Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
<?php
/*
Copyright (c) 2009, Falko Timme, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/*
The powerdns database name has to be "powerdns" and it must be accessible
by the "ispconfig" database user
TABLE STRUCTURE of the "powerdns" database:
CREATE TABLE `domains` (
`id` int(11) NOT NULL auto_increment,
`name` varchar(255) NOT NULL,
`master` varchar(128) default NULL,
`last_check` int(11) default NULL,
`type` varchar(6) NOT NULL,
`notified_serial` int(11) default NULL,
`account` varchar(40) default NULL,
`ispconfig_id` int(11) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `name_index` (`name`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
CREATE TABLE `records` (
`id` int(11) NOT NULL auto_increment,
`domain_id` int(11) default NULL,
`name` varchar(255) default NULL,
`type` varchar(6) default NULL,
`content` varchar(255) default NULL,
`ttl` int(11) default NULL,
`prio` int(11) default NULL,
`change_date` int(11) default NULL,
`ispconfig_id` int(11) NOT NULL,
PRIMARY KEY (`id`),
KEY `rec_name_index` (`name`),
KEY `nametype_index` (`name`,`type`),
KEY `domain_id` (`domain_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
CREATE TABLE `supermasters` (
`ip` varchar(25) NOT NULL,
`nameserver` varchar(255) NOT NULL,
`account` varchar(40) default NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
IMPORTANT:
- This plugin does not support ALIAS records (supported only by MyDNS).
TODO:
- introduce a variable for the PowerDNS database
*/
class powerdns_plugin {
var $plugin_name = 'powerdns_plugin';
var $class_name = 'powerdns_plugin';
//* This function is called during ispconfig installation to determine
// if a symlink shall be created for this plugin.
function onInstall() {
global $conf;
if(isset($conf['powerdns']['installed']) && $conf['powerdns']['installed'] == true) {
return true;
} else {
return false;
}
/*
This function is called when the plugin is loaded
*/
function onLoad() {
global $app;
/*
Register for the events
*/
//* SOA
$app->plugins->registerEvent('dns_soa_insert', $this->plugin_name, 'soa_insert');
$app->plugins->registerEvent('dns_soa_update', $this->plugin_name, 'soa_update');
$app->plugins->registerEvent('dns_soa_delete', $this->plugin_name, 'soa_delete');
$app->plugins->registerEvent('dns_slave_insert', $this->plugin_name, 'slave_insert');
$app->plugins->registerEvent('dns_slave_update', $this->plugin_name, 'slave_update');
$app->plugins->registerEvent('dns_slave_delete', $this->plugin_name, 'slave_delete');
//* RR
$app->plugins->registerEvent('dns_rr_insert', $this->plugin_name, 'rr_insert');
$app->plugins->registerEvent('dns_rr_update', $this->plugin_name, 'rr_update');
$app->plugins->registerEvent('dns_rr_delete', $this->plugin_name, 'rr_delete');
function soa_insert($event_name, $data) {
global $app, $conf;
if($data["new"]["active"] != 'Y') return;
$origin = substr($data["new"]["origin"], 0, -1);
$ispconfig_id = $data["new"]["id"];
$serial = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ?", $ispconfig_id);
$serial_id = $serial["serial"];
$app->db->query("INSERT INTO powerdns.domains (name, type, notified_serial, ispconfig_id) VALUES (?, ?, ?, ?)", $origin, 'MASTER', $serial_id, $ispconfig_id);
$zone_id = $app->db->insertID();
if(substr($data["new"]["ns"], -1) == '.'){
$ns = substr($data["new"]["ns"], 0, -1);
} else {
$ns = $data["new"]["ns"].'.'.$origin;
}
if($ns == '') $ns = $origin;
$hostmaster = substr($data["new"]["mbox"], 0, -1);
