diff options
Diffstat (limited to 'config')
-rw-r--r-- | config/tinydns/tinydns.inc | 411 | ||||
-rw-r--r-- | config/tinydns/tinydns.xml | 41 | ||||
-rw-r--r-- | config/tinydns/tinydns_dhcp_filter.php | 21 | ||||
-rw-r--r-- | config/tinydns/tinydns_sync.xml | 200 | ||||
-rw-r--r-- | config/tinydns/tinydns_xmlrpc_sync.php | 59 |
5 files changed, 341 insertions, 391 deletions
diff --git a/config/tinydns/tinydns.inc b/config/tinydns/tinydns.inc index 3bf64777..5e61fc05 100644 --- a/config/tinydns/tinydns.inc +++ b/config/tinydns/tinydns.inc @@ -1,11 +1,10 @@ <?php - -/* $Id$ */ /* tinydns.inc + part of pfSense (https://www.pfSense.org/) Copyright (C) 2006, 2007, 2008, 2009 Scott Ullrich - Parts Copyright (C) 2007 Goffredo Andreone - part of pfSense + Copyright (C) 2007 Goffredo Andreone + Copyright (C) 2015 ESF, LLC All rights reserved. Redistribution and use in source and binary forms, with or without @@ -29,7 +28,6 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - if(!function_exists("filter_configure")) require_once("filter.inc"); @@ -208,6 +206,35 @@ function tinydns_custom_php_deinstall_command() { conf_mount_ro(); } +function tinydns_upgrade_config() { + /* Remove obsolete XMLRPC sync configuration */ + if (is_array($config['installedpackages']['tinydnssync']['config'])) { + if (isset($config['installedpackages']['tinydnssync']['config'][0]['ipaddress'])) { + unset($config['installedpackages']['tinydnssync']['config'][0]['ipaddress']); + } + if (isset($config['installedpackages']['tinydnssync']['config'][0]['ipaddress2'])) { + unset($config['installedpackages']['tinydnssync']['config'][0]['ipaddress2']); + } + if (isset($config['installedpackages']['tinydnssync']['config'][0]['ipaddress3'])) { + unset($config['installedpackages']['tinydnssync']['config'][0]['ipaddress3']); + } + if (isset($config['installedpackages']['tinydnssync']['config'][0]['password'])) { + unset($config['installedpackages']['tinydnssync']['config'][0]['password']); + } + if (isset($config['installedpackages']['tinydnssync']['config'][0]['password2'])) { + unset($config['installedpackages']['tinydnssync']['config'][0]['password2']); + } + if (isset($config['installedpackages']['tinydnssync']['config'][0]['password3'])) { + unset($config['installedpackages']['tinydnssync']['config'][0]['password3']); + } + } + if (is_array($config['installedpackages']['tinydns']['config'])) { + if (isset($config['installedpackages']['tinydns']['config'][0]['syncxmlrpc'])) { + unset($config['installedpackages']['tinydns']['config'][0]['syncxmlrpc']); + } + } +} + function tinydns_custom_php_changeip_command() { global $g, $config; conf_mount_rw(); @@ -232,10 +259,18 @@ function tinydns_custom_php_changeip_command() { if(!is_dir("{$g['varrun_path']}/service")) exec("/bin/mkdir -p {$g['varrun_path']}/service"); - exec("/usr/sbin/pw useradd Gtinydns"); - exec("/usr/sbin/pw useradd Gdnslog"); - exec("/usr/sbin/pw useradd Gdnscache"); - exec("/usr/sbin/pw useradd Gaxfrdns"); + if (!exec("/usr/sbin/pw usershow Gtinydns")) { + exec("/usr/sbin/pw useradd Gtinydns"); + } + if (!exec("/usr/sbin/pw usershow Gdnslog")) { + exec("/usr/sbin/pw useradd Gdnslog"); + } + if (!exec("/usr/sbin/pw usershow Gdnscache")) { + exec("/usr/sbin/pw useradd Gdnscache"); + } + if (!exec("/usr/sbin/pw usershow Gaxfrdns")) { + exec("/usr/sbin/pw useradd Gaxfrdns"); + } exec("/bin/rm -r {$g['varetc_path']}/dnscache*"); exec("/bin/rm -r {$g['varrun_path']}/service/dnscache*"); @@ -259,21 +294,14 @@ function tinydns_custom_php_changeip_command() { foreach ($interfaces as $dnsidx => $dnsif) { $dnscacheif = convert_friendly_interface_to_real_interface_name($dnsif); $dnscacheip = find_interface_ip($dnscacheif); - if (intval($config['version']) >= 6) - $ipmask = find_interface_subnet($dnscacheif); - else - $ipmask = $config['interfaces'][$dnsif]['subnet']; - - if (intval($config['version']) <= 8) { - if (is_ipaddr($ipaddress)) - $arr = tinydns_get_ip_subnet_arpa($ipaddress, $ipmask); - } else { - if (is_ipaddrv4($ipaddress)) { - $arr = tinydns_get_ip_subnet_arpa($ipaddress, $ipmask); - } elseif (is_ipaddrv6($ipaddress)) { - $arr = tinydns_get_ip6_subnet_arpa($ipaddress, $ipmask); - } + $ipmask = find_interface_subnet($dnscacheif); + + if (is_ipaddrv4($ipaddress)) { + $arr = tinydns_get_ip_subnet_arpa($ipaddress, $ipmask); + } elseif (is_ipaddrv6($ipaddress)) { + $arr = tinydns_get_ip6_subnet_arpa($ipaddress, $ipmask); } + $dnsuserip = $arr[0]; //exec("/bin/mkdir -p {$g['varetc_path']}/dnscache{$dnsidx}"); exec("/usr/local/bin/dnscache-conf Gdnscache Gdnslog {$g['varetc_path']}/dnscache{$dnsidx} {$dnscacheip}"); @@ -305,7 +333,7 @@ function tinydns_custom_php_changeip_command() { exec("{$svc_path} -xk {$g['varetc_path']}/dnscache{$dnsidx}"); } } else { - $interfaces = explode(",", $$config['installedpackages']['tinydns']['config'][0]['interface']); + $interfaces = explode(",", $config['installedpackages']['tinydns']['config'][0]['interface']); foreach ($interfaces as $dnsidx => $dnsif) { if(is_dir("{$g['varetc_path']}/dnscache{$dnsidx}")) dnscache_use_root_servers($dnsidx); @@ -517,10 +545,7 @@ function tinydns_create_zone_file() { foreach ($interfaces as $dnsif) { $dnsrif = convert_friendly_interface_to_real_interface_name($dnsif); $dnsrip = find_interface_ip($dnsrif); - if (intval($config['version']) >= 6) - $ipmask = find_interface_subnet($dnsrif); - else - $ipmask = $config['interfaces'][$dnsif]['subnet']; + $ipmask = find_interface_subnet($dnsrif); $dhcpdfqdn = "{$dhcpdhostname}.{$dhcpddomain}"; tinydns_complete_soa_record($fd, $dnsrip, $ipmask, $dhcpdhostname, $dhcpddomain); } @@ -544,10 +569,7 @@ function tinydns_create_zone_file() { $dnsrif = convert_friendly_interface_to_real_interface_name($dnsif); $dnsrip = find_interface_ip($dnsrif); - if (intval($config['version']) >= 6) - $ipmask = find_interface_subnet($dnsrif); - else - $ipmask = $config['interfaces'][$dnsif]['subnet']; + $ipmask = find_interface_subnet($dnsrif); $dhcpdfqdn = "{$dhcpdhostname}.{$dhcpddomain}"; tinydns_complete_soa_record($fd, $dnsrip, $ipmask, $dhcpdhostname, $dhcpddomain); @@ -606,15 +628,10 @@ function tinydns_create_zone_file() { if($record_data) { fwrite($fd, $record_data . "\n"); if ($domain['rdns'] || ($domain['recordtype'] == 'PTR')) { - if (intval($config['version']) <= 8) { - if (is_ipaddr($ipaddress)) - $rip = tinydns_get_ip_subnet_arpa($ipaddress, 32); - } else { - if (is_ipaddrv4($ipaddress)) { - $rip = tinydns_get_ip_subnet_arpa($ipaddress, 32); - } elseif (is_ipaddrv6($ipaddress)) { - $rip = tinydns_get_ip6_subnet_arpa($ipaddress, 128); - } + if (is_ipaddrv4($ipaddress)) { + $rip = tinydns_get_ip_subnet_arpa($ipaddress, 32); + } elseif (is_ipaddrv6($ipaddress)) { + $rip = tinydns_get_ip6_subnet_arpa($ipaddress, 128); } if($rip) @@ -651,95 +668,146 @@ function tinydns_create_zone_file() { function tinydns_sync_on_changes() { global $g, $config; - log_error("[tinydns] tinydns_xmlrpc_sync.php is starting."); - $synconchanges = $config['installedpackages']['tinydnssync']['config'][0]['synconchanges']; - if(!$synconchanges) - return; - $sync_hosts = $config['installedpackages']['tinydnssync']['config']; - $previous_ip = ""; - $x=0; - $sh = $config['installedpackages']['tinydnssync']['config'][0]; - for($x=1; $x<5; $x++) { - if($x > 1) - $counter = $x; - else - $counter = ""; - $sync_to_ip = ""; - $password = ""; - if($sh['ipaddress' . $counter]) { - $sync_to_ip = $sh['ipaddress' . $counter]; - $password = $sh['password' . $counter]; + + /* XMLRPC sync */ + if (is_array($config['installedpackages']['tinydnssync']['config'])) { + $tinydns_sync = $config['installedpackages']['tinydnssync']['config'][0]; + $synconchanges = $tinydns_sync['synconchanges']; + $synctimeout = $tinydns_sync['synctimeout'] ?: '250'; + switch ($synconchanges) { + case "manual": + if (is_array($tinydns_sync['row'])) { + $rs = $tinydns_sync['row']; + } else { + log_error("[tinydns] XMLRPC sync is enabled but there are no hosts configured as replication targets."); + return; + } + break; + case "auto": + if (is_array($config['hasync'])) { + $system_carp = $config['hasync']; + $rs[0]['ipaddress'] = $system_carp['synchronizetoip']; + $rs[0]['username'] = $system_carp['username']; + $rs[0]['password'] = $system_carp['password']; + $rs[0]['syncdestinenable'] = FALSE; + + // XMLRPC sync is currently only supported over connections using the same protocol and port as this system + if ($config['system']['webgui']['protocol'] == "http") { + $rs[0]['syncprotocol'] = "http"; + $rs[0]['syncport'] = $config['system']['webgui']['port'] ?: '80'; + } else { + $rs[0]['syncprotocol'] = "https"; + $rs[0]['syncport'] = $config['system']['webgui']['port'] ?: '443'; + } + if ($system_carp['synchronizetoip'] == "") { + log_error("[tinydns] XMLRPC CARP/HA sync is enabled but there are no system backup hosts configured as replication targets."); + return; + } else { + $rs[0]['syncdestinenable'] = TRUE; + } + } else { + log_error("[tinydns] XMLRPC CARP/HA sync is enabled but there are no system backup hosts configured as replication targets."); + return; + } + break; + default: + return; + break; } - if($password && $sync_to_ip) - tinydns_do_xmlrpc_sync($sync_to_ip, $password); - } - tinydns_create_zone_file(); - if ($config['installedpackages']['tinydns']['config'][0]['enableipmonitoring']) { - tinydns_setup_ping_items(); - } - log_error("[tinydns] tinydns_xmlrpc_sync.php is ending."); + if (is_array($rs)) { + log_error("[tinydns] XMLRPC sync is starting."); + foreach ($rs as $sh) { + // Only sync enabled replication targets + if ($sh['syncdestinenable']) { + $sync_to_ip = $sh['ipaddress']; + $port = $sh['syncport']; + $username = $sh['username'] ?: 'admin'; + $password = $sh['password']; + $protocol = $sh['syncprotocol']; + + $error = ''; + $valid = TRUE; + + if ($password == "") { + $error = "Password parameter is empty. "; + $valid = FALSE; + } + if (!is_ipaddr($sync_to_ip) && !is_hostname($sync_to_ip) && !is_domain($sync_to_ip)) { + $error .= "Misconfigured Replication Target IP Address or Hostname. "; + $valid = FALSE; + } + if (!is_port($port)) { + $error .= "Misconfigured Replication Target Port. "; + $valid = FALSE; + } + if ($valid) { + tinydns_do_xmlrpc_sync($sync_to_ip, $port, $protocol, $username, $password, $synctimeout); + } else { + log_error("[tinydns] XMLRPC sync with '{$sync_to_ip}' aborted due to the following error(s): {$error}"); + } + } + } + log_error("[tinydns] tinydns_xmlrpc_sync.php is ending."); + } + } } -function tinydns_do_xmlrpc_sync($sync_to_ip, $password) { +/* Do the actual XMLRPC sync. */ +function tinydns_do_xmlrpc_sync($sync_to_ip, $port, $protocol, $username, $password, $synctimeout) { global $config, $g; - if(!$password) + /* Detect boot process, do nothing during boot. */ + if (function_exists("platform_booting")) { + if (platform_booting()) { + return; + } + } elseif ($g['booting']) { return; + } - if(!$sync_to_ip) + if ($username == "" || $password == "" || $sync_to_ip == "" || $port == "" || $protocol == "") { + log_error("[tinydns] A required XMLRPC sync parameter (username, password, replication target, port or protocol) is empty ... aborting pkg sync"); return; + } - $xmlrpc_sync_neighbor = $sync_to_ip; - if($config['system']['webgui']['protocol'] != "") { - $synchronizetoip = $config['system']['webgui']['protocol']; - $synchronizetoip .= "://"; - } - $port = $config['system']['webgui']['port']; - /* if port is empty lets rely on the protocol selection */ - if($port == "") { - if($config['system']['webgui']['protocol'] == "http") - $port = "80"; - else - $port = "443"; - } - $synchronizetoip .= $sync_to_ip; + // Take care of IPv6 literal address + if (is_ipaddrv6($sync_to_ip)) { + $sync_to_ip = "[{$sync_to_ip}]"; + } - /* xml will hold the sections to sync */ + $url = "{$protocol}://{$sync_to_ip}"; + + /* XML will hold the sections to sync. */ $xml = array(); $xml['tinydnsdomains'] = $config['installedpackages']['tinydnsdomains']; + /* Assemble XMLRPC payload. */ + $params = array(XML_RPC_encode($password), XML_RPC_encode($xml)); - /* assemble xmlrpc payload */ - $params = array( - XML_RPC_encode($password), - XML_RPC_encode($xml) - ); - - /* set a few variables needed for sync code borrowed from filter.inc */ - $url = $synchronizetoip; - log_error("Beginning TinyDNS XMLRPC sync to {$url}:{$port}."); + /* Set a few variables needed for sync code */ $method = 'pfsense.merge_installedpackages_section_xmlrpc'; $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); - $cli->setCredentials('admin', $password); - if($g['debug']) + $cli->setCredentials($username, $password); + if ($g['debug']) { $cli->setDebug(1); - /* send our XMLRPC message and timeout after 250 seconds */ - $resp = $cli->send($msg, "250"); - if(!