From fe3eaa77e046b0c9fe83f677a2e45b6cf0101c28 Mon Sep 17 00:00:00 2001
From: Herman van Rink <rink@initfour.nl>
Date: Sun, 12 Jun 2022 17:07:38 +0200
Subject: [PATCH] Squashed commit of the following: patch-bind-zonefiles-prefix
commit 7b467d17c6f5b9edf31e2d5531929a3d4938084c
Merge: 2ebc2f0a5 88edc27ec
Author: Herman van Rink <rink@initfour.nl>
Date: Sat Apr 2 22:11:18 2022 +0200
Merge remote-tracking branch 'origin/develop' into patch-bind-zonefiles-prefix
commit 2ebc2f0a5cb4033d44b539f5f2f941da51de609f
Author: Herman van Rink <rink@initfour.nl>
Date: Sat Jan 15 21:20:04 2022 +0100
Add new translation strings for !1376
commit bb661ed4aaacf2390fbdb964e294d11bae6abbf4
Merge: ef0e2df3c 90cd1a2fd
Author: Herman van Rink <rink@initfour.nl>
Date: Sat Jan 15 20:32:02 2022 +0100
Merge remote-tracking branch 'origin/develop' into patch-bind-zonefiles-prefix
commit ef0e2df3ccac92250916000be0e14d9bc90607db
Merge: 6fb4b6db9 c40198b17
Author: Herman van Rink <rink@initfour.nl>
Date: Sun Mar 14 22:14:50 2021 +0100
Merge remote-tracking branch 'origin/develop' into patch-bind-zonefiles-prefix
commit 6fb4b6db9e9b6ad258217947eb36a025e7e973a4
Author: Herman van Rink <rink@initfour.nl>
Date: Thu Dec 31 14:24:26 2020 +0100
Change dir to let the dsset- file be saved in the same dir as the key files
commit ac5439aa22788f54ed03953b1e0f3e462c111f48
Author: Herman van Rink <rink@initfour.nl>
Date: Mon Dec 28 14:54:22 2020 +0100
Loosen regex to allow just a name prefix
commit f72a4ba91bc9869e028c844585f63c93996472a2
Author: Herman van Rink <rink@initfour.nl>
Date: Mon Dec 28 12:26:02 2020 +0100
Strings for master/slave zonefiles prefix
commit 2a3197088f4f1565d80e40468de51906fa921e98
Author: Herman van Rink <rink@initfour.nl>
Date: Mon Dec 28 12:13:59 2020 +0100
Convert zone_file_prefix() and zone_file_prefix() into a config option
This preserves the default for non-gentoo systems.
commit 165cc8b1ce01dc8277545bf9b2ba660da7ff9ebb
Author: Herman van Rink <rink@initfour.nl>
Date: Mon Dec 28 12:21:01 2020 +0100
Add strings for bind_keyfiles_dir
commit 19522cdb7d13501e0c2a9e49e117f747835974a4
Author: Herman van Rink <rink@initfour.nl>
Date: Mon Dec 28 11:36:37 2020 +0100
Add bind_keyfiles_dir config option
---
install/tpl/server.ini.master | 3 +
.../web/admin/form/server_config.tform.php | 38 ++++++++++
.../web/admin/lib/lang/ar_server_config.lng | 7 ++
.../web/admin/lib/lang/bg_server_config.lng | 7 ++
.../web/admin/lib/lang/br_server_config.lng | 7 ++
.../web/admin/lib/lang/ca_server_config.lng | 7 ++
.../web/admin/lib/lang/cz_server_config.lng | 7 ++
.../web/admin/lib/lang/de_server_config.lng | 7 ++
.../web/admin/lib/lang/dk_server_config.lng | 7 ++
.../web/admin/lib/lang/el_server_config.lng | 7 ++
.../web/admin/lib/lang/en_server_config.lng | 7 ++
.../web/admin/lib/lang/es_server_config.lng | 7 ++
.../web/admin/lib/lang/fi_server_config.lng | 7 ++
.../web/admin/lib/lang/fr_server_config.lng | 7 ++
.../web/admin/lib/lang/hr_server_config.lng | 7 ++
.../web/admin/lib/lang/hu_server_config.lng | 7 ++
.../web/admin/lib/lang/id_server_config.lng | 7 ++
.../web/admin/lib/lang/it_server_config.lng | 7 ++
.../web/admin/lib/lang/ja_server_config.lng | 7 ++
.../web/admin/lib/lang/nl_server_config.lng | 7 ++
.../web/admin/lib/lang/pl_server_config.lng | 7 ++
.../web/admin/lib/lang/pt_server_config.lng | 7 ++
.../web/admin/lib/lang/ro_server_config.lng | 7 ++
.../web/admin/lib/lang/ru_server_config.lng | 7 ++
.../web/admin/lib/lang/se_server_config.lng | 7 ++
.../web/admin/lib/lang/sk_server_config.lng | 7 ++
.../web/admin/lib/lang/tr_server_config.lng | 7 ++
.../templates/server_config_dns_edit.htm | 9 +++
server/plugins-available/bind_plugin.inc.php | 72 ++++++++-----------
29 files changed, 254 insertions(+), 43 deletions(-)
diff --git a/install/tpl/server.ini.master b/install/tpl/server.ini.master
index a4544171d5..f6ab6365df 100644
--- a/install/tpl/server.ini.master
+++ b/install/tpl/server.ini.master
@@ -139,6 +139,9 @@ php_fpm_default_chroot=n
bind_user=root
bind_group=bind
bind_zonefiles_dir=/etc/bind
+bind_keyfiles_dir=/etc/bind
+bind_zonefiles_masterprefix=pri.
