Refactoring; Bug-Fix: Don't execute external when not set, Keyfile comparison

Signed-off-by: Blackyfff <blackyfff@noreply.git.freifunk-franken.de>
This commit is contained in:
Blackyfff 2021-06-27 22:51:24 +02:00
parent 2a5069d0b1
commit 2cb6ea5ade
2 changed files with 73 additions and 70 deletions

56
dns-functions.sh Executable file → Normal file
View File

@ -12,6 +12,19 @@ GetZoneFileSerial() {
fi
echo "${ZoneSerial:-0}"
}
InsertZoneToViews() {
Views="$1"
ZoneFilesFolder="$2"
Domain="$3"
SourceFile="$4"
TempFolder="$5"
DNSSECPolicy="$6"
for View in $Views; do
ZoneFile="$ZoneFilesFolder""db.""$View"".""$Domain"
[ -f "$ZoneFile" ] || ln -s "$SourceFile" "$ZoneFile"
InsertZoneToIncludeFile "$Domain" "$ZoneFile" "$TempFolder""$View"".conf" "$DNSSECPolicy"
done
}
InsertZoneToIncludeFile() {
if [ ! -f "$3" ]; then
{
@ -31,16 +44,18 @@ zone \"""$1""\" {\n\
};" "$3"
fi
}
GetAllSubNameservers() {
Domain="$(echo "$1" | sed -e 's/\./\\\./g')"
SubDomain="$(echo "$2" | sed -e 's/\./\\\./g')"
sed -ne 's/^\s*'"$SubDomain"'\(\.'"$Domain"'\.\)\?\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Nn][Ss]\s\+\(\S\+\)/\3/p' "$3" | \
GetAllNameservers() {
sed -ne 's/^\s*'"$2"'\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Nn][Ss]\s\+\(\S\+\)/\3/p' "$3" | \
sed -e 's/\([^.]\)$/\1\.'"$1"'\./g;s/\.$//g'
}
GetAllSubNameservers() {
Domain="$(SEDifyHostname "$1")"
SubDomain="$(SEDifyHostname "$2")"
GetAllNameservers "$1" "$SubDomain""\(\.""$Domain""\.\)\?" "$3"
}
GetAllZoneNameservers() {
Domain="""$(echo "$1" | sed -e 's/\./\\\./g')"
sed -ne 's/^\s*\(@\|'"$Domain"'\.\)\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Nn][Ss]\s\+\(\S\+\)/\3/p' "$2" | \
sed -e 's/\([^.]\)$/\1\.'"$1"'\./g;s/\.$//g'
Domain="""$(SEDifyHostname "$1")"
GetAllNameservers "$1" "\(@\|""$Domain""\.\)" "$2"
}
GetReverseZoneFileFromZone() {
echo "db.""$(echo "$1" | awk -F. '{ printf $(NF-2);for(i=NF-3;i>0;--i) printf "."$i}')"
@ -58,7 +73,7 @@ GetReverseIPv4Domains() {
echo "${RevDomain#.}"
else
Filler=$((8 - Filler))
Filler=$((1 << Filler))
Filler=$((1 << $Filler))
Start=$(echo "$IPFilled" | awk -F. '{printf $'"$((Statics+1))"'}')
Start=$((Start - Start % Filler))
for Sub in $(seq $Start $((Start + Filler - 1))); do
@ -79,7 +94,7 @@ GetReverseIPv6Domains() {
echo "${RevDomain#.}"
else
Filler=$((4 - Filler))
Filler=$((1 << Filler))
Filler=$((1 << $Filler))
Start="$(printf %d 0x"$(echo "$IPFilled" | awk 'BEGIN{FS=""}{printf $'"$((Statics+1))"'}')")"
Start=$((Start - Start % Filler))
for Sub in $(seq $Start $((Start + Filler - 1))); do
@ -102,6 +117,9 @@ ExpandHostname() {
[ -n "${Hostname##*.}" ] && Hostname="$Hostname"".""$2"
echo "$Hostname"
}
SEDifyHostname() {
echo "$1" | sed -r 's/\./\\\./g'
}
GetServernameSEDEntry() {
CommunityName="$1"
ServerName="$DNSSCRIPT_SERVER_NAME"
@ -111,7 +129,7 @@ GetServernameSEDEntry() {
ServerName="\(""$ServerName"".\)"
fi
echo "$ServerName" | sed -r 's/\./\\\./g'
SEDifyHostname "$ServerName"
}
NormalizeZoneFileFormatting() {
awk 'BEGIN{FS="\t"}{l=length($1);f=substr(" ", 1+length($1));
@ -162,7 +180,7 @@ IPv4IsInSubnet() {
AreEqual="$([ "$IPStaticPart" = "$SubnetStaticPart" ]; echo "$?")"
