Changeset 637

Timestamp:

05/27/14 17:26:04 (10 years ago)

Author:

Kris Deugau

Message:

/trunk

Review and finalize cleanup of _printrec_tiny() for
any-record-in-any-zone. See #53.

File:

• trunk/DNSDB.pm (modified) (14 diffs)

trunk/DNSDB.pm

@@ -5815 +5815 @@
   }
 
+  # Utility sub-sub for reverse records;  with "any-record-in-any-zone"
+  # we may need to do extra processing on $val to make it publishable.
+  sub __revswap {
+    my $host = shift;
+    my $val = shift;
+    return ($val, $host) if $val =~ /\.arpa/;
+    $val = new NetAddr::IP $val;
+    my $newval = _ZONE($val, 'ZONE', 'r', '.').($val->{isv6} ? '.ip6.arpa' : '.in-addr.arpa');
+    return ($newval, $host);
+  }
+
 ## WARNING:  This works to export even the whole Internet's worth of IP space...
 ##  if you have the disk/RAM to handle the dataset, and you call this sub based on /16-sized chunks
@@ -5830 +5841 @@
     my $stamp = shift;
     my $loc = shift;
+    my $zone = new NetAddr::IP shift;
     my $ptronly = shift || 0;
+
+    # do this conversion once, not (number-of-ips-in-subnet) times
+    my $arpabase = _ZONE($zone, 'ZONE.in-addr.arpa', 'r', '.');
 
     my $iplist = $sub->splitref(32);
@@ -5836 +5851 @@
       my $ip = $_->addr;
       # make as if we split the non-octet-aligned block into octet-aligned blocks as with SOA
+      my $lastoct = (split /\./, $ip)[3];
       next if $ip =~ /\.(0|255)$/; # && $self->{skip_net_0}
       next if $$recflags{$ip}; # && $self->{skip_bcast_255}
@@ -5841 +5857 @@
       next if $hpat eq '%blank%';       # Allows blanking a subnet so no records are published.
       my $rec = $hpat;  # start fresh with the template for each IP
+##fixme:  there really isn't a good way to handle sub-/24 zones here.  This way at least
+# seems less bad than some alternatives.  
       _template4_expand(\$rec, $ip);
-      print $fh ($ptronly ? "^"._ZONE($_, 'ZONE.in-addr.arpa', 'r', '.').":$rec" : "=$rec:$ip").
-        ":$ttl:$stamp:$loc\n" or die $!;
+      if ($ptronly || $zone->masklen > 24) {
+        print $fh "^$lastoct.$arpabase:$rec:$ttl:$stamp:$loc\n" or die $!;
+        if (!$ptronly) {
+          # print a separate A record.  Arguably we could use an = record here instead.
+          print $fh "+$rec:$ip:$ttl:$stamp:$loc\n" or die $!;
+        }
+      } else {
+        print $fh "=$rec:$ip:$ttl:$stamp:$loc\n" or die $!;
+      }
     }
   }
@@ -5850 +5875 @@
 
 ##fixme?  append . to all host/val hostnames
+#print "debug: rawdata: $host $typemap{$type} $val\n";
 
   if ($typemap{$type} eq 'SOA') {
@@ -5880 +5906 @@
   } elsif ($typemap{$type} eq 'A') {
 
+    ($host,$val) = __revswap($host,$val) if $revrec eq 'y';
     print $datafile "+$host:$val:$ttl:$stamp:$loc\n" or die $!;
 
@@ -5912 +5939 @@
   } elsif ($typemap{$type} eq 'AAAA') {
 
-#    print $datafile ":$host:28:";
+    ($host,$val) = __revswap($host,$val) if $revrec eq 'y';
     my $altgrp = 0;
     my @altconv;
@@ -5936 +5963 @@
   } elsif ($typemap{$type} eq 'MX') {
 