$resp) { - $error = "A communications error occured while attempting tinydns XMLRPC sync with {$url}:{$port}."; - log_error($error); + } + /* Send our XMLRPC message and timeout after defined sync timeout value */ + $resp = $cli->send($msg, $synctimeout); + if (!$resp) { + $error = "A communications error occured while attempting XMLRPC sync with {$url}:{$port}."; + log_error("[tinydns] {$error}"); file_notice("sync_settings", $error, "tinydns Settings Sync", ""); - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $cli->setDebug(1); - $resp = $cli->send($msg, "250"); - $error = "An error code was received while attempting tinydns XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); - log_error($error); + $resp = $cli->send($msg, $synctimeout); + $error = "An error code was received while attempting XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error("[tinydns] {$error}"); file_notice("sync_settings", $error, "tinydns Settings Sync", ""); } else { - log_error("tinydns XMLRPC sync successfully completed with {$url}:{$port}."); + log_error("[tinydns] XMLRPC sync successfully completed with {$url}:{$port}."); } - /* tell tinydns to reload our settings on the destionation sync host. */ + /* Tell tinydns to reload our settings on the destionation sync host. */ $method = 'pfsense.exec_php'; $execcmd = "require_once('functions.inc');\n"; $execcmd .= "require_once('/usr/local/pkg/tinydns.inc');\n"; @@ -749,31 +817,27 @@ function tinydns_do_xmlrpc_sync($sync_to_ip, $password) { $execcmd .= "tinydns_setup_ping_items();\n"; } - /* assemble xmlrpc payload */ - $params = array( - XML_RPC_encode($password), - XML_RPC_encode($execcmd) - ); + /* Assemble XMLRPC payload. */ + $params = array(XML_RPC_encode($password), XML_RPC_encode($execcmd)); - log_error("tinydns XMLRPC reload data {$url}:{$port}."); + log_error("[tinydns] XMLRPC reload data {$url}:{$port}."); $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); - $cli->setCredentials('admin', $password); - $resp = $cli->send($msg, "250"); - if(!$resp) { - $error = "A communications error occured while attempting tinydns XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; - log_error($error); + $cli->setCredentials($username, $password); + $resp = $cli->send($msg, $synctimeout); + if (!$resp) { + $error = "A communications error occured while attempting XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + log_error("[tinydns] {$error}"); file_notice("sync_settings", $error, "tinydns Settings Sync", ""); - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $cli->setDebug(1); - $resp = $cli->send($msg, "250"); - $error = "An error code was received while attempting tinydns XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); - log_error($error); + $resp = $cli->send($msg, $synctimeout); + $error = "An error code was received while attempting XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error("[tinydns] {$error}"); file_notice("sync_settings", $error, "tinydns Settings Sync", ""); } else { - log_error("tinydns XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + log_error("[tinydns] XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); } - } /* formats data as a tinydns data row item */ @@ -789,18 +853,15 @@ function tinydns_get_rowline_data($recordip, $recordtype, $ttl, $hostname, $rdns /* Note that some of these are simplistic versions of TinyDNS record handling. Uber-users can always do "raw" entries... */ case "SOA": // .fqdn:ip:x:ttl:timestamp:lo - if (intval($config['version']) <= 8) { - $record_data = ".{$hostname}::{$recordip}{$ttl_string}"; + if (is_ipaddrv6($hostname)) { + list($rip, $rmask) = explode("/", $hostname); + $rmask = empty($rmask) ? 128 : $rmask; + $ip6_arpa = tinydns_get_ip6_subnet_arpa($rip, $rmask); + $record_data = ".{$ip6_arpa[1]}::{$recordip}{$ttl_string}"; } else { - if (is_ipaddrv6($hostname)) { - list($rip, $rmask) = explode("/", $hostname); - $rmask = empty($rmask) ? 128 : $rmask; - $ip6_arpa = tinydns_get_ip6_subnet_arpa($rip, $rmask); - $record_data = ".{$ip6_arpa[1]}::{$recordip}{$ttl_string}"; - } else { - $record_data = ".{$hostname}::{$recordip}{$ttl_string}"; - } + $record_data = ".