Changeset 626

Timestamp:

04/29/14 17:27:00 (10 years ago)

Author:

Kris Deugau

Message:

/trunk

Update _validate_28() (AAAA) for any-record-in-any-zone. See #53.

Also fix up a subtle potential bug in _validate_1(); don't use the passed-in
NetAddr::IP in $args{addr} as it may be something funky.

File:

• trunk/DNSDB.pm (modified) (3 diffs)

trunk/DNSDB.pm

@@ -544 +544 @@
     return ('FAIL',"A record must be a valid IPv4 address")
         unless ${$args{val}} =~ /^\d+\.\d+\.\d+\.\d+$/;
+    $args{addr} = new NetAddr::IP ${$args{host}};
     return ('FAIL',"A record must be a valid IPv4 address")
         unless $args{addr} && !$args{addr}->{isv6};
@@ -867 +868 @@
 
 # AAAA record
+# Almost but not quite an exact duplicate of A record
 sub _validate_28 {
   my $self = shift;
@@ -873 +875 @@
   my %args = @_;
 
-  return ('FAIL', 'Reverse zones cannot contain AAAA records') if $args{revrec} eq 'y';
-
-  # Coerce all hostnames to end in ".DOMAIN" for group/default records,
-  # or the intended parent domain for live records.
-  my $pname = ($args{defrec} eq 'y' ? 'DOMAIN' : $self->domainName($args{id}));
-  ${$args{host}} =~ s/\.*$/\.$pname/ if ${$args{host}} !~ /$pname$/;
-
-  # Check IP is well-formed, and that it's a v6 address
-  return ('FAIL',"$typemap{${$args{rectype}}} record must be a valid IPv6 address")
+# only for strict type restrictions
+#  return ('FAIL', 'Reverse zones cannot contain AAAA records') if $args{revrec} eq 'y';
+
+  if ($args{revrec} eq 'y') {
+    # Get the revzone, so we can see if ${$args{val}} is in that zone
+    my $revzone = new NetAddr::IP $self->revName($args{id}, 'y');
+
+    return ('FAIL', $errstr) if !$self->_inrev($args{val}, $revzone);
+
+    # ${$args{val}} is either a valid IP or a string ending with the .arpa zone name;
+    # now check if it's a well-formed FQDN
+    return ('FAIL', $errstr) if ! _check_hostname_form(${$args{val}}, ${$args{rectype}}, $args{defrec}, $args{revrec}) &&
+        ${$args{val}} =~ /\.arpa$/;
+
+    # Check IP is well-formed, and that it's a v4 address
+    # Fail on "compact" IPv4 variants, because they are not consistent and predictable.
+    return ('FAIL',"AAAA record must be a valid IPv6 address")
+        unless ${$args{host}} =~ /^[a-fA-F0-9:]+$/;
+    $args{addr} = new NetAddr::IP ${$args{host}};
+    return ('FAIL',"AAAA record must be a valid IPv6 address")
         unless $args{addr} && $args{addr}->{isv6};
-  # coerce IP/value to normalized form for storage
-  ${$args{val}} = $args{addr}->addr;
+    # coerce IP/value to normalized form for storage
+    ${$args{host}} = $args{addr}->addr;
+
+    # I'm just going to ignore the utterly barmy idea of an AAAA record in the *default*
+    # records for a reverse zone;  it's bad enough to find one in funky legacy data.
+
+  } else {
+    # revrec ne 'y'
+
+    # Coerce all hostnames to end in ".DOMAIN" for group/default records,
+    # or the intended parent domain for live records.
+    my $pname = ($args{defrec} eq 'y' ? 'DOMAIN' : $self->domainName($args{id}));
+    ${$args{host}} =~ s/\.*$/\.$pname/ if (${$args{host}} ne '@' && ${$args{host}} !~ /$pname$/);
+
+    # Check if it's a proper formal .arpa name for an IP, and renormalize it to the IP
+    # value if so.  Done mainly for symmetry with PTR/AAAA+PTR, and saves a conversion on export.
+    if (${$args{val}} =~ /\.arpa$/) {
+      my ($code,$tmp) = _zone2cidr(${$args{val}});
+      if ($code ne 'FAIL') {
+        ${$args{val}} = $tmp->addr;
+        $args{addr} = $tmp;
+      }
+    }
+    # Check IP is well-formed, and that it's a v6 address
+    return ('FAIL',"AAAA record must be a valid IPv6 address")
+        unless ${$args{val}} =~ /^[a-fA-F0-9:]+$/;
+    $args{addr} = new NetAddr::IP ${$args{val}};
+    return ('FAIL',"AAAA record must be a valid IPv6 address")
+        unless $args{addr} && $args{addr}->{isv6};
+    # coerce IP/value to normalized form for storage
+    ${$args{val}} = $args{addr}->addr;
+  }
 
   return ('OK','OK');