account different behavior of 'date' in owrt and debian; fix sync of dnssec values
Signed-off-by: Blackyfff <freifunk@freifunk-herpf.de>
This commit is contained in:
parent
cf587e87e6
commit
3831e98977
|
@ -1,7 +1,7 @@
|
|||
#!/bin/sh
|
||||
# SPDX-License-Identifier: GPL-3.0
|
||||
#
|
||||
# freifunk-franken dns-scipts (c) 2021 Blackyfff
|
||||
# freifunk-franken dns-scipts (c) 2021-2022 Blackyfff
|
||||
|
||||
GetZoneFileSerial() {
|
||||
if [ -f "$1" ]; then
|
||||
|
@ -204,18 +204,24 @@ GetOwnKeysForZone () {
|
|||
Domain="$2"
|
||||
if [ -n "$DNSSECKeyFolder" ];then
|
||||
for OwnKeyFile in "$DNSSECKeyFolder""K""$Domain"".+"*".key"; do
|
||||
if ! [ "$OwnKeyFile" = "$DNSSECKeyFolder""K""$Domain"".+*.key" ]; then
|
||||
Removed="$(sed -ne 's/^; Delete: \(\S\{12\}\).*/\1/p' "$OwnKeyFile")"
|
||||
if [ -n "$Removed" ]; then
|
||||
Removed="$(date -u -d "$Removed" '+%s')"
|
||||
RemovedSeconds="$(date -u -d "$Removed" '+%s' 2>/dev/null)"
|
||||
if [ -z "$RemovedSeconds" ]; then
|
||||
RemovedSeconds="$( echo "$Removed" | sed -ne 's/\(.\{4\}\)\(.\{2\}\)\(.\{2\}\)\(.\{2\}\)\(.\{2\}\).*/\1-\2-\3T\4:\5/p')"
|
||||
RemovedSeconds="$(date -u -d "$RemovedSeconds" '+%s' 2>/dev/null)"
|
||||
fi
|
||||
if [ -n "$RemovedSeconds" ]; then
|
||||
CurDate="$(date -u '+%s')"
|
||||
if [ $((CurDate - Removed)) -le 172800 ]; then
|
||||
Removed=""
|
||||
if [ $((CurDate - RemovedSeconds)) -le 72000 ]; then
|
||||
RemovedSeconds=""
|
||||
fi
|
||||
fi
|
||||
if [ -z "$Removed" ]; then
|
||||
if [ -z "$RemovedSeconds" ]; then
|
||||
sed -ne '/^;/d;s/^'"$Domain"'\.\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Dd][Nn][Ss][Kk][Ee][Yy]\s\+\(.*\)$/_dnsseckeys\.'"$Domain"'\.\tIN TXT\t\"\2\"/p' "$OwnKeyFile" | \
|
||||
NormalizeZoneFileFormatting
|
||||
fi
|
||||
fi
|
||||
done
|
||||
fi
|
||||
}
|
||||
|
@ -225,9 +231,9 @@ UpdateDNSSECEntryCache () {
|
|||
CachedZoneFile="$3"
|
||||
DNSSECKeyFolder="$4"
|
||||
UpstreamIP="$5"
|
||||
UpdateMaster=0
|
||||
TempFolder="$6"
|
||||
|
||||
[ -z "$UpstreamIP" ] || UpstreamIP="-b ""$UpstreamIP"" "
|
||||
[ -z "$UpstreamIP" ] || UpstreamIP="-b""$UpstreamIP"
|
||||
|
||||
Nameservers="$(GetAllZoneNameservers "$Domain" "$CachedZoneFile")"
|
||||
|
||||
|
@ -239,17 +245,24 @@ UpdateDNSSECEntryCache () {
|
|||
if [ -n "$DNSSECKeyFolder" ]; then
|
||||
for Nameserver in $Nameservers; do
|
||||
if [ "$Nameserver" = "$DNSSCRIPT_SERVER_NAME" ]; then
|
||||
DNSKEYS="$( GetOwnKeysForZone "$DNSSECKeyFolder" "$Domain" )"
