Current File : //usr/share/webmin/bind8/create_master.cgi |
#!/usr/bin/perl
# create_master.cgi
# Create a new master zone
use strict;
use warnings;
no warnings 'redefine';
no warnings 'uninitialized';
# Globals
our (%access, %text, %in, %config);
require './bind8-lib.pl';
&ReadParse();
&error_setup($text{'mcreate_err'});
$access{'master'} || &error($text{'mcreate_ecannot'});
$access{'ro'} && &error($text{'master_ero'});
my $conf = &get_config();
my ($view, $viewname, $vconf);
if ($in{'view'} ne '') {
$view = $conf->[$in{'view'}];
&can_edit_view($view) || &error($text{'master_eviewcannot'});
$vconf = $view->{'members'};
$viewname = $view->{'values'}->[0];
}
else {
$vconf = $conf;
$viewname = undef;
}
# validate inputs
if ($in{'rev'}) {
my $ipv4;
($ipv4 = &check_net_ip($in{'zone'})) ||
$config{'support_aaaa'} &&
($in{'zone'} =~ /^([\w:]+)(\/\d+)?$/ && &check_ip6address($1)) ||
&error(&text('create_enet', $in{'zone'}));
if ($ipv4) {
$in{'zone'} = &ip_to_arpa($in{'zone'});
}
else {
$in{'zone'} = &net_to_ip6int($1, ($2 ? substr($2, 1) : "" ));
}
}
else {
($in{'zone'} =~ /^[\d\.]+$/ || $in{'zone'} =~ /^[\d\:]+(\/[\d]+)?$/) &&
&error(&text('create_edom2', $in{'zone'}));
&valdnsname($in{'zone'}, 0, ".") ||
&error(&text('create_edom', $in{'zone'}));
}
$in{'zone'} =~ s/\.$//;
&valdnsname($in{'master'}, 0, ".") ||
&error(&text('master_emaster', $in{'master'}));
if ($in{'master'} !~ /\.$/) { $in{'master'} .= "."; }
&valemail($in{'email'}) || &valemail(&dotted_to_email($in{'email'})) ||
&error(&text('master_eemail', $in{'email'}));
$in{'email'} = &email_to_dotted($in{'email'});
$in{'refresh'} =~ /^\d+$/ ||
&error(&text('master_erefresh', $in{'refresh'}));
$in{'retry'} =~ /^\d+$/ ||
&error(&text('master_eretry', $in{'retry'}));
$in{'expiry'} =~ /^\d+$/ ||
&error(&text('master_eexpiry', $in{'expiry'}));
$in{'minimum'} =~ /^\d+$/ ||
&error(&text('master_eminimum', $in{'minimum'}));
my $base = $access{'dir'} ne '/' ? $access{'dir'} :
$config{'master_dir'} ? $config{'master_dir'} :
&base_directory($conf);
$base =~ s/\/+$// if ($base ne '/');
if ($base !~ /^([a-z]:)?\//) {
# Master dir is relative .. make absolute
$base = &base_directory()."/".$base;
}
if ($in{'tmpl'}) {
for(my $i=0; $config{"tmpl_$i"}; $i++) {
my @c = split(/\s+/, $config{"tmpl_$i"}, 3);
if ($c[1] eq 'A' && !$c[2] && !&check_ipaddress($in{'ip'})) {
&error($text{'master_eip'});
}
}
}
foreach my $z (&find("zone", $vconf)) {
if (lc($z->{'value'}) eq lc($in{'zone'})) {
&error($text{'master_etaken'});
}
}
if (!$in{'file_def'}) {
$in{'file'} =~ /^\S+$/ ||
&error(&text('create_efile', $in{'file'}));
if ($in{'file'} !~ /^\//) {
$in{'file'} = $base."/".$in{'file'};
}
&allowed_zone_file(\%access, $in{'file'}) ||
&error(&text('create_efile2', $in{'file'}));
}
else {
$in{'file'} = &automatic_filename($in{'zone'}, $in{'rev'}, $base,
$view ? $view->{'value'} : undef);
}
-r &make_chroot($in{'file'}) && &error(&text('create_efile4', $in{'file'}));
my @mips;
if ($in{'onslave'}) {
@mips = split(/\s+/, $in{'mip'});
@mips || &error($text{'master_emips'});
foreach my $m (@mips) {
&check_ipaddress($m) || &error(&text('master_emip', $m));
}
}
# Create the zone file and initial records
&create_master_records($in{'file'}, $in{'zone'}, $in{'master'}, $in{'email'},
$in{'refresh'}.$in{'refunit'},
$in{'retry'}.$in{'retunit'},
$in{'expiry'}.$in{'expunit'},
$in{'minimum'}.$in{'minunit'},
$in{'master_ns'},
$in{'onslave'} && $access{'remote'},
$in{'tmpl'}, $in{'ip'}, $in{'addrev'});
if ($config{'relative_paths'}) {
# Make path relative to BIND base directory
my $bdir = &base_directory($conf);
$in{'file'} =~ s/^\Q$bdir\/\E//;
}
# create the zone directive
my $dir = { 'name' => 'zone',
'values' => [ $in{'zone'} ],
'type' => 1,
'members' => [ { 'name' => 'type',
'values' => [ 'master' ] },
{ 'name' => 'file',
'values' => [ $in{'file'} ] } ]
};
# Add also-notify for slaves
if ($in{'onslave'}) {
my @slaves = &list_slave_servers();
if (@slaves) {
my $also = { 'name' => 'also-notify',
'type' => 1,
'members' => [ ] };
my $allow = { 'name' => 'allow-transfer',
'type' => 1,
'members' => [ ] };
foreach my $s (@slaves) {
push(@{$also->{'members'}},
{ 'name' => &to_ipaddress($s->{'host'}) });
push(@{$allow->{'members'}},
{ 'name' => &to_ipaddress($s->{'host'}) });
}
push(@{$dir->{'members'}}, $also);
push(@{$dir->{'members'}}, $allow);
push(@{$dir->{'members'}}, { 'name' => 'notify',
'values' => [ 'yes' ] });
}
}
# create the zone
&create_zone($dir, $conf, $in{'view'});
&webmin_log("create", "master", $in{'zone'}, \%in);
&add_zone_access($in{'zone'});
# Create on slave servers
if ($in{'onslave'} && $access{'remote'}) {
my @slaveerrs = &create_on_slaves($in{'zone'}, $mips[0],
$in{'sfile_def'} == 1 ? "none" :
$in{'sfile_def'} == 2 ? undef : $in{'sfile'},
undef, $viewname);
if (@slaveerrs) {
&error(&text('master_errslave',
"<p>".join("<br>", map { "$_->[0]->{'host'} : $_->[1]" }
@slaveerrs)));
}
}
# Automatically sign zone if required
if (&have_dnssec_tools_support() && $in{'enable_dt'}) {
my $err;
my $nsec3 = 0;
my $zone = &get_zone_name($in{'zone'},
$in{'view'} eq '' ? 'ANY' : $in{'view'});
if ($zone) {
if ($in{'dne'} eq "NSEC") {
$nsec3 = 0;
} elsif ($in{'dne'} eq "NSEC3") {
$nsec3 = 1;
} else {
&error($text{'dt_zone_edne'});
}
# Sign zone
$err = &dt_sign_zone($zone, $nsec3);
&error($err) if ($err);
}
}
&redirect("edit_master.cgi?zone=$in{'zone'}&view=$in{'view'}");