From 53545585f07325ae7ad41d59804c9c6065f39d3f Mon Sep 17 00:00:00 2001 From: Admin MPCZ Date: Tue, 14 Apr 2026 12:58:54 +0200 Subject: [PATCH] Configurable DNS suffixes + 2s socket timeout for faster resolve --- app/services/realtime_audit_service.py | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/app/services/realtime_audit_service.py b/app/services/realtime_audit_service.py index b0d73f1..dd63581 100644 --- a/app/services/realtime_audit_service.py +++ b/app/services/realtime_audit_service.py @@ -14,7 +14,21 @@ except ImportError: SSH_KEY_DEFAULT = "/opt/patchcenter/keys/id_ed25519" SSH_USER_DEFAULT = "root" SSH_TIMEOUT = 12 -DNS_SUFFIXES = ["", ".mpcz.fr", ".sanef.groupe", ".sanef-rec.fr", ".sanef.fr"] +DNS_SUFFIXES_DEFAULT = ["", ".mpcz.fr", ".sanef.groupe", ".sanef-rec.fr", ".sanef.fr"] + + +def _get_dns_suffixes(): + try: + from .secrets_service import get_secret + from ..database import SessionLocal + db = SessionLocal() + val = get_secret(db, "ssh_dns_suffixes") + db.close() + if val: + return [x.strip() for x in val.split(",") if x.strip() or x == ""] + except Exception: + pass + return DNS_SUFFIXES_DEFAULT def _get_ssh_settings(): @@ -62,11 +76,11 @@ BANNER_FILTERS = [ def _resolve(hostname): - for suffix in DNS_SUFFIXES: + for suffix in _get_dns_suffixes(): target = hostname + suffix try: sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - sock.settimeout(5) + sock.settimeout(2) r = sock.connect_ex((target, 22)) sock.close() if r == 0: