gitlabFork/ISPConfig3.git - Solinfo Gitblit

Marius Burkard

2016-04-20 4569cae57f127afd093794310ccd290d2d9fdf36

commit \| author \| age
7dbea0	1	<?php
T	2
	3	/*
	4	Copyright (c) 2009, Till Brehm, projektfarm Gmbh
	5	All rights reserved.
	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
	10	* Redistributions of source code must retain the above copyright notice,
	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
	18
	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
	31	class bind_plugin {
7fe908	32
7dbea0	33	var $plugin_name = 'bind_plugin';
T	34	var $class_name = 'bind_plugin';
	35	var $action = 'update';
7fe908	36
7dbea0	37	//* This function is called during ispconfig installation to determine
T	38	// if a symlink shall be created for this plugin.
	39	function onInstall() {
	40	global $conf;
7fe908	41
4bd960	42	if(isset($conf['bind']['installed']) && $conf['bind']['installed'] == true && @is_link('/usr/local/ispconfig/server/mods-enabled/dns_module.inc.php')) {
7dbea0	43	return true;
T	44	} else {
	45	return false;
	46	}
7fe908	47
7dbea0	48	}
7fe908	49
MC	50
7dbea0	51	/*
T	52	This function is called when the plugin is loaded
	53	*/
7fe908	54
7dbea0	55	function onLoad() {
T	56	global $app;
7fe908	57
7dbea0	58	/*
T	59	Register for the events
	60	*/
a59731	61
7fe908	62	//* SOA
MC	63	$app->plugins->registerEvent('dns_soa_insert', $this->plugin_name, 'soa_insert');
	64	$app->plugins->registerEvent('dns_soa_update', $this->plugin_name, 'soa_update');
	65	$app->plugins->registerEvent('dns_soa_delete', $this->plugin_name, 'soa_delete');
	66
	67	//* SLAVE
	68	$app->plugins->registerEvent('dns_slave_insert', $this->plugin_name, 'slave_insert');
	69	$app->plugins->registerEvent('dns_slave_update', $this->plugin_name, 'slave_update');
	70	$app->plugins->registerEvent('dns_slave_delete', $this->plugin_name, 'slave_delete');
	71
7dbea0	72	//* RR
7fe908	73	$app->plugins->registerEvent('dns_rr_insert', $this->plugin_name, 'rr_insert');
MC	74	$app->plugins->registerEvent('dns_rr_update', $this->plugin_name, 'rr_update');
	75	$app->plugins->registerEvent('dns_rr_delete', $this->plugin_name, 'rr_delete');
	76
7dbea0	77	}
7fe908	78
b8611c	79	//* This creates DNSSEC-Keys and calls soa_dnssec_update.
708b93	80	function soa_dnssec_create(&$data) {
b1f9b2	81	global $app, $conf;
AT	82
	83	//* Load libraries
	84	$app->uses("getconf,tpl");
	85
	86	//* load the server configuration options
	87	$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
	88
cb009e	89	//TODO : change this when distribution information has been integrated into server record
AT	90	$filespre = (file_exists('/etc/gentoo-release')) ? 'pri/' : 'pri.';
	91
b8611c	92	$domain = substr($data['new']['origin'], 0, strlen($data['new']['origin'])-1);
cb009e	93	if (!file_exists($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain)) return false;
b8611c	94
b1f9b2	95	//* Check Entropy
AT	96	if (file_get_contents('/proc/sys/kernel/random/entropy_avail') < 400) {
2d9676	97	$app->log('DNSSEC ERROR: We are low on entropy. Not generating new Keys for '.$domain.'. Please consider installing package haveged.', LOGLEVEL_WARN);
AT	98	echo "DNSSEC ERROR: We are low on entropy. Not generating new Keys for $domain. Please consider installing package haveged.\n";
b1f9b2	99	return false;
AT	100	}
	101
	102	//* Verify that we do not already have keys (overwriting-protection)
b8611c	103	if (file_exists($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.')) {
02f776	104	return $this->soa_dnssec_update($data);
708b93	105	} else if ($data['new']['dnssec_initialized'] == 'Y') { //In case that we generated keys but the dsset-file was not generated
AT	106	$keycount=0;
	107	foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'*.key') as $keyfile) {
	108	$keycount++;
	109	}
	110	if ($keycount > 0) {
	111	$this->soa_dnssec_sign($data);
	112	return true;
	113	}
b1f9b2	114	}
AT	115
	116	//Do some magic...
b8611c	117	exec('cd '.escapeshellcmd($dns_config['bind_zonefiles_dir']).';'.
