zephyr: Switch from py3dns to dnspython.

Signed-off-by: Anders Kaseorg <anders@zulip.com>

zerver/forms.py

@@ -3,7 +3,7 @@ import re
 from email.headerregistry import Address
 from typing import Any
 
-import DNS
+import dns.resolver
 from django import forms
 from django.conf import settings
 from django.contrib.auth import authenticate, password_validation
@@ -66,14 +66,11 @@ def email_is_not_mit_mailing_list(email: str) -> None:
     if address.domain == "mit.edu":
         # Check whether the user exists and can get mail.
         try:
-            DNS.dnslookup(f"{address.username}.pobox.ns.athena.mit.edu", DNS.Type.TXT)
+            dns.resolver.resolve(f"{address.username}.pobox.ns.athena.mit.edu", "TXT")
-        except DNS.Base.ServerError as e:
+        except dns.resolver.NXDOMAIN:
-            if e.rcode == DNS.Status.NXDOMAIN:
+            # This error is Markup only because 1. it needs to render HTML
-                # This error is Markup only because 1. it needs to render HTML
+            # 2. It's not formatted with any user input.
-                # 2. It's not formatted with any user input.
+            raise ValidationError(MIT_VALIDATION_ERROR)
-                raise ValidationError(MIT_VALIDATION_ERROR)
-            else:
-                raise AssertionError("Unexpected DNS error")
 
 
 class OverridableValidationError(ValidationError):

zerver/lib/test_helpers.py

@@ -12,6 +12,8 @@ from unittest import mock
 from unittest.mock import patch
 
 import boto3.session
+import dns.rdtypes.ANY.TXT
+import dns.resolver
 import fakeldap
 import ldap
 import orjson
@@ -793,3 +795,16 @@ def ratelimit_rule(
 def consume_response(response: HttpResponseBase) -> None:
     assert response.streaming
     collections.deque(response, maxlen=0)
+
+
+def dns_txt_answer(name_str: str, txt: str) -> dns.resolver.Answer:
+    name = dns.name.from_text(name_str)
+    rdclass = dns.rdataclass.IN
+    rdtype = dns.rdatatype.TXT
+    response = dns.message.make_query(
+        name, rdtype, rdclass, flags=dns.flags.QR | dns.flags.RA | dns.flags.RD
+    )
+    response.find_rrset(dns.message.ANSWER, name, rdclass, rdtype, create=True).add(
+        dns.rdtypes.ANY.TXT.TXT(rdclass, rdtype, txt)
+    )
+    return dns.resolver.Answer(name, rdtype, rdclass, response)

zerver/lib/zephyr.py

@@ -1,7 +1,7 @@
 import re
 import traceback
 
-import DNS
+import dns.resolver
 
 
 def compute_mit_user_fullname(email: str) -> str:
@@ -9,13 +9,13 @@ def compute_mit_user_fullname(email: str) -> str:
         # Input is either e.g. username@mit.edu or user|CROSSREALM.INVALID@mit.edu
         match_user = re.match(r"^([a-zA-Z0-9_.-]+)(\|.+)?@mit\.edu$", email.lower())
         if match_user and match_user.group(2) is None:
-            answer = DNS.dnslookup(f"{match_user.group(1)}.passwd.ns.athena.mit.edu", DNS.Type.TXT)
+            answer = dns.resolver.resolve(f"{match_user.group(1)}.passwd.ns.athena.mit.edu", "TXT")
-            hesiod_name = answer[0][0].decode().split(":")[4].split(",")[0].strip()
+            hesiod_name = answer[0].strings[0].decode().split(":")[4].split(",")[0].strip()
             if hesiod_name != "":
                 return hesiod_name
         elif match_user:
             return match_user.group(1).lower() + "@" + match_user.group(2).upper().removeprefix("|")
-    except DNS.Base.ServerError:
+    except dns.resolver.NXDOMAIN:
         pass
     except Exception:
         print(f"Error getting fullname for {email}:")

zerver/tests/test_external.py

@@ -5,7 +5,7 @@ from contextlib import contextmanager
 from typing import IO, TYPE_CHECKING, Any
 from unittest import mock, skipUnless
 
-import DNS
+import dns.resolver
 import orjson
 from circuitbreaker import CircuitBreakerMonitor
 from django.conf import settings
@@ -23,7 +23,7 @@ from zerver.lib.rate_limiter import (
     get_tor_ips,
 )
 from zerver.lib.test_classes import ZulipTestCase
-from zerver.lib.test_helpers import ratelimit_rule
+from zerver.lib.test_helpers import dns_txt_answer, ratelimit_rule
 from zerver.lib.zephyr import compute_mit_user_fullname
 from zerver.models import PushDeviceToken, UserProfile
 
