Changeset 1048 for branches/stable

Timestamp:

02/27/26 18:02:02 (4 hours ago)

Author:

Kris Deugau

Message:

/branches/stable

Rollup merge of changes to auxiliary scripts

Location:

branches/stable

Files:

• . (modified) (1 prop)
• DNSDB.pm (modified) (1 diff)
• compact-recs.pl (modified) (8 diffs)
• dns.cgi (modified) (1 diff)
• mergerecs (modified) (4 diffs)
• textrecs.cgi (modified) (2 diffs)
• tiny-import.pl (modified) (7 diffs)

branches/stable/DNSDB.pm

@@ -1955 +1955 @@
 
     if ($cn) {
-      # "natural n'th IP in the block" pattern
-      $$tmpl =~ s/$cn/$ipindex+1/e;
+      # "n'th natural IP in the block" pattern.
+      my $iptmp = new NetAddr::IP $ip;
+      my $natdex = scalar($iptmp - $$subnet);
+      $natdex++;
+      $$tmpl =~ s/$cn/$natdex/;
     }
 

branches/stable/compact-recs.pl

@@ -4 +4 @@
 ##
 # $Id$
-# Copyright 2013,2014,2018,2020 Kris Deugau <kdeugau@deepnet.cx>
+# Copyright 2013-2022,2025 Kris Deugau <kdeugau@deepnet.cx>
 #
 #    This program is free software: you can redistribute it and/or modify
@@ -22 +22 @@
 use strict;
 use warnings;
-
-# push "the directory the script is in" into @INC
-use FindBin;
-use lib "$FindBin::RealBin/";
+use Getopt::Long;
+
+# Taint-safe (ish) voodoo to push "the directory the script is in" into @INC.
+# See https://secure.deepnet.cx/trac/dnsadmin/ticket/80 for more gory details on how we got here.
+use File::Spec ();
+use File::Basename ();
+my $path;
+BEGIN {
+    $path = File::Basename::dirname(File::Spec->rel2abs($0));
+    if ($path =~ /(.*)/) {
+        $path = $1;
+    }
+}
+use lib $path;
 
 use DNSDB;
@@ -32 +42 @@
 
 sub usage {
-  die qq(usage:  compact-recs.pl netblock pattern
-    netblock  the CIDR block to define the A+PTR template on
-    pattern   the pattern to define the new A+PTR template with, and
-              to match A+PTR records within the netblock for deletion
+  die qq(usage:  compact-recs.pl netblock pattern [--replace [record id]]
+    netblock   the CIDR block to define the A+PTR template on
+    pattern    the pattern to define the new A+PTR template with, and
+               to match A+PTR records within the netblock for deletion
+    --replace  Optional argument to update an existing template if found.
+               A record ID can be specified to match a particular record,
+               or 'all' to forcibly remove all but one in the event of
+               multiple records.  If multiple records are found but neither
+               'all' or a specific record ID is specified, an error will be
+               returned and nothing will be changed since there is no
+               guarantee of which record might be replaced.
+
         OR
         compact-recs.pl --batch patternfile
     patternfile should be a file containing a list of netblock-pattern
-    pairs, whitespace separated
+    pairs, whitespace separated.  --replace is ignored in this mode.
 
     A PTR template record will be created instead of an A+PTR template
@@ -45 +63 @@
     the database.
 
-    WARNING:  Multiple runs will result in duplicate template records.
+    WARNING:  Multiple runs may result in duplicate template records.
 );
+}
+
+my $batchmode = 0;
+my $replace = 0;
+my $tmpl_msg = '';
+
+GetOptions("batch" => \$batchmode,
+        "replace:s" => \&setreplace );
+
+sub setreplace {
+  if ($_[1] eq '') {
+    $replace = -1;
+  } else {
+    $replace = $_[1];
+  }
+}
+
+if ($replace && $replace !~ /^(all|-?\d+)$/) {
+  warn "Invalid --replace argument $replace:\n";
+  usage();
 }
 
@@ -59 +97 @@
 $dnsdb->{loguserid} = 0;        # not worth setting up a pseudouser the way the RPC system does
 $dnsdb->{logusername} = $dnsdb->{logusername}."/compact-recs.pl";
-$dnsdb->{logfullname} = $dnsdb->{logusername} if !$dnsdb->{logfullname};
-
-if ($ARGV[0] eq '--batch') {
-  open NBLIST, "<$ARGV[1]";
+$dnsdb->{logfullname} = ($dnsdb->{logfullname} ? $dnsdb->{logfullname}."/compact-recs.pl" : $dnsdb->{logusername});
+
+if ($batchmode) {
+  # --replace not safe for --batch.  could arguably support an in-file flag someday?
+  if ($replace) {
+    $replace = 0;
+    warn "--replace not compatible with --batch.  Attempting to continue.\n";
+  }
+  open NBLIST, "<$ARGV[0]";
   while (<NBLIST>) {
     next if /^#/;
@@ -85 +128 @@
   $dbh->{RaiseError} = 1;
 
-  my ($zone,$ploc) = $dbh->selectrow_array("SELECT rdns_id,default_location FROM revzones WHERE revnet >>= ?",
-        undef, ($cidr) );
+  my ($zonecidr,$zone,$ploc) = $dbh->selectrow_array(
+      "SELECT revnet,rdns_id,default_location FROM revzones WHERE revnet >>= ?",
+      undef, ($cidr) );
   if (!$zone) {
     warn "$cidr is not within a zone currently managed here.\n";
@@ -93 +137 @@
   my $soa = $dnsdb->getSOA('n', 'y', $zone);
   my $dparent = $dnsdb->_hostparent($patt) || 0;
+  # Automatically choose new type as A+PTR template if the new pattern's
+  # domain is managed in this instance, or PTR template if not
   my $newtype = ($dparent ? 65283 : 65282);
 
-  my ($istmpl) = $dbh->selectrow_array("SELECT count(*) FROM records WHERE rdns_id = ? AND ".
-        "(type=65282 OR type=65283) AND val = ?", undef, ($zone, $cidr) );
-  if ($istmpl) {
-    print "Template already exists for $cidr, manual cleanup required\n";
+  my ($tmplcount) = $dbh->selectrow_array("SELECT count(*) FROM records WHERE rdns_id = ? AND ".
+      "(type=65282 OR type=65283) AND val = ?", undef, ($zone, $cidr) );
+  if ($tmplcount && !$replace) {
+    # Template(s) found, --replace not set
+    print "One or more templates found for $cidr, use --replace [record_id],".
+        " --replace all, or clean up manually.\n";
+    return;
+  } elsif ($tmplcount > 1 && ($replace eq '0' || $replace eq '-1')) {
+    # Multiple templates found, --replace either not set (==0) or no argument provided (==-1)
+    print "Multiple templates found matching $cidr but no record ID specified with".
+        " --replace.  Use --replace with a record ID, use --replace all, or clean up".
+        " manually.\n";
     return;
   }
@@ -106 +160 @@
 
