b9ddns-lib.pl

BIND 9 dynamic DNS webmin module. This module supports both static and dynamic zones, and IPv4 and I

				if ($addr[$i] > 65535) {
					&terror('controls_eport');
				}

				push(@vals, { 'name' => $not . $ip,
					   'values' => [ 'port', $addr[$i] ] });

				return 1;
			}
		}

		return 0;
	};


	#
	# Delete the entry if the defaults are to be used.
	#

	if ($in{$_[0] . '_def'}) {
		&save_directive($_[1], $_[0], [ ], $_[2]);

		return;
	}


	$ip_only = defined($_[3]) && $_[3];
	$port_allowed = defined($_[4]) && $_[4];


	#
	# Look for any '!' signs used to negate addresses or ACL's.
	# Then we handle each entry by checking that it is a valid ACL
	# value - an IP address, address range or a known ACL name.
	#

	@addr = &compress_not($in{$_[0]});

	for ($i = 0; $i < @addr; $i++) {
		$ip = $addr[$i];

		$ip_seen = 0;

		if ($ip =~ /^!(.*)$/o) {
			$not = '!';
			$ip = $1;

			unless ($ip) {
				&terror('edit_eipmissing');
			}
		}
		else {
			$not = '';
		}


		if ($ip eq 'port') {
			unless ($port_allowed) {
				&terror('edit_port_noallow');
			}

			if ($master_port) {
				&terror('edit_multi_port');
			}

			if ($not || ++$i >= @addr || $addr[$i] =~ /\D/o ||
			    $addr[$i] > 65535) {
				&terror('controls_eport');
			}

			$master_port = $addr[$i];
		}
		elsif (&valid_acl_value($ip)) {
			#
			# For IP addresses we must first compress the address.
			# Then we need to check if a port has been given as
			# well.
			#

			if ($ip =~ /^[\d.]+$/o) {
				$ip = &compress_ip($ip);

				next if (&$has_port());

				$ip_seen++;
			}
			elsif ($ip =~ /^([\da-f:])+:[\da-f:]*$/io) {
				$ip = &compress_ip6($ip);

				next if (&$has_port());

				$ip_seen++;
			}

			if ($ip_only && ! $ip_seen) {
				&terror('edit_eip', $ip);
			}

			push(@vals, { 'name' => $not . $ip });
		}
		elsif (! $ip_only && $ip eq 'key') {
			if (++$i >= @addr) {
				&terror('edit_ekey_name');
			}

			push(@vals, { 'name' => $not . $ip,
				      'values' => [ $addr[$i] ] });
		}
		else {
			&terror(($ip_only) ? 'edit_eip' : 'edit_evalue', $ip);
		}
	}


	if ($master_port && ! @vals) {
		&terror('edit_eipmissing');
	}

	$dir = { 'name' => $_[0], 'type' => 1, 'members' => \@vals };

	$dir->{'values'} = [ 'port', $master_port ] if ($master_port);

	&save_directive($_[1], $_[0], [ $dir ], $_[2]);


	return;
}


#
# opt_input(text, name, &config, default, size, units)
#

sub opt_input {

	my $str = my $n = my $v = '';


	$v = &find($_[1], $_[2]);

	($n = $_[1]) =~ s/\W/_/go;


	$str = '<td valign=top><b>' . $_[0] . '</b></td><td nowrap valign=top ';

	$str .= sprintf "%s><input type=radio name=%s_def value=1 %s> %s \n",
			($_[4] > 30 ? 'colspan=3' : ''), $n,
			&checked(! $v), $_[3];

	$str .= sprintf "<input type=radio name=%s_def value=0 %s> \n",
			$n, &checked($v);

	$str .= sprintf "<input name=%s size=%d value=\"%s\"> %s</td>\n",
			$n, $_[4], ($v ? $v->{'value'} : ''), $_[5];

	return $str;
}


sub save_opt {

	my $err = my $dir = my $n = '';