{$hostname}::{$recordip}{$ttl_string}"; } + break; case "NS": // &serious.panic.mil:1.8.248.6:a @@ -832,17 +893,11 @@ function tinydns_get_rowline_data($recordip, $recordtype, $ttl, $hostname, $rdns case "PTR": /* "^" creates "PTR" record only to allow reverse DNS */ // ^fqdn:p:ttl:timestamp:lo - - if (intval($config['version']) <= 8) { - if (is_ipaddr($recordip)) - $record_data = "^{$hostname}:{$recordip}{$ttl_string}"; - } else { - if (is_ipaddrv4($recordip)) { - $record_data = "^{$hostname}:{$recordip}{$ttl_string}"; - } elseif (is_ipaddrv6($recordip)) { - $ip6_arpa = tinydns_get_ip6_subnet_arpa($recordip, 128); - $record_data = "^{$ip6_arpa[1]}:{$hostname}{$ttl_string}"; - } + if (is_ipaddrv4($recordip)) { + $record_data = "^{$hostname}:{$recordip}{$ttl_string}"; + } elseif (is_ipaddrv6($recordip)) { + $ip6_arpa = tinydns_get_ip6_subnet_arpa($recordip, 128); + $record_data = "^{$ip6_arpa[1]}:{$hostname}{$ttl_string}"; } break; case "A": @@ -1016,15 +1071,10 @@ function tinydns_complete_soa_record($fd, $ip, $ipmask, $nsname, $domain) { global $config; $fqdn = "{$nsname}.{$domain}"; - if (intval($config['version']) <= 8) { - if (is_ipaddr($ipaddress)) - $rip = tinydns_get_ip_subnet_arpa($ipaddress, $ipmask); - } else { - if (is_ipaddrv4($ipaddress)) { - $rip = tinydns_get_ip_subnet_arpa($ipaddress, $ipmask); - } elseif (is_ipaddrv6($ipaddress)) { - $rip = tinydns_get_ip6_subnet_arpa($ipaddress, $ipmask); - } + if (is_ipaddrv4($ipaddress)) { + $rip = tinydns_get_ip_subnet_arpa($ipaddress, $ipmask); + } elseif (is_ipaddrv6($ipaddress)) { + $rip = tinydns_get_ip6_subnet_arpa($ipaddress, $ipmask); } $soa = ".{$domain}::{$fqdn}"; @@ -1181,53 +1231,20 @@ function tinydns_dnscache_forwarding_servers($index) { global $g, $config; exec("echo 1 > {$g['varetc_path']}/dnscache{$index}/env/FORWARDONLY"); - if(is_dir("{$g['varetc_path']}/dnscache{$index}/root/servers/")) + if (is_dir("{$g['varetc_path']}/dnscache{$index}/root/servers/")) { exec("rm -R {$g['varetc_path']}/dnscache/root/servers/"); + } exec("/bin/mkdir -p {$g['varetc_path']}/dnscache{$index}/root/servers/"); - if (intval($config['version']) >= 6) - if (!empty(glob("{$g['varetc_path']}/nameserver_*"))) { - exec("/bin/cat {$g['varetc_path']}/nameserver_* > {$g['varetc_path']}/dnscache{$index}/root/servers/@"); - } else { - $fw = fopen("{$g['varetc_path']}/dnscache{$index}/root/servers/@", "w"); - if (! $fw) { - printf("Error: cannot open dnscache/root/servers/@ in tinydns_register_forwarding_servers().\n"); - return 1; - } - fwrite($fw, $config['system']['dnsserver'][0]); - fclose($fw); - } - else { - $fr = fopen("{$g['varetc_path']}/resolv.conf.dnscache", "r"); - if (! $fr) { - printf("Error: cannot open resolv.conf.dnscache in tinydns_register_forwarding_servers().\n"); - return 1; - } - $lip = strlen("nameserver") + 1; - $j = 0; - $iprecords = ""; - while (!feof($fr)) { - $routers = fgets($fr, 4096); - $discard = ($routers[0] == "\n"); - if(!$discard) { - if ($routerip = strstr($routers,"nameserver")) { - $routerip = substr($routerip,$lip); - if($routerip) { - $j += 1; - $routera = "{$routerip}"; - $iprecords .= $routera; - } - } - } - } - fclose($fr); - $fr = fopen("{$g['varetc_path']}/dnscache{$index}/root/servers/@", "w"); - if (! $fr) { - printf("Error: cannot write to {$g['varetc_path']}/dnscache{$index}/root/servers/@ in tinydns_dnscache_forwarding_servers().\n"); + if (!empty(glob("{$g['varetc_path']}/nameserver_*"))) { + exec("/bin/cat {$g['varetc_path']}/nameserver_* > {$g['varetc_path']}/dnscache{$index}/root/servers/@"); + } else { + $fw = fopen("{$g['varetc_path']}/dnscache{$index}/root/servers/@", "w"); + if (!$fw) { + printf("Error: cannot open dnscache/root/servers/@ in tinydns_register_forwarding_servers().