1 <?php
4 /* All available record types
5 */
6 $RecordTypes['aRecord'] = "aRecord";
7 $RecordTypes['mDRecord'] = "mDRecord";
8 $RecordTypes['mXRecord'] = "mXRecord";
9 $RecordTypes['nSRecord'] = "nSRecord";
10 $RecordTypes['pTRRecord'] = "relativeDomainName";
11 $RecordTypes['hInfoRecord'] = "hInfoRecord";
12 $RecordTypes['mInfoRecord'] = "mInfoRecord";
13 $RecordTypes['cNAMERecord'] = "relativeDomainName";
14 $RecordTypes['tXTRecord'] = "tXTRecord";
15 $RecordTypes['aFSDBRecord'] = "aFSDBRecord";
16 $RecordTypes['SigRecord'] = "SigRecord";
17 $RecordTypes['KeyRecord'] = "KeyRecord";
18 $RecordTypes['aAAARecord'] = "aAAARecord";
19 $RecordTypes['LocRecord'] = "LocRecord";
20 $RecordTypes['nXTRecord'] = "nXTRecord";
21 $RecordTypes['sRVRecord'] = "sRVRecord";
22 $RecordTypes['nAPTRRecord'] = "nAPTRRecord";
23 $RecordTypes['kXRecord'] = "kXRecord";
24 $RecordTypes['certRecord'] = "certRecord";
25 $RecordTypes['a6Record'] = "a6Record";
26 $RecordTypes['dSRecord'] = "dSRecord";
27 $RecordTypes['sSHFPRecord'] = "sSHFPRecord";
28 $RecordTypes['rRSIGRecord'] = "rRSIGRecord";
29 $RecordTypes['nSECRecord'] = "nSECRecord";
32 /* Return all record types
33 */
34 function getDnsRecordTypes($ForZones = false)
35 {
36 global $RecordTypes;
37 if($ForZones){
38 $tmp = $RecordTypes;
39 unset($tmp['cNAMERecord']);
40 unset($tmp['pTRRecord']);
41 unset($tmp['tXTRecord']);
42 return($tmp);
43 }else{
44 return($RecordTypes);
45 }
46 }
49 /* This fucntion is used to flip the ip address, for example
50 12.3.45 -> 45.3.12
51 Because some entries (like zones) are store like that 45.3.12.in-addr.arpa
52 but we want to display 12.3.45.
53 */
54 function FlipIp($ip)
55 {
56 $tmp = array_reverse(split("\.",$ip));
57 $new = "";
58 foreach($tmp as $section){
59 $new .= $section.".";
60 }
61 return(preg_replace("/.$/","",$new));
62 }
65 /* This function returns the zones specified for given host
66 */
67 function getDNSZoneEntries($config,$HostDn,$silent = false)
68 {
69 global $RecordTypes;
71 $ldap = $config->get_ldap_link();
72 $ldap->cd($config->current['BASE']);
74 /* Not all records are allowed within a zone entry
75 */
76 $SkipRecords = array("tXTRecord","cNAMERecord","pTRRecord");
78 /* Special sOArecords
79 */
80 $sOAREcords = array("0"=>"sOAprimary","1"=>"sOAmail","2"=>"sOAserial","3"=>"sOArefresh","4"=>"sOAretry","5"=>"sOAexpire","6"=>"sOAttl");
82 /* Create tempalte for all fetched zone Data
83 */
84 $ZoneBase = array();
85 $ZoneBase['exists'] = false;
86 $ZoneBase['RECORDS'] = array();
87 $ZoneBase['zoneName'] = array();
88 $ZoneBase['dNSClass'] = array();
90 foreach($sOAREcords as $attr){
91 $ZoneBase[$attr] = "";
92 }
94 $Zones = array();
96 /* Get & Parse all zone entries
97 */
98 $ldap->ls("(&(objectClass=dNSZone)(zoneName=*)(relativeDomainName=@))",$HostDn,array("*"));
99 $tmp_res = array();
100 while($attrs = $ldap->fetch()) {
101 $tmp_res[] = $attrs;
102 }
104 /* Parse fetched zones
105 */
106 foreach($tmp_res as $attrs){
108 $zoneName = $attrs['zoneName'][0];
109 $Zones[$zoneName] = $ZoneBase;
