Opened 13 years ago

Closed 11 years ago

#26 closed enhancement (fixed)

Handle in-addr.arpa and ip6.arpa reverse zones separately from forward domains

Reported by: Kris Deugau Owned by:
Priority: major Milestone: 1.2
Version: Keywords:
Cc:

Description

This will also allow useful introduction of A+PTR and AAAA+PTR types.

Change History (66)

comment:1 by Kris Deugau, 13 years ago

(In [224]) /trunk

Start adding rDNS (See #26)

  • Initial SQL tabledef, default records, and record types (we'll abuse the reserved range of DNS record types from 65280 to 65534 for some extra custom types)
  • Start passing $webvar{revrec} around similar to $webvar{defrec}
  • Adjust record list page to handle reverse records. Tested on group-default reverse records but should work fine for live zones
  • Add "Reverse Zones" and "Default Reverse Records" to menu
  • While we're rearranging it, add a little more paranoia on some of the SQL

comment:2 by Kris Deugau, 13 years ago

(In [226]) /trunk

Update addRec() for reverse zones, first pass. A+PTR and AAAA+PTR should be complete.
See #26.

comment:3 by Kris Deugau, 13 years ago

(In [227]) /trunk

Missed a couple of fragments from first-pass reverse zone integration on addRec()
See #26

comment:4 by Kris Deugau, 13 years ago

(In [237]) /trunk

Checkpoint - almost finished updating domain list code to handle
reverse zones as well (see #26).
Still needs some UI polish in the template (flags to convert
"domain" to "reverse zone"), and possibly bringing some of the
HTML::Template-feeding bits for the actual list back out of the
DNSDB.pm sub after pushing the SQL in there.

comment:5 by Kris Deugau, 13 years ago

r228-r236 are only peripherally part of this ticket; record validation needed to be moved out of addRec() (and Any Day Real Soon NowTM updateRec() ). Also, reverse record handling is being integrated into existing subs (mostly) instead of added as copy-pasted duplicates of existing subs.

comment:6 by Kris Deugau, 13 years ago

(In [237]) /trunk

Checkpoint - almost finished updating domain list code to handle
reverse zones as well (see #26).
Still needs some UI polish in the template (flags to convert
"domain" to "reverse zone"), and possibly bringing some of the
HTML::Template-feeding bits for the actual list back out of the
DNSDB.pm sub after pushing the SQL in there (see #1).

comment:7 by Kris Deugau, 13 years ago

(In [239]) /trunk

Checkpoint; domain/reverse zone list almost complete. See #26.
Still need to do active/inactive

comment:8 by Kris Deugau, 13 years ago

(In [240]) /trunk

Whoops, forgot to export revName() somehow. See #26

comment:9 by Kris Deugau, 13 years ago

(In [241]) /trunk

Fix fpnla.tmpl to propagate revrec. See #26

comment:10 by Kris Deugau, 13 years ago

(In [242]) /trunk

Fix buglet that snuck back into A/AAAA+PTR add - domain ID was
not added field list or bind-values array. See #26.

comment:11 by Kris Deugau, 13 years ago

(In [242]) /trunk

Fix buglet that snuck back into A/AAAA+PTR add - domain ID was
not added field list or bind-values array. See #26.
Log entry update: Accidentally committed cleanups on fill_recdata
and several parts of the record page:

  • Fill in suitable starting points for domain name and IP address on adding reverse records, same as forward records start with the base domain name
  • Fix SOA retrieval for default TTL

comment:12 by Kris Deugau, 13 years ago

(In [243]) /trunk

Fixing up delRec() and caller to handle reverse records. See #26.

  • make sure to pass $webvar{revrec} around everywhere
  • extend getRecLine to properly retrieve information for any record
  • make sure another couple of changepage() calls bounce you to the right place

comment:13 by Kris Deugau, 13 years ago

(In [244]) /trunk

Scope check cleanup for rdns, should be complete. Some checks
seem to have been wrong (eg default record delete) and may be
candidates for backporting to a stable release. See #26.

comment:14 by Kris Deugau, 13 years ago

(In [245]) /trunk

Pass revrec on group change. See #26.

Nitpick cleanup on redirection via changepage(); sort the URL
parameters so we've got some chance of tracking where we've
been with browser history.

comment:15 by Kris Deugau, 13 years ago

(In [246]) /trunk

Move SOA update SQL into DNSDB.pm while we update it for
handling reverse zones. See #26.

comment:16 by Kris Deugau, 13 years ago

(In [247]) /trunk

Extend logaction sub to accept an optional rdns ID. See #26.

comment:17 by Kris Deugau, 13 years ago

(In [248]) /trunk

Quick pass over log linking and display for reverse zones. See #26.
Also add a ##fixme in logaction() for pagination, filtering, and
other log data massaging.