if [ $AreEqual -eq 0 ] && [ $BlockMask -ne 0 ]; then
BlockMask=$((8 - BlockMask))
BlockMask=$((-1 << BlockMask))
BlockMask=$((-1 << $BlockMask))
IPBlock=$(echo "$IPFilled" | awk -F. '{printf $'"$((Statics+1))"'}')
SubnetBlock=$(echo "$SubnetIPFilled" | awk -F. '{printf $'"$((Statics+1))"'}')
IPBlock=$((IPBlock & BlockMask))
@ -194,11 +212,11 @@ UpdateDNSSECEntryCache () {
mkdir -p "$ZoneTempFolder"
for KeyFile in "$ZoneTempFolder"*; do
[ "$KeyFile" = "$ZoneTempFolder""*" ] || \
mv "$KeyFile" "$ZoneTempFolder""Old""${KeyFile##*"$ZoneTempFolder"}"
[ "$KeyFile" == "$ZoneTempFolder""*" ] || \
mv "$KeyFile" "$ZoneTempFolder""Old""${KeyFile##*""$ZoneTempFolder""}"
done
for Nameserver in $Nameservers; do
if [ "$Nameserver" = "$DNSSCRIPT_SERVER_NAME" ]; then
if [ "$Nameserver" == "$DNSSCRIPT_SERVER_NAME" ]; then
DNSKEYS="$( GetOwnKeysForZone "$DNSSECKeyFolder" "$Domain" )"
else
DNSKEYS="$(delv @"$Nameserver" _dnsseckeys."$Domain" TXT 2>/dev/null | \
@ -213,7 +231,7 @@ UpdateDNSSECEntryCache () {
fi
done
SEDDomain="$(echo "$Domain" | sed -e 's/\./\\\./g')"
SEDDomain="$(SEDifyHostname "$Domain")"
ChildServers="$( sed -ne '/^\s*\(@\|'"$SEDDomain"'\.\)\s/!s/^\s*\(\S\+\)\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Nn][Ss]\s\+\(\S\+\);\?.*$/\1#\3/p' "$CachedZoneFile" | \
sed -e 's/\([^.]\)$/\1\.'"$Domain"'\./g;s/\.$//g;s/\([^.]\)#/\1\.'"$Domain"'\.#/g;s/\.#/#/g' )"
for ChildServer in $ChildServers; do
@ -237,20 +255,20 @@ UpdateDNSSECEntryCache () {
done
for KeyFile in "$ZoneTempFolder""Old"*; do
[ "$KeyFile" = "$ZoneTempFolder""Old*" ] || \
[ "$KeyFile" == "$ZoneTempFolder""Old*" ] || \
rm -f "$KeyFile"
done
echo "$UpdateMaster"
}
ReloadZone() {
if [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 0 ]; then
systemctl reload bind9
systemctl reload bind9 >/dev/null
elif [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 1 ]; then
for Zone in $2; do
rndc reload "$1" IN "$Zone" || touch "/tmp/dnsscript-forcereconf"
rndc reload "$1" IN "$Zone" >/dev/null || touch "/tmp/dnsscript-forcereconf"
done
elif [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 2 ]; then
/etc/init.d/named reload
/etc/init.d/named reload >/dev/null
fi
}

87
update-dns.sh Executable file → Normal file
View File

@ -58,7 +58,7 @@ rm -f "$TempFolder""$ExternalView"".conf"
CachedMasterFile="$TempFolder""cache/db.""$CommunityDomain"
PreFetchMasterSerial="$(GetZoneFileSerial "$CachedMasterFile")"
curl -s -S -f "$RemoteLocation""db.""$CommunityDomain" --output "$CachedMasterFile"
$(curl -s -S -f "$RemoteLocation""db.""$CommunityDomain" --output "$CachedMasterFile")
PostFetchMasterSerial="$(GetZoneFileSerial "$CachedMasterFile")"