110 $Zones[$zoneName]['exists'] = true;
112 /* Set basic attributes
113 */
114 foreach(array("zoneName","dNSClass") as $attr){
115 if(isset($attrs[$attr][0])){
116 $Zones[$zoneName][$attr] = $attrs[$attr][0];
117 }
118 }
120 /* Set initial zone name, to be able to detect if this entry was renamed
121 */
122 $Zones[$zoneName]['InitialzoneName'] = $zoneName;
124 /* Generate SOA entry
125 */
126 if(isset($attrs['sOARecord'][0])){
127 $tmp = split("\ ",$attrs['sOARecord'][0]) ;
128 $tmp2 = array();
130 /* Assign soa vars */
131 foreach($sOAREcords as $key => $name){
132 if(isset($tmp[$key])){
133 $Zones[$zoneName][$name] = $tmp[$key];
134 }else{
135 $Zones[$zoneName][$name] = "";
136 }
137 }
138 } // ENDE SOA Record
140 /* Get record attributes
141 */
142 foreach($RecordTypes as $name => $value){
144 /* Skip some attributes
145 */
146 if(in_array($name,$SkipRecords)) continue;
148 /* If there is a record attribute
149 */
150 if(isset($attrs[$name])){
152 /* get all entries
153 */
154 for($i = 0 ; $i < $attrs[$value]['count']; $i ++){
155 $Zones[$zoneName]['RECORDS'][] = array("type"=>$name,"value"=>$attrs[$value][$i]);
156 }
157 }
158 }
160 /* Get reverse record ..
161 */
162 $ldap->ls("(&(objectClass=dNSZone)(relativeDomainName=@)(zoneName=*))",$attrs['dn'],array("zoneName"));
164 if($ldap->count() == 0){
165 if(!$silent){
166 print_red(sprintf(_("Can't find reverse zone for dns zone '%s'. Aborting parsing this zone."),$zoneName));
167 }
168 unset($Zones[$zoneName]);
169 }elseif($ldap->count()>1){
170 if(!$silent){
171 print_red(sprintf(_("Found more than one reverse zone for dns zone '%s'. Aborting parsing this zone."),$zoneName));
172 }
173 unset($Zones[$zoneName]);
174 }else{
175 $tmp = $ldap->fetch();
176 $Zones[$zoneName]['ReverseZone'] = FlipIp(str_replace(".in-addr.arpa","",$tmp['zoneName'][0]));
177 $Zones[$zoneName]['InitialReverseZone'] = FlipIp(str_replace(".in-addr.arpa","",$tmp['zoneName'][0]));
178 }
179 }
180 return($Zones);
181 }
184 /* This function compares two dns zone objects and returns an
185 * array with following indexes
186 * - delete, for dns which must be deleted (only if dns zone is removed)
187 * - rename, if a dn must be renamed, for example, the zoneName has changed
188 * - add, if there is a new dns account created
189 */
190 function getDNSZoneEntriesDiff($config,$newZones,$HostDn)
191 {
192 $oldZones = getDNSZoneEntries($config,$HostDn,true);
194 $sOAattributes = array("sOAprimary","sOAmail","sOAserial","sOArefresh","sOAretry","sOAexpire","sOAttl");
196 $move = array();
197 $add = array();
198 $del = array();
200 /* Generate a template for zones with default values
201 */
202 $zoneBase = array();
203 $zoneBase['objectClass'] = array("top","dNSZone");
204 $zoneBase['zoneName'] = "";
205 $zoneBase['relativeDomainName'] = "@";
206 $zoneBase['dNSClass'] = "IN";
207 $zoneBase['sOARecord'] = "";
209 /* Contains all renamed zoneNames
210 * For zone entry udpdates
211 */
212 $PrePareZoneEntries = array();
214 /* Walk through all zones and detect renamed/added/deleted zones ...