Fix a couple of typos introduced by hand-applying unrelated fixes
in a separate working copy

comment:18 by Kris Deugau, 13 years ago

(In [249]) /trunk

Fix lurking bug in SQL tabledef from early idea for default rdns
records
Fix logic bugs in A+PTR creation in default records:

  • we should NOT blindly prepend 'ZONE.' if it's present in the value/IP
  • we should not blindly append $config{domain} if ADMINDOMAIN is in the hostname
  • we need to check for "ZONE.1", "ZONE,1", and "ZONE::1" in the "does this PTR exist?" check because otherwise we'll silently end up with duplicates

Minor tweak to call to addRec() so that changes from validation
get propagated all the way back up the call chain.
See #26

comment:19 by Kris Deugau, 13 years ago

(In [250]) /trunk

Fix navigation glitch on deleting a record; revrec wasn't
propagated causing you to land on the wrong record list.
See #26

comment:20 by Kris Deugau, 13 years ago

(In [251]) /trunk

Fix buglet adding default AAAA+PTR records same as was fixed
for A+PTR in r249.
See #26

comment:21 by Kris Deugau, 13 years ago

(In [254]) /trunk

Update parentID() (and all calls to it) for reverse records,
move to DNSDB.pm. See #26.

comment:22 by Kris Deugau, 13 years ago

(In [255]) /trunk

Update addGroup() to copy default reverse records. See #26.

comment:23 by Kris Deugau, 13 years ago

(In [256]) /trunk

Update internal _log() sub to handle rdns_id
Update existing calls to _log() in addDomain()
See #26

comment:24 by Kris Deugau, 13 years ago

(In [257]) /trunk

Fix update to calls to _log from r256. See #26

comment:25 by Kris Deugau, 13 years ago

(In [258]) /trunk

Still missed a couple pieces in r257. See #26

comment:26 by Kris Deugau, 13 years ago

(In [260]) /trunk

First pass adding add-reverse-zone.

  • add newrdns/addrdns templates
  • add handling in dns.cgi for pages, copy-paste-modify'ed from add-domain
  • add addRDNS() in DNSDB.pm, copy-paste-modify'ed from addDomain()

addRDNS() still needs extension at the ##work to properly substitute
ZONE in hostname and value fields as well as pick and choose default
records (ie, skip A+PTR in v6 zones, and skip AAAA+PTR in v4 zones)
See #26

comment:27 by Kris Deugau, 13 years ago

(In [264]) /trunk

Checkpoint; reverse records that don't match the zone (v4/v6) are skipped
Reverse records that can't fit in the zone are also skipped (... sort of,
still needs work)
Replacing ZONE in value/IP mostly done
See #26

comment:28 by Kris Deugau, 13 years ago

(In [265]) /trunk

Checkpoint, "add reverse zone" zone-info subsititution almost
complete
See #26

comment:29 by Kris Deugau, 13 years ago

(In [267]) /trunk

Minor UI fix on reverse record sorting; got val/IP and host
switched. Again.
See #26.

comment:30 by Kris Deugau, 13 years ago

(In [268]) /trunk

*Still* missed a piece. Really fix reverse record list sorting.

For sure this time.

See #26

comment:31 by Kris Deugau, 13 years ago

(In [269]) /trunk

addRDNS() complete except for handling $revpatt.
See #26

comment:32 by Kris Deugau, 13 years ago

(In [270]) /trunk

Override any bare ZONE defrecs with the provided pattern while
adding a reverse zone.
Also patch up some UI glitches in error handling for revzone add
(match new domain handling more closely)
See #26

comment:33 by Kris Deugau, 13 years ago

(In [272]) /trunk

Checkpoint; update record mostly patched up for reverse records.
See #26

comment:34 by Kris Deugau, 13 years ago

(In [274]) /trunk

Flesh out most reverse zone deletion. See #26.

  • Convert delDomain() to delZone()
  • Add checks to coerce the shared-zone record types down to standard types on removal of the second parent, either way around. (IE, A+PTR will be converted to PTR if the parent domain is removed, or A if the parent revzone is removed)

Make sure to show result or error messages on the reverse zone
list page

comment:35 by Kris Deugau, 13 years ago

(In [275]) /trunk

Convert domStatus() and caller to zoneStatus() for reverse DNS
Add status change to revzones page handling
See #26

comment:36 by Kris Deugau, 13 years ago

(In [277]) /trunk

Checkpoint: Clean up SOA editing and extend for reverse zones.
Mostly complete; still need to finish shuffling arguments to
get logging moved into DNSDB.pm
See #26

comment:37 by Kris Deugau, 13 years ago

(In [300]) /trunk

Added missing NS records for initial default reverse zone records
Tweak metadata on NS and CNAME rectypes entries so they're available
for reverse zones
Tweak list order metadata so that NS and CNAME end up at the bottom
of the list for reverse zones
[ log fixup: see #26 ]