-##fixme:  what if we get an MX AXFRed into a reverse zone?
+    ($host,$val) = __revswap($host,$val) if $revrec eq 'y';
     print $datafile "\@$host"."::$val:$dist:$ttl:$stamp:$loc\n" or die $!;
 
   } elsif ($typemap{$type} eq 'TXT') {
 
+    ($host,$val) = __revswap($host,$val) if $revrec eq 'y';
 ##fixme:  split v-e-r-y long TXT strings?  will need to do so for BIND export, at least
-    if ($revrec eq 'n') {
-      $val =~ s/:/\\072/g;      # may need to replace other symbols
-      print $datafile "'$host:$val:$ttl:$stamp:$loc\n" or die $!;
-    } else {
-      $host =~ s/:/\\072/g;     # may need to replace other symbols
-      my $val2 = NetAddr::IP->new($val);
-      print $datafile "'"._ZONE($val2, 'ZONE', 'r', '.').($val2->{isv6} ? '.ip6.arpa' : '.in-addr.arpa').
-        ":$host:$ttl:$stamp:$loc\n" or die $!;
-    }
+    $val =~ s/:/\\072/g;        # may need to replace other symbols
+    print $datafile "'$host:$val:$ttl:$stamp:$loc\n" or die $!;
 
 # by-hand TXT
@@ -5971 +5992 @@
   } elsif ($typemap{$type} eq 'CNAME') {
 
-    if ($revrec eq 'n') {
-      print $datafile "C$host:$val:$ttl:$stamp:$loc\n" or die $!;
-    } else {
-      my $val2 = NetAddr::IP->new($val);
-      print $datafile "C"._ZONE($val2, 'ZONE', 'r', '.').($val2->{isv6} ? '.ip6.arpa' : '.in-addr.arpa').
-        ":$host:$ttl:$stamp:$loc\n" or die $!;
-    }
+    ($host,$val) = __revswap($host,$val) if $revrec eq 'y';
+    print $datafile "C$host:$val:$ttl:$stamp:$loc\n" or die $!;
 
   } elsif ($typemap{$type} eq 'SRV') {
+
+    ($host,$val) = __revswap($host,$val) if $revrec eq 'y';
 
     # data is two-byte values for priority, weight, port, in that order,
     # followed by length/string data
 
-    print $datafile ":$host:33:".octalize($dist,'d').octalize($weight,'d').octalize($port,'d') or die $!;
+    my $prefix = ":$host:33:".octalize($dist,'d').octalize($weight,'d').octalize($port,'d');
 
     $val .= '.' if $val !~ /\.$/;
     foreach (split /\./, $val) {
-      printf $datafile "\\%0.3o%s", length($_), $_ or die $!;
-    }
-    print $datafile "\\000:$ttl:$stamp:$loc\n" or die $!;
+      $prefix .= sprintf "\\%0.3o%s", length($_), $_ or die $!;
+    }
+    print $datafile "$prefix\\000:$ttl:$stamp:$loc\n" or die $!;
 
   } elsif ($typemap{$type} eq 'RP') {
 
+    ($host,$val) = __revswap($host,$val) if $revrec eq 'y';
     # RP consists of two mostly free-form strings.
     # The first is supposed to be an email address with @ replaced by . (as with the SOA contact)
@@ -6010 +6029 @@
   } elsif ($typemap{$type} eq 'PTR') {
 