13b62b	118	'dnssec-keygen -a NSEC3RSASHA1 -b 2048 -n ZONE '.escapeshellcmd($domain).';'.
AT	119	'dnssec-keygen -f KSK -a NSEC3RSASHA1 -b 4096 -n ZONE '.escapeshellcmd($domain));
b8611c	120
708b93	121	$this->soa_dnssec_sign($data); //Now sign the zone for the first time
AT	122	$data['new']['dnssec_initialized']='Y';
	123	}
	124
	125	function soa_dnssec_sign(&$data) {
	126	global $app, $conf;
b1f9b2	127
708b93	128	//* Load libraries
AT	129	$app->uses("getconf,tpl");
	130
	131	//* load the server configuration options
	132	$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
	133
	134	//TODO : change this when distribution information has been integrated into server record
	135	$filespre = (file_exists('/etc/gentoo-release')) ? 'pri/' : 'pri.';
	136
	137	$domain = substr($data['new']['origin'], 0, strlen($data['new']['origin'])-1);
	138	if (!file_exists($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain)) return false;
	139
	140	$zonefile = file_get_contents($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain);
	141	$keycount=0;
	142	foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'*.key') as $keyfile) {
	143	$includeline = '$INCLUDE '.basename($keyfile);
	144	if (!preg_match('@'.preg_quote($includeline).'@', $zonefile)) $zonefile .= "\n".$includeline."\n";
	145	$keycount++;
	146	}
	147	if ($keycount != 2) $app->log('DNSSEC Warning: There are more or less than 2 keyfiles for zone '.$domain, LOGLEVEL_WARN);
	148	file_put_contents($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain, $zonefile);
	149
	150	//Sign the zone and set it valid for max. 16 days
	151	exec('cd '.escapeshellcmd($dns_config['bind_zonefiles_dir']).';'.
13b62b	152	'dnssec-signzone -A -e +1382400 -3 $(head -c 1000 /dev/random \| sha1sum \| cut -b 1-16) -N increment -o '.escapeshellcmd($domain).' -t '.$filespre.escapeshellcmd($domain));
708b93	153
AT	154	//Write Data back ino DB
b8611c	155	$dnssecdata = "DS-Records:\n".file_get_contents($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.');
AT	156	$dnssecdata .= "\n------------------------------------\n\nDNSKEY-Records:\n";
708b93	157	foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'*.key') as $keyfile) {
b8611c	158	$dnssecdata .= file_get_contents($keyfile)."\n\n";
b1f9b2	159	}
AT	160
6e91b6	161	if ($app->dbmaster !== $app->db) $app->dbmaster->query('UPDATE dns_soa SET dnssec_info=?, dnssec_initialized=\'Y\', dnssec_last_signed=? WHERE id=?', $dnssecdata, intval(time()), intval($data['new']['id']));
AT	162	$app->db->query('UPDATE dns_soa SET dnssec_info=?, dnssec_initialized=\'Y\', dnssec_last_signed=? WHERE id=?', $dnssecdata, intval(time()), intval($data['new']['id']));
b8611c	163	}
AT	164
708b93	165	function soa_dnssec_update(&$data, $new=false) {
b8611c	166	global $app, $conf;
AT	167
	168	//* Load libraries
	169	$app->uses("getconf,tpl");
	170
	171	//* load the server configuration options
	172	$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
	173
cb009e	174	//TODO : change this when distribution information has been integrated into server record
AT	175	$filespre = (file_exists('/etc/gentoo-release')) ? 'pri/' : 'pri.';
	176
	177	$domain = substr($data['new']['origin'], 0, strlen($data['new']['origin'])-1);
	178	if (!file_exists($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain)) return false;
	179
	180	//* Check for available entropy
b8611c	181	if (file_get_contents('/proc/sys/kernel/random/entropy_avail') < 200) {
AT	182	$app->log('DNSSEC ERROR: We are low on entropy. This could cause server script to fail. Please consider installing package haveged.', LOGLEVEL_ERR);
0c04df	183	echo "DNSSEC ERROR: We are low on entropy. This could cause server script to fail. Please consider installing package haveged.\n";
b8611c	184	return false;
AT	185	}
	186
708b93	187	if (!$new && !file_exists($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.')) $this->soa_dnssec_create($data);
b8611c	188
6e91b6	189	$dbdata = $app->db->queryOneRecord('SELECT id,serial FROM dns_soa WHERE id=?', intval($data['new']['id']));
cb009e	190	exec('cd '.escapeshellcmd($dns_config['bind_zonefiles_dir']).';'.
