_version': '4.1.1',
|
||||||
|
'verify_ssl_connections': True,
|
||||||
'local_db_enabled': True,
|
'local_db_enabled': True,
|
||||||
'signup_enabled': True,
|
'signup_enabled': True,
|
||||||
'verify_user_email': False,
|
'verify_user_email': False,
|
||||||
|
@ -501,7 +501,7 @@ def setting_basic():
|
|||||||
'pretty_ipv6_ptr', 'dnssec_admins_only',
|
'pretty_ipv6_ptr', 'dnssec_admins_only',
|
||||||
'allow_user_create_domain', 'bg_domain_updates', 'site_name',
|
'allow_user_create_domain', 'bg_domain_updates', 'site_name',
|
||||||
'session_timeout', 'warn_session_timeout', 'ttl_options',
|
'session_timeout', 'warn_session_timeout', 'ttl_options',
|
||||||
'pdns_api_timeout', 'verify_user_email'
|
'pdns_api_timeout', 'verify_ssl_connections', 'verify_user_email'
|
||||||
]
|
]
|
||||||
|
|
||||||
return render_template('admin_setting_basic.html', settings=settings)
|
return render_template('admin_setting_basic.html', settings=settings)
|
||||||
|
@ -144,7 +144,8 @@ def api_login_create_zone():
|
|||||||
method='POST',
|
method='POST',
|
||||||
data=request.get_json(force=True),
|
data=request.get_json(force=True),
|
||||||
headers=headers,
|
headers=headers,
|
||||||
accept='application/json; q=1')
|
accept='application/json; q=1',
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
current_app.logger.error("Cannot create domain. Error: {}".format(e))
|
current_app.logger.error("Cannot create domain. Error: {}".format(e))
|
||||||
abort(500)
|
abort(500)
|
||||||
@ -219,7 +220,8 @@ def api_login_delete_zone(domain_name):
|
|||||||
resp = utils.fetch_remote(urljoin(pdns_api_url, api_full_uri),
|
resp = utils.fetch_remote(urljoin(pdns_api_url, api_full_uri),
|
||||||
method='DELETE',
|
method='DELETE',
|
||||||
headers=headers,
|
headers=headers,
|
||||||
accept='application/json; q=1')
|
accept='application/json; q=1',
|
||||||
|
verify=Setting().get('verify_ssl_connections'))
|
||||||
|
|
||||||
if resp.status_code == 204:
|
if resp.status_code == 204:
|
||||||
current_app.logger.debug("Request to powerdns API successful")
|
current_app.logger.debug("Request to powerdns API successful")
|
||||||
|
Loading…
Reference in New Issue
Block a user