1 <?php
4 /* All available record types
5 */
6 $RecordTypes['aRecord'] = "aRecord";
7 $RecordTypes['mDRecord'] = "mDRecord";
8 $RecordTypes['mXRecord'] = "mXRecord";
9 $RecordTypes['nSRecord'] = "nSRecord";
10 $RecordTypes['pTRRecord'] = "relativeDomainName";
11 $RecordTypes['hInfoRecord'] = "hInfoRecord";
12 $RecordTypes['mInfoRecord'] = "mInfoRecord";
13 $RecordTypes['cNAMERecord'] = "relativeDomainName";
14 $RecordTypes['tXTRecord'] = "tXTRecord";
15 $RecordTypes['aFSDBRecord'] = "aFSDBRecord";
16 $RecordTypes['SigRecord'] = "SigRecord";
17 $RecordTypes['KeyRecord'] = "KeyRecord";
18 $RecordTypes['aAAARecord'] = "aAAARecord";
19 $RecordTypes['LocRecord'] = "LocRecord";
20 $RecordTypes['nXTRecord'] = "nXTRecord";
21 $RecordTypes['sRVRecord'] = "sRVRecord";
22 $RecordTypes['nAPTRRecord'] = "nAPTRRecord";
23 $RecordTypes['kXRecord'] = "kXRecord";
24 $RecordTypes['certRecord'] = "certRecord";
25 $RecordTypes['a6Record'] = "a6Record";
26 $RecordTypes['dSRecord'] = "dSRecord";
27 $RecordTypes['sSHFPRecord'] = "sSHFPRecord";
28 $RecordTypes['rRSIGRecord'] = "rRSIGRecord";
29 $RecordTypes['nSECRecord'] = "nSECRecord";
32 /* Return all record types
33 */
34 function getDnsRecordTypes($ForZones = false)
35 {
36 global $RecordTypes;
37 if($ForZones){
38 $tmp = $RecordTypes;
39 unset($tmp['cNAMERecord']);
40 unset($tmp['pTRRecord']);
41 unset($tmp['tXTRecord']);
42 return($tmp);
43 }else{
44 return($RecordTypes);
45 }
46 }
49 /* This fucntion is used to flip the ip address, for example
50 12.3.45 -> 45.3.12
51 Because some entries (like zones) are store like that 45.3.12.in-addr.arpa
52 but we want to display 12.3.45.
53 */
54 function FlipIp($ip)
55 {
56 $tmp = array_reverse(split("\.",$ip));
57 $new = "";
58 foreach($tmp as $section){
59 $new .= $section.".";
60 }
61 return(preg_replace("/.$/","",$new));
62 }
65 /* This function returns the zones specified for given host
66 */
67 function getDNSZoneEntries($config,$HostDn,$silent = false)
68 {
69 global $RecordTypes;
71 $ldap = $config->get_ldap_link();
72 $ldap->cd($config->current['BASE']);
74 /* Not all records are allowed within a zone entry
75 */
76 $SkipRecords = array("tXTRecord","cNAMERecord","pTRRecord");
78 /* Special sOArecords
79 */
80 $sOAREcords = array("0"=>"sOAprimary","1"=>"sOAmail","2"=>"sOAserial","3"=>"sOArefresh","4"=>"sOAretry","5"=>"sOAexpire","6"=>"sOAttl");
82 /* Get host entry */
83 $ldap->cat($HostDn);
84 $host_attr = $ldap->fetch();
86 /* Create tempalte for all fetched zone Data
87 */
88 $ZoneBase = array();
89 $ZoneBase['exists'] = false;
90 $ZoneBase['RECORDS'] = array();
91 $ZoneBase['zoneName'] = array();
92 $ZoneBase['dNSClass'] = array();
94 foreach($sOAREcords as $attr){
95 $ZoneBase[$attr] = "";
96 }
98 $Zones = array();
100 /* Get & Parse all zone entries
101 */
102 $ldap->ls("(&(objectClass=dNSZone)(zoneName=*)(relativeDomainName=@))",$HostDn,array("*"));
103 $tmp_res = array();
104 while($attrs = $ldap->fetch()) {
105 $tmp_res[] = $attrs;
106 }
108 /* Parse fetched zones
109 */
110 foreach($tmp_res as $attrs){
112 $zoneName = strtoupper($host_attr['cn'][0])."/".$attrs['zoneName'][0];
113 $Zones[$zoneName] = $ZoneBase;