ServeMasterZone="$( GetAllZoneNameservers "$CommunityDomain" "$CachedMasterFile" | awk '{for(i=NF;i>0;--i) if($i=="'"$DNSSCRIPT_SERVER_NAME"'") {printf 1}}')"
if [ -n "$CommunityExternDomain" ]; then
@ -83,16 +83,13 @@ if [ -n "$ServeMasterZone" ] || [ -n "$ServeExtZone" ]; then
if [ -n "$ServeMasterZone" ]; then
MasterFile="$ZoneFilesFolder""db.""$FirstInternal"".""$CommunityDomain"
FileForExternGeneration="$MasterFile"
UpdateMaster=0
ZoneTempFolder="$TempFolder""cache/""$CommunityDomain""/"
UpdateMaster="$(UpdateDNSSECEntryCache "$CommunityDomain" "$ZoneTempFolder" "$CachedMasterFile" "$DNSSECKeyFolder")"
[ $((PostFetchMasterSerial)) -le $((PreFetchMasterSerial)) ] || UpdateMaster=1
if [ $UpdateMaster -ne 0 ]; then
UpdateMaster="$(UpdateDNSSECEntryCache "$CommunityDomain" "$ZoneTempFolder" "$CachedMasterFile" "$DNSSECKeyFolder")"
if [ $((PostFetchMasterSerial)) -gt $((PreFetchMasterSerial)) ] || [ $UpdateMaster -ne 0 ]; then
cp -f "$CachedMasterFile" "$CachedMasterFile""I"
for KeyFile in "$ZoneTempFolder"*; do
[ "$KeyFile" = "$ZoneTempFolder""*" ] || \
[ "$KeyFile" == "$ZoneTempFolder""*" ] || \
cat "$KeyFile" >> "$CachedMasterFile""I"
done
LocalMasterSerial="$(GetZoneFileSerial "$MasterFile")"
@ -107,11 +104,7 @@ if [ -n "$ServeMasterZone" ] || [ -n "$ServeExtZone" ]; then
mv "$CachedMasterFile""I" "$MasterFile"
ReloadZone "$CommunityDomain" "$InternalViews"
for IView in $InternalViews; do
InternViewMasterZone="$ZoneFilesFolder""db.""$IView"".""$CommunityDomain"
[ -f "$InternViewMasterZone" ] || ln -s "$MasterFile" "$InternViewMasterZone"
InsertZoneToIncludeFile "$CommunityDomain" "$InternViewMasterZone" "$TempFolder""$IView"".conf" "$DNSSECPolicy"
done
InsertZoneToViews "$InternalViews" "$ZoneFilesFolder" "$CommunityDomain" "$MasterFile" "$TempFolder" "$DNSSECPolicy"
fi
for Subnet in $CommunitySubnets; do
ReverseDomains="$(GetReverseDomains "$Subnet")"
@ -143,7 +136,6 @@ if [ -n "$ServeMasterZone" ] || [ -n "$ServeExtZone" ]; then
fi
fi
UpdateExternDomain=0
if [ -n "$ServeExtZone" ]; then
MasterExtDomainFile="$ZoneFilesFolder""db.""$FirstInternal"".""$CommunityExternDomain"
ZoneTempFolder="$TempFolder""cache/""$CommunityExternDomain""/"
@ -152,14 +144,12 @@ if [ -n "$ServeMasterZone" ] || [ -n "$ServeExtZone" ]; then
[ -n "$(sed -e '/^\s*\(@\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Nn][Ss]\)\s/!d' "$CachedMasterFile""E")" ] || \
sed -i -e 's/^\s*\(@\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Ss][Oo][Aa]\)\s\+\S\+\s\+\S\+\s/\1 '"$DNSSCRIPT_SERVER_NAME"'. '"$DNSSCRIPT_CONTACT_EMAIL"' /g' "$CachedMasterFile""E"
sed -i -e 's/^\s*'"$CommunityExternPrefix"'\s/@ /g;/^\s*@\s\+[Ii][Nn]\s\+[Dd][Ss]\s/d' "$CachedMasterFile""E"
