Changeset 223


Ignore:
Timestamp:
01/20/12 16:28:10 (12 years ago)
Author:
Kris Deugau
Message:

/trunk

Add some data validation on A/AAAA record update; tweak the validation
on A/AAAA record add to match
Add commented possible check for A/AAAA IP validation in NS, MX, and
SRV records for future pondering

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/DNSDB.pm

    r222 r223  
    13791379
    13801380  # Validation
     1381  my $addr = NetAddr::IP->new($val);
    13811382  if ($rectype == $reverse_typemap{A}) {
    1382     return ("FAIL", "IPv4 addresses must be in the format n.n.n.n")
    1383         unless $val =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/;
     1383    return ('FAIL',$typemap{$rectype}." record must be a valid IPv4 address")
     1384        unless $addr && !$addr->{isv6};
    13841385  }
    13851386  if ($rectype == $reverse_typemap{AAAA}) {
    1386     return ("FAIL", "IPv6 addresses must be in the format h:h:h::h")
    1387         unless $val =~ /^[a-fA-F0-9:]+$/
    1388   }
    1389   if ($rectype == $reverse_typemap{A} or $rectype == $reverse_typemap{AAAA}) {
    1390     my $tmpip = new NetAddr::IP $val or
    1391         return ("FAIL", "Address must be a valid IP address");
     1387    return ('FAIL',$typemap{$rectype}." record must be a valid IPv6 address")
     1388        unless $addr && $addr->{isv6};
    13921389  }
    13931390
     
    14721469  if ($type == $reverse_typemap{MX} || $type == $reverse_typemap{SRV}) {
    14731470    $dist = shift;
     1471    $dist =~ s/\s+//g;
    14741472    return ('FAIL',"MX or SRV requires distance") if !defined($dist);
     1473    return ('FAIL', "Distance must be numeric") unless $dist =~ /^\d+$/;
    14751474    if ($type == $reverse_typemap{SRV}) {
    14761475      $weight = shift;
     1476      $weight =~ s/\s+//g;
    14771477      return ('FAIL',"SRV requires weight") if !defined($weight);
     1478      return ('FAIL',"Weight must be numeric") unless $weight =~ /^\d+$/;
    14781479      $port = shift;
     1480      $port =~ s/\s+//g;
    14791481      return ('FAIL',"SRV requires port") if !defined($port);
     1482      return ('FAIL',"Port must be numeric") unless $port =~ /^\d+$/;
    14801483    }
    14811484  }
     1485
     1486# Enforce IP addresses on A and AAAA types
     1487  my $addr = NetAddr::IP->new($val);
     1488  if ($type == $reverse_typemap{A}) {
     1489    return ('FAIL',$typemap{$type}." record must be a valid IPv4 address")
     1490        unless $addr && !$addr->{isv6};
     1491  }
     1492  if ($type == $reverse_typemap{AAAA}) {
     1493    return ('FAIL',$typemap{$type}." record must be a valid IPv6 address")
     1494        unless $addr && $addr->{isv6};
     1495  }
     1496
     1497# hmm..  this might work.  except possibly for something pointing to "deadbeef.ca".  <g>
     1498#  if ($type == $reverse_typemap{NS} || $type == $reverse_typemap{MX} || $type == $reverse_typemap{SRV}) {
     1499#    if ($val =~ /^\s*[\da-f:.]+\s*$/) {
     1500#      return ('FAIL',"$val is not a valid IP address") if !$addr;
     1501#    }
     1502#  }
    14821503
    14831504  local $dbh->{AutoCommit} = 0;
Note: See TracChangeset for help on using the changeset viewer.