	($n = $_[0]) =~ s/\W/_/go;

	if ($in{$n . '_def'}) {
		&save_directive($_[2], $_[0], [ ], $_[3]);
	}
	elsif ($err = &{$_[1]}($in{$n})) {
		&error($err);
	}
	else {
		$dir = { 'name' => $_[0], 'values' => [ $in{$n} ] };

		&save_directive($_[2], $_[0], [ $dir ], $_[3]);
	}

	return;
}


#
# Returns the zone and record structures of the PTR records for some address.
#
# find_reverse(address, name)
#

sub find_reverse {

	my $ipv6 = 0;

	my $conf = my $addr = my $rr = my $type = my $zone = my $name = '';
	my $revconf = my $revfile = my $revrec = '';

	my @revrecs = my @zl = ();


	$addr = $_[0];
	$addr =~ s/\*/0/o;	# This should still work okay.

	return ($revconf, $revfile, $revrec) unless ($addr);

	$name = lc($_[1]);

	$conf = &get_config();

	if ($in{'view'}) {
		$conf = $conf->[$in{'view'}]->{'members'};
	}


	@zl = &find('zone', $conf);

	if (&check_ip6address($addr)) {
		$ipv6++;
	}
	elsif (! &check_ipaddress($addr)) {
		return ($revconf, $revfile, $revrec);
	}


	if ($ipv6) {
		$addr = &net_to_ip6arpa($addr);

		@zl = grep { $_->{'value'} =~ /ip6\.arpa\.?$/io } @zl;
	}
	else {
		$addr = &ip_to_arpa($addr);

		@zl = grep { $_->{'value'} =~ /in-addr\.arpa\.?$/io } @zl;
	}


	$addr =~ s/\.$//o;

	while ($addr) {
		foreach $zone (@zl) {
			if ($zone->{'value'} =~ /^$addr\.?$/i &&
			    ($type = &find_value('type', $zone->{'members'})) &&
			    ($type eq 'master' ||
			     ($type eq 'slave' && &dynamic_zone($zone, 1) == 1))) {
				#
				# We have found the reverse master zone.
				#

				$revconf = $zone;
				last;
			}
		}

		if ($revconf) {
			last;
		}
		elsif ($ipv6) {
			last if ($addr eq 'ip6.arpa');

			$addr =~ s/^[\da-f]\.//o;
		}
		else {
			last if ($addr eq 'in-addr.arpa');

			$addr =~ s/^\d+\.//o;
		}
	}


	#
	# Now find the reverse record.
	#

	if ($revconf) {
		$zone = lc($revconf->{'value'});
		$zone .= '.' unless ($zone =~ /\.$/o);

		$revfile = &find_value('file', $revconf->{'members'});

		@revrecs = &get_zone($revconf, $revfile, $zone, undef, 'master');
		$addr = ($ipv6) ? &net_to_ip6arpa($_[0]) : &ip_to_arpa($_[0]);


		foreach $rr (@revrecs) {
			if ($rr->{'type'} eq 'PTR' && $rr->{'fqdn'} eq $addr) {
				#
				# We have found a reverse record.
				#

				if (! $name || lc($rr->{'values'}->[0]) eq $name) {
					$revrec = $rr;
					last;
				}
			}
		}
	}

	return ($revconf, $revfile, $revrec);
}


#
# Returns the zone and record structures of the A or AAAA records for some name.
#
# find_forward(name, address, ipv4)
#

sub find_forward {

	my $ipv4 = my $i = 0;

	my $type = my $host = my $conf = my $zone = '';
	my $fwdconf = my $fwdfile = my $fwdrec = my $fr = '';
	my $addr = my $v = '';

	my @zl = my @fwdrecs = ();


	$host = $_[0];
	$host =~ s/^\*\.//o;		# This should still work okay.

	return ($fwdconf, $fwdfile, $fwdrec) unless ($host);

	$ipv4 = $_[2] if (defined($_[2]));

	$conf = &get_config();

	if ($in{'view'}) {
		$conf = $conf->[$in{'view'}]->{'members'};
	}


	@zl = grep { $_->{'value'} !~ /(in-addr|ip6)\.arpa\.?$/io } &find('zone', $conf);