13b62b	191	'named-checkzone '.escapeshellcmd($domain).' '.escapeshellcmd($dns_config['bind_zonefiles_dir']).'/'.$filespre.escapeshellcmd($domain).' \| egrep -ho \'[0-9]{10}\'', $serial, $retState);
cb009e	192	if ($retState != 0) {
AT	193	$app->log('DNSSEC Error: Error in Zonefile for '.$domain, LOGLEVEL_ERR);
	194	return false;
	195	}
b8611c	196
708b93	197	$this->soa_dnssec_sign($data);
AT	198	}
	199
	200	function soa_dnssec_delete(&$data) {
	201	global $app, $conf;
	202
	203	//* Load libraries
	204	$app->uses("getconf,tpl");
	205
	206	//* load the server configuration options
	207	$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
b8611c	208
708b93	209	//TODO : change this when distribution information has been integrated into server record
AT	210	$filespre = (file_exists('/etc/gentoo-release')) ? 'pri/' : 'pri.';
	211
	212	$domain = substr($data['new']['origin'], 0, strlen($data['new']['origin'])-1);
	213
	214	unlink($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+*');
	215	unlink($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain.'.signed');
	216	unlink($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.');
	217
6e91b6	218	if ($app->dbmaster !== $app->db) $app->dbmaster->query('UPDATE dns_soa SET dnssec_info=\'\', dnssec_initialized=\'N\' WHERE id=?', intval($data['new']['id']));
AT	219	$app->db->query('UPDATE dns_soa SET dnssec_info=\'\', dnssec_initialized=\'N\' WHERE id=?', intval($data['new']['id']));
b1f9b2	220	}
7fe908	221
MC	222	function soa_insert($event_name, $data) {
7dbea0	223	global $app, $conf;
7fe908	224
7dbea0	225	$this->action = 'insert';
7fe908	226	$this->soa_update($event_name, $data);
MC	227
7dbea0	228	}
7fe908	229
MC	230	function soa_update($event_name, $data) {
7dbea0	231	global $app, $conf;
7fe908	232
fc70a2	233	//* Load libraries
T	234	$app->uses("getconf,tpl");
7fe908	235
7dbea0	236	//* load the server configuration options
T	237	$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
7fe908	238
7dbea0	239	//* Write the domain file
fdb514	240	if(!empty($data['new']['id'])) {
8ee180	241	$tpl = new tpl();
T	242	$tpl->newTemplate("bind_pri.domain.master");
7fe908	243
8ee180	244	$zone = $data['new'];
T	245	$tpl->setVar($zone);
7fe908	246
7416d2	247	$records = $app->db->queryAllRecords("SELECT * FROM dns_rr WHERE zone = ? AND active = 'Y'", $zone['id']);
615a0a	248	if(is_array($records) && !empty($records)){
T	249	for($i=0;$i<sizeof($records);$i++){
	250	if($records[$i]['ttl'] == 0) $records[$i]['ttl'] = '';
42f822	251	if($records[$i]['name'] == '') $records[$i]['name'] = '@';
793c77	252	//* Split TXT records, if nescessary
TB	253	if($records[$i]['type'] == 'TXT' && strlen($records[$i]['data']) > 255) {
	254	$records[$i]['data'] = implode('" "',str_split( $records[$i]['data'], 255));
	255	}
615a0a	256	}
