Fix the nsupdate module's TTL change detection (#42973)

Ideally I would have liked to compare the TTL as part of the
prerequisite check. Sadly that isn't supported by the RFC 2136 update
protocol. Hence the additional query.

Resolves #39465
This commit is contained in:
Andreas Olsson 2018-08-15 20:33:00 +02:00 committed by ansibot
parent 63e87a3a0a
commit 3ddec4d64e

View file

@ -190,6 +190,11 @@ class RecordManager(object):
if self.zone[-1] != '.': if self.zone[-1] != '.':
self.zone += '.' self.zone += '.'
if module.params['record'][-1] != '.':
self.fqdn = module.params['record'] + '.' + self.zone
else:
self.fqdn = module.params['record']
if module.params['key_name']: if module.params['key_name']:
try: try:
self.keyring = dns.tsigkeyring.from_text({ self.keyring = dns.tsigkeyring.from_text({
@ -326,12 +331,26 @@ class RecordManager(object):
response = self.__do_update(update) response = self.__do_update(update)
self.dns_rc = dns.message.Message.rcode(response) self.dns_rc = dns.message.Message.rcode(response)
if self.dns_rc == 0: if self.dns_rc == 0:
return 1 if self.ttl_changed():
return 2
else:
return 1
else: else:
return 2 return 2
else: else:
return 0 return 0
def ttl_changed(self):
query = dns.message.make_query(self.fqdn, self.module.params['type'])
try:
lookup = dns.query.tcp(query, self.module.params['server'], timeout=10, port=self.module.params['port'])
except (socket_error, dns.exception.Timeout) as e:
self.module.fail_json(msg='DNS server error: (%s): %s' % (e.__class__.__name__, to_native(e)))
current_ttl = lookup.answer[0].ttl
return current_ttl != self.module.params['ttl']
def main(): def main():
tsig_algs = ['HMAC-MD5.SIG-ALG.REG.INT', 'hmac-md5', 'hmac-sha1', 'hmac-sha224', tsig_algs = ['HMAC-MD5.SIG-ALG.REG.INT', 'hmac-md5', 'hmac-sha1', 'hmac-sha224',