\n"); return 1; } - if($iprecords) - fwrite($fr, $iprecords); - fclose($fr); + fwrite($fw, $config['system']['dnsserver'][0]); + fclose($fw); } } diff --git a/config/tinydns/tinydns.xml b/config/tinydns/tinydns.xml index 55ee3269..bbb1cfa2 100644 --- a/config/tinydns/tinydns.xml +++ b/config/tinydns/tinydns.xml @@ -44,7 +44,7 @@ ]]> </copyright> <name>tinydns</name> - <version>1.0</version> + <version>1.0.6.24</version> <title>DNS Server: Settings</title> <aftersaveredirect>/pkg_edit.php?xml=tinydns.xml&id=0</aftersaveredirect> <include_file>/usr/local/pkg/tinydns.inc</include_file> @@ -59,13 +59,13 @@ <rcfile>svscan.sh</rcfile> <executable>svscan</executable> <description>Daemontools service directory watcher</description> - </service> + </service> <service> <name>DNS Server</name> <rcfile>tinydns.sh</rcfile> <executable>tinydns</executable> <description>TinyDNS DNS Server</description> - </service> + </service> <tabs> <tab> <text>Settings</text> @@ -99,10 +99,6 @@ <item>https://packages.pfsense.org/packages/config/tinydns/tinydns.inc</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/pkg/pf/</prefix> - <item>https://packages.pfsense.org/packages/config/tinydns/tinydns_xmlrpc_sync.php</item> - </additional_files_needed> - <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <item>https://packages.pfsense.org/packages/config/tinydns/tinydns_domains.xml</item> </additional_files_needed> @@ -149,8 +145,7 @@ <field> <type>listtopic</type> <name>Binding IP Address</name> - <fieldname>temp</fieldname> - </field> + </field> <field> <fielddescr>IP Address</fielddescr> <fieldname>ipaddress</fieldname> @@ -160,8 +155,7 @@ <field> <type>listtopic</type> <name>Recursive DNS Resolver</name> - <fieldname>temp</fieldname> - </field> + </field> <field> <fielddescr>Enable recursive DNS responder</fielddescr> <fieldname>enableforwarding</fieldname> @@ -197,7 +191,6 @@ <field> <type>listtopic</type> <name>IP Monitoring</name> - <fieldname>temp</fieldname> </field> <field> <fielddescr>Enable IP monitoring</fielddescr> @@ -213,19 +206,7 @@ </field> <field> <type>listtopic</type> - <name>Sync TinyDNS settings via XMLRPC</name> - <fieldname>temp</fieldname> - </field> - <field> - <fielddescr>XMLRPC Sync</fielddescr> - <fieldname>syncxmlrpc</fieldname> - <description>Sync TinyDNS configuration to backup firewalls</description> - <type>checkbox</type> - </field> - <field> - <type>listtopic</type> <name>Zone transfers</name> - <fieldname>temp</fieldname> </field> <field> <fielddescr>Hosts allowed to perform DNS Zone Transfers - Note: this requires TCP port 53 firewall permit rule!</fielddescr> @@ -245,7 +226,7 @@ <description>Enter the DNS zone that this IP address is allowed to transfer (ex: domain.com)</description> <type>input</type> <size>20</size> - </rowhelperfield> + </rowhelperfield> </rowhelper> </field> </fields> @@ -254,7 +235,7 @@ tinydns_custom_php_install_command(); tinydns_create_zone_file(); tinydns_setup_ping_items(); - tinydns_sync_on_changes(); + tinydns_sync_on_changes(); </custom_delete_php_command> <custom_php_validation_command> tinydns_validate(); @@ -264,26 +245,24 @@ tinydns_custom_php_install_command(); tinydns_create_zone_file(); tinydns_setup_ping_items(); - tinydns_sync_on_changes(); + tinydns_sync_on_changes(); </custom_add_php_command> <custom_php_resync_config_command> tinydns_custom_php_changeip_command(); tinydns_custom_php_install_command(); tinydns_create_zone_file(); tinydns_setup_ping_items(); - tinydns_sync_on_changes(); + tinydns_sync_on_changes(); </custom_php_resync_config_command> <custom_php_install_command> tinydns_custom_php_install_command(); - tinydns_sync_on_changes(); + tinydns_upgrade_config(); </custom_php_install_command> <custom_php_deinstall_command> tinydns_custom_php_deinstall_command(); - tinydns_sync_on_changes(); </custom_php_deinstall_command> <custom_php_command_before_form> <![CDATA[ - unset($_POST['temp']); if (!is_process_running("svscan")) { $savemsg = "NOTE: svscan is not running. Please <a href='/status_services.php?mode=restartservice&service=svscan'>start svscan</a> to bring up the DNS Server"; } diff --git a/config/tinydns/tinydns_dhcp_filter.php b/config/tinydns/tinydns_dhcp_filter.php index 85f5f8e7..5b245d7f 100644 --- a/config/tinydns/tinydns_dhcp_filter.php +++ b/config/tinydns/tinydns_dhcp_filter.php @@ -1,10 +1,10 @@ <?php -/* $Id$ */ /* tinydns_dhcp_filter.php + part of pfSense (https://www.pfSense.org/) Copyright (C) 2006 Scott Ullrich - Parts Copyright (C) 2007 Goffredo Andreone <GAndreone@imapro.com> - part of pfSense + Copyright (C) 2007 Goffredo Andreone + Copyright (C) 2015 ESF, LLC All rights reserved. Redistribution and use in source and binary forms, with or without @@ -39,21 +39,17 @@ require("/usr/local/pkg/tinydns.inc"); require("guiconfig.inc"); +$closehead = false; $pgtitle = "TinyDNS: DHCP Domains"; include("head.inc"); -$pf_version=substr(trim(file_get_contents("/etc/version")),0,3); -if ($pf_version < 2.0) - $one_two = true; - ?