   eval {
+    # First, clean up the records that match the template.
     my $getsth = $dbh->prepare("SELECT record_id,host,val FROM records ".
-        "WHERE (type = 12 OR type > 65000) AND inetlazy(val) << ?");
+        "WHERE (type = 12 OR type > 65000) AND inetlazy(val) << ? AND rdns_id = ?");
     my $delsth = $dbh->prepare("DELETE FROM records WHERE record_id = ?");
-    $getsth->execute($cidr);
+    $getsth->execute($cidr, $zone);
     my $i = 0;
     while (my ($id,$host,$val) = $getsth->fetchrow_array) {
       my $cmp = $patt;
-      DNSDB::_template4_expand(\$cmp, $val);
+      # skip existing template within the new template's range
+      next if $val =~ m{/\d+$};
+      if ($cmp =~ /\%-?c/) {
+        # Determine "nth host" index value of $val for %c and %-c
+        my $possible = new NetAddr::IP $val;
+        my $valindex = $possible - $cidr;
+        DNSDB::_template4_expand(\$cmp, $val, \$cidr, $valindex);
+      } else {
+        DNSDB::_template4_expand(\$cmp, $val, \$cidr);
+      }
       $delsth->execute($id) if $cmp eq $host;
       $delcnt++ if $cmp eq $host;
-#      print "got $id, '$host', '$val';  compare '$cmp'\t";
-#      print "  delete\n" if $cmp eq $host;
-#      print "  keep\n"  if $cmp ne $host;
-#      last if $i++ >8;
-    }
-
-    $dbh->do("INSERT INTO records (domain_id, rdns_id, host, type, val, ttl, location) VALUES (?,?,?,?,?,?,?)",
+    }
+
+    my $template_modified = 0;
+
+    if ($replace) {
+      if ($replace eq 'all') {
+        # clear any templates with the same CIDR, and add a new one
+        $dbh->do("DELETE from records WHERE rdns_id = ? AND (type=65282 OR type=65283) AND val = ?", undef, ($zone, $cidr) );
+        $dbh->do("INSERT INTO records (domain_id, rdns_id, host, type, val, ttl, location) VALUES (?,?,?,?,?,?,?)",
+            undef, ($dparent, $zone, $patt, $newtype, $cidr, $soa->{minttl}, $ploc) );
+        $template_modified = 1;
+        $tmpl_msg = ", replaced $tmplcount template records";
+      } else {
+        if ($replace =~ /^\d+$/) {
+          # $replace == [id] -> replace that record ID, error if it doesn't exist or isn't
+          # a template for the specified CIDR.  Arguably some stretch on the latter.
+          my ($rechost,$recval,$rectype) = $dbh->selectrow_array(
+              "SELECT host,val,type,record_id FROM records WHERE record_id = ?",
+              undef, $replace);
+          if (($rectype == 65282 || $rectype == 65283) && $recval eq $cidr) {
+            # Do the update if the record specified matches is a suitable template
+            $dbh->do("UPDATE records SET host = ?, type = ?, val = ? WHERE record_id = ?",
+                undef, ($patt, $newtype, $cidr, $replace) );
+            $template_modified = 1;
+            $tmpl_msg = ", replaced an existing template record";
+          } else {
+            # Specified record ID isn't a template record, or doesn't match $cidr, or both
+            die "Specified record ID isn't a template for $cidr, skipping:\n".
+                "  $replace found:  $rechost $typemap{$rectype} $recval\n";
+          }
+        } else {
+          # $replace == -1 -> replace/update template iff one template is present
+          #   (should have errored out earlier if multiple templates are present)
+          my ($rechost,$recval,$rectype,$recid) = $dbh->selectrow_array(
+              "SELECT host,val,type,record_id FROM records WHERE rdns_id = ? AND (type=65282 OR type=65283) AND val = ?",
+              undef, ($zone, $cidr) );
+          if ($recid) {
+            # Do the update if we've found an existing template with the same CIDR
+            $dbh->do("UPDATE records SET host = ?, type = ?, val = ? WHERE record_id = ?",
+                undef, ($patt, $newtype, $cidr, $recid) );
+            $template_modified = 1;
+            $tmpl_msg = ", replaced an existing template record";
+          } else {
+            $dbh->do("INSERT INTO records (domain_id, rdns_id, host, type, val, ttl, location) VALUES (?,?,?,?,?,?,?)",
+                undef, ($dparent, $zone, $patt, $newtype, $cidr, $soa->{minttl}, $ploc) );
+            $template_modified = 1;
+          }
+        } # $replace -> [id] or $replace == -1
+      } # $replace <> 'all'
+    } else {
+      # $replace == 0 (not set), just insert the new template
+      $dbh->do("INSERT INTO records (domain_id, rdns_id, host, type, val, ttl, location) VALUES (?,?,?,?,?,?,?)",
         undef, ($dparent, $zone, $patt, $newtype, $cidr, $soa->{minttl}, $ploc) );
-    $dbh->do("UPDATE revzones SET changed='y' WHERE rdns_id = ?", undef, ($zone));
-    $dbh->do("UPDATE domains SET changed='y' WHERE domain_id = ?", undef, ($dparent)) if $dparent;
-    $dnsdb->_log(rdns_id => $zone, domain_id => $dparent, group_id => 1,
-        entry => "A+PTR and/or PTR records in $cidr matching $patt replaced by $typemap{$newtype} record for $cidr");
-
-#    $dbh->rollback;
-    $dbh->commit;
+      $template_modified = 1;
+    }
+
+    if ($template_modified) {
+      my %logdata = (rdns_id => $zone, domain_id => $dparent, group_id => 1,
+          entry => "A+PTR and/or PTR records in $cidr matching $patt replaced by $typemap{$newtype} record for $cidr");
+      $dnsdb->_updateserial(%logdata);
+      $dnsdb->_log(%logdata);
+      $dbh->commit;
+    } else {
+      # no need to do push out a null update that just bumps the serial on the zone(s)
+      $dbh->rollback;
+    }
+
   };
   if ($@) {
-    print "barf: $@\n";
+    print "Error(s) encountered: $@\n";
     $dbh->rollback;
     return;
   }
-  print " complete ($delcnt records)\n";
+  print " complete (removed $delcnt PTR/A+PTR records";
+  print $tmpl_msg;
+  print ")\n";
 } # squashem ()