$content = $ns.' '.$hostmaster.' '.$data["new"]["serial"].' '.$data["new"]["refresh"].' '.$data["new"]["retry"].' '.$data["new"]["expire"].' '.$data["new"]["minimum"];
$ttl = $data["new"]["ttl"];
$app->db->query("INSERT INTO powerdns.records (domain_id, name, type, content, ttl, prio, change_date, ispconfig_id) VALUES (?, ?, 'SOA', ?, ?, 0, UNIX_TIMESTAMP(), ?)", $zone_id, $origin, $content, $ttl, $ispconfig_id);
//* tell pdns to rediscover zones in DB
$this->zoneRediscover();
//* handle dnssec
$this->handle_dnssec($data);
//* tell pdns to use 'pdnssec rectify' on the new zone
$this->rectifyZone($data);
//* tell pdns to send notify to slave
$this->notifySlave($data);
function soa_update($event_name, $data) {
global $app, $conf;
if($data["new"]["active"] != 'Y'){
if($data["old"]["active"] != 'Y') return;
$this->soa_delete($event_name, $data);
} else {
$exists = $app->db->queryOneRecord("SELECT * FROM powerdns.domains WHERE ispconfig_id = ?", $data["new"]["id"]);
if($data["old"]["active"] == 'Y' && is_array($exists)){
$origin = substr($data["new"]["origin"], 0, -1);
$ispconfig_id = $data["new"]["id"];
if(substr($data["new"]["ns"], -1) == '.'){
$ns = substr($data["new"]["ns"], 0, -1);
} else {
$ns = $data["new"]["ns"].'.'.$origin;
}
if($ns == '') $ns = $origin;
$hostmaster = substr($data["new"]["mbox"], 0, -1);
$content = $ns.' '.$hostmaster.' '.$data["new"]["serial"].' '.$data["new"]["refresh"].' '.$data["new"]["retry"].' '.$data["new"]["expire"].' '.$data["new"]["minimum"];
$ttl = $data["new"]["ttl"];
$app->db->query("UPDATE powerdns.records SET name = ?, content = ?, ttl = ?, change_date = UNIX_TIMESTAMP() WHERE ispconfig_id = ? AND type = 'SOA'", $origin, $content, $ttl, $data["new"]["id"]);
} else {
$this->soa_insert($event_name, $data);
$ispconfig_id = $data["new"]["id"];
if($records = $app->db->queryAllRecords("SELECT * FROM dns_rr WHERE zone = ? AND active = 'Y'", $ispconfig_id)){
foreach($records as $record){
foreach($record as $key => $val){
$data["new"][$key] = $val;
}
$this->rr_insert("dns_rr_insert", $data);
}
}
}
//* handle dnssec
$this->handle_dnssec($data);
//* tell pdns to use 'pdnssec rectify' on the new zone
$this->rectifyZone($data);
//* tell pdns to send notify to slave
$this->notifySlave($data);
}
}
function soa_delete($event_name, $data) {
global $app, $conf;
$zone = $app->db->queryOneRecord("SELECT * FROM powerdns.domains WHERE ispconfig_id = ? AND type = 'MASTER'", $data["old"]["id"]);
$zone_id = $zone["id"];
$app->db->query("DELETE FROM powerdns.records WHERE domain_id = ?", $zone_id);
$app->db->query("DELETE FROM powerdns.domains WHERE id = ?", $zone_id);
function slave_insert($event_name, $data) {
if($data["new"]["active"] != 'Y') return;
$origin = substr($data["new"]["origin"], 0, -1);
$ispconfig_id = $data["new"]["id"];
$master_ns = $data["new"]["ns"];
$app->db->query("INSERT INTO powerdns.domains (name, type, master, ispconfig_id) VALUES (?, ?, ?, ?)", $origin, 'SLAVE', $master_ns, $ispconfig_id);
$zone_id = $app->db->insertID();
//* tell pdns to fetch zone from master server
$this->fetchFromMaster($data);
function slave_update($event_name, $data) {
if($data["new"]["active"] != 'Y'){
if($data["old"]["active"] != 'Y') return;
$this->slave_delete($event_name, $data);
} else {
if($data["old"]["active"] == 'Y'){
$origin = substr($data["new"]["origin"], 0, -1);
$ispconfig_id = $data["new"]["id"];
$master_ns = $data["new"]["ns"];
$app->db->query("UPDATE powerdns.domains SET name = ?, type = 'SLAVE', master = ? WHERE ispconfig_id=? AND type = 'SLAVE'", $origin, $master_ns, $ispconfig_id);
$zone_id = $app->db->insertID();