> +<meta http-equiv="refresh" content="60;url=<?php print $_SERVER['SCRIPT_NAME']; ?>"> +</head> + <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> -<?php if($one_two): ?> -<p class="pgtitle"><?=$pgtitle?></font></p> -<?php endif; ?> - <?php if ($savemsg) print_info_box($savemsg); ?> <div id="mainlevel"> @@ -64,7 +60,7 @@ if ($pf_version < 2.0) $tab_array[] = array(gettext("Add/Edit Record"), false, "/tinydns_filter.php"); $tab_array[] = array(gettext("Failover Status"), false, "/tinydns_status.php"); $tab_array[] = array(gettext("Logs"), false, "/tinydns_view_logs.php"); - $tab_array[] = array(gettext("Zone Sync"), false, "/tinydns_xmlrpc_sync.php"); + $tab_array[] = array(gettext("Zone Sync"), false, "/pkg_edit.php?xml=tinydns_sync.xml"); $tab_array[] = array(gettext("New domain wizard"), false, "/wizard.php?xml=new_zone_wizard.xml"); display_top_tabs($tab_array); ?> @@ -124,6 +120,5 @@ while ($startofrecord < $datalen ){ </table> </div> <?php include("fend.inc"); ?> -<meta http-equiv="refresh" content="60;url=<?php print $_SERVER['SCRIPT_NAME']; ?>"> </body> </html> diff --git a/config/tinydns/tinydns_sync.xml b/config/tinydns/tinydns_sync.xml index 5fe8ac77..2f7da455 100644 --- a/config/tinydns/tinydns_sync.xml +++ b/config/tinydns/tinydns_sync.xml @@ -2,48 +2,48 @@ <!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> + <![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - tinydns_sync.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2008 Scott Ullrich - All rights reserved. - */ -/* ========================================================================== */ + tinydns_sync.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2008 Scott Ullrich + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>tinydnssync</name> - <version>1.0</version> - <title>TinyDNS: Manual Sync</title> + <version>1.0.6.24</version> + <title>TinyDNS: XMLRPC Sync</title> <include_file>/usr/local/pkg/tinydns.inc</include_file> <tabs> <tab> @@ -76,71 +76,89 @@ <fields> <field> <type>listtopic</type> - <fieldname>temp</fieldname> - <name>Enable DNS zone sync</name> + <name>DNS zone synchronization</name> </field> <field> - <fielddescr>Enable DNS zone synchronization</fielddescr> + <fielddescr>Enable synchronization</fielddescr> <fieldname>synconchanges</fieldname> - <description>pfSense will automatically sync changes to the hosts defined below.</description> - <type>checkbox</type> - </field> - <field> - <type>listtopic</type> - <name>Sync host #1</name> - <fieldname>temp</fieldname> - </field> - <field> - <fielddescr>IP Address</fielddescr> - <fieldname>ipaddress</fieldname> - <description>IP address of the first TinyDNS sync host.</description> - <type>input</type> - </field> - <field> - <fielddescr>Password</fielddescr> - <fieldname>password</fieldname> - <description>Admin password of the first TinyDNS sync host.</description> - <type>password</type> + <description> + <![CDATA[ + Select a sync method for TinyDNS.<br/><br/> + <strong>Important:</strong> While using "Sync to host(s) defined below", only sync from host A to B, A to C but <strong>do not</strong> enable XMLRPC sync <b>to</b> A. + This will result in a loop! + ]]> + </description> + <type>select</type> + <required/> + <default_value>disabled</default_value> + <options> + <option><name>Sync to configured system backup server</name><value>auto</value></option> + <option><name>Sync to host(s) defined below</name><value>manual</value></option> + <option><name>Do not sync this package configuration</name><value>disabled</value></option> + </options> </field> <field> - <type>listtopic</type> - <name>Sync host #2</name> - <fieldname>temp</fieldname> - </field> - <field> - <fielddescr>IP Address 2</fielddescr> - <fieldname>ipaddress2</fieldname> - <description>IP address of the second TinyDNS sync host. (optional)</description> - <type>input</type> - </field> - <field> - <fielddescr>Password 2</fielddescr> - <fieldname>password2</fieldname> - <description>Admin password of the second TinyDNS sync host.