2016-08-19 17:14:17 -07:00
|
|
|
package dnssec
|
2016-04-26 17:57:11 +01:00
|
|
|
|
|
|
|
|
import (
|
2016-04-27 10:48:22 +00:00
|
|
|
"strings"
|
2016-04-26 17:57:11 +01:00
|
|
|
|
2016-08-19 17:14:17 -07:00
|
|
|
"github.com/miekg/coredns/core/dnsserver"
|
2016-04-26 17:57:11 +01:00
|
|
|
"github.com/miekg/coredns/middleware"
|
2016-08-19 17:14:17 -07:00
|
|
|
|
2016-10-17 05:04:36 -07:00
|
|
|
"github.com/hashicorp/golang-lru"
|
2016-08-19 17:14:17 -07:00
|
|
|
"github.com/mholt/caddy"
|
2016-04-26 17:57:11 +01:00
|
|
|
)
|
|
|
|
|
|
2016-08-19 17:14:17 -07:00
|
|
|
func init() {
|
|
|
|
|
caddy.RegisterPlugin("dnssec", caddy.Plugin{
|
|
|
|
|
ServerType: "dns",
|
|
|
|
|
Action: setup,
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func setup(c *caddy.Controller) error {
|
2016-04-26 17:57:11 +01:00
|
|
|
zones, keys, err := dnssecParse(c)
|
|
|
|
|
if err != nil {
|
2016-09-10 09:16:25 +01:00
|
|
|
return middleware.Error("dnssec", err)
|
2016-04-26 17:57:11 +01:00
|
|
|
}
|
|
|
|
|
|
2016-10-17 05:04:36 -07:00
|
|
|
cache, err := lru.New(defaultCap)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2016-09-19 11:26:00 +01:00
|
|
|
dnsserver.GetConfig(c).AddMiddleware(func(next middleware.Handler) middleware.Handler {
|
2016-10-17 05:04:36 -07:00
|
|
|
return New(zones, keys, next, cache)
|
2016-08-19 17:14:17 -07:00
|
|
|
})
|
|
|
|
|
|
|
|
|
|
return nil
|
2016-04-26 17:57:11 +01:00
|
|
|
}
|
|
|
|
|
|
2016-08-19 17:14:17 -07:00
|
|
|
func dnssecParse(c *caddy.Controller) ([]string, []*DNSKEY, error) {
|
2016-04-26 17:57:11 +01:00
|
|
|
zones := []string{}
|
|
|
|
|
|
2016-08-19 17:14:17 -07:00
|
|
|
keys := []*DNSKEY{}
|
2016-04-26 17:57:11 +01:00
|
|
|
for c.Next() {
|
|
|
|
|
if c.Val() == "dnssec" {
|
|
|
|
|
// dnssec [zones...]
|
2016-08-19 17:14:17 -07:00
|
|
|
zones = make([]string, len(c.ServerBlockKeys))
|
|
|
|
|
copy(zones, c.ServerBlockKeys)
|
2016-04-26 17:57:11 +01:00
|
|
|
args := c.RemainingArgs()
|
|
|
|
|
if len(args) > 0 {
|
|
|
|
|
zones = args
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for c.NextBlock() {
|
|
|
|
|
k, e := keyParse(c)
|
|
|
|
|
if e != nil {
|
2016-04-27 10:48:22 +00:00
|
|
|
return nil, nil, e
|
2016-04-26 17:57:11 +01:00
|
|
|
}
|
|
|
|
|
keys = append(keys, k...)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-09-23 09:14:12 +01:00
|
|
|
for i := range zones {
|
2016-04-26 17:57:11 +01:00
|
|
|
zones[i] = middleware.Host(zones[i]).Normalize()
|
|
|
|
|
}
|
|
|
|
|
return zones, keys, nil
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-19 17:14:17 -07:00
|
|
|
func keyParse(c *caddy.Controller) ([]*DNSKEY, error) {
|
|
|
|
|
keys := []*DNSKEY{}
|
2016-04-26 17:57:11 +01:00
|
|
|
|
|
|
|
|
what := c.Val()
|
|
|
|
|
if !c.NextArg() {
|
|
|
|
|
return nil, c.ArgErr()
|
|
|
|
|
}
|
|
|
|
|
value := c.Val()
|
|
|
|
|
switch what {
|
|
|
|
|
case "key":
|
|
|
|
|
if value == "file" {
|
|
|
|
|
ks := c.RemainingArgs()
|
|
|
|
|
for _, k := range ks {
|
|
|
|
|
base := k
|
2016-04-27 10:48:22 +00:00
|
|
|
// Kmiek.nl.+013+26205.key, handle .private or without extension: Kmiek.nl.+013+26205
|
|
|
|
|
if strings.HasSuffix(k, ".key") {
|
|
|
|
|
base = k[:len(k)-4]
|
|
|
|
|
}
|
|
|
|
|
if strings.HasSuffix(k, ".private") {
|
|
|
|
|
base = k[:len(k)-8]
|
2016-04-26 17:57:11 +01:00
|
|
|
}
|
2016-08-19 17:14:17 -07:00
|
|
|
k, err := ParseKeyFile(base+".key", base+".private")
|
2016-04-26 17:57:11 +01:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
keys = append(keys, k)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return keys, nil
|
|
|
|
|
}
|