114 $Zones[$zoneName]['exists'] = true;
116 /* Set basic attributes
117 */
118 if(isset($attrs["dNSClass"][0])){
119 $Zones[$zoneName]["dNSClass"] = $attrs["dNSClass"][0];
120 }
122 /* Set initial zone name, to be able to detect if this entry was renamed
123 */
124 $Zones[$zoneName]['InitialzoneName'] = $zoneName;
125 $Zones[$zoneName]['zoneName'] = $zoneName;
127 /* Generate SOA entry
128 */
129 if(isset($attrs['sOARecord'][0])){
130 $tmp = split("\ ",$attrs['sOARecord'][0]) ;
131 $tmp2 = array();
133 /* Assign soa vars */
134 foreach($sOAREcords as $key => $name){
135 if(isset($tmp[$key])){
136 $Zones[$zoneName][$name] = $tmp[$key];
137 }else{
138 $Zones[$zoneName][$name] = "";
139 }
140 }
141 } // ENDE SOA Record
143 /* Get record attributes
144 */
145 foreach($RecordTypes as $name => $value){
147 /* Skip some attributes
148 */
149 if(in_array($name,$SkipRecords)) continue;
151 /* If there is a record attribute
152 */
153 if(isset($attrs[$name])){
155 /* get all entries
156 */
157 for($i = 0 ; $i < $attrs[$value]['count']; $i ++){
158 $Zones[$zoneName]['RECORDS'][] = array("type"=>$name,"value"=>$attrs[$value][$i]);
159 }
160 }
161 }
163 /* Get reverse record ..
164 */
165 $ldap->ls("(&(objectClass=dNSZone)(relativeDomainName=@)(zoneName=*))",$attrs['dn'],array("zoneName"));
167 if($ldap->count() == 0){
168 if(!$silent){
169 print_red(sprintf(_("Can't find reverse zone for dns zone '%s'. Aborting parsing this zone."),$zoneName));
170 }
171 unset($Zones[$zoneName]);
172 }elseif($ldap->count()>1){
173 if(!$silent){
174 print_red(sprintf(_("Found more than one reverse zone for dns zone '%s'. Aborting parsing this zone."),$zoneName));
175 }
176 unset($Zones[$zoneName]);
177 }else{
178 $tmp = $ldap->fetch();
179 $Zones[$zoneName]['ReverseZone'] = strtoupper($host_attr['cn'][0])."/".FlipIp(str_replace(".in-addr.arpa","",$tmp['zoneName'][0]));
180 $Zones[$zoneName]['InitialReverseZone'] = strtoupper($host_attr['cn'][0])."/".FlipIp(str_replace(".in-addr.arpa","",$tmp['zoneName'][0]));
181 }
182 }
183 return($Zones);
184 }
187 /* This function compares two dns zone objects and returns an
188 * array with following indexes
189 * - delete, for dns which must be deleted (only if dns zone is removed)
190 * - rename, if a dn must be renamed, for example, the zoneName has changed
191 * - add, if there is a new dns account created
192 */
193 function getDNSZoneEntriesDiff($config,$newZones,$HostDn)
194 {
195 $oldZones = getDNSZoneEntries($config,$HostDn,true);
197 $sOAattributes = array("sOAprimary","sOAmail","sOAserial","sOArefresh","sOAretry","sOAexpire","sOAttl");
199 $move = array();
200 $add = array();
201 $del = array();
203 /* Generate a template for zones with default values
204 */
205 $zoneBase = array();
206 $zoneBase['objectClass'] = array("top","dNSZone");
207 $zoneBase['zoneName'] = "";
208 $zoneBase['relativeDomainName'] = "@";
209 $zoneBase['dNSClass'] = "IN";
210 $zoneBase['sOARecord'] = "";
212 /* Contains all renamed zoneNames
213 * For zone entry udpdates
214 */
215 $PrePareZoneEntries = array();
217 /* Walk through all zones and detect renamed/added/deleted zones ...
