StackExchange/dnscontrol
1
1
Fork 0
mirror of https://github.com/StackExchange/dnscontrol.git synced 2025-01-13 02:50:27 +08:00
Code Issues Projects Releases Packages Wiki Activity
dnscontrol/providers/bind/bindProvider.go
Tom Limoncelli 9812ecd9ff
BIND: Improve SOA serial number handling (#651) 
* github.com/miekg/dns
* Greatly simplify the logic for handling serial numbers. Related code was all over the place. Now it is abstracted into one testable method makeSoa. This simplifies code in many other places.
* Update docs/_providers/bind.md: Edit old text. Add SOA description.
* SOA records are now treated like any other record internally. You still can't specify them in dnsconfig.js, but that's by design.
* The URL for issue 491 was wrong in many places
* BIND: Clarify GENERATE_ZONEFILE message
2020-02-23 13:58:49 -05:00

268 lines
7.4 KiB
Go
Raw Blame History

package bind
/*
bind -
Generate zonefiles suitable for BIND.
The zonefiles are read and written to the directory -bind_dir
If the old zonefiles are readable, we read them to determine
if an update is actually needed. The old zonefile is also used
as the basis for generating the new SOA serial number.
*/
import (
"bytes"
"encoding/json"
"fmt"
"io/ioutil"
"os"
"path/filepath"
"strings"
"time"
"github.com/miekg/dns"
"github.com/StackExchange/dnscontrol/v2/models"
"github.com/StackExchange/dnscontrol/v2/pkg/prettyzone"
"github.com/StackExchange/dnscontrol/v2/providers"
"github.com/StackExchange/dnscontrol/v2/providers/diff"
)
var features = providers.DocumentationNotes{
providers.CanUseCAA: providers.Can(),
providers.CanUsePTR: providers.Can(),
providers.CanUseNAPTR: providers.Can(),
providers.CanUseSRV: providers.Can(),
providers.CanUseSSHFP: providers.Can(),
providers.CanUseTLSA: providers.Can(),
providers.CanUseTXTMulti: providers.Can(),
providers.CanAutoDNSSEC: providers.Can("Just writes out a comment indicating DNSSEC was requested"),
providers.CantUseNOPURGE: providers.Cannot(),
providers.DocCreateDomains: providers.Can("Driver just maintains list of zone files. It should automatically add missing ones."),
providers.DocDualHost: providers.Can(),
providers.DocOfficiallySupported: providers.Can(),
providers.CanGetZones: providers.Can(),
}
func initBind(config map[string]string, providermeta json.RawMessage) (providers.DNSServiceProvider, error) {
// config -- the key/values from creds.json
// meta -- the json blob from NewReq('name', 'TYPE', meta)
api := &Bind{
directory: config["directory"],
}
if api.directory == "" {
api.directory = "zones"
}
if len(providermeta) != 0 {
err := json.Unmarshal(providermeta, api)
if err != nil {
return nil, err
}
}
api.nameservers = models.StringsToNameservers(api.DefaultNS)
return api, nil
}
func init() {
providers.RegisterDomainServiceProviderType("BIND", initBind, features)
}
// SoaInfo contains the parts of the default SOA settings.
type SoaInfo struct {
Ns string `json:"master"`
Mbox string `json:"mbox"`
Serial uint32 `json:"serial"`
Refresh uint32 `json:"refresh"`
Retry uint32 `json:"retry"`
Expire uint32 `json:"expire"`
Minttl uint32 `json:"minttl"`
}
func (s SoaInfo) String() string {
return fmt.Sprintf("%s %s %d %d %d %d %d", s.Ns, s.Mbox, s.Serial, s.Refresh, s.Retry, s.Expire, s.Minttl)
}
// Bind is the provider handle for the Bind driver.
type Bind struct {
DefaultNS []string `json:"default_ns"`
DefaultSoa SoaInfo `json:"default_soa"`
nameservers []*models.Nameserver
directory string
zonefile string // Where the zone data is expected
zoneFileFound bool // Did the zonefile exist?