|
||||
{
|
||||
GetOwnKeysForZone "$DNSSECKeyFolder" "$Domain" | sort
|
||||
GetDSForZone "$DNSSECKeyFolder" "$Domain" "$TempFolder" | NormalizeZoneFileFormatting
|
||||
} > "$ZoneTempFolder""Keys.""$Nameserver"
|
||||
else
|
||||
DNSKEYS="$(delv @"$Nameserver" "$UpstreamIP"_dnsseckeys."$Domain" TXT 2>/dev/null | \
|
||||
{
|
||||
delv @"$Nameserver" "$UpstreamIP" "_dnsseckeys.""$Domain" TXT 2>/dev/null | \
|
||||
sed -ne '/^;/d;s/^.*\sIN\s\+TXT\s\+"\(.*\)"$/'"$Domain"'.\tIN DNSKEY\t\1/p' | \
|
||||
NormalizeZoneFileFormatting )"
|
||||
NormalizeZoneFileFormatting | sort
|
||||
delv @"$Nameserver" "$UpstreamIP" "_cdskey.""$Domain" TXT 2>/dev/null | \
|
||||
sed -ne '/^;/d;s/^.*\sIN\s\+TXT\s\+"\(.*\)"$/'"$Domain"'.\tIN CDS\t\1/p' | \
|
||||
NormalizeZoneFileFormatting | sort
|
||||
} > "$ZoneTempFolder""Keys.""$Nameserver"
|
||||
fi
|
||||
if [ -n "$DNSKEYS" ] && [ "$DNSKEYS" != "$(cat "$ZoneTempFolder""OldKeys.""$Nameserver" 2>/dev/null)" ]; then
|
||||
echo "$DNSKEYS" > "$ZoneTempFolder""Keys.""$Nameserver"
|
||||
UpdateMaster=1
|
||||
if [ -n "$(cat "$ZoneTempFolder""Keys.""$Nameserver")" ] && ! cmp -s "$ZoneTempFolder""Keys.""$Nameserver" "$ZoneTempFolder""OldKeys.""$Nameserver"; then
|
||||
echo "1"
|
||||
elif [ -f "$ZoneTempFolder""OldKeys.""$Nameserver" ]; then
|
||||
mv "$ZoneTempFolder""OldKeys.""$Nameserver" "$ZoneTempFolder""Keys.""$Nameserver"
|
||||
mv -f "$ZoneTempFolder""OldKeys.""$Nameserver" "$ZoneTempFolder""Keys.""$Nameserver"
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
@ -257,23 +270,23 @@ UpdateDNSSECEntryCache () {
|
|||
SEDDomain="$(SEDifyHostname "$Domain")"
|
||||
ChildServers="$( sed -ne '/^\s*\(@\|'"$SEDDomain"'\.\)\s/!s/^\s*\(\S\+\)\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Nn][Ss]\s\+\(\S\+\);\?.*$/\1#\3/p' "$CachedZoneFile" | \
|
||||
sed -e 's/\([^.]\)$/\1\.'"$Domain"'\./g;s/\.$//g;s/\([^.]\)#/\1\.'"$Domain"'\.#/g;s/\.#/#/g' )"
|
||||
for ChildServer in $ChildServers; do
|
||||
DNSKEYS="$(delv @"${ChildServer##*\#}" "$UpstreamIP""${ChildServer%%\#*}" CDS 2>/dev/null | \
|
||||
sed -ne '/^;/d;s/^.*\sIN\s\+CDS\s\+\(.*\)$/'"${ChildServer%%\#*}"'.\tIN DS\t\1/p' | \
|
||||
NormalizeZoneFileFormatting )"
|
||||
|
||||
if [ -n "$DNSKEYS" ]; then
|
||||
DNSKEYS="$(echo "$DNSKEYS" | sed -e '/\sIN\s\+DS\s\+0\s\+0\s\+0\s\+0/d')"
|
||||
if [ "$DNSKEYS" != "$(cat "$ZoneTempFolder""OldChildKeys.""$ChildServer" 2>/dev/null)" ]; then
|
||||