	$host =~ s/\.$//o;


	while ($host) {
		foreach $zone (@zl) {
			if ($zone->{'value'} =~ /^$host\.?$/i &&
			    ($type = &find_value('type', $zone->{'members'})) &&
			    ($type eq 'master' ||
			     ($type eq 'slave' && &dynamic_zone($zone, 1) == 1))) {
				#
				# We have found the forward master zone.
				#

				$fwdconf = $zone;
				last;
			}
		}

		if ($fwdconf || $host !~ /\./o) {
			last;
		}
		else {
			$host =~ s/^[^.]+\.//o;
		}
	}


	#
	# Now find the forward record.
	#

	if ($fwdconf) {
		if ($_[1]) {
			$addr = ($ipv4) ? &compress_ip(&arpa_to_ip($_[1]))
					: &compress_ip6(&ip6arpa_to_net($_[1]));
		}

		$zone = lc($fwdconf->{'value'});
		$zone .= '.' unless ($zone =~ /\.$/o);

		$host = &convert_fqdn(1, $_[0], $zone, 1);

		$fwdfile = &find_value('file', $fwdconf->{'members'});

		@fwdrecs = &get_zone($fwdconf, $fwdfile, $zone, undef, 'master');


		$type = ($ipv4) ? 'A' : 'AAAA';

		foreach $fr (@fwdrecs) {
			if ($fr->{'type'} eq $type && $fr->{'fqdn'} eq $host) {
				#
				# We have found a forward record.
				#

				if ($addr) {
					$v = $fr->{'values'}->[0];

					$v = ($ipv4) ? &compress_ip($v)
						     : &compress_ip6($v);
				}

				if (! $addr || $v eq $addr) {
					$fwdrec = $fr;
					last;
				}
			}
		}
	}

	return ($fwdconf, $fwdfile, $fwdrec);
}


#
# can_edit_zone(&access, &zone, [&view])
#

sub can_edit_zone {

	my $ok = 0;

	my $zn = my $vn = my $file = my $filestr = my $zone = '';


	$zn = lc($_[1]->{'value'});

	$zn =~ s/\.$//o unless ($zn eq '.');

	$vn = 'view_' . lc($_[2]->{'value'}) if ($_[2]);


	#
	# Check the zone name.
	#

	if ($access{'zones'} eq '*') {
	}
	elsif ($access{'zones'} =~ /^!/o) {
		foreach $zone (split(/\s+/, $access{'zones'})) {
			if ($zone ne '!') {
				$zone = lc($zone);

				$zone =~ s/\.$//o unless ($zone eq '.');

				return 0 if ($zone eq $zn ||
					     ($vn && ($zone eq $vn)));
			}
		}
	}
	else {
		foreach $zone (split(/\s+/, $access{'zones'})) {
			$zone = lc($zone);

			$zone =~ s/\.$//o unless ($zone eq '.');

			if ($zone eq $zn || ($vn && ($zone eq $vn))) {
				$ok++;
				last;
			}
		}

		return 0 unless ($ok);
	}


	if ($_[0]->{'dironly'}) {
		#
		# Check the directory access control.
		#

		$filestr = &find_value('file', $_[1]->{'members'});

		if (defined($filestr)) {
			$file = &absolute_path($filestr);

			return 0 unless (&allowed_zone_file($_[0], $file));
		}
	}

	return 1;
}


#
# Display a form for editing or creating a DNS record.
#
# record_input(zoneindex, view, type, file, origin, [num], [record])
#

sub record_input {

	my $ttl = my $ttl_in_secs = my $dynamic = my $default_ttl = 0;
	my $new = my $address_rec = my $reverse = my $ipv4_zone = 0;
	my $k = 0;

	my $type = my $ttlunit = my $zone_ref = my $origin = '';
	my $serv = my $proto = my $display_name = my $disabled = '';

	my @v = ();

	my %rec = my %access = ();


	$origin = $_[4];


	$zone_ref = &get_zone_data(&get_config()->[$_[0]]);

	$dynamic = $zone_ref->[1];
	$default_ttl = $zone_ref->[2];

	if ($origin =~ /\.(in-addr|ip6)\.arpa\.$/o) {
		$reverse++;

