create_master.cgi

BIND 9 dynamic DNS webmin module. This module supports both static and dynamic zones, and IPv4 and I

#! /usr/bin/perl

#
#    B9DDNS - BIND 9 dynamic DNS webmin module.
#    Copyright (C) 2003 John Horne. <john.horne@plymouth.ac.uk>
#    Copyright (C) 2004 John Horne. <john.horne@plymouth.ac.uk>
#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 2 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program; if not, write to the Free Software
#    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#

#
# Create a new master zone.
#

use strict;
no strict 'vars';

require './b9ddns-lib.pl';


my $ipv4 = my $ipv6 = my $serial = my $update_slave = my $i = 0;

my $conf = my $vconf = my $base = my $zone = my $file = '';
my $masters = my $master_ip = my $soa_values = my $full_name = '';
my $view = my $directive = my $err = my $newidx = '';
my $time = my $refresh = my $retry = my $expiry = my $ncache = '';
my $zone_conf = my $zone_file = my $fn_format = my $slave_error = '';

my @types = my @master_ips = my @slave_name = my @tmpl_configs = ();
my @master_directives = ();


&ReadParse();

&error_setup($text{'mcreate_err'});

%access = &get_module_acl();

unless ($access{'master'}) {
	&terror('mcreate_ecannot');
}

if ($access{'ro'}) {
	&terror('master_ero');
}


$conf = &get_config();

if ($in{'view'}) {
	$view = $conf->[$in{'view'}];

	unless (&can_edit_view(\%access, $view)) {
		&terror('master_eview');
	}

	$vconf = $view->{'members'};
}
else {
	$vconf = $conf;
}

$newidx = @$vconf;

$update_slave++ if ($in{'slave'} && $access{'remote'});


#
# Validate the inputs.
#
# Since we may have a slave zone to configure as well, we check and configure
# the master zone first and then sort out the slave zone. Hence, any errors
# with the master zone will occur before the slave zone is dealt with, and any
# errors with the slave zone will occur after the master zone has been created.
#

&trim($in{'zone'});
$in{'zone'} = lc($in{'zone'});

unless ($in{'zone'}) {
	&terror('master_nozone');
}

if ($in{'rev'}) {
	if ($in{'zone'} =~ /\.(in-addr|ip6)\.arpa\.?$/o) {
		$ipv4 = ($1 eq 'in-addr');

		$in{'zone'} .= '.' unless ($in{'zone'} =~ /\.$/o);

		$in{'zone'} = ($ipv4) ? &arpa_to_ip($in{'zone'})
				      : &ip6arpa_to_net($in{'zone'});
	}

	$ipv4 = ($in{'zone'} =~ /^([\d.]+)$/o) &&
		&valipaddr($1, '.in-addr.arpa.', 1, 0, 1, 1);

	$ipv6 = ($in{'zone'} =~ /^([\da-f:]+)$/o) &&
		&valipaddr($1, '.ip6.arpa.', 1, 0, 1, 0);

	unless ($ipv4 || $ipv6) {
		&terror('create_enet', $in{'zone'});
	}

	$in{'zone'} = ($ipv4) ? &ip_to_arpa($in{'zone'})
			      : &net_to_ip6arpa($in{'zone'});
}
else {
	$in{'zone'} .= '.' unless ($in{'zone'} =~ /\.$/o);

	if ($in{'zone'} =~ /^[\d.]+$/o || $in{'zone'} =~ /:/o) {
		&terror('create_edom2', $in{'zone'});
	}

	unless (&valdnsname($in{'zone'}, 0, '.')) {
		&terror('create_edom', $in{'zone'});
	}
}

&trim($in{'master'});

unless ($in{'master'}) {
	&terror('master_emaster_missing');
}
elsif (! &valdnsname($in{'master'}, 0, '.')) {
	&terror('master_emaster', $in{'master'});
}

$in{'master'} = &convert_fqdn(1, $in{'master'}, $in{'zone'}, 1);


&trim($in{'email'});
unless ($in{'email'}) {
	&terror('master_eemail_missing');
}

unless (&valemail($in{'email'})) {
	&terror('master_eemail', $in{'email'});
}

$in{'email'} = &email_to_dotted($in{'email'}, $in{'zone'});