branches/stable/dns.cgi

@@ -3 +3 @@
 ##
 # $Id$
-# Copyright 2008-2020 Kris Deugau <kdeugau@deepnet.cx>
+# Copyright 2008-2022 Kris Deugau <kdeugau@deepnet.cx>
 # 
 #    This program is free software: you can redistribute it and/or modify

branches/stable/mergerecs

@@ -3 +3 @@
 ##
 # $Id$
-# Copyright 2014,2016,2018,2020 Kris Deugau <kdeugau@deepnet.cx>
+# Copyright 2014-2022 Kris Deugau <kdeugau@deepnet.cx>
 #
 #    This program is free software: you can redistribute it and/or modify
@@ -27 +27 @@
 use Data::Dumper;
 
-# push "the directory the script is in" into @INC
-use FindBin;
-use lib "$FindBin::RealBin/";
+# Taint-safe (ish) voodoo to push "the directory the script is in" into @INC.
+# See https://secure.deepnet.cx/trac/dnsadmin/ticket/80 for more gory details on how we got here.
+use File::Spec ();
+use File::Basename ();
+my $path;
+BEGIN {
+    $path = File::Basename::dirname(File::Spec->rel2abs($0));
+    if ($path =~ /(.*)/) {
+        $path = $1;
+    }
+}
+use lib $path;
 
 use DNSDB;
@@ -67 +76 @@
 $dnsdb->{loguserid} = 0;        # not worth setting up a pseudouser the way the RPC system does
 $dnsdb->{logusername} = $dnsdb->{logusername}."/mergerecs";
-$dnsdb->{logfullname} = $dnsdb->{logusername} if !$dnsdb->{logfullname};
+$dnsdb->{logfullname} = ($dnsdb->{logfullname} ? $dnsdb->{logfullname}."/mergerecs" : $dnsdb->{logusername});
 