		$ipv4_zone++ if ($1 eq 'in-addr');
	}


	print '<form action=save_record.cgi>';

	print '<input type=hidden name=index value="', $_[0], '">';
	print '<input type=hidden name=view value="', $_[1], '">';
	print '<input type=hidden name=file value="', $_[3], '">';
	print '<input type=hidden name=origin value="', $origin, '">';
	print '<input type=hidden name=sort value="', $in{'sort'}, '">';
	print '<input type=hidden name=ztype value="', $in{'ztype'}, '">';

	if (@_ < 6) {
		$new++;

		$type = $_[2];

		print '<input type=hidden name=new value=1>';
	}
	else {
		%rec = %{ $_[6] };

		$type = $rec{'type'};

		$display_name = &convert_fqdn($config{'display_fqdn'}, $rec{'fqdn'}, $origin, 0);

		print '<input type=hidden name=oldname value="', $rec{'fqdn'}, '">';
		print '<input type=hidden name=num value=', $_[5], '>';
	}

	$address_rec++ if ($type eq 'A' || $type eq 'AAAA');

	print '<input type=hidden name=type value="', $type, '">';
	print '<input type=hidden name=redirtype value="', $_[2], '">';

	print '<table border>';
	print "<tr $tb><td><b>", &text($new ? 'edit_add' : 'edit_edit',
	      $text{'edit_' . $type}), '</b></td></tr>';
	print "<tr $cb><td><table>\n";


	if ($reverse) {
		print '<tr><td><b>',
		      ($type eq 'NS') ? $text{'edit_zonename'}
				      : $text{'edit_addr'},
		      '</b></td>';

		print '<td><input name=name value="';

		if ($new) {
			unless ($config{'display_fqdn'}) {
				if ($ipv4_zone) {
					print &arpa_to_ip($origin), '.';
				}
				else {
					my $orig = &ip6arpa_to_net($origin);

					print $orig;
					print ':' if ($orig =~ /:[\da-f]{4}$/o);
				}
			}
		}
		else {
			print &convert_fqdn(($config{'display_fqdn'} ? 1 : -1),
					      $rec{'fqdn'}, $origin, 0);
		}

		print "\" size=30></td>\n";
	}
	elsif ($type eq 'NS') {
		print '<tr><td><b>', $text{'edit_zonename'}, '</b></td>';
		print '<td><input name=name value="', $display_name,
		      '" size=30></td>';
	}
	elsif ($type eq 'SRV') {
		my $name = $rec{'fqdn'};

		if ($name =~ /^([^.]+)\.([^.]+)\.(\S+)/o) {
 			$serv = $1; $proto = uc($2); $name = $3;

			$serv =~ s/^_//o;

			$proto =~ s/^_//o;
		}

		$name = &convert_fqdn($config{'display_fqdn'}, $name, $origin, 0);

		print '<tr><td><b>', $text{'edit_name'}, '</b></td>';
		print '<td><input name=name value="', $name, '" size=30></td>';
	}
	else {
		print '<tr><td><b>', $text{'edit_name'}, '</b></td>';
		print '<td><input name=name value="', $display_name,
		      '" size=30></td>';
	}

	if ($new) {
		$ttl = undef;
	}
	else {
		$ttl_in_secs = &convert_time(0, $rec{'ttl'});

		if (! $ttl_in_secs && $rec{'ttl'}) {
			$ttl = $text{'invalid'};
		}
		else {
			($ttl, $ttlunit) =
					&get_time($config{'display_ttl_secs'},
								$ttl_in_secs);
		}

		if (($dynamic && ($ttl_in_secs == $default_ttl)) ||
		    (! $dynamic && ! $ttl)) {
			$ttl = undef;
			$ttlunit = '';
		}
	}

	print '<td><b>', $text{'edit_ttl'}, '</b></td>';

	printf "<td><input type=radio name=ttl_def value=1 %s> %s\n",
	       &checked(! defined($ttl)), $text{'default'};
	printf "<input type=radio name=ttl_def value=0 %s>\n",
	       &checked($ttl);

	printf '<input name=ttl size=8 value="%s">', $ttl ? $ttl : '';

