Changeset 298

Timestamp:

04/09/12 18:08:51 (13 years ago)

Author:

Kris Deugau

Message:

/trunk

Checkpoint updating importAXFR() action logging (see #35):

• convert _ZONE() to handle the conversion from CIDR to formal .arpa zone name
• add _zone2cidr() for the inverse operation; convert the .arpa zone name to the CIDR netblock

File:

• trunk/DNSDB.pm (modified) (1 diff)

trunk/DNSDB.pm

@@ -736 +736 @@
 ##
 
-# Replace ZONE in hostname
+# Replace ZONE in hostname, or create (most of) the actual proper zone name
 sub _ZONE {
   my $zone = shift;
   my $string = shift;
   my $fr = shift || 'f';        # flag for forward/reverse order?  nb: ignored for IP
-
-  my $prefix = $zone->network->addr;    # Just In Case someone managed to slip in
-                                        # a funky subnet that had host bits set.
+  my $sep = shift || '-';       # Separator character - unlikely we'll ever need more than . or -
+
+  my $prefix;
 
   $string =~ s/,/./ if !$zone->{isv6};
   $string =~ s/,/::/ if $zone->{isv6};
 
-#  if ($zone->{isv6} && ($zone->masklen % 4) != 0) {
-#    # grumpyfail, non-nibble zone.  shouldn't happen
-#    return;
-#  }
-
-    # Subbing ZONE in the host.  We need to properly ID the netblock range
-    # The subbed text should have "network IP with trailing zeros stripped" for
-    # blocks lined up on octet (for v4) or 16-bit (for v6) boundaries
-    # For blocks that do NOT line up on these boundaries, we tack on an extra "-0",
-    # then take the most significant octet or 16-bit chunk of the "broadcast" IP and
-    # append it after a double-dash
-    # ie:
-    # 8.0.0.0/6 -> 8.0.0.0 -> 11.255.255.255;  sub should be 8--11
-    # 10.0.0.0/12 -> 10.0.0.0 -> 10.0.0.0 -> 10.15.255.255;  sub should be 10-0--15
-    # 192.168.4.0/22 -> 192.168.4.0 -> 192.168.7.255;  sub should be 192-168-4--7
-    # 192.168.0.8/29 -> 192.168.0.8 -> 192.168.0.15;  sub should be 192-168-0-8--15
-    # Similar for v6
-    if (!$zone->{isv6}) {
+  # Subbing ZONE in the host.  We need to properly ID the netblock range
+  # The subbed text should have "network IP with trailing zeros stripped" for
+  # blocks lined up on octet (for v4) or hex-quad (for v6) boundaries
+  # For blocks that do NOT line up on these boundaries, we take the most
+  # significant octet or 16-bit chunk of the "broadcast" IP and append it
+  # after a double-dash
+  # ie:
+  # 8.0.0.0/6 -> 8.0.0.0 -> 11.255.255.255;  sub should be 8--11
+  # 10.0.0.0/12 -> 10.0.0.0 -> 10.0.0.0 -> 10.15.255.255;  sub should be 10-0--15
+  # 192.168.4.0/22 -> 192.168.4.0 -> 192.168.7.255;  sub should be 192-168-4--7
+  # 192.168.0.8/29 -> 192.168.0.8 -> 192.168.0.15;  sub should be 192-168-0-8--15
+  # Similar for v6
+
+  if (!$zone->{isv6}) { # IPv4
+
+    $prefix = $zone->network->addr;     # Just In Case someone managed to slip in
+                                        # a funky subnet that had host bits set.
+    my $bc = $zone->broadcast->addr;
+
+    if ($zone->masklen > 24) {
+      $bc =~ s/^\d+\.\d+\.\d+\.//;
+    } elsif ($zone->masklen > 16) {
+      $prefix =~ s/\.0$//;
+      $bc =~ s/^\d+\.\d+\.//;
+    } elsif ($zone->masklen > 8) {
+      $bc =~ s/^\d+\.//;
+      $prefix =~ s/\.0\.0$//;
+    } else {
+      $prefix =~ s/\.0\.0\.0$//;
+    }
+    if ($zone->masklen % 8) {
+      $bc =~ s/(\.255)+$//;
+      $prefix .= "--$bc";       #"--".zone->masklen;    # use range or mask length?
+    }
+    if ($fr eq 'f') {
+      $prefix =~ s/\.+/$sep/g;