T	257	}
7fe908	258	$tpl->setLoop('zones', $records);
MC	259
4b88c2	260	//TODO : change this when distribution information has been integrated into server record
7fe908	261	if (file_exists('/etc/gentoo-release')) {
d907c0	262	$filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri/'.str_replace("/", "_", substr($zone['origin'], 0, -1)));
7fe908	263	}
MC	264	else {
	265	$filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($zone['origin'], 0, -1)));
	266	}
	267
	268	file_put_contents($filename, $tpl->grab());
8e725d	269	chown($filename, escapeshellcmd($dns_config['bind_user']));
J	270	chgrp($filename, escapeshellcmd($dns_config['bind_group']));
7fe908	271
f038c0	272	//* Check the zonefile
T	273	if(is_file($filename.'.err')) unlink($filename.'.err');
7fe908	274	exec('named-checkzone '.escapeshellarg($zone['origin']).' '.escapeshellarg($filename), $out, $return_status);
f038c0	275	if($return_status === 0) {
7fe908	276	$app->log("Writing BIND domain file: ".$filename, LOGLEVEL_DEBUG);
f038c0	277	} else {
3fa443	278	if($dns_config['disable_bind_log'] === 'y') {
FS	279	$app->log("Writing BIND domain file failed: ".$filename." ".implode(' ', $out), LOGLEVEL_DEBUG);
	280	} else {
	281	$app->log("Writing BIND domain file failed: ".$filename." ".implode(' ', $out), LOGLEVEL_WARN);
	282	}
7fe908	283	rename($filename, $filename.'.err');
f038c0	284	}
8ee180	285	unset($tpl);
T	286	unset($records);
a59ad3	287	unset($records_out);
8ee180	288	unset($zone);
T	289	}
24bede	290
AT	291	//* DNSSEC-Implementation
	292	if($data['old']['origin'] != $data['new']['origin']) {
708b93	293	if (@$data['old']['dnssec_initialized'] == 'Y' && strlen(@$data['old']['origin']) > 3) $this->soa_dnssec_delete($data); //delete old keys
b1f9b2	294	if ($data['new']['dnssec_wanted'] == 'Y') $this->soa_dnssec_create($data);
24bede	295	}
b1f9b2	296	else if ($data['new']['dnssec_wanted'] == 'Y' && $data['old']['dnssec_initialized'] == 'N') $this->soa_dnssec_create($data);
b9f313	297	else if ($data['new']['dnssec_wanted'] == 'N' && $data['old']['dnssec_initialized'] == 'Y') { //delete old signed file if dnssec is no longer wanted
4c5357	298	//TODO : change this when distribution information has been integrated into server record
AT	299	if (file_exists('/etc/gentoo-release')) {
	300	$filename = $dns_config['bind_zonefiles_dir'].'/pri/'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));
	301	}
	302	else {
	303	$filename = $dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));
	304	}
	305	if(is_file($filename.'.signed')) unlink($filename.'.signed');
b8611c	306	} else if ($data['new']['dnssec_wanted'] == 'Y') $this->soa_dnssec_update($data);
4c5357	307	// END DNSSEC
24bede	308
7dbea0	309	//* rebuild the named.conf file if the origin has changed or when the origin is inserted.