+bind_zonefiles_slaveprefix=slave/sec.
named_conf_path=/etc/bind/named.conf
named_conf_local_path=/etc/bind/named.conf.local
disable_bind_log=n
diff --git a/interface/web/admin/form/server_config.tform.php b/interface/web/admin/form/server_config.tform.php
index eb291d02ba..e1ca3c7ca0 100644
--- a/interface/web/admin/form/server_config.tform.php
+++ b/interface/web/admin/form/server_config.tform.php
@@ -1646,6 +1646,44 @@ $form["tabs"]['dns'] = array(
'width' => '40',
'maxlength' => '255'
),
+ 'bind_keyfiles_dir' => array(
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'TEXT',
+ 'default' => '',
+ 'validators' => array( 0 => array('type' => 'NOTEMPTY',
+ 'errmsg' => 'bind_keyfiles_dir_error_empty'),
+ 1 => array ( 'type' => 'REGEX',
+ 'regex' => '/^\/[a-zA-Z0-9\.\-\_\/]{1,128}$/',
+ 'errmsg'=> 'bind_keyfiles_dir_error_regex'),
+ ),
+ 'value' => '',
+ 'width' => '40',
+ 'maxlength' => '255'
+ ),
+ 'bind_zonefiles_masterprefix' => array(
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'TEXT',
+ 'default' => '',
+ 'validators' => array( 0 => array ( 'type' => 'REGEX',
+ 'regex' => '/^[a-zA-Z0-9\.\-\_\/]{0,128}$/',
+ 'errmsg'=> 'bind_zonefiles_masterprefix_error_regex'),
+ ),
+ 'value' => '',
+ 'width' => '40',
+ 'maxlength' => '255'
+ ),
+ 'bind_zonefiles_slaveprefix' => array(
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'TEXT',
+ 'default' => '',
+ 'validators' => array( 0 => array ( 'type' => 'REGEX',
+ 'regex' => '/^[a-zA-Z0-9\.\-\_\/]{0,128}$/',
+ 'errmsg'=> 'bind_zonefiles_slaveprefix_error_regex'),
+ ),
+ 'value' => '',
+ 'width' => '40',
+ 'maxlength' => '255'
+ ),
'named_conf_path' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
diff --git a/interface/web/admin/lib/lang/ar_server_config.lng b/interface/web/admin/lib/lang/ar_server_config.lng
index 56331a97da..acf6ef7fc7 100644
--- a/interface/web/admin/lib/lang/ar_server_config.lng
+++ b/interface/web/admin/lib/lang/ar_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/bg_server_config.lng b/interface/web/admin/lib/lang/bg_server_config.lng
index 8a741a641b..f15810bba5 100644
--- a/interface/web/admin/lib/lang/bg_server_config.lng
+++ b/interface/web/admin/lib/lang/bg_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/br_server_config.lng b/interface/web/admin/lib/lang/br_server_config.lng
index af3eb367ee..49c995e105 100644
--- a/interface/web/admin/lib/lang/br_server_config.lng
+++ b/interface/web/admin/lib/lang/br_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Usar links fÃsicos é inseguro, mas eco
$wb['jailkit_hardlinks_allow_txt'] = 'Permitir links fÃsicos enjaulados';
$wb['jailkit_hardlinks_no_txt'] = 'Não, remover arquivos de links fÃsicos';
$wb['jailkit_hardlinks_yes_txt'] = 'Sim, usar links fÃsicos quando possÃvel';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/ca_server_config.lng b/interface/web/admin/lib/lang/ca_server_config.lng
index 0bc67affe0..3689c78a76 100644
--- a/interface/web/admin/lib/lang/ca_server_config.lng
+++ b/interface/web/admin/lib/lang/ca_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/cz_server_config.lng b/interface/web/admin/lib/lang/cz_server_config.lng
index bf86abd2ba..680131132f 100644
--- a/interface/web/admin/lib/lang/cz_server_config.lng
+++ b/interface/web/admin/lib/lang/cz_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'Ne, odstranit soubory s pevným odkazem';
$wb['jailkit_hardlinks_yes_txt'] = 'Ano, pokud je to možné, použijte pevné odkazy';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/de_server_config.lng b/interface/web/admin/lib/lang/de_server_config.lng
index 2a2cbc5223..561f19f8bc 100644