218 */
219 foreach($newZones as $name => $zone){
221 /* This zone was renamed
222 */
223 if((!empty($zone['InitialzoneName'])) && ($zone['InitialzoneName'] != $zone['zoneName'])){
225 /* Move old zone to new position
226 */
227 $oldDn = "zoneName=".getNameFromMix($zone['InitialzoneName']).",".$HostDn;
228 $newDn = "zoneName=".getNameFromMix($zone['zoneName']).",".$HostDn;
229 $PrePareZoneEntries[$zone['InitialzoneName']] = getNameFromMix($zone['zoneName']);
230 $move [$oldDn] = $newDn;
231 }
233 /* Get old zone if available
234 */
235 $oldZone=array();
236 if(!empty($oldZones[$zone['InitialzoneName']])){
237 $oldZone = $oldZones[$zone['InitialzoneName']];
238 }
240 /* Create forward zone entry and put it in our add queue
241 */
242 $newDn = "zoneName=".getNameFromMix($zone['zoneName']).",".$HostDn;
243 $obj = $zoneBase;
244 $obj['zoneName'] = getNameFromMix($zone['zoneName']);
246 /* Create sOARecord & add it to the obj
247 */
248 $soa = "";
249 foreach($sOAattributes as $attr){
250 $soa.=" ".$zone[$attr];
251 }
252 $obj['sOARecord'] = trim($soa);
254 /* If reverse zone was renamed, move entry
255 */
256 if(!empty($zone['InitialReverseZone'])){
257 if($zone['InitialReverseZone'] != $zone['ReverseZone']){
258 $base = "zoneName=".getNameFromMix($zone['zoneName']).",".$HostDn;
259 $oldRDn = "zoneName=". FlipIp(getNameFromMix($zone['InitialReverseZone'])).".in-addr.arpa,".$base;
260 $newRDn = "zoneName=". FlipIp(getNameFromMix($zone['ReverseZone'])).".in-addr.arpa,".$base;
261 $PrePareZoneEntries[FlipIp($zone['InitialReverseZone']).".in-addr.arpa"] = FlipIp($zone['ReverseZone']).".in-addr.arpa";
262 $move [$oldRDn] = $newRDn;
263 }
264 }
266 /* Append record entries
267 * Set old value to array, to ensure that
268 * they will be deleted if necessary
269 */
270 if(isset($oldZone['RECORDS'])){
271 foreach($oldZone['RECORDS'] as $rec){
272 $obj[$rec['type']] = array();
273 }
274 }
276 /* Add new Records
277 */
278 foreach($zone['RECORDS'] as $rec){
279 $obj[$rec['type']][] = $rec['value'];
280 }
282 /* Append udpated Zone Forward Entry to our add queue
283 */
284 $add[$newDn] = $obj;
286 /* Create Reverse Entry
287 * And append it to our add queue
288 */
289 $zone['ReverseZone'] = FlipIp(getNameFromMix($zone['ReverseZone'])).".in-addr.arpa";
290 $base = "zoneName=".getNameFromMix($zone['zoneName']).",".$HostDn;
291 $newRDn = "zoneName=".$zone['ReverseZone'].",".$base;
292 $rObj = $obj;
293 $rObj['zoneName']= $zone['ReverseZone'];
294 $add[$newRDn] = $rObj;
296 /* Remove currently managed zone from oldZones.
297 * this gives us the ability to detect removed zones
298 */
299 if(isset($oldZones[$zone['InitialzoneName']])){
300 unset($oldZones[$zone['InitialzoneName']]);
301 }
302 }
304 /* The rest of our oldZones must be deleted
305 * because they are no longer available in newZones anymore.
306 */
307 foreach($oldZones as $zone) {
308 $oldDn = "zoneName=".getNameFromMix($zone['InitialzoneName']).",".$HostDn;
309 $del[$oldDn] = "";
310 }
312 /* Check for entries which must be updated
313 */
314 $zoneUpdates = array();
315 $udpate = array();
316 if(count($PrePareZoneEntries)){
317 $ldap = $config->get_ldap_link();
318 foreach($PrePareZoneEntries as $FromZoneName => $ToZoneName){
319 $ldap->cd($HostDn);
320 $ldap->search("(&(objectClass=dNSZone)(zoneName=".getNameFromMix($FromZoneName).")(!(relativeDomainName=@)))",array("zoneName"));
321 while($attrs = $ldap->fetch()){
322 $zoneUpdates[$attrs['dn']] = array("zoneName"=>$ToZoneName);
323 }
324 }
325 }
327 $ret = array("del" => $del , "move" => $move , "add" => $add,"zoneUpdates"=>$zoneUpdates);
328 return($ret);
329 }
332 /* This function returns the dns-host eintries for given
333 * name.