}
// GetNameservers returns the nameservers for a domain.
func (c *Bind) GetNameservers(string) ([]*models.Nameserver, error) {
return c.nameservers, nil
}
// ListZones returns all the zones in an account
func (c *Bind) ListZones() ([]string, error) {
if _, err := os.Stat(c.directory); os.IsNotExist(err) {
return nil, fmt.Errorf("directory %q does not exist", c.directory)
}
filenames, err := filepath.Glob(filepath.Join(c.directory, "*.zone"))
if err != nil {
return nil, err
}
var zones []string
for _, n := range filenames {
_, file := filepath.Split(n)
zones = append(zones, strings.TrimSuffix(file, ".zone"))
}
return zones, nil
}
// GetZoneRecords gets the records of a zone and returns them in RecordConfig format.
func (c *Bind) GetZoneRecords(domain string) (models.Records, error) {
foundRecords := models.Records{}
if _, err := os.Stat(c.directory); os.IsNotExist(err) {
fmt.Printf("\nWARNING: BIND directory %q does not exist!\n", c.directory)
}
c.zonefile = filepath.Join(
c.directory,
strings.Replace(strings.ToLower(domain), "/", "_", -1)+".zone")
content, err := ioutil.ReadFile(c.zonefile)
if os.IsNotExist(err) {
// If the file doesn't exist, that's not an error. Just informational.
c.zoneFileFound = false
fmt.Fprintf(os.Stderr, "File not found: '%v'\n", c.zonefile)
return nil, nil
}
if err != nil {
return nil, fmt.Errorf("can't open %s: %w", c.zonefile, err)
}
c.zoneFileFound = true
zp := dns.NewZoneParser(strings.NewReader(string(content)), domain, c.zonefile)
for rr, ok := zp.Next(); ok; rr, ok = zp.Next() {
rec := models.RRtoRC(rr, domain)
if rec.Type == "SOA" {
}
foundRecords = append(foundRecords, &rec)
}
if err := zp.Err(); err != nil {
return nil, fmt.Errorf("error while parsing '%v': %w", c.zonefile, err)
}
return foundRecords, nil
}
// GetDomainCorrections returns a list of corrections to update a domain.
func (c *Bind) GetDomainCorrections(dc *models.DomainConfig) ([]*models.Correction, error) {
dc.Punycode()
comments := make([]string, 0, 5)
comments = append(comments,
fmt.Sprintf("generated with dnscontrol %s", time.Now().Format(time.RFC3339)),
)
if dc.AutoDNSSEC {
comments = append(comments, "Automatic DNSSEC signing requested")
}
foundRecords, err := c.GetZoneRecords(dc.Name)
if err != nil {
return nil, err
}
// Find the SOA records; use them to make or update the desired SOA.
var foundSoa *models.RecordConfig
for _, r := range foundRecords {
if r.Type == "SOA" && r.Name == "@" {
foundSoa = r
break
}
}
var desiredSoa *models.RecordConfig
for _, r := range dc.Records {
if r.Type == "SOA" && r.Name == "@" {
desiredSoa = r
break
}
}
soaRec, nextSerial := makeSoa(dc.Name, &c.DefaultSoa, foundSoa, desiredSoa)
if desiredSoa == nil {
dc.Records = append(dc.Records, soaRec)
desiredSoa = dc.Records[len(dc.Records)-1]
} else {
*desiredSoa = *soaRec
}
// Normalize
models.PostProcessRecords(foundRecords)
differ := diff.New(dc)
_, create, del, mod := differ.IncrementalDiff(foundRecords)
buf := &bytes.Buffer{}
// Print a list of changes. Generate an actual change that is the zone
changes := false
for _, i := range create {
changes = true
if c.zoneFileFound {
fmt.Fprintln(buf, i)
}
}
for _, i := range del {
changes = true
if c.zoneFileFound {
fmt.Fprintln(buf, i)
}
}
for _, i := range mod {
changes = true
if c.zoneFileFound {
fmt.Fprintln(buf, i)
}
}
var msg string
if c.zoneFileFound {
msg = fmt.Sprintf("GENERATE_ZONEFILE: '%s'. Changes:\n%s", dc.Name, buf)
} else {
msg = fmt.Sprintf("GENERATE_ZONEFILE: '%s' (new file with %d records)\n", dc.Name, len(create))
}
corrections := []*models.Correction{}
if changes {
// We only change the serial number if there is a change.
desiredSoa.SoaSerial = nextSerial
corrections = append(corrections,
&models.Correction{
Msg: msg,
F: func() error {
fmt.Printf("WRITING ZONEFILE: %v\n", c.zonefile)
zf, err := os.Create(c.zonefile)
if err != nil {
return fmt.Errorf("could not create zonefile: %w", err)
}
// Beware that if there are any fake types, then they will
// be commented out on write, but we don't reverse that when
// reading, so there will be a diff on every invocation.
err = prettyzone.WriteZoneFileRC(zf, dc.Records, dc.Name, comments)
if err != nil {
return fmt.Errorf("failed WriteZoneFile: %w", err)
}
err = zf.Close()
if err != nil {
return fmt.Errorf("closing: %w", err)
}
return nil
},
})
}
return corrections, nil
}
Reference in a new issue View git blame Copy permalink