--- a/interface/web/admin/lib/lang/de_server_config.lng
+++ b/interface/web/admin/lib/lang/de_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/dk_server_config.lng b/interface/web/admin/lib/lang/dk_server_config.lng
index 722c68889e..809f3301b7 100644
--- a/interface/web/admin/lib/lang/dk_server_config.lng
+++ b/interface/web/admin/lib/lang/dk_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/el_server_config.lng b/interface/web/admin/lib/lang/el_server_config.lng
index 4a6d1eb3e2..6c4df11ab0 100644
--- a/interface/web/admin/lib/lang/el_server_config.lng
+++ b/interface/web/admin/lib/lang/el_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/en_server_config.lng b/interface/web/admin/lib/lang/en_server_config.lng
index fc4d12e0c8..d730862ba7 100644
--- a/interface/web/admin/lib/lang/en_server_config.lng
+++ b/interface/web/admin/lib/lang/en_server_config.lng
@@ -91,10 +91,14 @@ $wb['apps_vhost_servername_txt'] = 'Apps-vhost Domain';
$wb['bind_user_txt'] = 'BIND User';
$wb['bind_group_txt'] = 'BIND Group';
$wb['bind_zonefiles_dir_txt'] = 'BIND zonefiles directory';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
$wb['named_conf_path_txt'] = 'BIND named.conf path';
$wb['bind_user_error_empty'] = 'BIND user is empty.';
$wb['bind_group_error_empty'] = 'BIND group is empty.';
$wb['bind_zonefiles_dir_error_empty'] = 'BIND zonefiles directory is empty.';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
$wb['named_conf_path_error_empty'] = 'BIND named.conf path is empty.';
$wb['named_conf_local_path_error_empty'] = 'BIND named.conf.local path is empty.';
$wb['mail_filter_syntax_txt'] = 'Mailfilter Syntax';
@@ -281,6 +285,9 @@ $wb['awstats_buildstaticpages_pl_error_regex'] = 'Invalid awstats_buildstaticpag
$wb['invalid_bind_user_txt'] = 'Invalid BIND user.';
$wb['invalid_bind_group_txt'] = 'Invalid BIND group.';
$wb['bind_zonefiles_dir_error_regex'] = 'Invalid BIND zonefiles directory.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
$wb['named_conf_path_error_regex'] = 'Invalid named.conf path.';
$wb['named_conf_local_path_error_regex'] = 'Invalid named.conf.local path.';
$wb['fastcgi_starter_path_error_regex'] = 'Invalid fastcgi starter path.';
diff --git a/interface/web/admin/lib/lang/es_server_config.lng b/interface/web/admin/lib/lang/es_server_config.lng
index 9a49046ad9..59072b94b5 100644
--- a/interface/web/admin/lib/lang/es_server_config.lng
+++ b/interface/web/admin/lib/lang/es_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/fi_server_config.lng b/interface/web/admin/lib/lang/fi_server_config.lng
index abf9453646..980b6ba5dd 100644
--- a/interface/web/admin/lib/lang/fi_server_config.lng
+++ b/interface/web/admin/lib/lang/fi_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/fr_server_config.lng b/interface/web/admin/lib/lang/fr_server_config.lng
index d569e520a9..ceac406095 100644
--- a/interface/web/admin/lib/lang/fr_server_config.lng
+++ b/interface/web/admin/lib/lang/fr_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/hr_server_config.lng b/interface/web/admin/lib/lang/hr_server_config.lng
index fa34621e95..d8f4c3de77 100644
--- a/interface/web/admin/lib/lang/hr_server_config.lng
+++ b/interface/web/admin/lib/lang/hr_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/hu_server_config.lng b/interface/web/admin/lib/lang/hu_server_config.lng
index 6c73a7d20b..bbc7cc5bb0 100644
--- a/interface/web/admin/lib/lang/hu_server_config.lng
+++ b/interface/web/admin/lib/lang/hu_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/id_server_config.lng b/interface/web/admin/lib/lang/id_server_config.lng