$zone = $app->db->queryOneRecord("SELECT * FROM powerdns.domains WHERE ispconfig_id = ? AND type = 'SLAVE'", $ispconfig_id);
$app->db->query("DELETE FROM powerdns.records WHERE domain_id = ? AND ispconfig_id = 0", $zone_id);
//* tell pdns to fetch zone from master server
$this->fetchFromMaster($data);
$this->slave_insert($event_name, $data);
function slave_delete($event_name, $data) {
$zone = $app->db->queryOneRecord("SELECT * FROM powerdns.domains WHERE ispconfig_id = ? AND type = 'SLAVE'", $data["old"]["id"]);
$app->db->query("DELETE FROM powerdns.records WHERE domain_id = ?", $zone_id);
$app->db->query("DELETE FROM powerdns.domains WHERE id = ?", $zone_id);
function rr_insert($event_name, $data) {
global $app, $conf;
if($data["new"]["active"] != 'Y') return;
$exists = $app->db->queryOneRecord("SELECT * FROM powerdns.records WHERE ispconfig_id = ?", $data["new"]["id"]);
$zone = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ?", $data["new"]["zone"]);
$origin = substr($zone["origin"], 0, -1);
$powerdns_zone = $app->db->queryOneRecord("SELECT * FROM powerdns.domains WHERE ispconfig_id = ? AND type = 'MASTER'", $data["new"]["zone"]);
$zone_id = $powerdns_zone["id"];
$type = $data["new"]["type"];
if(substr($data["new"]["name"], -1) == '.'){
$name = substr($data["new"]["name"], 0, -1);
} else {
if($data["new"]["name"] == ""){
$name = $origin;
} else {
$name = $data["new"]["name"].'.'.$origin;
}
if($name == '') $name = $origin;
switch ($type) {
case "CNAME":
case "MX":
case "NS":
case "ALIAS":
case "PTR":
case "SRV":
if(substr($data["new"]["data"], -1) == '.'){
$content = substr($data["new"]["data"], 0, -1);
} else {
$content = $data["new"]["data"].'.'.$origin;
}
break;
case "HINFO":
$content = $data["new"]["data"];
$quote1 = strpos($content, '"');
if($quote1 !== FALSE){
$quote2 = strpos(substr($content, ($quote1 + 1)), '"');
}
if($quote1 !== FALSE && $quote2 !== FALSE){
$text_between_quotes = str_replace(' ', '_', substr($content, ($quote1 + 1), (($quote2 - $quote1))));
$content = $text_between_quotes.substr($content, ($quote2 + 2));
}
break;
default:
$content = $data["new"]["data"];
$ttl = $data["new"]["ttl"];
$prio = $data["new"]["aux"];
$change_date = time();
$ispconfig_id = $data["new"]["id"];
$app->db->query("INSERT INTO powerdns.records (domain_id, name, type, content, ttl, prio, change_date, ispconfig_id) VALUES (?, ?, ?, ?, ?, ?, ?, ?)", $zone_id, $name, $type, $content, $ttl, $prio, $change_date, $ispconfig_id);
//* tell pdns to use 'pdnssec rectify' on the new zone
$this->rectifyZone($data);
function rr_update($event_name, $data) {
global $app, $conf;
if($data["new"]["active"] != 'Y'){
if($data["old"]["active"] != 'Y') return;
$this->rr_delete($event_name, $data);
} else {
$exists = $app->db->queryOneRecord("SELECT * FROM powerdns.records WHERE ispconfig_id = ?", $data["new"]["id"]);
if($data["old"]["active"] == 'Y' && is_array($exists)){
$zone = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ?", $data["new"]["zone"]);
$origin = substr($zone["origin"], 0, -1);
$powerdns_zone = $app->db->queryOneRecord("SELECT * FROM powerdns.domains WHERE ispconfig_id = ? AND type = 'MASTER'", $data["new"]["zone"]);
$zone_id = $powerdns_zone["id"];
$type = $data["new"]["type"];
if(substr($data["new"]["name"], -1) == '.'){
$name = substr($data["new"]["name"], 0, -1);
} else {
if($data["new"]["name"] == ""){
$name = $origin;
} else {
$name = $data["new"]["name"].'.'.$origin;
}
if($name == '') $name = $origin;
switch ($type) {
case "CNAME":
case "MX":
case "NS":
case "ALIAS":
case "PTR":
case "SRV":