comment:38 by Kris Deugau, 13 years ago

(In [301]) /trunk

Checkpoint: importAXFR() now supports most reverse zones, as well
as internal action logging. Still need to correctly handle sub-octet
v4 zones, and consider adding code to handle a "merge records" flag
(ie, for an A record, see if a matching PTR exists; if so, merge
them into A+PTR)
[ log -> ticket fix: see #26 ]

comment:39 by Kris Deugau, 13 years ago

(In [302]) /trunk

Checkpoint converting importAXFR() to support reverse zones

  • added "merge A/AAAA and PTR records" functionality
  • Flip NS and CNAME records around if importing a revzone so they display properly
  • Consider dropping CNAMEs in revzones since they're essentially an implementation hack, and not really part of the logical delegation chain
  • Clean up some commented stale code

[ log -> ticket fixup: see #26 ]

comment:40 by Kris Deugau, 13 years ago

(In [303]) /trunk

Checkpoint - still finding rough edges in AXFR import
[ log -> ticket fixup: see #26 ]

comment:41 by Kris Deugau, 13 years ago

(In [304]) /trunk

Drop support for /31 sub-octet ranges in in-addr.arpa zone names in
favour of supporting an alternate scheme that uses the netmask as
the number after the dash. (You can't tell 24-31 -> (range) .24/29
apart from 24-31 (mask) -> .24/31 in isolation.)

Consider supporting / in the zone name too; however / is not
generally considered a valid character for domain name parts.

[ log -> ticket fixup: see #26 ]

comment:42 by Kris Deugau, 13 years ago

(In [306]) /trunk

Fix addition of default NS records for reverse zones done in r300
See #26

comment:43 by Kris Deugau, 13 years ago

(In [307]) /trunk

Fix a taint mode gotcha in _zone2cidr(), introduced with the
extension in r304 for supporting both range and netmask-based
sub-octet reverse zone names

Finalize updates to importAXFR() for reverse zones (see #26) and
action logging (see #35).
Includes some commented code and stubbery to do more complex handling
of NS and CNAME records for sub-octet subzones in revzones, probably
hinging on introducing a new pseudotype "DELEGATE"

comment:44 by Kris Deugau, 13 years ago

(In [308]) /trunk

UI-layer changes to move action logging for importAXFR() out of
dns.cgi (see #35) and introduce a UI checkbox to merge matching
A/AAAA and PTR records on import (see #26, sort of)

comment:45 by Kris Deugau, 13 years ago

(In [311]) /trunk

Move SQL for SOA update to DNSDB.pm (see #1)
Clean up support for reverse zones (see #26)
Move action logging for SOA updates to DNSDB.pm (see #35)

Includes log/info message consistency cleanups, dropping stale
commented code, dropping if(0)'ed code, tweaks to fillsoa() to
retain user changes on errors, updates to getSOA() for consistency,
removal of a stale form input

comment:46 by Kris Deugau, 13 years ago

(In [314]) /trunk

Move SQL for "Manage groups" to DNSDB.pm. See #1
Extend new group list sub to return a revzone count. See #26

comment:47 by Kris Deugau, 13 years ago

Milestone: 1.2

comment:48 by Kris Deugau, 13 years ago

(In [329]) /trunk

Checkpoint, update export process to handle reverse zones. See #26.

  • Split off actual record-printing to its own sub
  • Duplicate domain loop for revzones

comment:49 by Kris Deugau, 13 years ago

(In [330]) /trunk

Checkpoint, updating export for reverse zones. See #26.

  • Update SOA and NS record export handling to deal correctly with reverse zones

comment:50 by Kris Deugau, 13 years ago

(In [332]) /trunk

Checkpoint updating export for reverse zones. See #26.

  • Rework PTR handling for actual storage method used
  • Tweak _ZONE (again) so it doesn't chop off a trailing 0 in an IPv6 IP address

comment:51 by Kris Deugau, 13 years ago

(In [333]) /trunk

Checkpoint, update export for reverse DNS. See #26.

  • Stub out slices in _printrec_tiny for the new pseudotypes
  • Fill in handling for AAAA+PTR (65281) since the forward and reverse entries can be spawned off as separate calls to print an AAAA or PTR record

comment:52 by Kris Deugau, 13 years ago

(In [334]) /trunk

Checkpoint updating export for reverse DNS. See #26.

  • Retrieve record IDs to track A+PTR (and possibly AAAA+PTR, eventually) records so we don't double-export them
  • Fix bug that snuck in to PTR export; $ttl, not a literal 'ttl'
  • Fix buglet in recursive call to _printrec_tiny for AAAA+PTR; forgot to pass $recflags

comment:53 by Kris Deugau, 13 years ago

(In [336]) /trunk

Checkpoint updating export for reverse DNS. See #26.