fc70a2	310	//if($this->action == 'insert' \|\| $data['old']['origin'] != $data['new']['origin']) {
7fe908	311	$this->write_named_conf($data, $dns_config);
fc70a2	312	//}
7fe908	313
7dbea0	314	//* Delete old domain file, if domain name has been changed
T	315	if($data['old']['origin'] != $data['new']['origin']) {
4b88c2	316	//TODO : change this when distribution information has been integrated into server record
7fe908	317	if (file_exists('/etc/gentoo-release')) {
d907c0	318	$filename = $dns_config['bind_zonefiles_dir'].'/pri/'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));
7fe908	319	}
MC	320	else {
	321	$filename = $dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));
	322	}
	323
f038c0	324	if(is_file($filename)) unlink($filename);
T	325	if(is_file($filename.'.err')) unlink($filename.'.err');
24bede	326	if(is_file($filename.'.signed')) unlink($filename.'.signed');
6a25ac	327	}
AT	328
eb64c3	329	//* Restart bind nameserver if update_acl is not empty, otherwise reload it
TB	330	if($data['new']['update_acl'] != '') {
	331	$app->services->restartServiceDelayed('bind', 'restart');
	332	} else {
	333	$app->services->restartServiceDelayed('bind', 'reload');
	334	}
7fe908	335
7dbea0	336	}
a59731	337
7fe908	338	function soa_delete($event_name, $data) {
a59731	339	global $app, $conf;
7fe908	340
MC	341	//* load the server configuration options
	342	$app->uses("getconf,tpl");
	343	$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
	344
	345	//* rebuild the named.conf file
	346	$this->write_named_conf($data, $dns_config);
	347
	348	//* Delete the domain file
	349	//TODO : change this when distribution information has been integrated into server record
	350	if (file_exists('/etc/gentoo-release')) {
	351	$zone_file_name = $dns_config['bind_zonefiles_dir'].'/pri/'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));
	352	}
	353	else {
	354	$zone_file_name = $dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));
	355	}
	356
	357	if(is_file($zone_file_name)) unlink($zone_file_name);
	358	if(is_file($zone_file_name.'.err')) unlink($zone_file_name.'.err');
	359	$app->log("Deleting BIND domain file: ".$zone_file_name, LOGLEVEL_DEBUG);
	360
6a25ac	361	//* DNSSEC-Implementation
24bede	362	if ($data['old']['dnssec_initialized'] == 'Y') exec('/usr/local/ispconfig/server/scripts/dnssec-delete.sh '.$data['old']['origin']); //delete keys
6a25ac	363
7fe908	364	//* Reload bind nameserver
MC	365	$app->services->restartServiceDelayed('bind', 'reload');
	366
a59731	367	}
7fe908	368
MC	369	function slave_insert($event_name, $data) {
a59731	370	global $app, $conf;
7fe908	371
MC	372	$this->action = 'insert';
	373	$this->slave_update($event_name, $data);
	374
	375	}
	376
	377	function slave_update($event_name, $data) {
	378	global $app, $conf;
	379
a59731	380	//* Load libraries
D	381	$app->uses("getconf,tpl");
7fe908	382
a59731	383	//* load the server configuration options
D	384	$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
7fe908	385
a59731	386	//* rebuild the named.conf file if the origin has changed or when the origin is inserted.