@@ -37,43 +37,44 @@ if TYPE_CHECKING:
 class MITNameTest(ZulipTestCase):
     def test_valid_hesiod(self) -> None:
         with mock.patch(
-            "DNS.dnslookup",
+            "dns.resolver.resolve",
-            return_value=[
+            return_value=dns_txt_answer(
-                [b"starnine:*:84233:101:Athena Consulting Exchange User,,,:/mit/starnine:/bin/bash"]
+                "starnine.passwd.ns.athena.mit.edu.",
-            ],
+                "starnine:*:84233:101:Athena Consulting Exchange User,,,:/mit/starnine:/bin/bash",
+            ),
         ):
             self.assertEqual(
                 compute_mit_user_fullname(self.mit_email("starnine")),
                 "Athena Consulting Exchange User",
             )
         with mock.patch(
-            "DNS.dnslookup",
+            "dns.resolver.resolve",
-            return_value=[[b"sipbexch:*:87824:101:Exch Sipb,,,:/mit/sipbexch:/bin/athena/bash"]],
+            return_value=dns_txt_answer(
+                "sipbexch.passwd.ns.athena.mit.edu.",
+                "sipbexch:*:87824:101:Exch Sipb,,,:/mit/sipbexch:/bin/athena/bash",
+            ),
         ):
             self.assertEqual(compute_mit_user_fullname("sipbexch@mit.edu"), "Exch Sipb")
 
     def test_invalid_hesiod(self) -> None:
-        with mock.patch(
+        with mock.patch("dns.resolver.resolve", side_effect=dns.resolver.NXDOMAIN):
-            "DNS.dnslookup", side_effect=DNS.Base.ServerError("DNS query status: NXDOMAIN", 3)
-        ):
             self.assertEqual(compute_mit_user_fullname("1234567890@mit.edu"), "1234567890@mit.edu")
-        with mock.patch(
+        with mock.patch("dns.resolver.resolve", side_effect=dns.resolver.NXDOMAIN):
-            "DNS.dnslookup", side_effect=DNS.Base.ServerError("DNS query status: NXDOMAIN", 3)
-        ):
             self.assertEqual(compute_mit_user_fullname("ec-discuss@mit.edu"), "ec-discuss@mit.edu")
 
     def test_mailinglist(self) -> None:
-        with mock.patch(
+        with mock.patch("dns.resolver.resolve", side_effect=dns.resolver.NXDOMAIN):
-            "DNS.dnslookup", side_effect=DNS.Base.ServerError("DNS query status: NXDOMAIN", 3)
-        ):
             self.assertRaises(ValidationError, email_is_not_mit_mailing_list, "1234567890@mit.edu")
-        with mock.patch(
+        with mock.patch("dns.resolver.resolve", side_effect=dns.resolver.NXDOMAIN):
-            "DNS.dnslookup", side_effect=DNS.Base.ServerError("DNS query status: NXDOMAIN", 3)
-        ):
             self.assertRaises(ValidationError, email_is_not_mit_mailing_list, "ec-discuss@mit.edu")
 
     def test_notmailinglist(self) -> None:
-        with mock.patch("DNS.dnslookup", return_value=[[b"POP IMAP.EXCHANGE.MIT.EDU starnine"]]):
+        with mock.patch(
+            "dns.resolver.resolve",
+            return_value=dns_txt_answer(
+                "starnine.pobox.ns.athena.mit.edu.", "POP IMAP.EXCHANGE.MIT.EDU starnine"
+            ),
+        ):
             email_is_not_mit_mailing_list("sipbexch@mit.edu")
 
 

zerver/tests/test_message_send.py

@@ -50,6 +50,7 @@ from zerver.lib.per_request_cache import flush_per_request_caches
 from zerver.lib.streams import create_stream_if_needed
 from zerver.lib.test_classes import ZulipTestCase
 from zerver.lib.test_helpers import (
+    dns_txt_answer,
     get_user_messages,
     make_client,
     message_stream_count,
@@ -1052,10 +1053,11 @@ class MessagePOSTTest(ZulipTestCase):
         }
 
         with mock.patch(
-            "DNS.dnslookup",
+            "dns.resolver.resolve",
-            return_value=[
+            return_value=dns_txt_answer(
-                [b"starnine:*:84233:101:Athena Consulting Exchange User,,,:/mit/starnine:/bin/bash"]
+                "starnine.passwd.ns.athena.mit.edu.",
-            ],
+                "starnine:*:84233:101:Athena Consulting Exchange User,,,:/mit/starnine:/bin/bash",
+            ),
         ):
             result1 = self.api_post(
                 self.mit_user("starnine"), "/api/v1/messages", msg, subdomain="zephyr"
@@ -1063,8 +1065,11 @@ class MessagePOSTTest(ZulipTestCase):
             self.assert_json_success(result1)
 