  • Flesh out substitutions and supported patterns for v4 templates

comment:54 by Kris Deugau, 13 years ago

(In [337]) /trunk

Checkpoint updating export for reverse DNS. See #26.

  • _template4_expand moved up to join its relatives _ZONE and _zone2cidr
  • SOA export updated to properly output multiple real SOA records if a logical v4 reverse zone is not octet-aligned
  • PTR template and A+PTR template should now be complete
  • Zone and record SELECTs updated so that records are retrieved in an order that lets us export the more specific records first so we can exclude those IPs from the 1->many template record expansion

SOA and (A+)PTR template changes should probably be tested
further for odd edge cases

comment:55 by Kris Deugau, 13 years ago

(In [339]) /trunk

Finally polish up what should be the last of PTR template and
A+PTR template export. See #26.

comment:56 by Kris Deugau, 13 years ago

(In [340]) /trunk

Fill in validation stubs for type 65282 (PTR template) and
65283 (A+PTR template). See #26.

comment:57 by Kris Deugau, 13 years ago

(In [344]) /trunk

Work around bizarre SQL un-bug where:

SELECT <stuff> UNION (SELECT <stuff> ORDER BY ...)

not only didn't essentially glue the results of the two SELECTs together
serially (mildly confusing but a nonissue), but the ORDER BY was not obeyed
properly and resulted in records returned in the wrong relative order
overall (a problem when further processing required that relative ordering
of the records from the second SELECT).

This caused PTR template entries in reverse zones to not stack/overlay/cascade
properly on export, because larger netblocks returned first (against the ORDER
BY) prevented the smaller, more specific blocks from being expanded.

See #26

comment:58 by Kris Deugau, 13 years ago

(In [345]) /trunk

Checkpoint adding delegation type. See #26.

  • stuck on how to mask the parent zone's NS records if a delegated segment has records for the same "level" of v4 netblock, without blocking the ability to have multiple NS records and delegation records for any given block

comment:59 by Kris Deugau, 13 years ago

(In [346]) /trunk

Delegation type now exports correctly, or at least as correctly as the
input data can manage. Nested super-/24 and sub-/24 delegations may
not resolve correctly depending on whether a DNS server hands out only
the super-/24 delegation records or only the CNAMEs for the sub-/24, or
both.

As a nice bonus, it doesn't matter for most delegations whether you use
explicit NS records or the "Delegation" pseudotype. Only sub-/24
delegations will not be fully created (including the CNAMEs for each IP)
with just NS records.

See #26.

comment:60 by Kris Deugau, 12 years ago

(In [350]) /trunk

Tweak addRec() and updateRec() to allow "bad" hostnames so TXT records
can be used in reverse zones
Expand export of TXT records to properly export them in reverse zones

Thanks to Steve Atkins for pointing this out on the pgsql-general mailing list.

See #26.

comment:61 by Kris Deugau, 12 years ago

(In [351]) /trunk

Forgot to include the initial tabledef/record type change to allow
TXT records in reverse zones in r350.

See #26.

comment:62 by Kris Deugau, 12 years ago

(In [352]) /trunk

Tweak getDomRecs() to return reverse zone entries sorted by val
in the "correct" order by casting val as inet.

See #26

comment:63 by Kris Deugau, 12 years ago

(In [353]) /trunk

Checkpoint filling in tinydns data import stubs

  • Move a useful sub up the hierarchy
  • Include explicit count/limit in split() calls; lets us catch possible syntax oopses that would give strange timestamp or location entries
  • Convert existing record inserts to use prepared statement
  • Extend CNAME support to handle CNAMEs properly in reverse zones
  • Mostly finish tinydns "." type (SOA+NS+A) - note these seem to be mainly useful for very small installations, not large ones.
  • Add stub for location/view entries

See #26, partly

comment:64 by Kris Deugau, 12 years ago

(In [356]) /trunk

Checkpoint: tiny-import.pl

  • Add warning to header
  • Remove development print in NS segment
  • Fill in PTR stub (See #26)

comment:65 by Kris Deugau, 12 years ago

(In [405]) /trunk

Clean up some more annoyances in dns-rpc.cgi. See #43.

  • Update active and stub list of subs to match current DNSDB.pm
  • Factor out common opening errorcheck actions into a separate internal sub
  • Refresh getRecCount internals since it should be almost identical to getDomRecs
  • Fix a couple of trivial copypasted comment typos

Add support to handle adding and deleting reverse zones. See #26.

  • Complete conversion of delDomain to delZone
  • Add addRDNS

comment:66 by Kris Deugau, 11 years ago

Resolution: fixed
Status: newclosed

Resolving with release of v1.2.

Note: See TracTickets for help on using tickets.