index 8a06d38b48..2240c463fc 100644
--- a/interface/web/admin/lib/lang/id_server_config.lng
+++ b/interface/web/admin/lib/lang/id_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/it_server_config.lng b/interface/web/admin/lib/lang/it_server_config.lng
index 384cb65343..ce1b2f7325 100644
--- a/interface/web/admin/lib/lang/it_server_config.lng
+++ b/interface/web/admin/lib/lang/it_server_config.lng
@@ -341,3 +341,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'L\'uso di hardlinks è meno sicuro però
$wb['jailkit_hardlinks_allow_txt'] = 'Consenti hardlinks all\'interno di jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, rimuovi i file con hardlink';
$wb['jailkit_hardlinks_yes_txt'] = 'Si, usa hardlinks se possibile';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/ja_server_config.lng b/interface/web/admin/lib/lang/ja_server_config.lng
index bf6d47d59e..56cefc79cb 100644
--- a/interface/web/admin/lib/lang/ja_server_config.lng
+++ b/interface/web/admin/lib/lang/ja_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/nl_server_config.lng b/interface/web/admin/lib/lang/nl_server_config.lng
index c89c345e77..66394fe32e 100644
--- a/interface/web/admin/lib/lang/nl_server_config.lng
+++ b/interface/web/admin/lib/lang/nl_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/pl_server_config.lng b/interface/web/admin/lib/lang/pl_server_config.lng
index 93ded596ea..2513234a95 100644
--- a/interface/web/admin/lib/lang/pl_server_config.lng
+++ b/interface/web/admin/lib/lang/pl_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/pt_server_config.lng b/interface/web/admin/lib/lang/pt_server_config.lng
index 95faebb41e..5dde8625d7 100644
--- a/interface/web/admin/lib/lang/pt_server_config.lng
+++ b/interface/web/admin/lib/lang/pt_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/ro_server_config.lng b/interface/web/admin/lib/lang/ro_server_config.lng
index bb474f5930..23c2408384 100644
--- a/interface/web/admin/lib/lang/ro_server_config.lng
+++ b/interface/web/admin/lib/lang/ro_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/ru_server_config.lng b/interface/web/admin/lib/lang/ru_server_config.lng
index 1cd7c64cc4..b9db678500 100644
--- a/interface/web/admin/lib/lang/ru_server_config.lng
+++ b/interface/web/admin/lib/lang/ru_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/se_server_config.lng b/interface/web/admin/lib/lang/se_server_config.lng
index da6d90d1ec..42190ec5f5 100644
--- a/interface/web/admin/lib/lang/se_server_config.lng
+++ b/interface/web/admin/lib/lang/se_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/sk_server_config.lng b/interface/web/admin/lib/lang/sk_server_config.lng
index 37a3d597fb..6ec685e4a5 100644
--- a/interface/web/admin/lib/lang/sk_server_config.lng
+++ b/interface/web/admin/lib/lang/sk_server_config.lng
@@ -342,3 +342,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/lib/lang/tr_server_config.lng b/interface/web/admin/lib/lang/tr_server_config.lng
index 9b8bfb383f..9e67b0e73a 100644
--- a/interface/web/admin/lib/lang/tr_server_config.lng
+++ b/interface/web/admin/lib/lang/tr_server_config.lng
@@ -339,3 +339,10 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
+$wb['bind_zonefiles_masterprefix_txt'] = 'BIND master zonefiles prefix';
+$wb['bind_zonefiles_slaveprefix_txt'] = 'BIND slave zonefiles prefix';
+$wb['bind_keyfiles_dir_txt'] = 'BIND keyfiles directory';
+$wb['bind_keyfiles_dir_error_empty'] = 'BIND keyfiles directory is empty.';
+$wb['bind_zonefiles_masterprefix_error_regex'] = 'Invalid BIND zonefiles master prefix.';
+$wb['bind_zonefiles_slaveprefix_error_regex'] = 'Invalid BIND zonefiles slave prefix.';
