Add support for specifying DNSTimeout (bumps required dkimpy version to 1.0)

2020-01-03 16:14:08 -05:00
parent 042005b38d
commit 8a2760531b
8 changed files with 65 additions and 8 deletions
@@ -359,7 +359,7 @@ class dkimMilter(Milter.Base):
        res = False
        self.header_a = None
        for y in range(self.has_dkim):  # Verify _ALL_ the signatures
-            d = dkim.DKIM(txt, minkey=self.conf.get('MinimumKeyBits'))
+            d = dkim.DKIM(txt, minkey=self.conf.get('MinimumKeyBits'), timeout=self.conf.get('DNSTimeout'))
            try:
                dnsoverride = self.conf.get('DNSOverride')
                if isinstance(dnsoverride, str):
@@ -50,6 +50,7 @@ defaultConfigData = {
    'MacroList': '',
    'MacroListVerify': '',
    'DNSOverride': None,
+    'DNSTimeout': 5,
    'SubDomains': False,
    'SigningTable': None,
    'debugLevel': 0  # Undocumented config item for developer use
@@ -158,7 +159,7 @@ class HostsDataset(object):
        '''Get validated PTR name of IP address'''
        results = []
        s = Session()
-        ptrnames = s.dns(source.reverse_pointer, 'PTR')
+        ptrnames = s.dns(source.reverse_pointer, 'PTR', timeout=self.conf.get('DNSTimeout'))
        for name in ptrnames:
            if isinstance(source, ipaddress.IPv4Address):
                ips = s.dns(name, 'A')
@@ -357,6 +358,7 @@ def _readConfigFile(path, configData=None, configGlobal={}):
        'MacroList': 'dataset',
        'MacroListVerify': 'dataset',
        'DNSOverride': 'str',
+        'DNSTimeout': 'int',
        'debugLevel': 'int',
        'SignHeaders': 'dataset'
        }
@@ -88,7 +88,7 @@ class Session(object):
        result = self.dns(cname, qtype, cnames=cnames)
    return result

-def DNSLookup_pydns(name, qtype, tcpfallback=True, timeout=30):
+def DNSLookup_pydns(name, qtype, tcpfallback=True, timeout=5):
    try:
 	# FIXME: To be thread safe, we create a fresh DnsRequest with
 	# each call.  It would be more efficient to reuse
@@ -114,11 +114,11 @@ def DNSLookup_pydns(name, qtype, tcpfallback=True, timeout=30):
    except IOError as x:
        raise DNS.DNSError('DNS: ' + str(x))

-def DNSLookup_dnspython(name,qtype,tcpfallback=True,timeout=30):
+def DNSLookup_dnspython(name,qtype,tcpfallback=True,timeout=5):
  retVal = []
  try:
    # FIXME: how to disable TCP fallback in dnspython if not tcpfallback?
-    answers = dns.resolver.query(name, qtype)
+    answers = dns.resolver.query(name, qtype, raise_on_no_answer=False, lifetime=timeout)
    for rdata in answers:
      if qtype == 'A' or qtype == 'AAAA':
        retVal.append(((name, qtype), rdata.address))