From c5e6e8aaad525410900de417565e24bb7bd85630 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?A=2E=20T=C3=A4ffner?= <darkalex@firesplash.de>
Date: Wed, 20 Jan 2016 10:24:30 +0100
Subject: [PATCH] Missing files
---
install/tpl/config.sh.master | 19 +++
install/tpl/dnssec-autocreate.sh.master | 15 ++
install/tpl/dnssec-autopickup.sh.master | 49 ++++++
install/tpl/dnssec-autoupdate.sh.master | 22 +++
install/tpl/dnssec-config.sh.master | 19 +++
install/tpl/dnssec-create.sh.master | 74 ++++++++
install/tpl/dnssec-delete.sh.master | 25 +++
install/tpl/dnssec-update.sh.master | 40 +++++
interface/web/dns/dns_tlsa_edit.php | 161 ++++++++++++++++++
interface/web/dns/form/dns_tlsa.tform.php | 158 +++++++++++++++++
interface/web/dns/lib/lang/de_dns_tlsa.lng | 16 ++
interface/web/dns/lib/lang/en_dns_tlsa.lng | 16 ++
interface/web/dns/templates/dns_tlsa_edit.htm | 42 +++++
13 files changed, 656 insertions(+)
create mode 100644 install/tpl/config.sh.master
create mode 100644 install/tpl/dnssec-autocreate.sh.master
create mode 100644 install/tpl/dnssec-autopickup.sh.master
create mode 100644 install/tpl/dnssec-autoupdate.sh.master
create mode 100644 install/tpl/dnssec-config.sh.master
create mode 100644 install/tpl/dnssec-create.sh.master
create mode 100644 install/tpl/dnssec-delete.sh.master
create mode 100644 install/tpl/dnssec-update.sh.master
create mode 100644 interface/web/dns/dns_tlsa_edit.php
create mode 100644 interface/web/dns/form/dns_tlsa.tform.php
create mode 100644 interface/web/dns/lib/lang/de_dns_tlsa.lng
create mode 100644 interface/web/dns/lib/lang/en_dns_tlsa.lng
create mode 100644 interface/web/dns/templates/dns_tlsa_edit.htm
diff --git a/install/tpl/config.sh.master b/install/tpl/config.sh.master
new file mode 100644
index 0000000000..d3e5710c66
--- /dev/null
+++ b/install/tpl/config.sh.master
@@ -0,0 +1,19 @@
+#!/bin/bash
+#mysql
+dbase={mysql_server_database}
+dbhost={mysql_server_ip}
+dbuser={mysql_server_ispconfig_user}
+dbpass={mysql_server_ispconfig_password}
+
+bindpath=/etc/bind
+backuppath=$bindpath/backup
+curpath=`pwd`
+if [ -f /etc/gentoo-release ] ; then
+filespre="pri/"
+else
+filespre="pri."
+fi
+timenow=`/bin/date +"%Y%m%d-%H%M%S"`
+
+namedconf="$bindpath/named.conf.local"
+md5namedconf="$bindpath/named.conf.local.md5"
diff --git a/install/tpl/dnssec-autocreate.sh.master b/install/tpl/dnssec-autocreate.sh.master
new file mode 100644
index 0000000000..75c56f1ab0
--- /dev/null
+++ b/install/tpl/dnssec-autocreate.sh.master
@@ -0,0 +1,15 @@
+#!/bin/bash
+source {dnssec_conffile}
+
+mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; show tables;" | wc -c`
+if [ "$mysqlcheck" = 0 ];then
+ echo "could not connect to database"
+ exit 0
+fi
+
+mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; select origin from dns_soa where active='Y' and dnssec_initialized='N';" | awk {' print $1 '}`
+for ACTIVE in $mysqlcheck; do
+ /usr/local/ispconfig/server/scripts/dnssec/dnssec-create.sh ${ACTIVE::-1}
+done
+
+cd $curpath
diff --git a/install/tpl/dnssec-autopickup.sh.master b/install/tpl/dnssec-autopickup.sh.master
new file mode 100644
index 0000000000..a578c77055
--- /dev/null
+++ b/install/tpl/dnssec-autopickup.sh.master
@@ -0,0 +1,49 @@
+#!/bin/bash
+source {dnssec_conffile}
+
+mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; show tables;" | wc -c`