</description> - <type>password</type> - </field> - <field> - <type>listtopic</type> - <name>Sync host #3</name> - <fieldname>temp</fieldname> - </field> - <field> - <fielddescr>IP Address 3</fielddescr> - <fieldname>ipaddress3</fieldname> - <description>IP address of the third TinyDNS sync host. (optional)</description> - <type>input</type> + <fielddescr>Sync Timeout</fielddescr> + <fieldname>synctimeout</fieldname> + <description>XMLRPC timeout in seconds.</description> + <type>select</type> + <required/> + <default_value>250</default_value> + <options> + <option><name>250 seconds (Default)</name><value>250</value></option> + <option><name>120 seconds</name><value>120</value></option> + <option><name>90 seconds</name><value>90</value></option> + <option><name>60 seconds</name><value>60</value></option> + <option><name>30 seconds</name><value>30</value></option> + </options> </field> <field> - <fielddescr>Password 3</fielddescr> - <fieldname>password3</fieldname> - <description>Admin password of the third TinyDNS sync host.</description> - <type>password</type> + <fielddescr>Replication Targets</fielddescr> + <fieldname>none</fieldname> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>Enable</fielddescr> + <fieldname>syncdestinenable</fieldname> + <description><![CDATA[Enable this host as a replication target]]></description> + <type>checkbox</type> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Protocol</fielddescr> + <fieldname>syncprotocol</fieldname> + <description><![CDATA[Choose the protocol used to sync with the destination host (HTTP or HTTPS).]]></description> + <type>select</type> + <default_value>HTTP</default_value> + <options> + <option><name>HTTP</name><value>http</value></option> + <option><name>HTTPS</name><value>https</value></option> + </options> + </rowhelperfield> + <rowhelperfield> + <fielddescr>IP Address/Hostname</fielddescr> + <fieldname>ipaddress</fieldname> + <description><![CDATA[IP address or hostname of the destination host.]]></description> + <type>input</type> + <size>40</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Port</fielddescr> + <fieldname>syncport</fieldname> + <description><![CDATA[Choose the sync port of the destination host.]]></description> + <type>input</type> + <size>3</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Admin Password</fielddescr> + <fieldname>password</fieldname> + <description><![CDATA[Password of the user "admin" on the destination host.]]></description> + <type>password</type> + <size>20</size> + </rowhelperfield> + </rowhelper> </field> </fields> <custom_php_resync_config_command> tinydns_sync_on_changes(); </custom_php_resync_config_command> - <custom_php_command_before_form> - unset($_POST['temp']); - </custom_php_command_before_form> -</packagegui>
\ No newline at end of file +</packagegui> diff --git a/config/tinydns/tinydns_xmlrpc_sync.php b/config/tinydns/tinydns_xmlrpc_sync.php deleted file mode 100644 index 0610e286..00000000 --- a/config/tinydns/tinydns_xmlrpc_sync.php +++ /dev/null @@ -1,59 +0,0 @@ -<?php - -/* $Id$ */ -/* - tinydns_xmlrcpc_sync.php - Copyright (C) 2006 Scott Ullrich - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/* NOTE: this file gets included from the pfSense filter.inc plugin process */ - -require_once("config.inc"); -require_once("/usr/local/pkg/tinydns.inc"); -require_once("service-utils.inc"); - -if($notnow) { - - /* disabled until Ticket #1318 can be fixed */ - - if(!$config) { - log_error("\$config is not enabled from tinydns_xmlrpc_sync.php!!"); - } else { - if($config['installedpackages']['carpsettings']['config']) - $password = $config['installedpackages']['carpsettings']['config'][0]['password']; - if($config['installedpackages']['carpsettings']['config']) - $syncip = $config['installedpackages']['carpsettings']['config'][0]['synchronizetoip']; - if($config['installedpackages']['carpsettings']['config']) - $syncxmlrpc = $config['installedpackages']['tinydns']['config'][0]['syncxmlrpc']; - /* option enabled? */ - if($syncxmlrpc) - if($syncip) - if($password) - tinydns_do_xmlrpc_sync($syncip, $password); - } - -} - -?>
\ No newline at end of file |