if(substr($data["new"]["data"], -1) == '.'){
$content = substr($data["new"]["data"], 0, -1);
} else {
$content = $data["new"]["data"].'.'.$origin;
}
break;
case "HINFO":
$content = $data["new"]["data"];
$quote1 = strpos($content, '"');
if($quote1 !== FALSE){
$quote2 = strpos(substr($content, ($quote1 + 1)), '"');
}
if($quote1 !== FALSE && $quote2 !== FALSE){
$text_between_quotes = str_replace(' ', '_', substr($content, ($quote1 + 1), (($quote2 - $quote1))));
$content = $text_between_quotes.substr($content, ($quote2 + 2));
}
break;
default:
$content = $data["new"]["data"];
$ttl = $data["new"]["ttl"];
$prio = $data["new"]["aux"];
$change_date = time();
$ispconfig_id = $data["new"]["id"];
$app->db->query("UPDATE powerdns.records SET name = ?, type = ?, content = ?, ttl = ?, prio = ?, change_date = UNIX_TIMESTAMP() WHERE ispconfig_id = ? AND type != 'SOA'", $name, $type, $content, $ttl, $prio, $ispconfig_id);
//* tell pdns to use 'pdnssec rectify' on the new zone
$this->rectifyZone($data);
} else {
$this->rr_insert($event_name, $data);
}
}
}
function rr_delete($event_name, $data) {
global $app, $conf;
$ispconfig_id = $data["old"]["id"];
$app->db->query("DELETE FROM powerdns.records WHERE ispconfig_id = ? AND type != 'SOA'", $ispconfig_id);
function find_pdns_control() {
$output = array();
$retval = '';
exec("type -p pdns_control", $output, $retval);
if ($retval == 0 && is_file($output[0])){
return $output[0];
} else {
return false;
}
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
function find_pdns_pdnssec() {
$output = array();
$retval = '';
exec("type -p pdnssec", $output, $retval);
if ($retval == 0 && is_file($output[0])){
return $output[0];
} else {
return false;
}
}
function zoneRediscover() {
$pdns_control = $this->find_pdns_control();
if ( $pdns_control != false ) {
exec($pdns_control . ' rediscover');
}
}
function notifySlave($data) {
$pdns_control = $this->find_pdns_control();
if ( $pdns_control != false ) {
exec($pdns_control . ' notify ' . rtrim($data["new"]["origin"],"."));
}
}
function fetchFromMaster($data) {
$pdns_control = $this->find_pdns_control();
if ( $pdns_control != false ) {
exec($pdns_control . ' retrieve ' . rtrim($data["new"]["origin"],"."));
}
}
function get_pdns_version() {
$pdns_control = $this->find_pdns_control();
if ( $pdns_control != false ) {
$output=array();
$retval='';
exec($pdns_control . ' version',$output,$retval);
return $output[0];
} else {
//* fallback to version 2
return 2;
}
}
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
function handle_dnssec($data) {
// If origin changed, delete keys first
if ($data['old']['origin'] != $data['new']['origin']) {
if (@$data['old']['dnssec_initialized'] == 'Y' && strlen(@$data['old']['origin']) > 3) {
$this->soa_dnssec_delete($data);
}
}
// If DNSSEC is disabled, but was enabled before, just disable DNSSEC but leave the keys in dns_info
if ($data['new']['dnssec_wanted'] === 'N' && $data['old']['dnssec_initialized'] === 'Y') {
$this->soa_dnssec_disable($data);
return;
}
// If DNSSEC is wanted, enable it
if ($data['new']['dnssec_wanted'] === 'Y') {
$this->soa_dnssec_create($data);
}
}
function soa_dnssec_create($data) {
global $app;
if (!preg_match('/^3/',$this->get_pdns_version()) ) {
return;
}
$pdns_pdnssec = $this->find_pdns_pdnssec();
if ($pdns_pdnssec === false) {
return;
}
$zone = rtrim($data['new']['origin'],'.');
$log = array();
// We don't log the actual commands here, because having commands in the dnssec_info field will trigger
// the IDS if you try to save the record using the interface afterwards.