+if [ "$mysqlcheck" = 0 ];then
+ echo "could not connect to database"
+ exit 0
+fi
+
+mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; select origin from dns_soa where active='Y' and dnssec_initialized='Y';"`
+for origindomain in $mysqlcheck; do
+ domain=${origindomain::-1}
+ dnssechelp=`head -1 $bindpath/dsset-$domain.`
+ dnssecid=`echo $dnssechelp | awk {' print $4 '}`
+ dnssecalg=`echo $dnssechelp | awk {' print $5 '}`
+ dnssecdt=`echo $dnssechelp | awk {' print $6 '}`
+ dnssecd=`echo $dnssechelp | awk {' print $7 '}`
+ echo "DS Record 1:">/tmp/.dnssec-autopick
+ echo "Key Tag/ID: $dnssecid">>/tmp/.dnssec-autopick
+ echo "Algorithm: $dnssecalg">>/tmp/.dnssec-autopick
+ echo "Digest/HASH Type: $dnssecdt">>/tmp/.dnssec-autopick
+ echo "Digest/HASH: $dnssecd">>/tmp/.dnssec-autopick
+
+ dns2sechelp=`tail -n 1 $bindpath/dsset-$domain.`
+ dns2secid=`echo $dns2sechelp | awk {' print $4 '}`
+ dns2secalg=`echo $dns2sechelp | awk {' print $5 '}`
+ dns2secdt=`echo $dns2sechelp | awk {' print $6 '}`
+ dns2secd=`echo $dns2sechelp | awk {' print $7""$8 '}`
+ echo "">>/tmp/.dnssec-autopick
+ echo "DS Record 2:">>/tmp/.dnssec-autopick
+ echo "Key Tag/ID: $dns2secid">>/tmp/.dnssec-autopick
+ echo "Algorithm: $dns2secalg">>/tmp/.dnssec-autopick
+ echo "Digest/HASH Type: $dns2secdt">>/tmp/.dnssec-autopick
+ echo "Digest/HASH: $dns2secd">>/tmp/.dnssec-autopick
+
+ echo "">>/tmp/.dnssec-autopick
+ echo "In DS-Record format:">>/tmp/.dnssec-autopick
+ cat $bindpath/dsset-$domain.>>/tmp/.dnssec-autopick
+
+ echo "">>/tmp/.dnssec-autopick
+ echo "DNSKEY-Records:">>/tmp/.dnssec-autopick
+ cat $bindpath/K$domain.+*.key>>/tmp/.dnssec-autopick
+
+ mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; UPDATE dns_soa SET dnssec_info='`cat /tmp/.dnssec-autopick`', dnssec_initialized='Y' WHERE origin='$domain.'"
+ rm /tmp/.dnssec-autopick
+done
+
+echo "I'm done!"
+exit 0
\ No newline at end of file
diff --git a/install/tpl/dnssec-autoupdate.sh.master b/install/tpl/dnssec-autoupdate.sh.master
new file mode 100644
index 0000000000..526582513b
--- /dev/null
+++ b/install/tpl/dnssec-autoupdate.sh.master
@@ -0,0 +1,22 @@
+#!/bin/bash
+source {dnssec_conffile}
+
+if [ ! -d $backuppath ]; then mkdir -p $backuppath; fi
+#connect to database
+mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; show tables;" | wc -c`
+if [ "$mysqlcheck" = 0 ];then
+ echo "could not connect to database"
+ exit 0
+fi
+
+
+mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; select origin from dns_soa where active='Y' and dnssec_initialized='Y';" | awk {' print $1 '}`
+for ACTIVE in $mysqlcheck; do
+ /usr/local/ispconfig/server/scripts/dnssec/dnssec-update.sh ${ACTIVE::-1}
+done
+
+done
+
+echo "I'm done - You might want to reload bind now"
+
+exit
diff --git a/install/tpl/dnssec-config.sh.master b/install/tpl/dnssec-config.sh.master
new file mode 100644
index 0000000000..cdb5c29593
--- /dev/null
+++ b/install/tpl/dnssec-config.sh.master
@@ -0,0 +1,19 @@
+#!/bin/bash
+#mysql
+dbase={mysql_server_ispconfig_database}
+dbhost={mysql_server_ip}
+dbuser={mysql_server_ispconfig_user}
+dbpass={mysql_server_ispconfig_password}
+
+bindpath=/etc/bind
+backuppath=$bindpath/backup
+curpath=`pwd`
+if [ -f /etc/gentoo-release ] ; then
+filespre="pri/"
+else
+filespre="pri."