+$wb['bind_keyfiles_dir_error_regex'] = 'Invalid BIND keyfiles directory.';
diff --git a/interface/web/admin/templates/server_config_dns_edit.htm b/interface/web/admin/templates/server_config_dns_edit.htm
index 995acbf986..9a157ce4a7 100644
--- a/interface/web/admin/templates/server_config_dns_edit.htm
+++ b/interface/web/admin/templates/server_config_dns_edit.htm
@@ -11,6 +11,15 @@
<div class="form-group">
<label for="bind_zonefiles_dir" class="col-sm-3 control-label">{tmpl_var name='bind_zonefiles_dir_txt'}</label>
<div class="col-sm-9"><input type="text" name="bind_zonefiles_dir" id="bind_zonefiles_dir" value="{tmpl_var name='bind_zonefiles_dir'}" class="form-control" /></div></div>
+ <div class="form-group">
+ <label for="bind_keyfiles_dir" class="col-sm-3 control-label">{tmpl_var name='bind_keyfiles_dir_txt'}</label>
+ <div class="col-sm-9"><input type="text" name="bind_keyfiles_dir" id="bind_keyfiles_dir" value="{tmpl_var name='bind_keyfiles_dir'}" class="form-control" /></div></div>
+ <div class="form-group">
+ <label for="bind_zonefiles_masterprefix" class="col-sm-3 control-label">{tmpl_var name='bind_zonefiles_masterprefix_txt'}</label>
+ <div class="col-sm-9"><input type="text" name="bind_zonefiles_masterprefix" id="bind_zonefiles_masterprefix" value="{tmpl_var name='bind_zonefiles_masterprefix'}" class="form-control" /></div></div>
+ <div class="form-group">
+ <label for="bind_zonefiles_slaveprefix" class="col-sm-3 control-label">{tmpl_var name='bind_zonefiles_slaveprefix_txt'}</label>
+ <div class="col-sm-9"><input type="text" name="bind_zonefiles_slaveprefix" id="bind_zonefiles_slaveprefix" value="{tmpl_var name='bind_zonefiles_slaveprefix'}" class="form-control" /></div></div>
<div class="form-group">
<label for="named_conf_path" class="col-sm-3 control-label">{tmpl_var name='named_conf_path_txt'}</label>
<div class="col-sm-9"><input type="text" name="named_conf_path" id="named_conf_path" value="{tmpl_var name='named_conf_path'}" class="form-control" /></div></div>
diff --git a/server/plugins-available/bind_plugin.inc.php b/server/plugins-available/bind_plugin.inc.php
index 3d5dcfffec..537ab19af6 100644
--- a/server/plugins-available/bind_plugin.inc.php
+++ b/server/plugins-available/bind_plugin.inc.php
@@ -87,7 +87,7 @@ class bind_plugin {
$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
$domain = substr($data['new']['origin'], 0, strlen($data['new']['origin'])-1);
- if (!file_exists($dns_config['bind_zonefiles_dir'].'/'.$this->zone_file_prefix().$domain)) return false;
+ if (!file_exists($dns_config['bind_zonefiles_dir'].'/'.$dns_config['bind_zonefiles_masterprefix'].$domain)) return false;
//* Check Entropy
if (file_get_contents('/proc/sys/kernel/random/entropy_avail') < 400) {
@@ -98,11 +98,11 @@ class bind_plugin {
//* Verify that we do not already have keys (overwriting-protection)
if($data['old']['dnssec_algo'] == $data['new']['dnssec_algo']) {
- if (file_exists($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.')) {
+ if (file_exists($dns_config['bind_keyfiles_dir'].'/dsset-'.$domain.'.')) {
return $this->soa_dnssec_update($data);
} else if ($data['new']['dnssec_initialized'] == 'Y') { //In case that we generated keys but the dsset-file was not generated
$keycount=0;
- foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'*.key') as $keyfile) {
+ foreach (glob($dns_config['bind_keyfiles_dir'].'/K'.$domain.'*.key') as $keyfile) {
$keycount++;
}
if ($keycount > 0) {
@@ -116,11 +116,11 @@ class bind_plugin {
$dnssec_algo = explode(',',$data['new']['dnssec_algo']);