&trim($in{'refresh'});
$time = $in{'refresh'} . $in{'refunit'};
$refresh = &convert_time(0, $time);

unless ($refresh) {
	&terror('master_erefresh', $in{'refresh'});
}

&trim($in{'retry'});
$time = $in{'retry'} . $in{'retunit'};
$retry = &convert_time(0, $time);

unless ($retry) {
	&terror('master_eretry', $in{'retry'});
}

&trim($in{'expiry'});
$time = $in{'expiry'} . $in{'expunit'};
$expiry = &convert_time(0, $time);

unless ($expiry) {
	&terror('master_eexpiry', $in{'expiry'});
}

&trim($in{'ncache'});
$time = $in{'ncache'} . $in{'ncacheunit'};
$ncache = &convert_time(0, $time);

unless ($ncache) {
	&terror('master_encache', $in{'ncache'});
}

&trim($in{'defttl'});
$time = $in{'defttl'} . $in{'defttlunit'};
$defttl = &convert_time(0, $time);

unless ($defttl) {
	&terror('master_edefttl', $in{'defttl'});
}


if ($in{'tmpl'}) {
	for ($i = 0; $config{"tmpl_$i"}; $i++) {
		@types = split(/\s+/, $config{"tmpl_$i"}, 3);

		if ($types[1] eq 'A' && ! $types[2] && ! &check_ipaddress($in{'ip'})) {
			&terror('master_eip');
		}
	}
}

$in{'zone'} =~ s/\.$//o;

foreach $zone (&find('zone', $vconf)) {
	if ($zone->{'value'} =~ /^$in{'zone'}\.?$/i) {
		&terror('master_etaken');
	}
}


$base = &zone_dir(1, \%access, $conf);

if ($in{'file_def'}) {
	$file = &create_zone_fn($conf, $in{'zone'}, $in{'rev'}, undef, $base);
}
else {
	$file = $in{'file'};
	&trim($file);

        if (! $file || $file =~ /\s/o) {
                &terror('files_efile');
        }

	if ($file !~ /^\//o) {
		$file = $base . '/' . $file;
	}

	unless (&allowed_zone_file(\%access, $file)) {
		&terror('create_efile2', $file);
	}
}

if (-r $config{'chroot'} . $file) {
	&terror('create_efile4', $file);
}


#
# Now create the zone file.
#

&lock_file($config{'chroot'} . $file);

if (open(ZONE, ">$config{'chroot'}$file")) {
	print ZONE '$TTL ', $defttl, "\n";
}
else {
	$err = $!;

	&terror('create_efile3', $file, $err);
}


#
# Create the SOA and NS records.
#

if ($config{'soa_date_style'}) {		# Date style serial number.
	$serial = &today() . '00';
}
else {
	$serial = 1;
}

print ZONE "@\tIN\tSOA\t$in{'master'} $in{'email'} (\n",
	      "\t\t\t$serial\n",
	      "\t\t\t$refresh\n",
	      "\t\t\t$retry\n",
	      "\t\t\t$expiry\n",
	      "\t\t\t$ncache )\n";

if ($in{'master_ns'}) {
	$in{'master'} = &convert_fqdn(-1, $in{'master'}, $in{'zone'}, 1);

	print ZONE "\n\tIN\tNS\t$in{'master'}\n";
}

if ($update_slave) {
	@slave_name = gethostbyname($in{'slave'});

	$slave_name[0] .= '.' unless ($slave_name[0] =~ /\.$/o);

	print ZONE "\tIN\tNS\t$slave_name[0]\n";
}

print ZONE "\n";

close(ZONE);


#
# Create the zone directive.
#

$full_name = &base_directory($conf);

$zone_fn = $file;

$zone_fn =~ s/^$full_name\/// if ($full_name);

$zone_conf = ($in{'view'}) ? $view : &get_config_parent();

$directive = { 'name' => 'zone', 'values' => [ $in{'zone'} ], 'type' => 1,
	       'members' => [ { 'name' => 'type', 'values' => [ 'master' ] },
			      { 'name' => 'file', 'values' => [ $zone_fn ] } ]
	     };

if ($in{'view'}) {
	$zone_file = $view->{'file'};
}
else {
	$zone_file = $config{'zones_file'} ? $config{'zones_file'}
					   : $config{'named_conf'};
}

&lock_file($config{'chroot'} . $zone_file);

&save_directive($zone_conf, 'zone', [ $directive ], 0, 0, -1);

&flush_file_lines();

&unlock_file($config{'chroot'} . $zone_file);

undef @get_config_cache;	# Ensure we read the new zone directive.


if ($in{'tmpl'}) {
	#
	# Create template records.
	#

	for ($i = 0; $config{"tmpl_$i"}; $i++) {
		@tmpl_configs = split(/\s+/, $config{"tmpl_$i"}, 3);

		if ($tmpl_configs[0] eq '.') {
			$zone = $in{'zone'};
			$full_name = $zone . '.';
		}
		else {
			$zone = $full_name = $tmpl_configs[0];
		}

