From 110e0f90d932e617d58883d7b9254d41e0216b20 Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Sun, 7 Sep 2014 11:42:20 +0000 Subject: [PATCH] dns: move the quoting of TXT records to when we write the zone file so that we can display it unquoted in the External DNS instructions --- management/dns_update.py | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/management/dns_update.py b/management/dns_update.py index 8863250b..5426947d 100755 --- a/management/dns_update.py +++ b/management/dns_update.py @@ -169,7 +169,7 @@ def build_zone(domain, all_domains, additional_records, env, is_zone=True): # SPF record: Permit the box ('mx', see above) to send mail on behalf of # the domain, and no one else. - records.append((None, "TXT", '"v=spf1 mx -all"', "Recommended. Specifies that only the box is permitted to send @%s mail." % domain)) + records.append((None, "TXT", 'v=spf1 mx -all', "Recommended. Specifies that only the box is permitted to send @%s mail." % domain)) # Add DNS records for any subdomains of this domain. We should not have a zone for # both a domain and one of its subdomains. @@ -213,11 +213,12 @@ def build_zone(domain, all_domains, additional_records, env, is_zone=True): if os.path.exists(opendkim_record_file): # Append the DKIM TXT record to the zone as generated by OpenDKIM, after string formatting above. with open(opendkim_record_file) as orf: - m = re.match(r"(\S+)\s+IN\s+TXT\s+(\(.*\))\s*;", orf.read(), re.S) - records.append((m.group(1), "TXT", m.group(2), "Recommended. Provides a way for recipients to verify that this machine sent @%s mail." % domain)) + m = re.match(r'(\S+)\s+IN\s+TXT\s+\( "([^"]+)"\s+"([^"]+)"\s*\)', orf.read(), re.S) + val = m.group(2) + m.group(3) + records.append((m.group(1), "TXT", val, "Recommended. Provides a way for recipients to verify that this machine sent @%s mail." % domain)) # Append a DMARC record. - records.append(("_dmarc", "TXT", '"v=DMARC1; p=quarantine"', "Optional. Specifies that mail that does not originate from the box but claims to be from @%s is suspect and should be quarantined by the recipient's mail system." % domain)) + records.append(("_dmarc", "TXT", 'v=DMARC1; p=quarantine', "Optional. Specifies that mail that does not originate from the box but claims to be from @%s is suspect and should be quarantined by the recipient's mail system." % domain)) # Sort the records. The None records *must* go first in the nsd zone file. Otherwise it doesn't matter. records.sort(key = lambda rec : list(reversed(rec[0].split(".")) if rec[0] is not None else "")) @@ -261,11 +262,6 @@ def get_custom_records(domain, additional_records, env): if rtype == "AAAA" and value2 == "local": if "PUBLIC_IPV6" not in env: continue # no IPv6 address is available so don't set anything value2 = env["PUBLIC_IPV6"] - - # For typical zone file output, quote a text record. - if rtype == "TXT": - value2 = "\"" + value2 + "\"" - yield (qname, rtype, value2) ######################################################################## @@ -363,6 +359,10 @@ $TTL 1800 ; default time to live if subdomain: zone += subdomain zone += "\tIN\t" + querytype + "\t" + if querytype == "TXT": + value = value.replace('\\', '\\\\') # escape backslashes + value = value.replace('"', '\\"') # escape quotes + value = '"' + value + '"' # wrap in quotes zone += value + "\n" # DNSSEC requires re-signing a zone periodically. That requires