//* Create the Zone Signing and Key Signing Keys
- if(in_array('ECDSAP256SHA256',$dnssec_algo) && count(glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+013*.key')) == 0) {
- $app->system->exec_safe('cd ?; dnssec-keygen -3 -a ECDSAP256SHA256 -n ZONE ?; dnssec-keygen -f KSK -3 -a ECDSAP256SHA256 -n ZONE ?', $dns_config['bind_zonefiles_dir'], $domain, $domain);
+ if(in_array('ECDSAP256SHA256',$dnssec_algo) && count(glob($dns_config['bind_keyfiles_dir'].'/K'.$domain.'.+013*.key')) == 0) {
+ $app->system->exec_safe('cd ?; dnssec-keygen -3 -a ECDSAP256SHA256 -n ZONE ?; dnssec-keygen -f KSK -3 -a ECDSAP256SHA256 -n ZONE ?', $dns_config['bind_keyfiles_dir'], $domain, $domain);
}
- if(in_array('NSEC3RSASHA1',$dnssec_algo) && count(glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+007*.key')) == 0) {
- $app->system->exec_safe('cd ?; dnssec-keygen -a NSEC3RSASHA1 -b 2048 -n ZONE ?; dnssec-keygen -f KSK -a NSEC3RSASHA1 -b 4096 -n ZONE ?', $dns_config['bind_zonefiles_dir'], $domain, $domain);
+ if(in_array('NSEC3RSASHA1',$dnssec_algo) && count(glob($dns_config['bind_keyfiles_dir'].'/K'.$domain.'.+007*.key')) == 0) {
+ $app->system->exec_safe('cd ?; dnssec-keygen -a NSEC3RSASHA1 -b 2048 -n ZONE ?; dnssec-keygen -f KSK -a NSEC3RSASHA1 -b 4096 -n ZONE ?', $dns_config['bind_keyfiles_dir'], $domain, $domain);
}
$this->soa_dnssec_sign($data); //Now sign the zone for the first time
@@ -136,7 +136,7 @@ class bind_plugin {
//* load the server configuration options
$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
- $filespre = $this->zone_file_prefix();
+ $filespre = $dns_config['bind_zonefiles_masterprefix'];
$domain = substr($data['new']['origin'], 0, strlen($data['new']['origin'])-1);
if (!file_exists($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain)) return false;
@@ -149,8 +149,8 @@ class bind_plugin {
//* Include ECDSAP256SHA256 keys in zone
if(in_array('ECDSAP256SHA256',$dnssec_algo)) {
- foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+013*.key') as $keyfile) {
- $includeline = '$INCLUDE '.basename($keyfile);
+ foreach (glob($dns_config['bind_keyfiles_dir'].'/K'.$domain.'.+013*.key') as $keyfile) {
+ $includeline = '$INCLUDE ' . $keyfile;
if (!preg_match('@'.preg_quote($includeline).'@', $zonefile)) $zonefile .= "\n".$includeline."\n";
$keycount++;
}
@@ -158,8 +158,8 @@ class bind_plugin {
//* Include NSEC3RSASHA1 keys in zone
if(in_array('NSEC3RSASHA1',$dnssec_algo)) {
- foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+007*.key') as $keyfile) {
- $includeline = '$INCLUDE '.basename($keyfile);
+ foreach (glob($dns_config['bind_keyfiles_dir'].'/K'.$domain.'.+007*.key') as $keyfile) {
+ $includeline = '$INCLUDE ' . $keyfile;
if (!preg_match('@'.preg_quote($includeline).'@', $zonefile)) $zonefile .= "\n".$includeline."\n";
$keycount++;
}
@@ -171,20 +171,20 @@ class bind_plugin {
file_put_contents($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain, $zonefile);
//* Sign the zone and set it valid for max. 16 days
- $app->system->exec_safe('cd ?; dnssec-signzone -A -e +1382400 -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -N increment -o ? -t ?', $dns_config['bind_zonefiles_dir'], $domain, $filespre.$domain);
+ $app->system->exec_safe('cd ?; dnssec-signzone -A -e +1382400 -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -N increment -o ? -K ? -t ?', $dns_config['bind_keyfiles_dir'], $domain, $dns_config['bind_keyfiles_dir'], $dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain);
//* Write Data back ino DB
- $dnssecdata = "DS-Records:\n".file_get_contents($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.');