$cmd_secure_zone = sprintf('%s secure-zone %s 2>&1', $pdns_pdnssec, $zone);
$log[] = sprintf("\r\n%s %s", date('c'), 'Running secure-zone command...');
exec($cmd_secure_zone, $log);
$cmd_set_nsec3 = sprintf('%s set-nsec3 %s "1 0 10 deadbeef" 2>&1', $pdns_pdnssec, $zone);
$log[] = sprintf("\r\n%s %s", date('c'), 'Running set-nsec3 command...');
exec($cmd_set_nsec3, $log);
$pubkeys = [];
$cmd_show_zone = sprintf('%s show-zone %s 2>&1', $pdns_pdnssec, $zone);
$log[] = sprintf("\r\n%s %s", date('c'), 'Running show-zone command...');
exec($cmd_show_zone, $pubkeys);
$log = array_merge($log, $pubkeys);
$dnssec_info = array_merge($this->format_dnssec_pubkeys($pubkeys), ['', '== Raw log ============================'], $log);
$dnssec_info = implode("\r\n", $dnssec_info);
if ($app->dbmaster !== $app->db) {
$app->dbmaster->query('UPDATE dns_soa SET dnssec_info=?, dnssec_initialized=? WHERE id=?', $dnssec_info, 'Y', intval($data['new']['id']));
}
$app->db->query('UPDATE dns_soa SET dnssec_info=?, dnssec_initialized=? WHERE id=?', $dnssec_info, 'Y', intval($data['new']['id']));
}
function format_dnssec_pubkeys($lines) {
$formatted = [];
// We don't care about the first two lines about presigning and NSEC
array_shift($lines);
array_shift($lines);
foreach ($lines as $line) {
switch ($part = substr($line, 0, 3)) {
case 'ID ':
// Only process active keys
if (!strpos($line, 'Active: 1')) {
continue;
}
// Determine key type (KSK or ZSK)
preg_match('/(KSK|ZSK)/', $line, $matches_key_type);
$key_type = $matches_key_type[1];
// We only care about the KSK
if ('ZSK' === $key_type) {
continue;
}
// Determine key tag
preg_match('/ tag = (\d+),/', $line, $matches_key_tag);
$formatted[] = sprintf('%s key tag: %d', $key_type, $matches_key_tag[1]);
// Determine algorithm
preg_match('/ algo = (\d+),/', $line, $matches_algo_id);
preg_match('/ \( (.*) \)$/', $line, $matches_algo_name);
$formatted[] = sprintf('Algo: %d (%s)', $matches_algo_id[1], $matches_algo_name[1]);
// Determine bits
preg_match('/ bits = (\d+)/', $line, $matches_bits);
$formatted[] = sprintf('Bits: %d', $matches_bits[1]);
break;
case 'KSK':
// Determine DNSKEY
preg_match('/ IN DNSKEY \d+ \d+ \d+ (.*) ;/', $line, $matches_dnskey);
$formatted[] = sprintf('DNSKEY: %s', $matches_dnskey[1]);
break;
case 'DS ':
// Determine key tag
preg_match('/ IN DS (\d+) \d+ \d+ /', $line, $matches_ds_key_tag);
$formatted[] = sprintf(' - DS key tag: %d', $matches_ds_key_tag[1]);
// Determine key tag
preg_match('/ IN DS \d+ (\d+) \d+ /', $line, $matches_ds_algo);
$formatted[] = sprintf(' Algo: %d', $matches_ds_algo[1]);
// Determine digest
preg_match('/ IN DS \d+ \d+ (\d+) /', $line, $matches_ds_digest_id);
preg_match('/ \( (.*) \)$/', $line, $matches_ds_digest_name);
$formatted[] = sprintf(' Digest: %d (%s)', $matches_ds_digest_id[1], $matches_ds_digest_name[1]);