 # and now the meat
@@ -86 +95 @@
   }
   die "$pzone is not a valid reverse zone specification\n" if !$npzone;
-  $zid = $dnsdb->revID($npzone, '');
+  $zid = $dnsdb->revID($npzone, ':ANY:');
 } else {
   $rev = 'n';
-  $zid = $dnsdb->domainID($pzone, '');
+  $zid = $dnsdb->domainID($pzone, ':ANY:');
 }
 die "$pzone is not a zone in the database (".$dnsdb->errstr.")\n" if !$zid;

branches/stable/textrecs.cgi

@@ -3 +3 @@
 ##
 # $Id$
-# Copyright 2012-2014,2020 Kris Deugau <kdeugau@deepnet.cx>
+# Copyright 2012-2014,2020,2022 Kris Deugau <kdeugau@deepnet.cx>
 # 
 #    This program is free software: you can redistribute it and/or modify
@@ -28 +28 @@
 use DBI;
 
-# push "the directory the script is in" into @INC
-use FindBin;
-use lib "$FindBin::RealBin/";
+# Taint-safe (ish) voodoo to push "the directory the script is in" into @INC.
+use File::Spec ();
+use File::Basename ();
+my $path;
+BEGIN {
+    $path = File::Basename::dirname(File::Spec->rel2abs($0));
+    if ($path =~ /(.*)/) {
+        $path = $1;
+    }
+}
+use lib $path;
 
 use DNSDB;

branches/stable/tiny-import.pl

@@ -3 +3 @@
 ##
 # $Id$
-# Copyright 2012-2014,2020 Kris Deugau <kdeugau@deepnet.cx>
+# Copyright 2012-2014,2020-2022 Kris Deugau <kdeugau@deepnet.cx>
 #
 #    This program is free software: you can redistribute it and/or modify
@@ -28 +28 @@
 use Time::TAI64 qw(:tai);
 
-# push "the directory the script is in" into @INC
-use FindBin;
-use lib "$FindBin::RealBin/";
+# Taint-safe (ish) voodoo to push "the directory the script is in" into @INC.
+use File::Spec ();
+use File::Basename ();
+my $path;
+BEGIN {
+    $path = File::Basename::dirname(File::Spec->rel2abs($0));
+    if ($path =~ /(.*)/) {
+        $path = $1;
+    }
+}
+use lib $path;
 
 use DNSDB;
@@ -200 +208 @@
     chomp;
     s/\s*$//;
+    s/:+$//;
     my $recstat = recslurp($_, $filecnt);
     $ok++ if $recstat;
@@ -405 +414 @@
       $host =~ s/\.$//;
       $host =~ s/^\\052/*/;
-      $ttl = -1 if $ttl eq '';
+      $ttl = -1 if !defined($ttl) || $ttl eq '';
       $stamp = '' if !$stamp;
       $loc = '' if !$loc;
@@ -542 +551 @@
       $host =~ s/\.$//;
       $host =~ s/^\\052/*/;
-      $ttl = -1 if $ttl eq '';
+      $ttl = -1 if !defined($ttl) || $ttl eq '';
       $stamp = '' if !$stamp;
       $loc = '' if !$loc;
@@ -605 +614 @@
       if ($zone =~ /\.arpa$/) {
         ($code,$msg) = DNSDB::_zone2cidr($zone);
-        $dbh->do("INSERT INTO revzones (revnet,group_id,status,default_location,zserial) VALUES (?,?,1,?,?)",
+        $dbh->do("INSERT INTO revzones (revnet,group_id,status,default_location,sertype,zserial) VALUES (?,?,1,?,'U',?)",
                 undef, ($msg, $importcfg{group}, $loc, $serial));
         my ($rdns) = $dbh->selectrow_array("SELECT currval('revzones_rdns_id_seq')");
@@ -614 +623 @@
                 $loc, $stamp, $expires, $stampactive);
       } else {
-        $dbh->do("INSERT INTO domains (domain,group_id,status,default_location,zserial) VALUES (?,?,1,?,?)",
+        $dbh->do("INSERT INTO domains (domain,group_id,status,default_location,sertype,zserial) VALUES (?,?,1,?,'U',?)",
                 undef, ($zone, $importcfg{group}, $loc, $serial));
         my ($domid) = $dbh->selectrow_array("SELECT currval('domains_domain_id_seq')");