+ $dnssecdata = "DS-Records:\n".file_get_contents($dns_config['bind_keyfiles_dir'].'/dsset-'.$domain.'.');
$dnssecdata .= "\n------------------------------------\n\nDNSKEY-Records:\n";
if(in_array('ECDSAP256SHA256',$dnssec_algo)) {
- foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+013*.key') as $keyfile) {
+ foreach (glob($dns_config['bind_keyfiles_dir'].'/K'.$domain.'.+013*.key') as $keyfile) {
$dnssecdata .= file_get_contents($keyfile)."\n\n";
}
}
if(in_array('NSEC3RSASHA1',$dnssec_algo)) {
- foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+007*.key') as $keyfile) {
+ foreach (glob($dns_config['bind_keyfiles_dir'].'/K'.$domain.'.+007*.key') as $keyfile) {
$dnssecdata .= file_get_contents($keyfile)."\n\n";
}
}
@@ -202,7 +202,7 @@ class bind_plugin {
//* load the server configuration options
$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
- $filespre = $this->zone_file_prefix();
+ $filespre = $dns_config['bind_zonefiles_masterprefix'];
$domain = substr($data['new']['origin'], 0, strlen($data['new']['origin'])-1);
if (!file_exists($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain)) return false;
@@ -213,7 +213,7 @@ class bind_plugin {
return false;
}
- if (!$new && !file_exists($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.')) $this->soa_dnssec_create($data);
+ if (!$new && !file_exists($dns_config['bind_keyfiles_dir'].'/dsset-'.$domain.'.')) $this->soa_dnssec_create($data);
$dbdata = $app->db->queryOneRecord('SELECT id,serial FROM dns_soa WHERE id=?', intval($data['new']['id']));
$app->system->exec_safe('cd ?; named-checkzone ? ? | egrep -ho \'[0-9]{10}\'', $dns_config['bind_zonefiles_dir'], $domain, $dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain);
@@ -237,12 +237,12 @@ class bind_plugin {
$domain = substr($data['new']['origin'], 0, strlen($data['new']['origin'])-1);
- $key_files = glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+*');
+ $key_files = glob($dns_config['bind_keyfiles_dir'].'/K'.$domain.'.+*');
foreach($key_files as $file) {
unlink($file);
}
- unlink($dns_config['bind_zonefiles_dir'].'/'.$this->zone_file_prefix().$domain.'.signed');
- unlink($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.');
+ unlink($dns_config['bind_zonefiles_dir'].'/'.$dns_config['bind_zonefiles_masterprefix'].$domain.'.signed');
+ unlink($dns_config['bind_keyfiles_dir'].'/dsset-'.$domain.'.');
if ($app->dbmaster !== $app->db) $app->dbmaster->query('UPDATE dns_soa SET dnssec_info=\'\', dnssec_initialized=\'N\' WHERE id=?', intval($data['new']['id']));
$app->db->query('UPDATE dns_soa SET dnssec_info=\'\', dnssec_initialized=\'N\' WHERE id=?', intval($data['new']['id']));
@@ -329,7 +329,7 @@ class bind_plugin {
}
$tpl->setLoop('zones', $records);
- $filename = $dns_config['bind_zonefiles_dir'].'/' . $this->zone_file_prefix() . str_replace("/", "_", substr($zone['origin'], 0, -1));
+ $filename = $dns_config['bind_zonefiles_dir'].'/' . $dns_config['bind_zonefiles_masterprefix'] . str_replace("/", "_", substr($zone['origin'], 0, -1));
$old_zonefile = @file_get_contents($filename);
$rendered_zone = $tpl->grab();
@@ -380,7 +380,7 @@ class bind_plugin {
} elseif ($data['new']['dnssec_wanted'] == 'Y' && $data['old']['dnssec_initialized'] == 'N') {
$this->soa_dnssec_create($data);
} elseif ($data['new']['dnssec_wanted'] == 'N' && $data['old']['dnssec_initialized'] == 'Y') { //delete old signed file if dnssec is no longer wanted
- $filename = $dns_config['bind_zonefiles_dir'].'/' . $this->zone_file_prefix() . str_replace("/", "_", substr($data['old']['origin'], 0, -1));