215 */
216 foreach($newZones as $name => $zone){
218 /* This zone was renamed
219 */
220 if((!empty($zone['InitialzoneName'])) && ($zone['InitialzoneName'] != $zone['zoneName'])){
222 /* Move old zone to new position
223 */
224 $oldDn = "zoneName=".$zone['InitialzoneName'].",".$HostDn;
225 $newDn = "zoneName=".$zone['zoneName'].",".$HostDn;
226 $PrePareZoneEntries[$zone['InitialzoneName']] = $zone['zoneName'];
227 $move [$oldDn] = $newDn;
228 }
230 /* Get old zone if available
231 */
232 $oldZone=array();
233 if(!empty($oldZones[$zone['InitialzoneName']])){
234 $oldZone = $oldZones[$zone['InitialzoneName']];
235 }
237 /* Create forward zone entry and put it in our add queue
238 */
239 $newDn = "zoneName=".$zone['zoneName'].",".$HostDn;
240 $obj = $zoneBase;
241 $obj['zoneName'] = $zone['zoneName'];
243 /* Create sOARecord & add it to the obj
244 */
245 $soa = "";
246 foreach($sOAattributes as $attr){
247 $soa.=" ".$zone[$attr];
248 }
249 $obj['sOARecord'] = trim($soa);
251 /* If reverse zone was renamed, move entry
252 */
253 if(!empty($zone['InitialReverseZone'])){
254 if($zone['InitialReverseZone'] != $zone['ReverseZone']){
255 $base = "zoneName=".$zone['zoneName'].",".$HostDn;
256 $oldRDn = "zoneName=". FlipIp($zone['InitialReverseZone']).".in-addr.arpa,".$base;
257 $newRDn = "zoneName=". FlipIp($zone['ReverseZone']).".in-addr.arpa,".$base;
258 $PrePareZoneEntries[FlipIp($zone['InitialReverseZone']).".in-addr.arpa"] = FlipIp($zone['ReverseZone']).".in-addr.arpa";
259 $move [$oldRDn] = $newRDn;
260 }
261 }
263 /* Append record entries
264 * Set old value to array, to ensure that
265 * they will be deleted if necessary
266 */
267 if(isset($oldZone['RECORDS'])){
268 foreach($oldZone['RECORDS'] as $rec){
269 $obj[$rec['type']] = array();
270 }
271 }
273 /* Add new Records
274 */
275 foreach($zone['RECORDS'] as $rec){
276 $obj[$rec['type']][] = $rec['value'];
277 }
279 /* Append udpated Zone Forward Entry to our add queue
280 */
281 $add[$newDn] = $obj;
283 /* Create Reverse Entry
284 * And append it to our add queue
285 */
286 $zone['ReverseZone'] = FlipIp($zone['ReverseZone']).".in-addr.arpa";
287 $base = "zoneName=".$zone['zoneName'].",".$HostDn;
288 $newRDn = "zoneName=".$zone['ReverseZone'].",".$base;
289 $rObj = $obj;
290 $rObj['zoneName']= $zone['ReverseZone'];
291 $add[$newRDn] = $rObj;
293 /* Remove currently managed zone from oldZones.
294 * this gives us the ability to detect removed zones
295 */
296 if(isset($oldZones[$zone['InitialzoneName']])){
297 unset($oldZones[$zone['InitialzoneName']]);
298 }
299 }
301 /* The rest of our oldZones must be deleted
302 * because they are no longer available in newZones anymore.
303 */
304 foreach($oldZones as $zone) {
305 $oldDn = "zoneName=".$zone['InitialzoneName'].",".$HostDn;
306 $del[$oldDn] = "";
307 }
309 /* Check for entries which must be updated
310 */
311 $zoneUpdates = array();
312 $udpate = array();
313 if(count($PrePareZoneEntries)){
314 $ldap = $config->get_ldap_link();
315 foreach($PrePareZoneEntries as $FromZoneName => $ToZoneName){
316 $ldap->cd($HostDn);
317 $ldap->search("(&(objectClass=dNSZone)(zoneName=".$FromZoneName.")(!(relativeDomainName=@)))",array("zoneName"));
318 while($attrs = $ldap->fetch()){
319 $zoneUpdates[$attrs['dn']] = array("zoneName"=>$ToZoneName);
320 }
321 }
322 }
324 $ret = array("del" => $del , "move" => $move , "add" => $add,"zoneUpdates"=>$zoneUpdates);
325 return($ret);
326 }
329 /* This function returns the dns-host eintries for given
330 * name.