sed -i -e 's/^\s*'"$CommunityExternPrefix"'\s/@ /g' "$CachedMasterFile""E"
UpdateExternDomain="$(UpdateDNSSECEntryCache "$CommunityExternDomain" "$ZoneTempFolder" "$CachedMasterFile""E" "$DNSSECKeyFolder")"
[ $UpdateExternView -eq 0 ] || UpdateExternDomain=1
if [ $UpdateExternDomain -ne 0 ]; then
if [ $UpdateExternView -ne 0 ] || [ $UpdateExternDomain -ne 0 ]; then
for KeyFile in "$ZoneTempFolder"*; do
[ "$KeyFile" = "$ZoneTempFolder""*" ] || \
[ "$KeyFile" == "$ZoneTempFolder""*" ] || \
cat "$KeyFile" >> "$CachedMasterFile""E"
done
LocalExtDomainMasterSerial="$(GetZoneFileSerial "$MasterExtDomainFile")"
@ -172,16 +162,9 @@ if [ -n "$ServeMasterZone" ] || [ -n "$ServeExtZone" ]; then
mv "$CachedMasterFile""E" "$MasterExtDomainFile"
ReloadZone "$CommunityExternDomain" "$InternalViews"
fi
for IView in $InternalViews; do
InternViewExternZone="$ZoneFilesFolder""db.""$IView"".""$CommunityExternDomain"
[ -f "$InternViewExternZone" ] || ln -s "$MasterExtDomainFile" "$InternViewExternZone"
InsertZoneToIncludeFile "$CommunityExternDomain" "$InternViewExternZone" "$TempFolder""$IView"".conf" "$DNSSECPolicy"
done
if [ -n "$ExternalView" ]; then
ExternViewExternZone="$ZoneFilesFolder""db.""$ExternalView"".""$CommunityExternDomain"
[ -f "$ExternViewExternZone" ] || ln -s "$MasterExtDomainFile" "$ExternViewExternZone"
InsertZoneToIncludeFile "$CommunityExternDomain" "$ExternViewExternZone" "$TempFolder""$ExternalView"".conf" "$DNSSECPolicy"
fi
InsertZoneToViews "$InternalViews" "$ZoneFilesFolder" "$CommunityExternDomain" "$MasterExtDomainFile" "$TempFolder" "$DNSSECPolicy"
InsertZoneToViews "$ExternalView" "$ZoneFilesFolder" "$CommunityExternDomain" "$MasterExtDomainFile" "$TempFolder" "$DNSSECPolicy"
fi
fi
@ -202,14 +185,14 @@ for Hood in $Hoods; do
if [ ! -f "$HoodZoneFile" ]; then
{
echo "\$TTL ${TTLReReExMi%% *}"
echo "@ IN SOA $DNSSCRIPT_SERVER_NAME""."" $DNSSCRIPT_CONTACT_EMAIL ("
echo " 1 ; Serial"
echo " ""$(echo "$TTLReReExMi" | awk '{print $2}')"" ; Refresh"
echo " ""$(echo "$TTLReReExMi" | awk '{print $3}')"" ; Retry"
echo " ""$(echo "$TTLReReExMi" | awk '{print $4}')"" ; Expire"
echo " ""$(echo "$TTLReReExMi" | awk '{print $5}')"" ) ; Negative Cache TTL"
echo "@ IN SOA $DNSSCRIPT_SERVER_NAME""."" $DNSSCRIPT_CONTACT_EMAIL ("
echo " 1 ; Serial"
echo " ""$(echo "$TTLReReExMi" | awk '{print $2}')"" ; Refresh"
echo " ""$(echo "$TTLReReExMi" | awk '{print $3}')"" ; Retry"
echo " ""$(echo "$TTLReReExMi" | awk '{print $4}')"" ; Expire"
echo " ""$(echo "$TTLReReExMi" | awk '{print $5}')"" ) ; Negative Cache TTL"
echo ";"
echo "@ IN NS $DNSSCRIPT_SERVER_NAME""."""
echo "@ IN NS $DNSSCRIPT_SERVER_NAME""."""