+fi
+timenow=`/bin/date +"%Y%m%d-%H%M%S"`
+
+namedconf="$bindpath/named.conf.local"
+md5namedconf="$bindpath/named.conf.local.md5"
diff --git a/install/tpl/dnssec-create.sh.master b/install/tpl/dnssec-create.sh.master
new file mode 100644
index 0000000000..c56e3acd68
--- /dev/null
+++ b/install/tpl/dnssec-create.sh.master
@@ -0,0 +1,74 @@
+#!/bin/bash
+source {dnssec_conffile}
+domain="${1::-1}"
+
+mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; show tables;" | wc -c`
+if [ "$mysqlcheck" = 0 ];then
+ echo "$0 could not connect to database"
+ exit 0
+fi
+mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; select * from dns_soa where dnssec_initialized='Y' and origin='$domain.';" | wc -c`
+if [ "$mysqlcheck" -gt 1 ];then
+ echo "$domain seems to be initialized. If that is wrong correct dnssec_initialized in dns_soa table"
+fi
+cd $bindpath
+
+if [ ! $domain = "" ];then
+ if [ ! -f $filespre$domain ]; then
+ echo "$domain zone file ($filespre$domain) does not exist"
+ exit 0
+ else
+ if [ -f dsset-$domain. ];then
+ echo "dnssec keys for $domain already exists!"
+ exit 0
+ else
+ echo "Creating keys for $domain"
+ dnssec-keygen -a NSEC3RSASHA1 -b 2048 -n ZONE $domain
+ dnssec-keygen -f KSK -a NSEC3RSASHA1 -b 4096 -n ZONE $domain
+ for key in `ls K$domain*.key`; do
+ echo "\$INCLUDE $bindpath/$key">> $filespre$domain
+ done
+ dnssec-signzone -A -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -N INCREMENT -o $domain -t $filespre$domain
+ fi
+fi
+serial=`cat $bindpath/$filespre$domain |grep "serial," |awk {' print $domain '}`
+echo ""
+dnssechelp=`head -1 $bindpath/dsset-$domain.`
+dnssecid=`echo $dnssechelp | awk {' print $4 '}`
+dnssecalg=`echo $dnssechelp | awk {' print $5 '}`
+dnssecdt=`echo $dnssechelp | awk {' print $6 '}`
+dnssecd=`echo $dnssechelp | awk {' print $7 '}`
+echo "DS Record 1:">/tmp/.dnssec-$domain
+echo "Key Tag/ID: $dnssecid">>/tmp/.dnssec-$domain
+echo "Algorithm: $dnssecalg">>/tmp/.dnssec-$domain
+echo "Digest/HASH Type: $dnssecdt">>/tmp/.dnssec-$domain
+echo "Digest/HASH: $dnssecd">>/tmp/.dnssec-$domain
+
+dns2sechelp=`tail -n 1 $bindpath/dsset-$domain.`
+dns2secid=`echo $dns2sechelp | awk {' print $4 '}`
+dns2secalg=`echo $dns2sechelp | awk {' print $5 '}`
+dns2secdt=`echo $dns2sechelp | awk {' print $6 '}`
+dns2secd=`echo $dns2sechelp | awk {' print $7""$8 '}`
+echo "">>/tmp/.dnssec-$domain
+echo "DS Record 2:">>/tmp/.dnssec-$domain
+echo "Key Tag/ID: $dns2secid">>/tmp/.dnssec-$domain
+echo "Algorithm: $dns2secalg">>/tmp/.dnssec-$domain
+echo "Digest/HASH Type: $dns2secdt">>/tmp/.dnssec-$domain
+echo "Digest/HASH: $dns2secd">>/tmp/.dnssec-$domain
+
+echo "">>/tmp/.dnssec-$domain
+echo "In DS-Record format:">>/tmp/.dnssec-$domain
+cat $bindpath/dsset-$domain.>>/tmp/.dnssec-$domain
+
+echo "">>/tmp/.dnssec-$domain
+echo "DNSKEY-Records:">>/tmp/.dnssec-$domain
+cat $bindpath/K$domain.+*.key>>/tmp/.dnssec-$domain
+
+#mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; insert into dnssec_domains set domain='$domain', active='1', serial='$serial', ds1id='$dnssecid', ds1alg='$dnssecalg', ds1htype='$dnssecdt', ds1hash='$dnssecd', ds2id='$dns2secid', ds2alg='$dns2secalg', ds2htype='$dns2secdt', ds2hash='$dns2secd', created=now() ; UPDATE dns_soa SET dnssec_initialized='Y' WHERE origin='$domain.'"
+mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; UPDATE dns_soa SET dnssec_info='`cat /tmp/.dnssec-$domain`', dnssec_initialized='Y' WHERE origin='$domain.'"
+rm /tmp/.dnssec-$domain
+
+else
+ echo "usage: dnssec-create.sh <domain.tld>"
+fi
+cd $curpath
diff --git a/install/tpl/dnssec-delete.sh.master b/install/tpl/dnssec-delete.sh.master
new file mode 100644
index 0000000000..984d41a3d6
--- /dev/null
+++ b/install/tpl/dnssec-delete.sh.master
@@ -0,0 +1,25 @@
+#!/bin/bash
+source {dnssec_conffile}
+pardomain="${1::-1}"
+
+echo "$1 $2 $3 $4 domain: $domain" > /tmp/.last-call-to-dnssec-update
+
+if [ -z "$1" ];then
+ echo "No domain given"
+ exit 1
+fi
+
+#connect to database
+mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; show tables;" | wc -c`
+if [ "$mysqlcheck" = 0 ];then
+ echo "could not connect to database"
+ exit 0
+fi
+
+rm $bindpath/K$pardomain.+*.key
+rm "$bindpath/$filespre$pardomain.signed"
+rm "$bindpath/dsset-$pardomain."
+
+echo "DNSSEC Keys and zonefile for $pardomain deleted"
+
+exit 0
diff --git a/install/tpl/dnssec-update.sh.master b/install/tpl/dnssec-update.sh.master
new file mode 100644
index 0000000000..16c5bc3c46
--- /dev/null
+++ b/install/tpl/dnssec-update.sh.master
@@ -0,0 +1,40 @@
+#!/bin/bash
+source {dnssec_conffile}
+pardomain="${1::-1}"
+
+echo "$0 $1 $2 $3 $4 results in domain: $pardomain" > /tmp/.last-call-to-dnssec-update
+
+
+
+if [ ! -d $backuppath ]; then mkdir -p $backuppath; fi
+#connect to database for testing
+mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; show tables;" | wc -c`
+if [ "$mysqlcheck" = 0 ];then
+ echo "$0 could not connect to database"
+ cd $curdir
+ exit 0
+fi
+
+mysqlcheck=`mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; select id,serial from dns_soa where active='Y' and origin='$pardomain.';" | awk {' print $1":"$2 '}`
+ echo $mysqlcheck
+ zoneid=`echo $mysqlcheck | sed 's/:/ /g' | awk {' print $1 '}`
+ domain=$pardomain
+ serial=`echo $mysqlcheck | sed 's/:/ /g' | awk {' print $2 '}`
+ fserial=`/usr/sbin/named-checkzone $domain $bindpath/$filespre$domain | egrep -ho '[0-9]{10}'`
+ includecheck=`cat $bindpath/$filespre$domain |grep "INCLUDE" |wc -l`
+ if [ ! $includecheck = 2 ] ;then
+ echo "">> $bindpath/pri.$domain
+ for key in `ls $bindpath/K$pardomain.+*.key`; do
+ echo "Including $key..."
+ echo "\$INCLUDE $key">> $bindpath/pri.$domain
+ done
+ else
+ echo "Includes are there. Why ever..."