331 */
332 function getDNSHostEntries($config,$name,$silent = false)
333 {
334 global $RecordTypes;
336 $types = array();
337 $ret = array();
338 $ret['RECORDS'] = array();
339 $ret['dNSClass'] = "IN";
340 $ret['zoneName'] = "";
341 $ret['dNSTTL'] = "7440";
342 $ret['exists'] = false;
344 $ldap = $config->get_ldap_link();
345 $ldap->cd($config->current['BASE']);
347 /* First check all zones for an entry with the given name.
348 * If the name occurs in more than one entry alert the user ...
349 */
350 $foundIn = array();
351 $zones = getAvailableZones($config);
353 $zonesArr = array();
354 foreach($zones as $zoneMix){
355 $zoneIndex = split("/",$zoneMix);
356 if(!array_key_exists($zoneIndex[0],$zonesArr)) $zonesArr[$zoneIndex[0]] = array();
357 array_push($zonesArr[$zoneIndex[0]],$zoneIndex[1]);
358 }
360 foreach($zonesArr as $nameServer => $nameServerArr){
361 $foundInTmp = array();
362 foreach($nameServerArr as $zoneArr => $zone){
363 $zoneMix = $nameServer."/".$zone;
364 $zoneDn = getDNSZoneDN($config,$zoneMix);
365 $ldap->ls("(&(objectClass=dNSZone)(zoneName=*)(relativeDomainName=".$name.")(!(relativeDomainName=@)))", $zoneDn,$attrs = array("*"));
366 while($attrs = $ldap->fetch()){
367 $foundInTmp [] = $attrs['dn'];
368 $foundIn [] = $attrs['dn'];
369 }
370 }
371 }
373 /* No zone found which contains an entry for us
374 */
375 if(count($foundIn) == 0){
376 return($ret);
377 }
379 /* Get host informations from zone
380 */
381 $ldap->cd($foundIn[0]);
382 $ldap->search("(&(objectClass=dNSZone)(zoneName=*)(!(relativeDomainName=@)))",array("*"));
383 while($attrs = $ldap->fetch()){
385 /* If relative domainname == cn
386 * Try to read dnsclass / TTl / zone
387 */
388 if($attrs['relativeDomainName'][0] == $name){
389 $ret['exists'] = true;
390 foreach(array("dNSClass","zoneName","dNSTTL") as $atr){
391 if(isset($attrs[$atr][0])){
392 $ret[$atr] = $attrs[$atr][0];
393 }
394 }
395 }
397 /* Create list with all used records */
398 foreach($RecordTypes as $name => $value){
400 /* If there is a record attribute */
401 if(isset($attrs[$name])){
403 /* get all entries */
404 for($i = 0 ; $i < $attrs[$value]['count']; $i ++){
405 $types[] = array( "type" => $name,
406 "value" => $attrs[$value][$i]);
407 }
408 }
409 }
410 $ret['RECORDS'] = $types;
411 }
412 return($ret);
413 }
417 /* This function compares two dns settings and returns an
418 * array with following indexes
419 * - delete, for dns which must be deleted (only if dns account is removed)
420 * - rename, if a dn must be renamed, for example, the relativeDomainName has changed
421 * - add, if there is a new dns account created
422 */
423 function getDNSHostEntriesDiff($config,$oldName,$newEntry,$newName)
424 {
425 global $RecordTypes;
427 $oldEntry = getDNSHostEntries($config,$oldName);
429 $add = array();
430 $del = array();
431 $move = array();
433 $zones = getAvailableZones($config);
434 $specialAttributes = array("cNAMERecord","pTRRecord");
435 $newRecords = array(); // Used to remember which records are removed
436 $zoneNameMix = $newEntry['zoneName'];
437 $zoneDn = getDNSZoneDN($config,$zoneNameMix);
438 $tmp = array_flip($zones);
439 $zoneName = getNameFromMix($zoneNameMix);