GetOwnGlueRecords "$CommunityDomain" "$HoodDomain" "$MasterFile"
echo ";"
} > "$HoodZoneFile"
@ -232,25 +215,25 @@ for Hood in $Hoods; do
else
HoodExternDomain=""
fi
ExternFile="$ZoneFilesFolder""db.""$ExternalView"".""$HoodDomain"
./update-extzone.sh "$HoodZoneFile" "$ExternFile" "$HoodDomain" "$ExternalView" "$HoodExternDomain" "$InternalViews"
for IView in $InternalViews; do
InternViewMasterZone="$ZoneFilesFolder""db.""$IView"".""$HoodDomain"
[ -f "$InternViewMasterZone" ] || ln -s "$HoodZoneFile" "$InternViewMasterZone"
InsertZoneToIncludeFile "$HoodDomain" "$InternViewMasterZone" "$TempFolder""$IView"".conf" "$DNSSECPolicy"
done
InsertZoneToIncludeFile "$HoodDomain" "$ExternFile" "$TempFolder""$ExternalView"".conf" "$DNSSECPolicy"
if [ -n "$ExternalView" ]; then
ExternFile="$ZoneFilesFolder""db.""$ExternalView"".""$HoodDomain"
elif [ -n "$HoodExternDomain" ]; then
ExternFile="$ZoneFilesFolder""db.""$HoodExternDomain"
else
ExternFile=""
fi
if [ -n "$ExternFile" ]; then
./update-extzone.sh "$HoodZoneFile" "$ExternFile" "$HoodDomain" "$ExternalView" "$HoodExternDomain" "$InternalViews"
fi
InsertZoneToViews "$InternalViews" "$ZoneFilesFolder" "$HoodDomain" "$HoodZoneFile" "$TempFolder" "$DNSSECPolicy"
InsertZoneToViews "$ExternalView" "$ZoneFilesFolder" "$HoodDomain" "$ExternFile" "$TempFolder" "$DNSSECPolicy"
if [ -n "$HoodExternDomain" ]; then
for IView in $InternalViews; do
InternViewExternZone="$ZoneFilesFolder""db.""$IView"".""${Hood%%\#*}"".""$CommunityExternDomain"
[ -f "$InternViewExternZone" ] || ln -s "$ExternFile" "$InternViewExternZone"
InsertZoneToIncludeFile "${Hood%%\#*}"".""$CommunityExternDomain" "$InternViewExternZone" "$TempFolder""$IView"".conf" "$DNSSECPolicy"
done
ExternViewExternZone="$ZoneFilesFolder""db.""$ExternalView"".""${Hood%%\#*}"".""$CommunityExternDomain"
[ -f "$ExternViewExternZone" ] || ln -s "$ExternFile" "$ExternViewExternZone"
InsertZoneToIncludeFile "${Hood%%\#*}"".""$CommunityExternDomain" "$ExternViewExternZone" "$TempFolder""$ExternalView"".conf" "$DNSSECPolicy"
InsertZoneToViews "$InternalViews" "$ZoneFilesFolder" "${Hood%%\#*}"".""$CommunityExternDomain" "$ExternFile" "$TempFolder" "$DNSSECPolicy"
InsertZoneToViews "$ExternalView" "$ZoneFilesFolder" "${Hood%%\#*}"".""$CommunityExternDomain" "$ExternFile" "$TempFolder" "$DNSSECPolicy"
fi
done
@ -270,7 +253,9 @@ UpdateBindConfig "$BindIcvpnAclTmp" "$BindIcvpnAcl"
for IView in $InternalViews; do
UpdateBindConfig "$TempFolder""$IView"".conf" "$BindIncludeFileFolder""$IView"".conf"
done
if [ -n "$ExternalView" ]; then
UpdateBindConfig "$TempFolder""$ExternalView"".conf" "$BindIncludeFileFolder""$ExternalView"".conf"
fi
if [ $ReConfigBind -ne 0 ] || [ -f "/tmp/dnsscript-forcereconf" ]; then
if [ $((DNSSCRIPT_BIND_RELOAD_VER)) -eq 0 ]; then