[ -z "$DNSKEYS" ] || echo "$DNSKEYS" > "$ZoneTempFolder""ChildKeys.""$ChildServer"
|
||||
UpdateMaster=1
|
||||
elif [ -n "$DNSKEYS" ]; then
|
||||
mv "$ZoneTempFolder""OldChildKeys.""$ChildServer" "$ZoneTempFolder""ChildKeys.""$ChildServer"
|
||||
elif [ -f "$ZoneTempFolder""OldKeys.""$Nameserver" ]; then
|
||||
UpdateMaster=1
|
||||
for ChildServer in $ChildServers; do
|
||||
{
|
||||
delv @"${ChildServer##*\#}" "$UpstreamIP" "${ChildServer%%\#*}" CDS 2>/dev/null | \
|
||||
sed -ne '/^;/d;s/^.*\sIN\s\+CDS\s\+\(.*\)$/'"${ChildServer%%\#*}"'.\tIN DS\t\1/p' | \
|
||||
NormalizeZoneFileFormatting | sort
|
||||
} > "$ZoneTempFolder""ChildKeys.""$ChildServer"
|
||||
|
||||
if [ -n "$(cat "$ZoneTempFolder""ChildKeys.""$ChildServer")" ]; then
|
||||
sed -i -e '/\sIN\s\+DS\s\+0\s\+0\s\+0\s\+0/d' "$ZoneTempFolder""ChildKeys.""$ChildServer"
|
||||
if ! cmp -s "$ZoneTempFolder""ChildKeys.""$ChildServer" "$ZoneTempFolder""OldChildKeys.""$ChildServer"; then
|
||||
echo "1"
|
||||
elif [ -z "$(cat "$ZoneTempFolder""ChildKeys.""$ChildServer")" ] && [ -f "$ZoneTempFolder""OldKeys.""$Nameserver" ]; then
|
||||
echo "1"
|
||||
fi
|
||||
elif [ -f "$ZoneTempFolder""OldChildKeys.""$Nameserver" ]; then
|
||||
mv "$ZoneTempFolder""OldChildKeys.""$ChildServer" "$ZoneTempFolder""ChildKeys.""$ChildServer"
|
||||
mv -f "$ZoneTempFolder""OldChildKeys.""$ChildServer" "$ZoneTempFolder""ChildKeys.""$ChildServer"
|
||||
fi
|
||||
done
|
||||
|
||||
|
@ -281,7 +294,6 @@ UpdateDNSSECEntryCache () {
|
|||
[ "$KeyFile" = "$ZoneTempFolder""Old*" ] || \
|
||||
rm -f "$KeyFile"
|
||||
done
|
||||
echo "$UpdateMaster"
|
||||
}
|
||||
ReloadZone() {
|
||||
if [ -n "$2" ]; then
|
||||
|
@ -304,6 +316,74 @@ ReloadZone() {
|
|||
fi
|
||||
}
|
||||
|
||||
UCharToFile () {
|
||||
printf %b "\x$(printf %x "$1")" >> "$2"
|
||||
}
|
||||
|
||||
GetDS () {
|
||||
Owner="$(echo "$1" | sed -e 's/\./ /g')"
|
||||
KeyTag="$2"
|
||||
Protocol="$3"
|
||||
Algo="$4"
|
||||
KSK="$5"
|
||||
TmpFolder="$6"
|
||||
|
||||
> "$TmpFolder""DSbin"
|
||||
|
||||
for SubString in $Owner; do
|
||||
Length=${#SubString}
|
||||
UCharToFile $((Length)) "$TmpFolder""DSbin"
|
||||
echo -n "$SubString" >> "$TmpFolder""DSbin"
|
||||
done
|
||||
|
||||
UCharToFile $((0)) "$TmpFolder""DSbin"
|
||||
UCharToFile $((KeyTag / 256)) "$TmpFolder""DSbin"
|
||||
UCharToFile $((KeyTag % 256)) "$TmpFolder""DSbin"
|
||||
UCharToFile $((Protocol)) "$TmpFolder""DSbin"
|
||||