+ fi
+
+ /usr/sbin/dnssec-signzone -A -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -N increment -o $domain -t $filespre$domain
+ mysql -u $dbuser --password=$dbpass -h $dbhost -Bse "use $dbase; update dns_soa set serial='$fserial' where origin='$domain.'; update dns_rr set serial='$fserial' WHERE zone=$zoneid"
+
+echo "DNSSEC for $pardomain has been configured"
+cd $curdir
+exit 0
diff --git a/interface/web/dns/dns_tlsa_edit.php b/interface/web/dns/dns_tlsa_edit.php
new file mode 100644
index 0000000000..224475fd5c
--- /dev/null
+++ b/interface/web/dns/dns_tlsa_edit.php
@@ -0,0 +1,161 @@
+<?php
+
+/*
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+ * Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+ * Neither the name of ISPConfig nor the names of its contributors
+ may be used to endorse or promote products derived from this software without
+ specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+/******************************************
+* Begin Form configuration
+******************************************/
+
+$tform_def_file = "form/dns_tlsa.tform.php";
+
+/******************************************
+* End Form configuration
+******************************************/
+
+require_once '../../lib/config.inc.php';
+require_once '../../lib/app.inc.php';
+
+//* Check permissions for module
+$app->auth->check_module_permissions('dns');
+
+// Loading classes
+$app->uses('tpl,tform,tform_actions,validate_dns');
+$app->load('tform_actions');
+
+class page_action extends tform_actions {
+
+ function onShowNew() {
+ global $app, $conf;
+
+ // we will check only users, not admins
+ if($_SESSION["s"]["user"]["typ"] == 'user') {
+
+ // Get the limits of the client
+ $client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
+ $client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+
+ // Check if the user may add another mailbox.
+ if($client["limit_dns_record"] >= 0) {
+ $tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_rr WHERE sys_groupid = $client_group_id");
+ if($tmp["number"] >= $client["limit_dns_record"]) {
+ $app->error($app->tform->wordbook["limit_dns_record_txt"]);
+ }
+ }
+ }
+
+ parent::onShowNew();
+ }
+
+ function onSubmit() {
+ global $app, $conf;
+
+ // Get the parent soa record of the domain
+ $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = '".$app->functions->intval($_POST["zone"])."' AND ".$app->tform->getAuthSQL('r'));
+
+ // Check if Domain belongs to user
+ if($soa["id"] != $_POST["zone"]) $app->tform->errorMessage .= $app->tform->wordbook["no_zone_perm"];
+
+ // Check the client limits, if user is not the admin
+ if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
+ // Get the limits of the client
+ $client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
+ $client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+
+ // Check if the user may add another mailbox.
+ if($this->id == 0 && $client["limit_dns_record"] >= 0) {
+ $tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_rr WHERE sys_groupid = $client_group_id");
+ if($tmp["number"] >= $client["limit_dns_record"]) {
+ $app->error($app->tform->wordbook["limit_dns_record_txt"]);
+ }
+ }
+ } // end if user is not admin
+
+
+ // Set the server ID of the rr record to the same server ID as the parent record.
+ $this->dataRecord["server_id"] = $soa["server_id"];
+
+ // Update the serial number and timestamp of the RR record
+ $soa = $app->db->queryOneRecord("SELECT serial FROM dns_rr WHERE id = ".$this->id);
+ $this->dataRecord["serial"] = $app->validate_dns->increase_serial($soa["serial"]);