441 /* If reverseZone can't be resolved ... this
442 * can't be a valid entry, so remove this account
443 */
444 if(isset($tmp[$zoneNameMix])){
445 $reverseNameMix = $tmp[$zoneNameMix];
446 $reverseDn = getDNSZoneDN($config,$reverseNameMix);
447 if(empty($reverseDn)){
448 $newEntry['exists'] = false;
449 }
450 }else{
451 $newEntry['exists'] = false;
452 }
454 /* Don't go further if there is nothing to do
455 * Is no account / was no account
456 */
457 if(($newEntry['exists'] == false )&& ($oldEntry['exists'] == false)){
458 return(array("move"=>$move,"add"=>$add,"del"=>$del));
459 }
461 /* If account was edited prepare some
462 * attributes & arrays ... if required add some
463 * dns to $move
464 */
465 if($oldEntry['exists']){
467 /* Check if the account was removed
468 */
469 if($newEntry['exists'] == false){
470 $dn = "relativeDomainName=".$oldName.",".getDNSZoneDN($config,$oldEntry['zoneName']);
471 $del[$dn] ="";
472 return(array("move"=>$move,"add"=>$add,"del"=>$del));
473 }
475 /* Check if zoneName has changed
476 */
477 if(count($newEntry['RECORDS'])){
478 if($oldEntry['zoneName'] != $zoneName){
479 $oldzoneDn = getDNSZoneDN($config,$oldEntry['zoneName']);
480 $dn = "relativeDomainName=".$oldName.",".$oldzoneDn;
481 $dn2= "relativeDomainName=".$oldName.",".$zoneDn;
482 $move[$dn]=$dn2;
483 }
485 /* Check if host name has changed
486 */
487 if($oldName != $newName){
488 $dn = "relativeDomainName=".$oldName.",".$zoneDn;
489 $dn2= "relativeDomainName=".$newName.",".$zoneDn;
490 $move[$dn]=$dn2;
491 $dn = "relativeDomainName=".$oldName.",".$dn2;
492 $dn2= "relativeDomainName=".$newName.",".$dn2;
493 $move[$dn]=$dn2;
494 }
495 }
497 /* Prepare record entries
498 * Fill old records with array();
499 * To ensure that they will be deleted if they stay unused
500 */
501 foreach($oldEntry['RECORDS'] as $id => $rec){
502 $newRecords[$rec['type']] = array();
503 }
504 }
506 /* There must be at least one record in our entry
507 */
508 if((!count($newEntry['RECORDS'])) || (!$newEntry['exists'])){
509 $dn = "relativeDomainName=".$newName.",".getDNSZoneDN($config,$oldEntry['zoneName']);
510 $del[$dn] ="";
511 $ret = array("move"=>$move,"add"=>$add,"del"=>$del);
512 return($ret);
513 }
515 /* Prepare temp obj
516 */
517 $baseObj = array();
518 $baseObj['objectClass'] = array("top","dNSZone");
519 $baseObj['dNSTTL'] = $newEntry['dNSTTL'];
520 $baseObj['dNSClass'] = $newEntry['dNSClass'];
521 $baseObj['zoneName'] = $zoneName;
522 $baseObj['relativeDomainName']= $newName;
524 /* Add Container Object to zone
525 * (this possibly already exists, check this before writing to ldap)
526 */
527 $baseDn = "relativeDomainName=".$newName.",".$zoneDn;
528 $add[$baseDn] = $baseObj;
530 /* Add base obejct which contains all std records
531 */
532 $stdDn = "relativeDomainName=".$newName.",".$baseDn;
533 $add[$stdDn] = $baseObj;
535 /* Set defaults. Normaly only contains old record names.
536 * The old names will be set to array, to ensure that they will be deleted.
537 * Or overwritten and filled with new values.
538 */
539 foreach($newRecords as $name => $def){
540 if(!in_array($name,$specialAttributes)){
541 $add[$stdDn][$name] = $def;
542 }
543 }
545 /* Delete all OLD special attributes.