D	387	//if($this->action == 'insert' \|\| $data['old']['origin'] != $data['new']['origin']) {
7fe908	388	$this->write_named_conf($data, $dns_config);
a59731	389	//}
7fe908	390
a59731	391	//* Delete old domain file, if domain name has been changed
D	392	if($data['old']['origin'] != $data['new']['origin']) {
4b88c2	393	//TODO : change this when distribution information has been integrated into server record
7fe908	394	if (file_exists('/etc/gentoo-release')) {
MC	395	$filename = $dns_config['bind_zonefiles_dir'].'/sec/'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));
	396	}
	397	else {
	398	$filename = $dns_config['bind_zonefiles_dir'].'/slave/sec.'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));
	399	}
	400
a59731	401	if(is_file($filename)) unset($filename);
D	402	}
7fe908	403
355efb	404	//* Ensure that the named slave directory is writable by the named user
T	405	if (file_exists('/etc/gentoo-release')) {
	406	$slave_record_dir = $dns_config['bind_zonefiles_dir'].'/sec';
	407	} else {
	408	$slave_record_dir = $dns_config['bind_zonefiles_dir'].'/slave';
	409	}
7fe908	410	if(!@is_dir($slave_record_dir)) mkdir($slave_record_dir, 0770);
MC	411	chown($slave_record_dir, $dns_config['bind_user']);
	412	chgrp($slave_record_dir, $dns_config['bind_group']);
	413
a59731	414	//* Reload bind nameserver
7fe908	415	$app->services->restartServiceDelayed('bind', 'reload');
MC	416
a59731	417	}
7fe908	418
MC	419	function slave_delete($event_name, $data) {
a59731	420	global $app, $conf;
7fe908	421
MC	422
a59731	423	//* load the server configuration options
D	424	$app->uses("getconf,tpl");
	425	$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
7fe908	426
a59731	427	//* rebuild the named.conf file
7fe908	428	$this->write_named_conf($data, $dns_config);
MC	429
a59731	430	//* Delete the domain file
4b88c2	431	//TODO : change this when distribution information has been integrated into server record
7fe908	432	if (file_exists('/etc/gentoo-release')) {
MC	433	$zone_file_name = $dns_config['bind_zonefiles_dir'].'/sec/'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));
	434	}
	435	else {
	436	$zone_file_name = $dns_config['bind_zonefiles_dir'].'/slave/sec.'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));
	437	}
	438
a59731	439	if(is_file($zone_file_name)) unlink($zone_file_name);
7fe908	440	$app->log("Deleting BIND domain file for secondary zone: ".$zone_file_name, LOGLEVEL_DEBUG);
MC	441
a59731	442	//* Reload bind nameserver
7fe908	443	$app->services->restartServiceDelayed('bind', 'reload');
MC	444
7dbea0	445
T	446	}
7fe908	447
MC	448	function rr_insert($event_name, $data) {
7dbea0	449	global $app, $conf;
7fe908	450
7dbea0	451	//* Get the data of the soa and call soa_update
cc7a82	452	$tmp = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ?", $data['new']['zone']);
7dbea0	453	$data["new"] = $tmp;
T	454	$data["old"] = $tmp;
	455	$this->action = 'update';
7fe908	456	$this->soa_update($event_name, $data);
MC	457
7dbea0	458	}
7fe908	459
MC	460	function rr_update($event_name, $data) {
7dbea0	461	global $app, $conf;
7fe908	462
MC	463	//* Get the data of the soa and call soa_update
cc7a82	464	$tmp = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ?", $data['new']['zone']);
7fe908	465	$data["new"] = $tmp;
MC	466	$data["old"] = $tmp;
	467	$this->action = 'update';
	468	$this->soa_update($event_name, $data);
	469
	470	}
	471
	472	function rr_delete($event_name, $data) {
	473	global $app, $conf;
	474
7dbea0	475	//* Get the data of the soa and call soa_update
cc7a82	476	$tmp = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ?", $data['old']['zone']);
7dbea0	477	$data["new"] = $tmp;
T	478	$data["old"] = $tmp;
	479	$this->action = 'update';
7fe908	480	$this->soa_update($event_name, $data);
MC	481
7dbea0	482	}
7fe908	483