+ $this->dataRecord["stamp"] = date('Y-m-d H:i:s');
+
+ parent::onSubmit();
+ }
+
+ function onInsert() {
+ global $app, $conf;
+
+ // Check if record is existing already
+ $duplicate_tlsa = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE zone = ".$app->functions->intval($this->dataRecord["zone"])." AND name = '".$app->db->quote($this->dataRecord["name"])."' AND type = '".$app->db->quote($this->dataRecord["type"])."' AND data = '".$app->db->quote($this->dataRecord["data"])."' AND ".$app->tform->getAuthSQL('r'));
+
+ if(is_array($duplicate_tlsa) && !empty($duplicate_tlsa)) $app->error($app->tform->wordbook["duplicate_tlsa_record_txt"]);
+
+ parent::onInsert();
+ }
+
+ function onUpdate() {
+ global $app, $conf;
+
+ // Check if record is existing already
+ $duplicate_tlsa = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE zone = ".$app->functions->intval($this->dataRecord["zone"])." AND name = '".$app->db->quote($this->dataRecord["name"])."' AND type = '".$app->db->quote($this->dataRecord["type"])."' AND data = '".$app->db->quote($this->dataRecord["data"])."' AND id != ".$app->functions->intval($this->dataRecord["id"])." AND ".$app->tform->getAuthSQL('r'));
+
+ if(is_array($duplicate_tlsa) && !empty($duplicate_tlsa)) $app->error($app->tform->wordbook["duplicate_tlsa_record_txt"]);
+
+ parent::onUpdate();
+ }
+
+ function onAfterInsert() {
+ global $app, $conf;
+
+ //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record
+ $soa = $app->db->queryOneRecord("SELECT sys_groupid,serial FROM dns_soa WHERE id = '".$app->functions->intval($this->dataRecord["zone"])."' AND ".$app->tform->getAuthSQL('r'));
+ $app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id);
+
+ //* Update the serial number of the SOA record
+ $soa_id = $app->functions->intval($_POST["zone"]);
+ $serial = $app->validate_dns->increase_serial($soa["serial"]);
+ $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id);
+ }
+
+ function onAfterUpdate() {
+ global $app, $conf;
+
+ //* Update the serial number of the SOA record
+ $soa = $app->db->queryOneRecord("SELECT serial FROM dns_soa WHERE id = '".$app->functions->intval($this->dataRecord["zone"])."' AND ".$app->tform->getAuthSQL('r'));
+ $soa_id = $app->functions->intval($_POST["zone"]);
+ $serial = $app->validate_dns->increase_serial($soa["serial"]);
+ $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id);
+ }
+
+}
+
+$page = new page_action;
+$page->onLoad();
+
+?>
diff --git a/interface/web/dns/form/dns_tlsa.tform.php b/interface/web/dns/form/dns_tlsa.tform.php
new file mode 100644
index 0000000000..ef6f2a05b1
--- /dev/null
+++ b/interface/web/dns/form/dns_tlsa.tform.php
@@ -0,0 +1,158 @@
+<?php
+
+/*
+ Form Definition
+
+ Tabledefinition
+
+ Datatypes:
+ - INTEGER (Forces the input to Int)
+ - DOUBLE
+ - CURRENCY (Formats the values to currency notation)
+ - VARCHAR (no format check, maxlength: 255)
+ - TEXT (no format check)
+ - DATE (Dateformat, automatic conversion to timestamps)
+
+ Formtype:
+ - TEXT (Textfield)
+ - TEXTAREA (Textarea)
+ - PASSWORD (Password textfield, input is not shown when edited)
+ - SELECT (Select option field)
+ - RADIO
+ - CHECKBOX
+ - CHECKBOXARRAY
+ - FILE
+
+ VALUE:
+ - Wert oder Array
+
+ Hint:
+ The ID field of the database table is not part of the datafield definition.
+ The ID field must be always auto incement (int or bigint).
+
+
+*/
+
+global $app;
+
+$form["title"] = "DNS tlsa";
+$form["description"] = "";
+$form["name"] = "dns_tlsa";
+$form["action"] = "dns_tlsa_edit.php";
+$form["db_table"] = "dns_rr";
+$form["db_table_idx"] = "id";
+$form["db_history"] = "yes";