-    $zone = NetAddr::IP->new($zone);
     $$recflags{$val}++;
-    if (!$zone->{isv6} && $zone->masklen > 24) {
-      ($val) = ($val =~ /\.(\d+)$/);
-      print $datafile "^$val."._ZONE($zone, 'ZONE', 'r', '.').'.in-addr.arpa'.
-        ":$host:$ttl:$stamp:$loc\n" or die $!;
+    if ($revrec eq 'y') {
+
+      if ($val =~ /\.arpa$/) {
+        # someone put in the formal .arpa name.  humor them.
+        print $datafile "^$val:$host:$ttl:$stamp:$loc\n" or die $!;
+      } else {
+        $zone = NetAddr::IP->new($zone);
+        if (!$zone->{isv6} && $zone->masklen > 24) {
+          # sub-octet v4 zone
+          ($val) = ($val =~ /\.(\d+)$/);
+          print $datafile "^$val."._ZONE($zone, 'ZONE', 'r', '.').'.in-addr.arpa'.
+            ":$host:$ttl:$stamp:$loc\n" or die $!;
+        } else {
+          # not going to care about strange results if $val is not an IP value and is resolveable in DNS
+          $val = NetAddr::IP->new($val);
+          print $datafile "^".
+            _ZONE($val, 'ZONE', 'r', '.').($val->{isv6} ? '.ip6.arpa' : '.in-addr.arpa').
+            ":$host:$ttl:$stamp:$loc\n" or die $!;
+        }
+      } # non-".arpa" $val
+
     } else {
-      $val = NetAddr::IP->new($val);
-      print $datafile "^".
-        _ZONE($val, 'ZONE', 'r', '.').($val->{isv6} ? '.ip6.arpa' : '.in-addr.arpa').
-        ":$host:$ttl:$stamp:$loc\n" or die $!;
+      # PTRs in forward zones are less bizarre and insane than some other record types
+      # in reverse zones...  OTOH we can't validate them any which way, so we cross our
+      # fingers and close our eyes and make it Someone Else's Problem.
+      print $datafile "^$host:$val:$ttl:$stamp:$loc\n" or die $!;
     }
 
@@ -6049 +6084 @@
     if ($val->masklen <= 16) {
       foreach my $sub ($val->split(16)) {
-        __publish_subnet($sub, $recflags, $host, $datafile, $ttl, $stamp, $loc, 1);
+        __publish_subnet($sub, $recflags, $host, $datafile, $ttl, $stamp, $loc, $zone, 1);
       }
     } else {
-      __publish_subnet($val, $recflags, $host, $datafile, $ttl, $stamp, $loc, 1);
+      __publish_subnet($val, $recflags, $host, $datafile, $ttl, $stamp, $loc, $zone, 1);
     }
 
@@ -6063 +6098 @@
     if ($val->masklen <= 16) {
       foreach my $sub ($val->split(16)) {
-        __publish_subnet($sub, $recflags, $host, $datafile, $ttl, $stamp, $loc, 0);
+        __publish_subnet($sub, $recflags, $host, $datafile, $ttl, $stamp, $loc, $zone, 0);
       }
     } else {
-      __publish_subnet($val, $recflags, $host, $datafile, $ttl, $stamp, $loc, 0);
+      __publish_subnet($val, $recflags, $host, $datafile, $ttl, $stamp, $loc, $zone, 0);
     }
 
@@ -6078 +6113 @@
 
     # All delegations need to create one or more NS records.  The NS record handler knows what to do.
-    _printrec_tiny($datafile,$revrec,$recflags,$zone,$host,$reverse_typemap{'NS'},
+    _printrec_tiny($datafile,$recid,$revrec,$recflags,$zone,$host,$reverse_typemap{'NS'},
       $val,$dist,$weight,$port,$ttl,$loc,$stamp);
     if ($revrec eq 'y') {
       # In the case of a sub-/24 v4 reverse delegation, we need to generate CNAMEs
       # to redirect all of the individual IP lookups as well.
+      # OR
+      # create NS records for each IP
       # Not sure how this would actually resolve if a /24 or larger was delegated
       # one way, and a sub-/24 in that >=/24 was delegated elsewhere...
@@ -6103 +6140 @@
 
   } elsif ($type == 44) { # SSHFP
+
+    ($host,$val) = __revswap($host,$val) if $revrec eq 'y';
+
     my ($algo,$fpt,$fp) = split /\s+/, $val;