- Timestamp:
- 04/16/14 13:11:14 (11 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/DNSDB.pm
r609 r610 383 383 } 384 384 385 ## DNSDB::_inrev() 386 # Check if a given "hostname" is within a given reverse zone 387 # Takes a reference to the "hostname" and the reverse zone CIDR as a NetAddr::IP 388 # Returns true/false. Sets $errstr on errors. 389 sub _inrev { 390 my $self = shift; 391 my $dbh = $self->{dbh}; 392 # References, since we might munge them 393 my $fq = shift; 394 my $zone = shift; 395 396 # set default error 397 $errstr = "$$fq not within $zone"; 398 399 # Unlike forward zones, we will not coerce the data into the reverse zone - an A record 400 # in a reverse zone is already silly enough without appending a mess of 1.2.3.in-addr.arpa 401 # (or worse, 1.2.3.4.5.6.7.8.ip6.arpa) on the end of the nominal "hostname". 402 # We're also going to allow the "hostname" to be stored as .arpa or IP, because of 403 # non-IP FQDNs in .arpa 404 if ($$fq =~ /\.arpa$/) { 405 # "FQDN" could be any syntactically legitimate string, but it must be within the formal 406 # .arpa zone. Note we're not validating these for correct reverse-IP values. 407 # yes, we really need the v6 branch on the end here. 408 $zone = _ZONE($zone, 'ZONE', 'r', '.').($zone->{isv6} ? '.ip6.arpa' : '.in-addr.arpa'); 409 return unless $$fq =~ /$zone$/; 410 } else { 411 # in most cases we should be getting a real IP as the "FQDN" to test 412 my $addr = new NetAddr::IP $$fq if _maybeip($fq); 413 414 # "FQDN" should be a valid IP address. Normalize formatting if so. 415 if (!$addr) { 416 $errstr = "$$fq is not a valid IP address"; 417 return; 418 } 419 return if !$zone->contains($addr); 420 ($$fq = $addr) =~ s{/(?:32|128)$}{}; 421 } 422 return 1; 423 } # end _inrev() 424 385 425 ## DNSDB::_hostparent() 386 426 # A little different than _ipparent above; this tries to *find* the parent zone of a hostname … … 463 503 my $revzone = new NetAddr::IP $self->revName($args{id}, 'y'); 464 504 465 # Unlike forward zones, we will not coerce the data into the reverse zone - an A record 466 # in a reverse zone is already silly enough without appending a mess of 1.2.3.in-addr.arpa 467 # (or worse, 1.2.3.4.5.6.7.8.ip6.arpa) on the end of the nominal "hostname". 468 # We're also going to allow the "hostname" to be stored as .arpa or IP, because it won't 469 # make any more sense either way. 470 if (${$args{val}} =~ /\.arpa$/) { 471 # "hostname" could be any syntactically legitimate string, but it must be within the formal 472 # .arpa zone. Note we're not validating these for correct reverse-IP values. 473 # yes, we really need the v6 branch on the end here. 474 $revzone = _ZONE($revzone, 'ZONE', 'r', '.').($revzone->{isv6} ? '.ip6.arpa' : '.in-addr.arpa'); 475 return ('FAIL', "${$args{val}} not within $revzone") 476 unless ${$args{val}} =~ /$revzone$/; 477 } else { 478 # "hostname" should be a valid IP address. Normalize formatting if so. 479 return ('FAIL', "${$args{val}} is not a valid IP address") if !$args{addr}; 480 return ('FAIL', "${$args{val}} is not within $revzone") if !$revzone->contains($args{addr}); 481 (${$args{val}} = $args{addr}) =~ s{/(?:32|128)$}{}; 482 } 505 return ('FAIL', $errstr) if !$self->_inrev($args{val}, $revzone); 483 506 484 507 # Check IP is well-formed, and that it's a v4 address
Note:
See TracChangeset
for help on using the changeset viewer.