+$form["tab_default"] = "dns";
+$form["list_default"] = "dns_a_list.php";
+$form["auth"] = 'yes'; // yes / no
+
+$form["auth_preset"]["userid"] = 0; // 0 = id of the user, > 0 id must match with id of current user
+$form["auth_preset"]["groupid"] = 0; // 0 = default groupid of the user, > 0 id must match with groupid of current user
+$form["auth_preset"]["perm_user"] = 'riud'; //r = read, i = insert, u = update, d = delete
+$form["auth_preset"]["perm_group"] = 'riud'; //r = read, i = insert, u = update, d = delete
+$form["auth_preset"]["perm_other"] = ''; //r = read, i = insert, u = update, d = delete
+
+$form["tabs"]['dns'] = array (
+ 'title' => "DNS tlsa",
+ 'width' => 100,
+ 'template' => "templates/dns_tlsa_edit.htm",
+ 'fields' => array (
+ //#################################
+ // Begin Datatable fields
+ //#################################
+ 'server_id' => array (
+ 'datatype' => 'INTEGER',
+ 'formtype' => 'SELECT',
+ 'default' => '',
+ 'value' => '',
+ 'width' => '30',
+ 'maxlength' => '255'
+ ),
+ 'zone' => array (
+ 'datatype' => 'INTEGER',
+ 'formtype' => 'TEXT',
+ 'default' => @$app->functions->intval($_REQUEST["zone"]),
+ 'value' => '',
+ 'width' => '30',
+ 'maxlength' => '255'
+ ),
+ 'name' => array (
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'TEXT',
+ 'filters' => array( 0 => array( 'event' => 'SAVE',
+ 'type' => 'TOLOWER')
+ ),
+ 'validators' => array ( 0 => array ( 'type' => 'REGEX',
+ 'regex' => '/^\_\d{1,5}\.\_(tcp|udp)\.[a-zA-Z0-9\.\-]{1,255}$/',
+ 'errmsg'=> 'name_error_regex')
+ ),
+ 'default' => '',
+ 'value' => '',
+ 'width' => '30',
+ 'maxlength' => '255'
+ ),
+ 'type' => array (
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'TEXT',
+ 'default' => 'TLSA',
+ 'value' => '',
+ 'width' => '5',
+ 'maxlength' => '5'
+ ),
+ 'data' => array (
+ 'datatype' => 'TEXT',
+ 'formtype' => 'TEXT',
+ 'validators' => array ( 0 => array ( 'type' => 'NOTEMPTY',
+ 'errmsg'=> 'data_error_empty'),
+ 1 => array ( 'type' => 'REGEX',
+ 'regex' => '/^\d \d \d [a-zA-Z0-9]*$/',
+ 'errmsg'=> 'data_error_regex')
+ ),
+ 'default' => '',
+ 'value' => '',
+ 'width' => '30',
+ 'maxlength' => '255'
+ ),
+ 'ttl' => array (
+ 'datatype' => 'INTEGER',
+ 'formtype' => 'TEXT',
+ 'validators' => array ( 0 => array ( 'type' => 'RANGE',
+ 'range' => '60:',
+ 'errmsg'=> 'ttl_range_error'),
+ ),
+ 'default' => '7200',
+ 'value' => '',
+ 'width' => '10',
+ 'maxlength' => '10'
+ ),
+ 'active' => array (
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'CHECKBOX',
+ 'default' => 'Y',
+ 'value' => array(0 => 'N', 1 => 'Y')
+ ),
+ 'stamp' => array (
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'TEXT',
+ 'default' => '',
+ 'value' => '',
+ 'width' => '30',
+ 'maxlength' => '255'
+ ),
+ 'serial' => array (
+ 'datatype' => 'INTEGER',
+ 'formtype' => 'TEXT',
+ 'default' => '',
+ 'value' => '',
+ 'width' => '10',
+ 'maxlength' => '10'
+ ),
+ //#################################
+ // ENDE Datatable fields
+ //#################################
+ )
+);
+
+
+
+?>
diff --git a/interface/web/dns/lib/lang/de_dns_tlsa.lng b/interface/web/dns/lib/lang/de_dns_tlsa.lng
new file mode 100644
index 0000000000..0629987f2f
--- /dev/null
+++ b/interface/web/dns/lib/lang/de_dns_tlsa.lng
@@ -0,0 +1,16 @@
+<?php
+$wb['server_id_txt'] = 'Server';
+$wb['zone_txt'] = 'Zone';
+$wb['name_txt'] = 'Hostname';
+$wb['type_txt'] = 'Typ';
+$wb['data_txt'] = 'TLSA-Daten';
+$wb['ttl_txt'] = 'TTL';
+$wb['active_txt'] = 'Aktiv';
+$wb['limit_dns_record_txt'] = 'Die maximale Anzahl an DNS Einträgen für Ihr Konto wurde erreicht.';