+    } else {
+      $prefix = join($sep, reverse(split(/\./, $prefix)));
+    }
+
+  } else { # IPv6
+
+    if ($fr eq 'f') {
+
+      $prefix = $zone->network->addr;   # Just In Case someone managed to slip in
+                                        # a funky subnet that had host bits set.
       my $bc = $zone->broadcast->addr;
-      if ($zone->masklen > 24) {
-        $bc =~ s/^\d+\.\d+\.\d+\.//;
-      } elsif ($zone->masklen > 16) {
-        $prefix =~ s/\.0$//;
-        $bc =~ s/^\d+\.\d+\.//;
-      } elsif ($zone->masklen > 8) {
-        $bc =~ s/^\d+\.//;
-        $prefix =~ s/\.0\.0$//;
+      if (($zone->masklen % 16) != 0) {
+        # Strip trailing :0 off $prefix, and :ffff off the broadcast IP
+        for (my $i=0; $i<(7-int($zone->masklen / 16)); $i++) {
+          $prefix =~ s/:0$//;
+          $bc =~ s/:ffff$//;
+        }
+        # Strip the leading 16-bit chunks off the front of the broadcast IP
+        $bc =~ s/^([a-f0-9]+:)+//;
+        # Append the remaining 16-bit chunk to the prefix after "--"
+        $prefix .= "--$bc";
       } else {
-        $prefix =~ s/\.0\.0\.0$//;
+        # Strip off :0 from the end until we reach the netblock length.
+        for (my $i=0; $i<(8-$zone->masklen / 16); $i++) {
+          $prefix =~ s/:0$//;
+        }
       }
-      if ($zone->masklen % 8) {
-        $bc =~ s/(\.255)+$//;
-        $prefix .= "--$bc";     #"--".zone->masklen;    # use range or mask length?
+      # Actually deal with the separator
+      $prefix =~ s/:/$sep/g;
+
+    } else {    # $fr eq 'f'
+
+      $prefix = $zone->network->full;   # Just In Case someone managed to slip in
+                                        # a funky subnet that had host bits set.
+      my $bc = $zone->broadcast->full;
+      $prefix =~ s/://g;        # clean these out since they're not spaced right for this case
+      $bc =~ s/://g;
+      # Strip trailing 0 off $prefix, and f off the broadcast IP, to match the mask length
+      for (my $i=0; $i<(31-int($zone->masklen / 4)); $i++) {
+        $prefix =~ s/0$//;
+        $bc =~ s/f$//;
       }
+      # Split and reverse the order of the nibbles in the network/broadcast IPs
+      my @nbits = reverse split //, $prefix;
+      my @bbits = reverse split //, $bc;
+      # Handle the sub-nibble case.  Eww.  I feel dirty supporting this...
+      $nbits[0] = "$nbits[0]-$bbits[0]" if ($zone->masklen % 4) != 0;
+      # Glue it back together
+      $prefix = join($sep, @nbits);
+
+    }   # $fr ne 'f'
+
+  } # $zone->{isv6}
+
+  # Do the substitution, finally
+  $string =~ s/ZONE/$prefix/;
+  $string =~ s/--/-/ if $sep ne '-';    # - as separator needs extra help for sub-octet v4 netblocks
+  return $string;
+} # done _ZONE()
+
+# Not quite a substitution sub, but placed here as it's basically the inverse of above;
+# given the .arpa zone name, return the CIDR netblock the zone is for.
+# Supports v4 non-octet/non-classful netblocks as per the method outlined in the Cricket Book (2nd Ed p217-218)
+# Does NOT support non-quad v6 netblocks via the same scheme;  it shouldn't ever be necessary.
+# Takes a nominal .arpa zone name, returns a success code and NetAddr::IP, or a fail code and message
+sub _zone2cidr {
+  my $zone = shift;
+
+  my $cidr;
+  my $warnmsg;
+
+  if ($zone =~ /\.in-addr\.arpa\.?$/) {
+    # v4 revzone, formal zone name type
+    my $tmpcidr;
+    my $tmpzone = $zone;
+    $tmpzone =~ s/\.in-addr\.arpa\.?//;
