servnest
/
servnest
1
1
Fork 0
Code Issues 4 Pull Requests Releases Wiki Activity

Use kdig for zone-add dns check + add equalArrays()

This commit is contained in:
Miraty 2022-09-03 18:12:49 +02:00
parent 1292a22b02
commit ea0ffab14a
4 changed files with 22 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config.ini
View File

@ -19,6 +19,7 @@ enabled = true
knot_zones_path = "/srv/niver/ns"
servers[] = "ns1.niver.test."
servers[] = "ns2.niver.test."
kdig_path = "/usr/bin/kdig"
[ht]
enabled = true

4
fn/common.php
View File

@ -104,6 +104,10 @@ function removeDirectory($dir) {
serverError("Unable to remove directory.");
}
function equalArrays($a, $b) {
return array_diff($a, $b) === [] AND array_diff($b, $a) === [];
}
function linkToDocs($ref, $title) {
return '<a rel="help" href="' . CONF['common']['docs_prefix'] . $ref . '.html">' . $title . '</a>';
}

16
pages/ht/add-http-dns.php
View File

@ -14,13 +14,17 @@ if (processForm()) {
if (query('select', 'sites', ['domain' => $_POST['domain']], 'domain') !== [])
userError("Ce domaine existe déjà sur ce service.");
$remoteAaaaRecords = array_column(dns_get_record($_POST['domain'], DNS_AAAA), 'ipv6');
if (array_merge(array_diff($remoteAaaaRecords, [CONF['ht']['ipv6_address']]), array_diff([CONF['ht']['ipv6_address']], $remoteAaaaRecords)) !== [])
userError("Ce domaine doit avoir pour enregistrement AAAA <code>" . CONF['ht']['ipv6_address'] . "</code>.");
$remoteAaaaRecords = dns_get_record($_POST['domain'], DNS_AAAA);
if (is_array($remoteAaaaRecords) !== true)
userError("Ce domaine n'existe pas.");
if (equalArrays([CONF['ht']['ipv6_address']], array_column($remoteAaaaRecords, 'ipv6')) !== true)
userError("Ce domaine doit avoir pour unique enregistrement AAAA <code>" . CONF['ht']['ipv6_address'] . "</code>.");
$remoteARecords = array_column(dns_get_record($_POST['domain'], DNS_A), 'ip');
if (array_merge(array_diff($remoteARecords, [CONF['ht']['ipv4_address']]), array_diff([CONF['ht']['ipv4_address']], $remoteARecords)) !== [])
userError("Ce domaine doit avoir pour enregistrement A <code>" . CONF['ht']['ipv4_address'] . "</code>.");
$remoteARecords = dns_get_record($_POST['domain'], DNS_A);
if (is_array($remoteARecords) !== true)
userError("Ce domaine n'existe pas.");
if (equalArrays([CONF['ht']['ipv4_address']], array_column($remoteARecords, 'ip')) !== true)
userError("Ce domaine doit avoir pour unique enregistrement A <code>" . CONF['ht']['ipv4_address'] . "</code>.");
addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "http");

12
pages/ns/zone-add.php
View File

@ -6,11 +6,13 @@ if (processForm()) {
if (query('select', 'zones', ['zone' => $_POST['domain']], 'zone') !== [])
userError("Cette zone existe déjà sur ce service.");
$remoteNsRecords = array_column(dns_get_record($_POST['domain'], DNS_NS), 'target');
foreach ($remoteNsRecords as $i => $remoteNsRecord)
$remoteNsRecords[$i] = formatAbsoluteDomain($remoteNsRecord);
if (array_merge(array_diff($remoteNsRecords, CONF['ns']['servers']), array_diff(CONF['ns']['servers'], $remoteNsRecords)) !== [])
userError("Ce domaine n'a pas les bons enregistrements NS.");
exec(CONF['ns']['kdig_path'] . " " . ltrim(strstr($_POST['domain'], '.'), '.') . " NS +short", $parentAuthoritatives);
foreach ($parentAuthoritatives as $parentAuthoritative)
checkAbsoluteDomainFormat($parentAuthoritative);
exec(CONF['ns']['kdig_path'] . " " . $_POST['domain'] . " NS @" . $parentAuthoritatives[0], $results);
preg_match_all('/' . preg_quote($_POST['domain'], '/') . '[\t ]+[0-9]{1,8}[\t ]+IN[\t ]+NS[\t ]+(.+)\n/', implode("\n", $results), $matches);
if (equalArrays(CONF['ns']['servers'], $matches[1]) !== true)
userError("Les serveurs ayant autorité dans cette zone indiqués par la zone parente ne sont pas ceux de Niver.");
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("INSERT INTO zones(zone, username) VALUES(:zone, :username)");