Changeset 345 for trunk

Timestamp:

06/12/12 17:59:39 (13 years ago)

Author:

Kris Deugau

Message:

/trunk

Checkpoint adding delegation type. See #26.

• stuck on how to mask the parent zone's NS records if a delegated segment has records for the same "level" of v4 netblock, without blocking the ability to have multiple NS records and delegation records for any given block

File:

• trunk/DNSDB.pm (modified) (6 diffs)

trunk/DNSDB.pm

@@ -871 +871 @@
   }
 
-  # check domain, if nonexistent coerce down to PTR template
   return ('OK','OK');
 } # done AAAA+PTR template record
@@ -881 +880 @@
 
 # Delegation record
+# This is essentially a specialized clone of the NS record, primarily useful
+# for delegating IPv4 sub-/24 reverse blocks
 sub _validate_65285 {
+  my $dbh = shift;
+
+  my %args = @_;
+
+# Almost, but not quite, identical to NS record validation.
+
+  # Check that the target of the record is within the parent.
+  # Yes, host<->val are mixed up here;  can't see a way to avoid it.  :(
+  if ($args{defrec} eq 'n') {
+    # Check if IP/address/zone/"subzone" is within the parent
+    if ($args{revrec} eq 'y') {
+      my $tmpip = NetAddr::IP->new(${$args{val}});
+      my $pname = revName($dbh,$args{id});
+      return ('FAIL',"${$args{val}} not within $pname")
+         unless _ipparent($dbh, $args{defrec}, $args{revrec}, $args{val}, $args{id}, \$tmpip);
+      # Normalize
+      ${$args{val}} = "$tmpip";
+    } else {
+      my $pname = domainName($dbh,$args{id});
+      ${$args{host}} =~ s/\.*$/\.$pname/ if ${$args{host}} !~ /$pname$/;
+    }
+  } else {
+    return ('FAIL',"Delegation records are not permitted in default record sets");
+  }
   return ('OK','OK');
 }
@@ -1794 +1819 @@
       $sth->execute($reverse_typemap{AAAA}, $zoneid, 65281);
 # We don't have an "A template" or "AAAA template" type, although it might be useful for symmetry.
-#      $sth->execute(65285?, $zoneid, 65283);
-#      $sth->execute(65285?, $zoneid, 65284);
+#      $sth->execute(65286?, $zoneid, 65283);
+#      $sth->execute(65286?, $zoneid, 65284);
       $failmsg = "Failure removing reverse records";
       $dbh->do("DELETE FROM records WHERE rdns_id=?", undef, ($zoneid));
@@ -3272 +3297 @@
       push @vallist, 0;
     }
+  }
+  # fix fat-finger-originated record type changes
+  if ($$rectype == 65285) {
+    $fields .= ",rdns_id" if $revrec eq 'n';
+    $fields .= ",domain_id" if $revrec eq 'y';
+    push @vallist, 0;
   }
   if ($defrec eq 'n') {
@@ -4319 +4350 @@
 
         if ($revrec eq 'y') {
+
+print "$zone has\t$val NS $host\n";
           $val = NetAddr::IP->new($val);
-          print $datafile '&'._ZONE($val, 'ZONE', 'r', '.').($val->{isv6} ? '.ip6.arpa' : '.in-addr.arpa').
-                "::$host:$ttl:$stamp:$loc\n";
+          $zone = NetAddr::IP->new($zone);
+#print "$val NS $host\n";
+          # handle split-n-multiply SOA for off-octet (8 < mask < 16) or (16 < mask < 24) v4 zones
+          if (!$val->{isv6} && ($val->masklen < 24) && ($val->masklen % 8 != 0)) {
+            foreach my $szone ($zone->split($val->masklen + (8 - $val->masklen % 8))) {
+              my $szone2 = _ZONE($szone, 'ZONE.in-addr.arpa', 'r', '.');
+next if $$recflags{"$szone2-sub"} && $zone != $val;
+print " $szone2-sub     NS $host\n";
+# && $zone == $val;
+              print $datafile "\&$szone2"."::$host:$ttl:$stamp:$loc\n";
+              $$recflags{"$szone2-sub"}++ if $zone != $val;
+            }
+#print "recflags should have stuff set?\n";
+            return; # skips "default" bits just below
+          }
+my $val2 = _ZONE($val, 'ZONE', 'r', '.').($val->{isv6} ? '.ip6.arpa' : '.in-addr.arpa');
+#print "checking recflags for $val\n";
+#return if $$recflags{$val};
+          print $datafile '&'.$val2."::$host:$ttl:$stamp:$loc\n";
+          $$recflags{"$val2-sub"}++ if $val == $zone;
+print "$zone;\t$val2-sub NS $host\n";
+##NSfixme
         } else {
           print $datafile "\&$host"."::$val:$ttl:$stamp:$loc\n";
@@ -4477 +4530 @@
         # (eg http://search.cpan.org/dist/AllKnowingDNS/ )
 
+      } elsif ($type == 65285) { # Delegation
+        # This is intended for reverse zones, but may prove useful in forward zones.
+
+if ($revrec eq 'n') {
+  # It's an NS record.  Recurse and handle.
+  _printrec_tiny($datafile,$revrec,$recflags,$zone,$host,$reverse_typemap{'NS'},
+        $val,$dist,$weight,$port,$ttl,$loc,$stamp);
+} else {
+  # It's a delegation.  We may need to actually generate several NS records, and
+  # for IPv4 we may also need to generate a set of CNAMEs for sub-/24 blocks.
+#  print "delegation $val to $host\n";
+  my $dblock = NetAddr::IP->new($val);
+  if ($dblock->{isv6}) {
+    my @subs = $dblock->split($dblock->masklen + (4 - $dblock->masklen % 4) % 4);
+    foreach (@subs) {
+      _printrec_tiny($datafile, $revrec, $recflags, $zone, $host, $reverse_typemap{'NS'},
+        "$_", $dist, $weight, $port, $ttl, $loc, $stamp);
+    }
+  } else {
+    my @subs = $dblock->split($dblock->masklen + (8 - $dblock->masklen % 8) % 8);
+    foreach (@subs) {
+      if ($dblock->masklen <= 24) {
+        _printrec_tiny($datafile, $revrec, $recflags, $zone, $host, $reverse_typemap{'NS'},
+                "$_", $dist, $weight, $port, $ttl, $loc, $stamp);
+#print $datafile "$_ NS $host\n";
+##nsdeleg
+      } else {
+        my ($oct) = ($_->addr =~ /(\d+)$/);
+        #print "$_ CNAME $oct."._ZONE($dblock, 'ZONE.in-addr.arpa', 'r', '.')."\n";
+      }
+    }
+  }
+
+#print $datafile "C$host:$val:$ttl:$stamp:$loc\n";
+}
+
       } else {
         # raw record.  we don't know what's in here, so we ASS-U-ME the user has