546 */
547 foreach($oldEntry['RECORDS'] as $id => $rec){
548 if(in_array($rec['type'],$specialAttributes)){
549 $deldn= "relativeDomainName=".$rec['value'].",".$baseDn;
550 $del[$deldn] = "";
551 }
552 }
555 /* Create new record entries
556 */
557 foreach($newEntry['RECORDS'] as $id => $rec){
558 /* Create object which contains special records
559 * like pTRRecord or CNAMERecord
560 */
561 if($rec['type'] == "pTRRecord"){
562 $PTRdn= "relativeDomainName=".$rec['value'].",".$baseDn;
563 $ptrObj = $baseObj;
564 $reverseName = getNameFromMix($reverseNameMix);
565 $ptrObj['zoneName'] = $reverseName;
566 $ptrObj['pTRRecord'] = $newName.".".$zoneName.".";
567 $ptrObj['relativeDomainName'] = $rec['value'];
569 $add[$PTRdn] = $ptrObj;
570 }else
571 if($rec['type'] == "cNAMERecord"){
572 $PTRdn= "relativeDomainName=".$rec['value'].",".$baseDn;
573 $ptrObj = $baseObj;
574 $ptrObj['zoneName'] = $zoneName;
575 $ptrObj['cNAMERecord'] = $newName;
576 $ptrObj['relativeDomainName'] = $rec['value'];
578 $add[$PTRdn] = $ptrObj;
579 }else{
580 /* Append basic attributes
581 */
582 $add[$stdDn][$rec['type']][] = $rec['value'];
583 }
584 } // foreach record
586 $ret = array("move"=>$move,"add"=>$add,"del"=>$del);
587 return($ret);
588 }
590 function getNameFromMix($zoneMix){
591 $ret = "";
592 if(!strstr($zoneMix, '/')) return($ret);
593 $zoneIndex = split("/",$zoneMix);
594 return($zoneIndex[1]);
595 }
597 /* returns the dn for a specified zone
598 */
599 function getDNSZoneDN($config,$zoneNameMix){
600 $ret = "";
601 if(!strstr($zoneNameMix, '/')) return($ret);
602 $zoneNameIndex = split("/",$zoneNameMix);
603 $zoneName = $zoneNameIndex[1];
604 $nameServer = strtolower($zoneNameIndex[0]);
605 $ldap = $config->get_ldap_link();
607 /* search for the nameserver */
608 $ldap-> cd($config->current['BASE']);
609 $ldap->search("(&(objectClass=goServer)(cn=".$nameServer."))",array("cn"));
610 if($ldap->count()){
611 $attr = $ldap->fetch();
612 } else return($ret);
614 $ldap-> cd($attr['dn']);
615 $ldap->search("(&(objectClass=dNSZone)(sOARecord=*)(zoneName=".$zoneName."))",array("zoneName"));
616 if($ldap->count()){
617 $attr = $ldap->fetch();
618 return($attr['dn']);
619 }
621 return($ret);
622 }
625 /* returns all available zones
626 * array[reverseName] = zoneName;
627 */
628 function getAvailableZones($config)
629 {
630 $ret = array();
631 $ldap = $config->get_ldap_link();
632 $ldap->cd ($config->current['BASE']);
634 /* Search for zones ...
635 */
636 $ldap->search("(&(objectClass=dNSZone)(sOARecord=*))",array("zoneName"));
638 $ForwardZones = array();
639 $ReverseZones = array();
640 $zones = array();
642 while($at = $ldap->fetch()){
643 if(preg_match("/\.in\-addr\.arpa/",$at['zoneName'][0])){
644 $ReverseZones[$at['dn']] = $at;
645 }else{
646 $ForwardZones[$at['dn']] = $at;
647 }
648 }
650 foreach($ForwardZones as $dn => $obj){
652 /* try to find reverse
653 */
654 foreach($ReverseZones as $Rdn => $Robj ){
655 if(preg_match("/".$dn."/",$Rdn)){
656 $zones[strtoupper($ldap->getCn($dn))."/".$Robj['zoneName'][0]] =
657 strtoupper($ldap->getCn($dn))."/".$obj['zoneName'][0];
658 }
659 }
660 }
661 return($zones);
662 }
664 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
665 ?>