UCharToFile $((Algo)) "$TmpFolder""DSbin"
|
||||
|
||||
echo "$KSK" | openssl base64 -d >> "$TmpFolder""DSbin"
|
||||
|
||||
sha256sum "$TmpFolder""DSbin" | sed -e 's/\s.*//g' | awk '{print toupper($0)}'
|
||||
}
|
||||
GetDSForZone () {
|
||||
DNSSECKeyFolder="$1"
|
||||
Domain="$2"
|
||||
TmpFolder="$3"
|
||||
if [ -n "$DNSSECKeyFolder" ];then
|
||||
> "$TmpFolder""KSKRemoved"
|
||||
> "$TmpFolder""KSK"
|
||||
for OwnKeyFile in "$DNSSECKeyFolder""K""$Domain"".+"*".key"; do
|
||||
if ! [ "$OwnKeyFile" = "$DNSSECKeyFolder""K""$Domain"".+*.key" ] && \
|
||||
[ -n "$(sed -e '/^;/d;/^'"$Domain"'\.\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Dd][Nn][Ss][Kk][Ee][Yy]\s\+257/!d' "$OwnKeyFile")" ]; then
|
||||
Removed="$(sed -ne 's/^; Delete: \(\S\{12\}\).*/\1/p' "$OwnKeyFile")"
|
||||
RemovedSeconds="$(date -u -d "$Removed" '+%s' 2>/dev/null)"
|
||||
if [ -z "$RemovedSeconds" ]; then
|
||||
RemovedSeconds="$( echo "$Removed" | sed -ne 's/\(.\{4\}\)\(.\{2\}\)\(.\{2\}\)\(.\{2\}\)\(.\{2\}\).*/\1-\2-\3T\4:\5/p')"
|
||||
RemovedSeconds="$(date -u -d "$RemovedSeconds" '+%s' 2>/dev/null)"
|
||||
fi
|
||||
Previous="$(cat "$TmpFolder""KSKRemoved")"
|
||||
Previous="${Previous:-0}"
|
||||
if [ $((RemovedSeconds)) -ge $((Previous)) ]; then
|
||||
echo "$RemovedSeconds" > "$TmpFolder""KSKRemoved"
|
||||
echo -n "$(echo "$OwnKeyFile" | sed -ne 's/^.\{'"$((${#DNSSECKeyFolder}+${#Domain}+2))"'\}+[^+]\++\(.*\)\.key/\1 /p')" > "$TmpFolder""KSK"
|
||||
sed -ne '/^;/d;s/^'"$Domain"'\.\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Dd][Nn][Ss][Kk][Ee][Yy]\s\+\(.*\)$/\2/p' "$OwnKeyFile" >> "$TmpFolder""KSK"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
KSK="$(cat "$TmpFolder""KSK")"
|
||||
if [ -n "$KSK" ]; then
|
||||
KeyID="$(echo "$KSK" | sed -e 's/ .*//g')"
|
||||
KeyTag="$(echo "$KSK" | sed -e 's/^[^ ]* //g;s/ .*//g')"
|
||||
Protocol="$(echo "$KSK" | sed -e 's/^[^ ]* [^ ]* //g;s/ .*//g')"
|
||||
Algo="$(echo "$KSK" | sed -e 's/^[^ ]* [^ ]* [^ ]* //g;s/ .*//g')"
|
||||
KSK="$(echo "$KSK" | sed -e 's/^[^ ]* [^ ]* [^ ]* [^ ]* //g;s/ //g')"
|
||||
echo -e "_cdskey.""$Domain"".\tIN TXT\t\"""$KeyID"" ""$Algo"" 2 ""$(GetDS "$Domain" "$KeyTag" "$Protocol" "$Algo" "$KSK" "$TmpFolder")""\""
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
TraceErrAndExit() {
|
||||
echo "$1" 1>&2
|
||||
exit 1
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/sh
|
||||
# SPDX-License-Identifier: GPL-3.0
|
||||
#
|
||||