		&create_record($zone, $file, $full_name, undef, 'IN',
			       $tmpl_configs[1],
			       $tmpl_configs[2] ? $tmpl_configs[2] : $in{'ip'});
	}

	if ($config{'tmpl_include'}) {
		#
		# Add whatever is in the template file.
		#

		$full_name = $config{'chroot'} . $file;

		if (open(TMPL, $config{'tmpl_include'})) {
			if (open(FILE, ">>$full_name")) {
				while(<TMPL>) {
					print FILE $_;
				}
			}
			else {
				$err = $!;

				close(TMPL);

				unlink $full_name;

				&terror('create_efile3', $file, $err);
			}

			close(FILE);
			close(TMPL);
		}
		else {
			$err = $!;

			&terror('create_efile3', $config{'tmpl_include'}, $err);
		}
	}
}

&unlock_file($config{'chroot'} . $file);

&set_ownership($config{'chroot'} . $file, 0);


#
# Add the new zone to the access list.
#

&add_zone_access($in{'zone'});


#
# Finally create the directive on the slave server(s).
#

if ($update_slave) {
	&add_slave_zone();
}


&webmin_log('create', 'master', $in{'zone'}, \%in);


&redirect("edit_zone.cgi?index=${newidx}&view=$in{'view'}&type=master&new_zone=1");

exit;


sub slave_error_handler {

	$slave_error = $_[0];

	return;
}


sub add_slave_zone {

	my $slave_parent = my $slave_config = '';
	my $slave_conf = '';


	&error_setup($text{'master_err3'});

	&remote_error_setup(\&slave_error_handler);

	&remote_foreign_require($in{'slave'}, $module_name, 'b9ddns-lib.pl');

	if ($slave_error) {
		&error($slave_error);
	}


	$slave_parent = &remote_foreign_call($in{'slave'}, $module_name, 'get_config_parent');

	unless (ref($slave_parent)) {
		&terror('master_eslave', $in{'slave'});
	}


	$slave_config = &remote_foreign_config($in{'slave'}, $module_name);

	$slave_conf = $slave_parent->{'members'};


	foreach $zone (&find('zone', $slave_conf)) {
		if ($zone->{'value'} =~ /^$in{'zone'}\.?$/i) {
			&terror('master_etaken');
		}
	}


	if ($in{'sfile_def'} != 1) {
		$base = $slave_config->{'slave_dir'} ? $slave_config->{'slave_dir'} :
				&remote_foreign_call($in{'slave'}, $module_name,
					'zone_dir', 1, \%access, $slave_conf);
	}

	$file = '';

	if ($in{'sfile_def'} == 0) {
		#
		# Use the given slave filename.
		#

		$file = $in{'sfile'};
		&trim($file);

		if (! $file || $file =~ /\s/o) {
			&terror('files_efile');
		}

		unless ($file =~ /^\//o) {
			$file = $base . '/' . $file;
		}
	}
	elsif ($in{'sfile_def'} == 2) {
		#
		# Work out a filename.
		#

		$file = &create_zone_fn($slave_conf, $in{'zone'}, $in{'rev'}, undef, $base);
	}

	$directive = { 'name' => 'zone', 'values' => [ $in{'zone'} ],
		       'type' => 1,
		       'members' => [ { 'name' => 'type',
					'values' => [ 'slave' ] } ] };

	&remote_foreign_call($in{'slave'}, $module_name, 'save_directive',
			     $slave_parent, 'zone', [ $directive ], 0, 1, -1);

	&save_addr_match('masters', $directive, 1, 1, 1);

	if ($file) {
		$base = $slave_config->{'slave_dir'} ? $slave_config->{'slave_dir'} :
				&remote_foreign_call($in{'slave'}, $module_name,
						'base_directory', $slave_conf);

		$file =~ s/^$base\/// if ($base);

		push(@{ $directive->{'members'} }, { 'name' => 'file',
						     'values' => [ $file ] } );
	}


	&remote_foreign_call($in{'slave'}, $module_name, 'save_directive',
			     $slave_parent, 'zone', [ $directive ], 0, 0, -1);

	&remote_foreign_call($in{'slave'}, $module_name, 'flush_file_lines');

	&remote_foreign_call($in{'slave'}, $module_name, 'webmin_log',
					'create', 'slave', $in{'zone'}, \%in);


	return;
}