// Determine public key
preg_match('/ IN DS \d+ \d+ \d+ (.*) ;/', $line, $matches_ds_key);
$formatted[] = sprintf(' Public key: %s', $matches_ds_key[1]);
break;
default:
break;
}
}
return $formatted;
}
function soa_dnssec_disable($data) {
global $app;
if (!preg_match('/^3/',$this->get_pdns_version()) ) {
return;
}
$pdns_pdnssec = $this->find_pdns_pdnssec();
if ($pdns_pdnssec === false) {
return;
}
$zone = rtrim($data['new']['origin'],'.');
$log = array();
// We don't log the actual commands here, because having commands in the dnssec_info field will trigger
// the IDS if you try to save the record using the interface afterwards.
$cmd_disable_dnssec = sprintf('%s disable-dnssec %s 2>&1', $pdns_pdnssec, $zone);
$log[] = sprintf("\r\n%s %s", date('c'), 'Running disable-dnssec command...');
exec($cmd_disable_dnssec, $log);
if ($app->dbmaster !== $app->db) {
$app->dbmaster->query('UPDATE dns_soa SET dnssec_initialized=? WHERE id=?', 'N', intval($data['new']['id']));
}
$app->db->query('UPDATE dns_soa SET dnssec_initialized=? WHERE id=?', 'N', intval($data['new']['id']));
}
function soa_dnssec_delete($data) {
global $app;
if (!preg_match('/^3/',$this->get_pdns_version()) ) {
return;
}
$pdns_pdnssec = $this->find_pdns_pdnssec();
if ($pdns_pdnssec === false) {
return;
}
$zone = rtrim($data['old']['origin'],'.');
$log = array();
// We don't log the actual commands here, because having commands in the dnssec_info field will trigger
// the IDS if you try to save the record using the interface afterwards.
$cmd_disable_dnssec = sprintf('%s disable-dnssec %s 2>&1', $pdns_pdnssec, $zone);
$log[] = sprintf("\r\n%s %s", date('c'), 'Running disable-dnssec command...');
exec($cmd_disable_dnssec, $log);
$dnssec_info = array_merge(['== Raw log ============================'], $log);
$dnssec_info = implode("\r\n", $dnssec_info);
if ($app->dbmaster !== $app->db) {
$app->dbmaster->query('UPDATE dns_soa SET dnssec_info=?, dnssec_initialized=? WHERE id=?', $dnssec_info, 'N', intval($data['new']['id']));
}
$app->db->query('UPDATE dns_soa SET dnssec_info=?, dnssec_initialized=? WHERE id=?', $dnssec_info, 'N', intval($data['new']['id']));
}
function rectifyZone($data) {
global $app, $conf;
if ( preg_match('/^3/',$this->get_pdns_version()) ) {
$pdns_pdnssec = $this->find_pdns_pdnssec();
if ( $pdns_pdnssec != false ) {
if (isset($data["new"]["origin"])) {
//* data has origin field only for SOA recordtypes
exec($pdns_pdnssec . ' rectify-zone ' . rtrim($data["new"]["origin"],"."));
} else {
// get origin from DB for all other recordtypes
$zn = $app->db->queryOneRecord("SELECT d.name AS name FROM powerdns.domains d, powerdns.records r WHERE r.ispconfig_id=? AND r.domain_id = d.id", $data["new"]["id"]);
exec($pdns_pdnssec . ' rectify-zone ' . trim($zn["name"]));
}
}
}
}
} // end class