# freifunk-franken dns-scipts (c) 2021 Blackyfff
|
||||
# freifunk-franken dns-scipts (c) 2021-2022 Blackyfff
|
||||
|
||||
SetupCache() {
|
||||
mkdir -p "$TempFolder""cache"
|
||||
|
@ -43,8 +43,9 @@ UpdateMasterZone() {
|
|||
if [ -n "$ServeMasterZone" ]; then
|
||||
ZoneTempFolder="$TempFolder""cache/""$MasterDomain""/"
|
||||
|
||||
UpdateMaster="$(UpdateDNSSECEntryCache "$MasterDomain" "$ZoneTempFolder" "$CachedMasterFile" "$DNSSECKeyFolder" "$InternalUpstreamIP")"
|
||||
if [ $((PostFetchMasterSerial)) -gt $((PreFetchMasterSerial)) ] || [ $UpdateMaster -ne 0 ] || [ ! -f "$MasterFile" ]; then
|
||||
UpdateMaster="$(UpdateDNSSECEntryCache "$MasterDomain" "$ZoneTempFolder" "$CachedMasterFile" "$DNSSECKeyFolder" "$InternalUpstreamIP" "$TempFolder")"
|
||||
|
||||
if [ $((PostFetchMasterSerial)) -gt $((PreFetchMasterSerial)) ] || [ -n "$UpdateMaster" ] || [ ! -f "$MasterFile" ]; then
|
||||
cp -f "$CachedMasterFile" "$CachedMasterFile""I"
|
||||
for KeyFile in "$ZoneTempFolder"*; do
|
||||
[ "$KeyFile" = "$ZoneTempFolder""*" ] || \
|
||||
|
@ -59,7 +60,7 @@ UpdateMasterZone() {
|
|||
else
|
||||
LocalMasterSerial=$((PostFetchMasterSerial))
|
||||
fi
|
||||
mv "$CachedMasterFile""I" "$MasterFile"
|
||||
awk '/^$/ || !a[$0]++' "$CachedMasterFile""I" > "$MasterFile"
|
||||
ReloadZone "$MasterDomain" "$InternalViews" "$ZoneFilesFolder"
|
||||
|
||||
fi
|
||||
|
@ -89,14 +90,18 @@ UpdateExternal() {
|
|||
ExtDomainFile="$ZoneFilesFolder""db.""$FirstInternalView"".""$ExternDomain"
|
||||
ZoneTempFolder="$TempFolder""cache/""$ExternDomain""/"
|
||||
cp -f "$ExternalZoneFile" "$CachedZoneFile"
|
||||
[ -z "$DNSSECKeyFolder" ] || sed -i -e '/^\s*_dnsseckeys\./d' "$CachedZoneFile"
|
||||
if [ -n "$DNSSECKeyFolder" ]; then
|
||||
sed -i -e '/^\s*_dnsseckeys\./d' "$CachedZoneFile"
|
||||
sed -i -e '/^\s*\S\+\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Dd][Nn][Ss][Kk][Ee][Yy]/d' "$CachedZoneFile"
|
||||
fi
|
||||
|
||||
[ -n "$(sed -e '/^\s*\(@\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Nn][Ss]\)\s/!d' "$CachedZoneFile")" ] || \
|
||||
sed -i -e 's/^\s*\(@\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Ss][Oo][Aa]\)\s\+\S\+\s\+\S\+\s/\1 '"$DNSSCRIPT_SERVER_NAME"'. '"$DNSSCRIPT_CONTACT_EMAIL"' /g' "$CachedZoneFile"
|
||||
|
||||
sed -i -e 's/^\s*'"$CommunityExternPrefix"'\s/@ /g;/^\s*\(@\|\S\+\.\)\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Dd][Ss]\s/d' "$CachedZoneFile"
|
||||
|
||||