MC	484	//##################################################################
	485
7dbea0	486	function write_named_conf($data, $dns_config) {
T	487	global $app, $conf;
7fe908	488
MC	489	//* Only write the master file for the current server
b9f313	490	$tmps = $app->db->queryAllRecords("SELECT origin, xfer, also_notify, update_acl, dnssec_wanted FROM dns_soa WHERE active = 'Y' AND server_id=?", $conf["server_id"]);
fc70a2	491	$zones = array();
7fe908	492
957aaf	493	//* Check if the current zone that triggered this function has at least one NS record
7fe908	494
4b88c2	495	//TODO : change this when distribution information has been integrated into server record
7fe908	496	if (file_exists('/etc/gentoo-release')) {
MC	497	$pri_zonefiles_path = $dns_config['bind_zonefiles_dir'].'/pri/';
	498	$sec_zonefiles_path = $dns_config['bind_zonefiles_dir'].'/sec/';
	499
	500	}
	501	else {
	502	$pri_zonefiles_path = $dns_config['bind_zonefiles_dir'].'/pri.';
	503	$sec_zonefiles_path = $dns_config['bind_zonefiles_dir'].'/slave/sec.';
	504	}
a59ad3	505
957aaf	506	//* Loop trough zones
fc70a2	507	foreach($tmps as $tmp) {
24bede	508	$zone_file = $pri_zonefiles_path.str_replace("/", "_", substr($tmp['origin'], 0, -1));
b9f313	509	if ($tmp['dnssec_wanted'] == 'Y') $zone_file .= '.signed'; //.signed is for DNSSEC-Implementation
7fe908	510
a59ad3	511	$options = '';
a59731	512	if(trim($tmp['xfer']) != '') {
7fe908	513	$options .= " allow-transfer {".str_replace(',', ';', $tmp['xfer']).";};\n";
a59731	514	} else {
D	515	$options .= " allow-transfer {none;};\n";
	516	}
7fe908	517	if(trim($tmp['also_notify']) != '') $options .= ' also-notify {'.str_replace(',', ';', $tmp['also_notify']).";};\n";
MC	518	if(trim($tmp['update_acl']) != '') $options .= " allow-update {".str_replace(',', ';', $tmp['update_acl']).";};\n";
	519
f038c0	520	if(file_exists($zone_file)) {
7fe908	521	$zones[] = array( 'zone' => substr($tmp['origin'], 0, -1),
MC	522	'zonefile_path' => $zone_file,
	523	'options' => $options
	524	);
957aaf	525	}
fc70a2	526	}
a59731	527
7dbea0	528	$tpl = new tpl();
T	529	$tpl->newTemplate("bind_named.conf.local.master");
7fe908	530	$tpl->setLoop('zones', $zones);
MC	531
a59731	532	//* And loop through the secondary zones, but only for the current server
cc7a82	533	$tmps_sec = $app->db->queryAllRecords("SELECT origin, xfer, ns FROM dns_slave WHERE active = 'Y' AND server_id=?", $conf["server_id"]);
a59731	534	$zones_sec = array();
D	535
	536	foreach($tmps_sec as $tmp) {
7fe908	537
a59731	538	$options = " masters {".$tmp['ns'].";};\n";
7fe908	539	if(trim($tmp['xfer']) != '') {
MC	540	$options .= " allow-transfer {".str_replace(',', ';', $tmp['xfer']).";};\n";
	541	} else {
	542	$options .= " allow-transfer {none;};\n";
	543	}
a59731	544
D	545
7fe908	546	$zones_sec[] = array( 'zone' => substr($tmp['origin'], 0, -1),
MC	547	'zonefile_path' => $sec_zonefiles_path.str_replace("/", "_", substr($tmp['origin'], 0, -1)),
	548	'options' => $options
	549	);
a59731	550
7fe908	551	// $filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/slave/sec.'.substr($tmp['origin'],0,-1));
MC	552	// $app->log("Writing BIND domain file: ".$filename,LOGLEVEL_DEBUG);
	553
	554
a59731	555	}
7fe908	556
a59731	557	$tpl_sec = new tpl();
D	558	$tpl_sec->newTemplate("bind_named.conf.local.slave");
7fe908	559	$tpl_sec->setLoop('zones', $zones_sec);
a59731	560
7fe908	561	file_put_contents($dns_config['named_conf_local_path'], $tpl->grab()."\n".$tpl_sec->grab());
MC	562	$app->log("Writing BIND named.conf.local file: ".$dns_config['named_conf_local_path'], LOGLEVEL_DEBUG);
	563
	564	unset($tpl_sec);
	565	unset($zones_sec);
	566	unset($tmps_sec);
7dbea0	567	unset($tpl);
fc70a2	568	unset($zones);
T	569	unset($tmps);
7fe908	570
7dbea0	571	}
7fe908	572
MC	573
	574
7dbea0	575
T	576	} // end class
	577
a59731	578	?>