         with mock.patch(
-            "DNS.dnslookup",
+            "dns.resolver.resolve",
-            return_value=[[b"espuser:*:95494:101:Esp Classroom,,,:/mit/espuser:/bin/athena/bash"]],
+            return_value=dns_txt_answer(
+                ("espuser.passwd.ns.athena.mit.edu."),
+                "espuser:*:95494:101:Esp Classroom,,,:/mit/espuser:/bin/athena/bash",
+            ),
         ):
             result2 = self.api_post(
                 self.mit_user("espuser"), "/api/v1/messages", msg, subdomain="zephyr"

zerver/tests/test_mirror_users.py

@@ -7,7 +7,10 @@ from django.utils.timezone import now as timezone_now
 from zerver.actions.message_send import create_mirror_user_if_needed
 from zerver.lib.create_user import create_user_profile
 from zerver.lib.test_classes import ZulipTestCase
-from zerver.lib.test_helpers import reset_email_visibility_to_everyone_in_zulip_realm
+from zerver.lib.test_helpers import (
+    dns_txt_answer,
+    reset_email_visibility_to_everyone_in_zulip_realm,
+)
 from zerver.models import UserProfile
 from zerver.models.clients import get_client
 from zerver.models.realms import get_realm
@@ -49,8 +52,11 @@ class MirroredMessageUsersTest(ZulipTestCase):
                 )
 
     @mock.patch(
-        "DNS.dnslookup",
+        "dns.resolver.resolve",
-        return_value=[[b"sipbtest:*:20922:101:Fred Sipb,,,:/mit/sipbtest:/bin/athena/tcsh"]],
+        return_value=dns_txt_answer(
+            "sipbtest.passwd.ns.athena.mit.edu.",
+            "sipbtest:*:20922:101:Fred Sipb,,,:/mit/sipbtest:/bin/athena/tcsh",
+        ),
     )
     def test_zephyr_mirror_new_recipient(self, ignored: object) -> None:
         """Test mirror dummy user creation for direct message recipients"""
@@ -79,8 +85,11 @@ class MirroredMessageUsersTest(ZulipTestCase):
         self.assertTrue(bob.is_mirror_dummy)
 
     @mock.patch(
-        "DNS.dnslookup",
+        "dns.resolver.resolve",
-        return_value=[[b"sipbtest:*:20922:101:Fred Sipb,,,:/mit/sipbtest:/bin/athena/tcsh"]],
+        return_value=dns_txt_answer(
+            "sipbtest.passwd.ns.athena.mit.edu.",
+            "sipbtest:*:20922:101:Fred Sipb,,,:/mit/sipbtest:/bin/athena/tcsh",
+        ),
     )
     def test_zephyr_mirror_new_sender(self, ignored: object) -> None:
         """Test mirror dummy user creation for sender when sending to stream"""

zerver/tests/test_signup.py

@@ -53,6 +53,7 @@ from zerver.lib.test_classes import ZulipTestCase
 from zerver.lib.test_helpers import (
     HostRequestMock,
     avatar_disk_path,
+    dns_txt_answer,
     find_key_by_email,
     get_test_image_file,
     load_subdomain_token,
@@ -4135,8 +4136,11 @@ class UserSignUpTest(ZulipTestCase):
         self.assertEqual(mirror_dummy.role, UserProfile.ROLE_GUEST)
 
     @patch(
-        "DNS.dnslookup",
+        "dns.resolver.resolve",
-        return_value=[[b"sipbtest:*:20922:101:Fred Sipb,,,:/mit/sipbtest:/bin/athena/tcsh"]],
+        return_value=dns_txt_answer(
+            "sipbtest.passwd.ns.athena.mit.edu.",
+            "sipbtest:*:20922:101:Fred Sipb,,,:/mit/sipbtest:/bin/athena/tcsh",
+        ),
     )
     def test_registration_of_mirror_dummy_user(self, ignored: Any) -> None:
         password = "test"
@@ -4216,8 +4220,11 @@ class UserSignUpTest(ZulipTestCase):
         self.assert_logged_in_user_id(user_profile.id)
 
     @patch(
-        "DNS.dnslookup",
+        "dns.resolver.resolve",
-        return_value=[[b"sipbtest:*:20922:101:Fred Sipb,,,:/mit/sipbtest:/bin/athena/tcsh"]],
+        return_value=dns_txt_answer(
+            "sipbtest.passwd.ns.athena.mit.edu.",
+            "sipbtest:*:20922:101:Fred Sipb,,,:/mit/sipbtest:/bin/athena/tcsh",
+        ),
     )
     def test_registration_of_active_mirror_dummy_user(self, ignored: Any) -> None:
         """