+    return ('FAIL',"Non-numerics in apparent IPv4 reverse zone name") if $tmpzone !~ /^(?:\d+-)?[\d\.]+$/;
+
+    # Snag the octet pieces
+    my @octs = split /\./, $tmpzone;
+
+    # Map result of a range manipulation to a mask length change.  Cheaper than finding the 2-root of $octets[0]+1.
+    my %maskmap = (1 => 1, 3 => 2, 7 => 3, 15 => 4, 31 => 5, 63 => 6, 127 => 7);
+
+    # Handle "range" blocks, eg, 80-83.168.192.in-addr.arpa (192.168.80.0/22)
+    # Need to take the size of the range to offset the basic octet-based mask length,
+    # and make sure the first number in the range gets used as the network address for the block
+    my $masklen = 0;
+    if ($octs[0] =~ /(\d+)-\d+/) {      # take the range...
+      $masklen -= $maskmap{-(eval $octs[0])};   # find the mask base...
+      $octs[0] = $1;    # set the base octet of the range...
+    }
+    @octs = reverse @octs;      # We can reverse the octet pieces now that we've extracted and munged any ranges
+
+    # Now we find the "true" mask with the aid of the "base" calculated above
+    if ($#octs == 0) {
+      $masklen += 8;
+      $tmpcidr = "$octs[0].0.0.0/$masklen";     # really hope we don't see one of these very often.
+    } elsif ($#octs == 1) {
+      $masklen += 16;
+      $tmpcidr = "$octs[0].$octs[1].0.0/$masklen";
+    } elsif ($#octs == 2) {
+      $masklen += 24;
+      $tmpcidr = "$octs[0].$octs[1].$octs[2].0/$masklen";
     } else {
-      if (($zone->masklen % 16) != 0) {
-        # Strip trailing :0 off $prefix, and :ffff off the broadcast IP
-        # Strip the leading 16-bit chunks off the front of the broadcast IP
-        # Append the remaining 16-bit chunk to the prefix after "--"
-        my $bc = $zone->broadcast->addr;
-        for (my $i=0; $i<(7-int($zone->masklen / 16)); $i++) {
-          $prefix =~ s/:0$//;
-          $bc =~ s/:ffff$//;
-        }
-        $bc =~ s/^([a-f0-9]+:)+//;
-        $prefix .= "--$bc";
-      } else {
-        # Strip off :0 from the end until we reach the netblock length.
-        for (my $i=0; $i<(8-$zone->masklen / 16); $i++) {
-          $prefix =~ s/:0$//;
-        }
-      }
-    }
-
-  # Replace . and : with -
-  # If flagged for reverse-order, split on . or :, reverse, and join with -
-    if ($fr eq 'f') {
-      $prefix =~ s/[:.]+/-/g;
-    } else {
-      $prefix = join('-', reverse(split(/[:.]/, $prefix)));
-    }
-    $string =~ s/ZONE/$prefix/;
-#  }
-  return $string;
-} # done _ZONE
-
+      $masklen += 32;
+      $tmpcidr = "$octs[0].$octs[1].$octs[2].$octs[3]/$masklen";
+    }
+
+    # Just to be sure, use NetAddr::IP to validate.  Saves a lot of nasty regex watching for valid octet values.
+    return ('FAIL', "Invalid zone $zone (apparent netblock $cidr)")
+        unless $cidr = NetAddr::IP->new($tmpcidr);
+
+  } elsif ($zone =~ /\.ip6\.arpa$/) {
+    # v6 revzone, formal zone name type
+    my $tmpzone = $zone;
+    $tmpzone =~ s/\.ip6\.arpa\.?//;
+    return ('FAIL',"Non-hexadecimals in apparent IPv6 reverse zone name") if $tmpzone !~ /^[a-fA-F\d\.]+$/;
+    my @quads = reverse(split(/\./, $tmpzone));
+    $warnmsg .= "Apparent sub-/64 IPv6 reverse zone\n" if $#quads > 15;
+    my $nc;
+    foreach (@quads) {
+      $cidr .= $_;
+      $cidr .= ":" if ++$nc % 4 == 0;
+    }
+    my $nq = 1 if $nc % 4 != 0;
+    my $mask = $nc * 4; # need to do this here because we probably increment it below
+    while ($nc++ % 4 != 0) {
+      $cidr .= "0";
+    }
+    $cidr .= ($nq ? '::' : ':')."/$mask";
+  }
+} # done _zone2cidr()