[Git][NTPsec/ntpsec][master] Fixed client DNS lookups to timeout after 1 second

Ian Bruene gitlab at mg.gitlab.com
Mon Jan 1 17:54:27 UTC 2018


Ian Bruene pushed to branch master at NTPsec / ntpsec


Commits:
b4f2101a by Ian Bruene at 2018-01-01T11:53:33-06:00
Fixed client DNS lookups to timeout after 1 second

- - - - -


4 changed files:

- ntpclients/ntpq.py
- ntpclients/ntpsnmpd.py
- pylib/util.py
- tests/pylib/test_util.py


Changes:

=====================================
ntpclients/ntpq.py
=====================================
--- a/ntpclients/ntpq.py
+++ b/ntpclients/ntpq.py
@@ -520,8 +520,9 @@ usage: timeout [ msec ]
                     if self.showhostnames:
                         if self.debug:
                             self.say("DNS lookup begins...")
-                        value = ntp.util.canonicalize_dns(
-                            value, family=self.ai_family)
+                            self.say(ntp.util.__file__)
+                        value = ntp.util.timed_canonicalize_dns(
+                            value, family=self.ai_family, log=self.say)
                         if self.debug:
                             self.say("DNS lookup complete.")
                     self.say("%s  %s\n" % (legend, value))


=====================================
ntpclients/ntpsnmpd.py
=====================================
--- a/ntpclients/ntpsnmpd.py
+++ b/ntpclients/ntpsnmpd.py
@@ -423,7 +423,7 @@ class DataSource:  # This will be broken up in future to be less NTP-specific
         data = self.safeReadvar(0, ["peeradr"])
         if data is None:
             return ax.Varbind(ax.VALUE_NULL, oid)
-        data = ntp.util.canonicalize_dns(data["peeradr"])
+        data = ntp.util.timed_canonicalize_dns(data["peeradr"])
         return ax.Varbind(ax.VALUE_OCTET_STR, oid, data)
 
     def cbr_statusActiveOffset(self, oid):
@@ -626,7 +626,7 @@ class DataSource:  # This will be broken up in future to be less NTP-specific
             if pdata is None:
                 return ax.Varbind(ax.VALUE_NULL, oid)
             peername = pdata[associd]["srcadr"][1]
-            peername = ntp.util.canonicalize_dns(peername)
+            peername = ntp.util.timed_canonicalize_dns(peername)
             return ax.Varbind(ax.VALUE_OCTET_STR, oid, peername)
         return self.dynamicCallbackSkeleton(handler)
 


=====================================
pylib/util.py
=====================================
--- a/pylib/util.py
+++ b/pylib/util.py
@@ -10,6 +10,7 @@ import os
 import re
 import shutil
 import socket
+import signal
 import sys
 import time
 import ntp.ntpc
@@ -553,6 +554,25 @@ class Cache:
 canonicalization_cache = Cache()
 
 
+import subprocess
+
+
+def timed_canonicalize_dns(inhost, family=socket.AF_UNSPEC, ttl=1.0):
+    cmd = "import ntp.util; print(ntp.util.canonicalize_dns('%s', %s))"
+    cmd = cmd % (str(inhost), str(family))
+    p = subprocess.Popen(["python", "-c", cmd],
+                         stdout=subprocess.PIPE,
+                         stderr=subprocess.PIPE,
+                         stdin=subprocess.PIPE)
+    starttime = time.time()
+    while p.poll() is None:  # subprocess not yet returned
+        timediff = time.time() - starttime
+        if timediff > ttl:  # timed out; bail
+            p.terminate()
+            return inhost
+        time.sleep(.01)  # don't waste cycles with spinning
+    return p.communicate()[0].strip("\n")
+
 def canonicalize_dns(inhost, family=socket.AF_UNSPEC):
     "Canonicalize a hostname or numeric IP address."
     resname = canonicalization_cache.get(inhost)
@@ -1058,7 +1078,7 @@ class PeerSummary:
                 try:
                     if self.debug:
                         self.logfp.write("DNS lookup begins...\n")
-                    clock_name = canonicalize_dns(srcadr)
+                    clock_name = timed_canonicalize_dns(srcadr)
                     if self.debug:
                         self.logfp.write("DNS lookup ends.\n")
                 except TypeError:


=====================================
tests/pylib/test_util.py
=====================================
--- a/tests/pylib/test_util.py
+++ b/tests/pylib/test_util.py
@@ -518,6 +518,7 @@ class TestPylibUtilMethods(unittest.TestCase):
             sockettemp = ntp.util.socket
             ntp.util.socket = fakesockmod
             # Test cache hit
+            print("DNS:", f)
             self.assertEqual(f("foo"), "bar")
             self.assertEqual(fakesockmod.gai_calls, [])
             # Test addrinfo fail
@@ -1123,8 +1124,8 @@ class TestPeerSummary(unittest.TestCase):
         try:
             timetemp = ntp.util.time
             ntp.util.time = faketimemod
-            cdnstemp = ntp.util.canonicalize_dns
-            ntp.util.canonicalize_dns = cdns_jig
+            cdnstemp = ntp.util.timed_canonicalize_dns
+            ntp.util.timed_canonicalize_dns = cdns_jig
             # Test, no units, hmode=BCLIENTX, peers
             cdns_jig_returns = ["clock_canon"]
             faketimemod.time_returns = [0xA0000000]
@@ -1230,7 +1231,7 @@ class TestPeerSummary(unittest.TestCase):
                              "   32  764 1.2346ms 2.7183ms 3.1416ms\n")
         finally:
             ntp.util.time = timetemp
-            ntp.util.canonicalize_dns = cdnstemp
+            ntp.util.timed_canonicalize_dns = cdnstemp
 
     def test_intervals(self):
         cls = self.target("peers", 4, True, False)



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/b4f2101a0594d455c63791137d457c604fe10c8c

---
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/b4f2101a0594d455c63791137d457c604fe10c8c
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20180101/f4755a10/attachment.html>


More information about the vc mailing list