334 */
335 function getDNSHostEntries($config,$name,$silent = false)
336 {
337 global $RecordTypes;
339 $types = array();
340 $ret = array();
341 $ret['RECORDS'] = array();
342 $ret['dNSClass'] = "IN";
343 $ret['zoneName'] = "";
344 $ret['dNSTTL'] = "7440";
345 $ret['exists'] = false;
347 $ldap = $config->get_ldap_link();
348 $ldap->cd($config->current['BASE']);
350 /* First check all zones for an entry with the given name.
351 * If the name occurs in more than one entry alert the user ...
352 */
353 $foundIn = array();
354 $zones = getAvailableZones($config);
356 $zonesArr = array();
357 foreach($zones as $zoneMix){
358 $zoneIndex = split("/",$zoneMix);
359 if(!array_key_exists($zoneIndex[0],$zonesArr)) {
360 $zonesArr[$zoneIndex[0]] = array();
361 }
362 array_push($zonesArr[$zoneIndex[0]],$zoneIndex[1]);
363 }
365 foreach($zonesArr as $nameServer => $nameServerArr){
366 $foundInTmp = array();
367 foreach($nameServerArr as $zoneArr => $zone){
368 $zoneMix = $nameServer."/".$zone;
369 $zoneDn = getDNSZoneDN($config,$zoneMix);
370 $ldap->ls("(&(objectClass=dNSZone)(zoneName=*)(relativeDomainName=".$name.")(!(relativeDomainName=@)))", $zoneDn,$attrs = array("*"));
371 while($attrs = $ldap->fetch()){
372 $foundInTmp [$zoneMix] = $attrs['dn'];
373 $foundIn [$zoneMix] = $attrs['dn'];
374 }
375 }
376 }
378 /* No zone found which contains an entry for us
379 */
380 if(count($foundIn) == 0){
381 return($ret);
382 }
384 /* Get host informations from zone
385 */
386 $id_tmp = key($foundIn);
387 $ldap->cd($foundIn[$id_tmp]);
388 $ldap->search("(&(objectClass=dNSZone)(zoneName=*)(!(relativeDomainName=@)))",array("*"));
389 while($attrs = $ldap->fetch()){
391 /* If relative domainname == cn
392 * Try to read dnsclass / TTl / zone
393 */
394 if($attrs['relativeDomainName'][0] == $name){
395 $ret['exists'] = true;
396 $ret['zoneName'] = $id_tmp;
397 foreach(array("dNSClass","dNSTTL") as $atr){
398 if(isset($attrs[$atr][0])){
399 $ret[$atr] = $attrs[$atr][0];
400 }
401 }
402 }
404 /* Create list with all used records */
405 foreach($RecordTypes as $name => $value){
407 /* If there is a record attribute */
408 if(isset($attrs[$name])){
410 /* get all entries */
411 for($i = 0 ; $i < $attrs[$value]['count']; $i ++){
412 $types[] = array( "type" => $name,
413 "value" => $attrs[$value][$i]);
414 }
415 }
416 }
417 $ret['RECORDS'] = $types;
418 }
419 return($ret);
420 }
424 /* This function compares two dns settings and returns an
425 * array with following indexes
426 * - delete, for dns which must be deleted (only if dns account is removed)
427 * - rename, if a dn must be renamed, for example, the relativeDomainName has changed
428 * - add, if there is a new dns account created
429 */
430 function getDNSHostEntriesDiff($config,$oldName,$newEntry,$newName)
431 {
432 global $RecordTypes;
434 $oldEntry = getDNSHostEntries($config,$oldName);
436 $add = array();
437 $del = array();
438 $move = array();
440 $zones = getAvailableZones($config);
441 $specialAttributes = array("cNAMERecord","pTRRecord");
442 $newRecords = array(); // Used to remember which records are removed
443 $zoneNameMix = $newEntry['zoneName'];
444 $zoneDn = getDNSZoneDN($config,$zoneNameMix);
445 $tmp = array_flip($zones);
446 $zoneName = getNameFromMix($zoneNameMix);