+$wb['no_zone_perm'] = 'Sie haben nicht die Berechtigung, einen Eintrag zu dieser DNS Zone hinzuzufügen.';
+$wb['name_error_empty'] = 'Der Hostname ist leer.';
+$wb['name_error_regex'] = 'Der Hostname hat das falsche Format. Korrekt: _<port>._(tcp|udp).<hostname>';
+$wb['data_error_empty'] = 'TLSA-Daten sind leer';
+$wb['data_error_regex'] = 'TLSA-Datenformat ist ungültig. Korrekt: n n n DATEN';
+$wb['ttl_range_error'] = 'Min. TTL ist 60 Sekunden.';
+?>
diff --git a/interface/web/dns/lib/lang/en_dns_tlsa.lng b/interface/web/dns/lib/lang/en_dns_tlsa.lng
new file mode 100644
index 0000000000..8078c546ef
--- /dev/null
+++ b/interface/web/dns/lib/lang/en_dns_tlsa.lng
@@ -0,0 +1,16 @@
+<?php
+$wb["server_id_txt"] = 'Server';
+$wb["zone_txt"] = 'Zone';
+$wb["name_txt"] = 'Hostname';
+$wb["type_txt"] = 'type';
+$wb["data_txt"] = 'TLSA-Data';
+$wb["ttl_txt"] = 'TTL';
+$wb["active_txt"] = 'Active';
+$wb["limit_dns_record_txt"] = 'The max. number of DNS records for your account is reached.';
+$wb["no_zone_perm"] = 'You do not have the permission to add a record to this DNS zone.';
+$wb["name_error_empty"] = 'The hostname is empty.';
+$wb["name_error_regex"] = 'The hostname has the wrong format. Correct: _<port>._(tcp|udp).<hostname>';
+$wb["data_error_empty"] = 'TLSA-Data empty';
+$wb["data_error_regex"] = 'TLSA dataformat is wrong. Correct: n n n DATA';
+$wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
+?>
\ No newline at end of file
diff --git a/interface/web/dns/templates/dns_tlsa_edit.htm b/interface/web/dns/templates/dns_tlsa_edit.htm
new file mode 100644
index 0000000000..c93d3b1b0a
--- /dev/null
+++ b/interface/web/dns/templates/dns_tlsa_edit.htm
@@ -0,0 +1,42 @@
+<h2><tmpl_var name="list_head_txt"></h2>
+<p><tmpl_var name="list_desc_txt"></p>
+
+<div class="panel panel_dns_tlsa">
+
+ <div class="pnl_formsarea">
+ <fieldset class="inlineLabels">
+ <div class="ctrlHolder">
+ <label for="name">{tmpl_var name='name_txt'}</label>
+ <input name="name" id="name" value="{tmpl_var name='name'}" size="30" maxlength="255" type="text" class="textInput" />
+ </div>
+ <div class="ctrlHolder">
+ <label for="data">{tmpl_var name='data_txt'}</label>
+ <input name="data" id="data" value="{tmpl_var name='data'}" size="30" maxlength="255" type="text" class="textInput" />
+ </div>
+ <div class="ctrlHolder">
+ <label for="ttl">{tmpl_var name='ttl_txt'}</label>
+ <input name="ttl" id="ttl" value="{tmpl_var name='ttl'}" size="10" maxlength="10" type="text" class="textInput" />
+ </div>
+ <div class="ctrlHolder">
+ <p class="label">{tmpl_var name='active_txt'}</p>
+ <div class="multiField">
+ {tmpl_var name='active'}
+ </div>
+ </div>
+ <div class="ctrlHolder">
+ <label for="dnssec_info">{tmpl_var name='dnssec_info_txt'}</label>
+ <textarea readonly name="dnssec_info" id="dnssec_info" lines=5 cols=30>{tmpl_var name='dnssec_info'}</textarea>
+ </div>
+ </fieldset>
+
+ <input type="hidden" name="id" value="{tmpl_var name='id'}">
+ <input type="hidden" name="zone" value="{tmpl_var name='zone'}">
+ <input type="hidden" name="type" value="{tmpl_var name='type'}">
+
+ <div class="buttonHolder buttons">
+ <button class="positive iconstxt icoPositive" type="button" value="{tmpl_var name='btn_save_txt'}" onclick="submitForm('pageForm','dns/dns_tlsa_edit.php');"><span>{tmpl_var name='btn_save_txt'}</span></button>
+ <button class="negative iconstxt icoNegative" type="button" value="{tmpl_var name='btn_cancel_txt'}" onclick="loadContent('dns/dns_soa_edit.php?id={tmpl_var name='zone'}');"><span>{tmpl_var name='btn_cancel_txt'}</span></button>
+ </div>
+ </div>
+
+</div>
\ No newline at end of file
--
GitLab