Use kdig for zone-add dns check + add equalArrays()
This commit is contained in:
parent
1292a22b02
commit
ea0ffab14a
|
@ -19,6 +19,7 @@ enabled = true
|
|||
knot_zones_path = "/srv/niver/ns"
|
||||
servers[] = "ns1.niver.test."
|
||||
servers[] = "ns2.niver.test."
|
||||
kdig_path = "/usr/bin/kdig"
|
||||
|
||||
[ht]
|
||||
enabled = true
|
||||
|
|
|
@ -104,6 +104,10 @@ function removeDirectory($dir) {
|
|||
serverError("Unable to remove directory.");
|
||||
}
|
||||
|
||||
function equalArrays($a, $b) {
|
||||
return array_diff($a, $b) === [] AND array_diff($b, $a) === [];
|
||||
}
|
||||
|
||||
function linkToDocs($ref, $title) {
|
||||
return '<a rel="help" href="' . CONF['common']['docs_prefix'] . $ref . '.html">' . $title . '</a>';
|
||||
}
|
||||
|
|
|
@ -14,13 +14,17 @@ if (processForm()) {
|
|||
if (query('select', 'sites', ['domain' => $_POST['domain']], 'domain') !== [])
|
||||
userError("Ce domaine existe déjà sur ce service.");
|
||||
|
||||
$remoteAaaaRecords = array_column(dns_get_record($_POST['domain'], DNS_AAAA), 'ipv6');
|
||||
if (array_merge(array_diff($remoteAaaaRecords, [CONF['ht']['ipv6_address']]), array_diff([CONF['ht']['ipv6_address']], $remoteAaaaRecords)) !== [])
|
||||
userError("Ce domaine doit avoir pour enregistrement AAAA <code>" . CONF['ht']['ipv6_address'] . "</code>.");
|
||||
$remoteAaaaRecords = dns_get_record($_POST['domain'], DNS_AAAA);
|
||||
if (is_array($remoteAaaaRecords) !== true)
|
||||
userError("Ce domaine n'existe pas.");
|
||||
if (equalArrays([CONF['ht']['ipv6_address']], array_column($remoteAaaaRecords, 'ipv6')) !== true)
|
||||
userError("Ce domaine doit avoir pour unique enregistrement AAAA <code>" . CONF['ht']['ipv6_address'] . "</code>.");
|
||||
|
||||
$remoteARecords = array_column(dns_get_record($_POST['domain'], DNS_A), 'ip');
|
||||
if (array_merge(array_diff($remoteARecords, [CONF['ht']['ipv4_address']]), array_diff([CONF['ht']['ipv4_address']], $remoteARecords)) !== [])
|
||||
userError("Ce domaine doit avoir pour enregistrement A <code>" . CONF['ht']['ipv4_address'] . "</code>.");
|
||||
$remoteARecords = dns_get_record($_POST['domain'], DNS_A);
|
||||
if (is_array($remoteARecords) !== true)
|
||||
userError("Ce domaine n'existe pas.");
|
||||
if (equalArrays([CONF['ht']['ipv4_address']], array_column($remoteARecords, 'ip')) !== true)
|
||||
userError("Ce domaine doit avoir pour unique enregistrement A <code>" . CONF['ht']['ipv4_address'] . "</code>.");
|
||||
|
||||
addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "http");
|
||||
|
||||
|
|
|
@ -6,11 +6,13 @@ if (processForm()) {
|
|||
if (query('select', 'zones', ['zone' => $_POST['domain']], 'zone') !== [])
|
||||
userError("Cette zone existe déjà sur ce service.");
|
||||
|
||||
$remoteNsRecords = array_column(dns_get_record($_POST['domain'], DNS_NS), 'target');
|
||||
foreach ($remoteNsRecords as $i => $remoteNsRecord)
|
||||
$remoteNsRecords[$i] = formatAbsoluteDomain($remoteNsRecord);
|
||||
if (array_merge(array_diff($remoteNsRecords, CONF['ns']['servers']), array_diff(CONF['ns']['servers'], $remoteNsRecords)) !== [])
|
||||
userError("Ce domaine n'a pas les bons enregistrements NS.");
|
||||
exec(CONF['ns']['kdig_path'] . " " . ltrim(strstr($_POST['domain'], '.'), '.') . " NS +short", $parentAuthoritatives);
|
||||
foreach ($parentAuthoritatives as $parentAuthoritative)
|
||||
checkAbsoluteDomainFormat($parentAuthoritative);
|
||||
exec(CONF['ns']['kdig_path'] . " " . $_POST['domain'] . " NS @" . $parentAuthoritatives[0], $results);
|
||||
preg_match_all('/' . preg_quote($_POST['domain'], '/') . '[\t ]+[0-9]{1,8}[\t ]+IN[\t ]+NS[\t ]+(.+)\n/', implode("\n", $results), $matches);
|
||||
if (equalArrays(CONF['ns']['servers'], $matches[1]) !== true)
|
||||
userError("Les serveurs ayant autorité dans cette zone indiqués par la zone parente ne sont pas ceux de Niver.");
|
||||
|
||||
$db = new PDO('sqlite:' . DB_PATH);
|
||||
$stmt = $db->prepare("INSERT INTO zones(zone, username) VALUES(:zone, :username)");
|
||||
|
|
Loading…
Reference in New Issue