448 /* If reverseZone can't be resolved ... this
449 * can't be a valid entry, so remove this account
450 */
451 if(isset($tmp[$zoneNameMix])){
452 $reverseNameMix = $tmp[$zoneNameMix];
453 $reverseDn = getDNSZoneDN($config,$reverseNameMix);
454 if(empty($reverseDn)){
455 $newEntry['exists'] = false;
456 }
457 }else{
458 $newEntry['exists'] = false;
459 }
461 /* Don't go further if there is nothing to do
462 * Is no account / was no account
463 */
464 if(($newEntry['exists'] == false )&& ($oldEntry['exists'] == false)){
465 return(array("move"=>$move,"add"=>$add,"del"=>$del));
466 }
468 /* If account was edited prepare some
469 * attributes & arrays ... if required add some
470 * dns to $move
471 */
472 if($oldEntry['exists']){
474 /* Check if the account was removed
475 */
476 if($newEntry['exists'] == false){
477 $dn = "relativeDomainName=".$oldName.",".getDNSZoneDN($config,$oldEntry['zoneName']);
478 $del[$dn] ="";
479 return(array("move"=>$move,"add"=>$add,"del"=>$del));
480 }
482 /* Check if zoneName has changed
483 */
484 if(count($newEntry['RECORDS'])){
485 if($oldEntry['zoneName'] != $newEntry['zoneName']){
486 $oldzoneDn = getDNSZoneDN($config,$oldEntry['zoneName']);
487 $dn = "relativeDomainName=".$oldName.",".$oldzoneDn;
488 $dn2= "relativeDomainName=".$oldName.",".$zoneDn;
489 $move[$dn]=$dn2;
490 }
492 /* Check if host name has changed
493 */
494 if($oldName != $newName){
495 $dn = "relativeDomainName=".$oldName.",".$zoneDn;
496 $dn2= "relativeDomainName=".$newName.",".$zoneDn;
497 $move[$dn]=$dn2;
498 $dn = "relativeDomainName=".$oldName.",".$dn2;
499 $dn2= "relativeDomainName=".$newName.",".$dn2;
500 $move[$dn]=$dn2;
501 }
502 }
504 /* Prepare record entries
505 * Fill old records with array();
506 * To ensure that they will be deleted if they stay unused
507 */
508 foreach($oldEntry['RECORDS'] as $id => $rec){
509 $newRecords[$rec['type']] = array();
510 }
511 }
513 /* There must be at least one record in our entry
514 */
515 if((!count($newEntry['RECORDS'])) || (!$newEntry['exists'])){
516 $dn = "relativeDomainName=".$newName.",".getDNSZoneDN($config,$oldEntry['zoneName']);
517 $del[$dn] ="";
518 $ret = array("move"=>$move,"add"=>$add,"del"=>$del);
519 return($ret);
520 }
522 /* Prepare temp obj
523 */
524 $baseObj = array();
525 $baseObj['objectClass'] = array("top","dNSZone");
526 $baseObj['dNSTTL'] = $newEntry['dNSTTL'];
527 $baseObj['dNSClass'] = $newEntry['dNSClass'];
528 $baseObj['zoneName'] = $zoneName;
529 $baseObj['relativeDomainName']= $newName;
531 /* Add Container Object to zone
532 * (this possibly already exists, check this before writing to ldap)
533 */
534 $baseDn = "relativeDomainName=".$newName.",".$zoneDn;
535 $add[$baseDn] = $baseObj;
537 /* Add base obejct which contains all std records
538 */
539 $stdDn = "relativeDomainName=".$newName.",".$baseDn;
540 $add[$stdDn] = $baseObj;
542 /* Set defaults. Normaly only contains old record names.
543 * The old names will be set to array, to ensure that they will be deleted.
544 * Or overwritten and filled with new values.
545 */
546 foreach($newRecords as $name => $def){
547 if(!in_array($name,$specialAttributes)){
548 $add[$stdDn][$name] = $def;
549 }
550 }
552 /* Delete all OLD special attributes.