UpdateExternDomain="$(UpdateDNSSECEntryCache "$ExternDomain" "$ZoneTempFolder" "$CachedZoneFile" "$DNSSECKeyFolder" "$InternalUpstreamIP")"
|
||||
if [ $UpdateExternView -ne 0 ] || [ $UpdateExternDomain -ne 0 ]; then
|
||||
UpdateExternDomain="$(UpdateDNSSECEntryCache "$ExternDomain" "$ZoneTempFolder" "$CachedZoneFile" "$DNSSECKeyFolder" "$InternalUpstreamIP" "$TempFolder")"
|
||||
if [ $UpdateExternView -ne 0 ] || [ -n "$UpdateExternDomain" ]; then
|
||||
for KeyFile in "$ZoneTempFolder"*; do
|
||||
[ "$KeyFile" = "$ZoneTempFolder""*" ] || \
|
||||
cat "$KeyFile" >> "$CachedZoneFile"
|
||||
|
@ -108,7 +113,7 @@ UpdateExternal() {
|
|||
sed -i -e 's/^\(\s*\)'"$SerialIntern"'\(\s*;\s*[Ss]erial.*\)$/\1'"$LocalExtDomainMasterSerial"'\2/g' "$CachedZoneFile"
|
||||
sed -i -e 's/^\(\s*\S\+\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Ss][Oo][Aa]\s\+\S\+\s\+\S\+\s\+\)'"$SerialIntern"'\(\s\+.*\)$/\1'"$LocalExtDomainMasterSerial"'\3/g' "$CachedZoneFile"
|
||||
fi
|
||||
mv "$CachedZoneFile" "$ExtDomainFile"
|
||||
awk '/^$/ || !a[$0]++' "$CachedZoneFile" > "$ExtDomainFile"
|
||||
ReloadZone "$ExternDomain" "$InternalViews" "$ZoneFilesFolder"
|
||||
ReloadZone "$ExternDomain" "$ExternalView" "$ZoneFilesFolder"
|
||||
fi
|
||||
|
|
|
@ -3,12 +3,12 @@
|
|||
#
|
||||
# freifunk-franken dns-scipts (c) 2016 mayosemmel
|
||||
# (c) 2020-2021 Fabian Bläse
|
||||
# (c) 2021 Blackyfff
|
||||
# (c) 2021-2022 Blackyfff
|
||||
|
||||
# exit script when command fails
|
||||
set -e
|
||||
|
||||
export DNSSCRIPT_VERSION="0.9.2"
|
||||
export DNSSCRIPT_VERSION="0.9.4"
|
||||
|
||||
. /etc/ffdns/community.conf
|
||||
. /etc/ffdns/local.conf
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/sh
|
||||
# SPDX-License-Identifier: GPL-3.0
|
||||
#
|
||||
# freifunk-franken dns-scipts (c) 2021 Blackyfff
|
||||
# freifunk-franken dns-scipts (c) 2021-2022 Blackyfff
|
||||
|
||||
|
||||
. ./dns-functions.sh
|
||||
|
@ -51,7 +51,7 @@ NewLeases="$(echo "$NewLeases" |
|
|||
|
||||
UpdateZone="$(UpdateDNSSECEntryCache "$Domain" "$ZoneTempFolder" "$HoodZoneFile")"
|
||||
|
||||
if [ "$NewLeases" != "$OldLeases" ] || [ $UpdateZone -ne 0 ]; then
|
||||
if [ "$NewLeases" != "$OldLeases" ] || [ -n "$UpdateZone" ]; then
|
||||
NewSerial="$(GetZoneFileSerial "$HoodZoneFile")"
|
||||
NewSerial=$((NewSerial+1))
|
||||
sed -i -e 's/^\(\s*\)\(\S\+\)\(\s*;\s*Serial.*\)/\1'"$NewSerial"'\3/g' "$HoodZoneFile"
|
||||
|
|
Loading…
Reference in New Issue
Block a user