	&time_unit_choice('ttlunit', $ttlunit);

	print "</td></tr>\n";


	@v = @{ $rec{'values'} };

	$display_name = &convert_fqdn(($config{'display_fqdn'} ? 1 : -1), $v[0], $origin, 0);


	if ($address_rec) {
		print '<tr><td><b>', ($type eq 'A') ? $text{'value_A1'}
						    : $text{'value_AAAA1'},
		      '</b></td>';

		$v[0] = &compress_ip6($v[0]) if ($type eq 'AAAA');

		printf '<td><input name=value0 size=%d value="%s"></td></tr>',
			(($type eq 'A') ? 20 : 36), $v[0];

		unless ($new) {
			print '<input type=hidden name=oldvalue value="',
			      $v[0], '">';
		}
	}
	elsif ($type eq 'NS') {
		print '<tr><td><b>', $text{'value_NS1'}, '</b></td>';
		print '<td colspan=3><input name=value0 size=30 value="',
		      $display_name, '"></td></tr>';

		unless ($new) {
			print '<input type=hidden name=oldvalue value="', $v[0], '">';
		}
	}
	elsif ($type eq 'CNAME' || $type eq 'DNAME') {
		printf '<tr><td><b>%s</b></td><td colspan=3><input name=value0 size=30 value="%s"></td></tr>',
			(($type eq 'CNAME') ? $text{'value_CNAME1'}
					    : $text{'value_DNAME1'}),
			$display_name;

		unless ($new) {
			print '<input type=hidden name=oldvalue value="',
			      $v[0], '">';
		}
	}
	elsif ($type eq 'MX') {
		$display_name = &convert_fqdn($config{'display_fqdn'}, $v[1], $origin, 0);

		print '<tr><td><b>', $text{'value_MX2'}, '</b></td>';
		print '<td><input name=value1 size=30 value="', $display_name,
		      '"></td></tr>';
		print '<tr><td><b>', $text{'value_MX1'}, '</b></td>';
		print '<td><input name=value0 size=8 value="', $v[0],
		      '"></td></tr>';

		unless ($new) {
			print '<input type=hidden name=oldvalue value="', $v[1], '">';
		}
	}
	elsif ($type eq 'HINFO') {
		print '<tr><td><b>', $text{'value_HINFO1'}, '</b></td>';
		print '<td><input name=value0 size=30 value="', $v[0],
		      '"></td></tr>';
		print '<tr><td><b>', $text{'value_HINFO2'}, '</b></td>';
		print '<td><input name=value1 size=30 value="', $v[1],
		      '"></td></tr>';
	}
	elsif ($type eq 'TXT') {
		print '<tr><td><b>', $text{'value_TXT1'}, '</b></td>';
		print '<td><input name=value0 size=30 value="';

		foreach my $v2 (@v) {
			$v2 =~ s/\\(.)/$1/g;

			print &html_escape($v2), ' ';
		}

		print '"></td></tr>';
	}
	elsif ($type eq 'WKS') {
		print '<tr><td><b>', $text{'value_WKS1'}, '</b></td>';
		print '<td><input name=value0 size=20 value="', $v[0],
		      '"></td>';
		print '<td><b>', $text{'value_WKS2'}, '</b></td>';

		print '<td><select name=value1>';
		printf "<option %s>TCP\n", $v[1] =~ /tcp/io ? 'selected' : '';
		printf "<option %s>UDP\n", $v[1] =~ /udp/io ? 'selected' : '';
		print '</select></td></tr>';

		print '<tr><td valign=top><b>', $text{'value_WKS3'},
		      '</b></td>';
		print '<td><textarea name=value2 rows=3 cols=29 wrap>',
		      join(' ', @v[2 .. $#v]), '</textarea></td></tr>';
	}
	elsif ($type eq 'RP') {
		$v[0] = &dotted_to_email($v[0]);

		print '<tr><td><b>', $text{'value_RP1'}, '</b></td>';