+ $filename = $dns_config['bind_zonefiles_dir'].'/' . $dns_config['bind_zonefiles_masterprefix'] . str_replace("/", "_", substr($data['old']['origin'], 0, -1));
if(is_file($filename.'.signed')) unlink($filename.'.signed');
} elseif ($data['new']['dnssec_wanted'] == 'Y') {
$this->soa_dnssec_update($data);
@@ -394,7 +394,7 @@ class bind_plugin {
//* Delete old domain file, if domain name has been changed
if($data['old']['origin'] != $data['new']['origin']) {
- $filename = $dns_config['bind_zonefiles_dir'].'/' . $this->zone_file_prefix() . str_replace("/", "_", substr($data['old']['origin'], 0, -1));
+ $filename = $dns_config['bind_zonefiles_dir'].'/' . $dns_config['bind_zonefiles_masterprefix'] . str_replace("/", "_", substr($data['old']['origin'], 0, -1));
if(is_file($filename)) unlink($filename);
if(is_file($filename.'.err')) unlink($filename.'.err');
@@ -421,7 +421,7 @@ class bind_plugin {
$this->write_named_conf($data, $dns_config);
//* Delete the domain file
- $zone_file_name = $dns_config['bind_zonefiles_dir'].'/' . $this->zone_file_prefix() . str_replace("/", "_", substr($data['old']['origin'], 0, -1));
+ $zone_file_name = $dns_config['bind_zonefiles_dir'].'/' . $dns_config['bind_zonefiles_masterprefix'] . str_replace("/", "_", substr($data['old']['origin'], 0, -1));
if(is_file($zone_file_name)) unlink($zone_file_name);
if(is_file($zone_file_name.'.err')) unlink($zone_file_name.'.err');
$app->log("Deleting BIND domain file: ".$zone_file_name, LOGLEVEL_DEBUG);
@@ -455,7 +455,7 @@ class bind_plugin {
//* Delete old domain file, if domain name has been changed
if($data['old']['origin'] != $data['new']['origin']) {
- $filename = $dns_config['bind_zonefiles_dir'].'/' . $this->zone_file_prefix() . str_replace("/", "_", substr($data['old']['origin'], 0, -1));
+ $filename = $dns_config['bind_zonefiles_dir'].'/' . $dns_config['bind_zonefiles_masterprefix'] . str_replace("/", "_", substr($data['old']['origin'], 0, -1));
if(is_file($filename)) unset($filename);
}
@@ -482,7 +482,7 @@ class bind_plugin {
$this->write_named_conf($data, $dns_config);
//* Delete the domain file
- $zone_file_name = $dns_config['bind_zonefiles_dir'].'/' . $this->slave_zone_file_prefix() . str_replace("/", "_", substr($data['old']['origin'], 0, -1));
+ $zone_file_name = $dns_config['bind_zonefiles_dir'].'/' . $dns_config['bind_zonefiles_slaveprefix'] . str_replace("/", "_", substr($data['old']['origin'], 0, -1));
if(is_file($zone_file_name)) unlink($zone_file_name);
$app->log("Deleting BIND domain file for secondary zone: ".$zone_file_name, LOGLEVEL_DEBUG);
@@ -539,8 +539,8 @@ class bind_plugin {
//* Check if the current zone that triggered this function has at least one NS record
- $pri_zonefiles_path = $dns_config['bind_zonefiles_dir'].'/'.$this->zone_file_prefix();
- $sec_zonefiles_path = $dns_config['bind_zonefiles_dir'].'/'.$this->slave_zone_file_prefix();
+ $pri_zonefiles_path = $dns_config['bind_zonefiles_dir'].'/'.$dns_config['bind_zonefiles_masterprefix'];
+ $sec_zonefiles_path = $dns_config['bind_zonefiles_dir'].'/'.$dns_config['bind_zonefiles_slaveprefix'];
//* Loop trough zones
foreach($tmps as $tmp) {
@@ -603,20 +603,6 @@ class bind_plugin {
unset($tmps);
}
-
-
- function zone_file_prefix() {
- //TODO : change this when distribution information has been integrated into server record
- return (file_exists('/etc/gentoo-release')) ? 'pri/' : 'pri.';
- }
- function slave_zone_file_prefix() {
- //TODO : change this when distribution information has been integrated into server record
- return (file_exists('/etc/gentoo-release')) ? 'sec/' : 'slave/sec.';
- }
-
-
-
-
} // end class
?>
--
GitLab