553 */
554 foreach($oldEntry['RECORDS'] as $id => $rec){
555 if(in_array($rec['type'],$specialAttributes)){
556 $deldn= "relativeDomainName=".$rec['value'].",".$baseDn;
557 $del[$deldn] = "";
558 }
559 }
562 /* Create new record entries
563 */
564 foreach($newEntry['RECORDS'] as $id => $rec){
565 /* Create object which contains special records
566 * like pTRRecord or CNAMERecord
567 */
568 if($rec['type'] == "pTRRecord"){
569 $PTRdn= "relativeDomainName=".$rec['value'].",".$baseDn;
570 $ptrObj = $baseObj;
571 $reverseName = getNameFromMix($reverseNameMix);
572 $ptrObj['zoneName'] = $reverseName;
573 $ptrObj['pTRRecord'] = $newName.".".$zoneName.".";
574 $ptrObj['relativeDomainName'] = $rec['value'];
576 $add[$PTRdn] = $ptrObj;
577 }else
578 if($rec['type'] == "cNAMERecord"){
579 $PTRdn= "relativeDomainName=".$rec['value'].",".$baseDn;
580 $ptrObj = $baseObj;
581 $ptrObj['zoneName'] = $zoneName;
582 $ptrObj['cNAMERecord'] = $newName;
583 $ptrObj['relativeDomainName'] = $rec['value'];
585 $add[$PTRdn] = $ptrObj;
586 }else{
587 /* Append basic attributes
588 */
589 $add[$stdDn][$rec['type']][] = $rec['value'];
590 }
591 } // foreach record
593 $ret = array("move"=>$move,"add"=>$add,"del"=>$del);
594 return($ret);
595 }
597 function getNameFromMix($zoneMix){
598 $ret = "";
599 if(!strstr($zoneMix, '/')) return($ret);
600 $zoneIndex = split("/",$zoneMix);
601 return($zoneIndex[1]);
602 }
604 /* returns the dn for a specified zone
605 */
606 function getDNSZoneDN($config,$zoneNameMix)
607 {
608 $ret = "";
609 if(!strstr($zoneNameMix, '/')) {
610 print_red(sprintf(_("Undefined zone name '%s'. Zone name must look like this 'server/zone.com'."),$zoneNameMix));
611 return($ret);
612 }
614 $zoneNameIndex = split("/",$zoneNameMix);
615 $zoneName = $zoneNameIndex[1];
616 $nameServer = strtolower($zoneNameIndex[0]);
617 $ldap = $config->get_ldap_link();
619 /* search for the nameserver */
620 $ldap-> cd($config->current['BASE']);
621 $ldap->search("(&(objectClass=goServer)(cn=".$nameServer."))",array("cn"));
622 if($ldap->count()){
623 $attr = $ldap->fetch();
624 } else {
625 return($ret);
626 }
628 $ldap-> cd($attr['dn']);
629 $ldap->search("(&(objectClass=dNSZone)(sOARecord=*)(zoneName=".$zoneName."))",array("zoneName"));
630 if($ldap->count()){
631 $attr = $ldap->fetch();
632 return($attr['dn']);
633 }
635 return($ret);
636 }
639 /* returns all available zones
640 * array[reverseName] = zoneName;
641 */
642 function getAvailableZones($config)
643 {
644 $ret = array();
645 $ldap = $config->get_ldap_link();
646 $ldap->cd ($config->current['BASE']);
648 /* Search for zones ...
649 */
650 $ldap->search("(&(objectClass=dNSZone)(sOARecord=*))",array("zoneName"));
652 $ForwardZones = array();
653 $ReverseZones = array();
654 $zones = array();
656 while($at = $ldap->fetch()){
657 if(preg_match("/\.in\-addr\.arpa/",$at['zoneName'][0])){
658 $ReverseZones[$at['dn']] = $at;
659 }else{
660 $ForwardZones[$at['dn']] = $at;
661 }
662 }
664 foreach($ForwardZones as $dn => $obj){
666 /* try to find reverse
667 */
668 foreach($ReverseZones as $Rdn => $Robj ){
669 if(preg_match("/".$dn."/",$Rdn)){
670 $zones[strtoupper($ldap->getCn($dn))."/".$Robj['zoneName'][0]] =
671 strtoupper($ldap->getCn($dn))."/".$obj['zoneName'][0];
672 }
673 }
674 }
675 return($zones);
676 }
678 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
679 ?>