0) { zone_edit_plus($zonedn); } else { new_zone($HTTP_GET_VARS[zonename]); } } include("footer.inc"); break; case "editzone": connect_ldap(); include("mainheader.inc"); if (isset($HTTP_POST_VARS[modifysoa])) { modify_zone_soa($HTTP_POST_VARS[zonedn]); log_action("modify_zone_soa: $HTTP_POST_VARS[zonedn]"); } elseif (isset($HTTP_POST_VARS[addrrset])) { add_rrset($HTTP_POST_VARS[zonedn]); log_action("add_rrset: $HTTP_POST_VARS[zonedn]"); } elseif (isset($HTTP_POST_VARS[modifyrrset])) { if (isset($HTTP_POST_VARS[deleterrset])) { delete_rrset($HTTP_POST_VARS[zonedn], $HTTP_POST_VARS[setdn]); log_action("delete_rrset: $HTTP_POST_VARS[setdn]"); } else { modify_rrset($HTTP_POST_VARS[zonedn], $HTTP_POST_VARS[setdn]); log_action("modify_rrset: ".$HTTP_POST_VARS[setdn]); } } if (isset($HTTP_GET_VARS[zonedn])) zone_edit_plus($HTTP_GET_VARS[zonedn]); elseif (isset($HTTP_POST_VARS[zonedn])) edit_zone_attrs($HTTP_POST_VARS[zonedn]); include("footer.inc"); break; case "newzone": connect_ldap(); include("mainheader.inc"); new_zone(); include("footer.inc"); break; case "addzone": connect_ldap(); include("mainheader.inc"); zone_edit_plus(add_zone()); include("footer.inc"); break; case "removezone": connect_ldap(); if (isset($HTTP_GET_VARS[zonedn]) && remove_zone($HTTP_GET_VARS[zonedn])) { include("xearthheader.inc"); include("footer.inc"); } break; } } function full_dns_list() { global $ldap, $BASEDN, $ZONEEDIT, $HTTP_GET_VARS; $letters = array( "0-9","A","B","C","D","E","F","G","H","I","J","K","L","M","N","O","P","Q-R","S","T","U","V","W","X-Z" ); if (isset($HTTP_GET_VARS[wait])) sleep($HTTP_GET_VARS[wait]); if (isset($HTTP_GET_VARS[selet])) $selet = $HTTP_GET_VARS[selet]; ?>
 Find   
" TARGET="main">   Add new Zone
". "". "...$let
\n"; } else { $newselet = $selet.$let; print "". "". "...$let
\n"; continue; } $filter = "(&(objectclass=dnszone)"; if (ereg("([0-9A-Z])-([0-9A-Z])", $let, $regs)) { $filter .= "(|"; for ($i = ord($regs[1]); $i<=ord($regs[2]); $i++) { $filter .= "(cn=".chr($i)."*)"; } $filter .= "))"; } else { $filter .= "(cn=$let*))"; } $query = ldap_search($ldap, $BASEDN, $filter); //ldap_sort($ldap, $query, "cn"); $entries = ldap_get_entries($ldap, $query); ldap_free_result($query); for ($i = 0; $i<$entries[count]; $i++) { $zonedn = $entries[$i]["dn"]; $zonename = $entries[$i]["dnszonename"][0]; $tree2 = ($i==$entries[count]-1 ? "end" : "cont"); print "". "". " $zonename
\n"; } print "\n"; } #print "Without DNS-lookup
\n"; } else { print "With DNS-lookup
\n"; } } function individual_dns_list() { global $ldap, $binddn, $BASEDN, $ZONEEDIT, $HTTP_GET_VARS; $query = ldap_search($ldap, $BASEDN, "(&(objectclass=DNSzone)(owner=$binddn))"); $entries = ldap_get_entries($ldap, $query); for ($i = 0; $i<$entries[count]; $i++) { $zonedn = $entries[$i][dn]; $zonename = $entries[$i][dnszonename][0]; $tree = ($i==$entries[count]-1 ? "end" : "cont"); print "". "". " $zonename
\n"; } } function search_zone($zonename) { global $ldap, $BASEDN; $filter = "(&(objectclass=dnszone)(dnszonename=$zonename))"; $query = ldap_search($ldap, $BASEDN, $filter); $entries = ldap_get_entries($ldap, $query); if ($entries[count]>1) { $mesg = "Ambigous zonenames $zonename in
"; for ($i = 0; $i<$entries[count]; $i++) { $mesg .= "dn: ". $entries[$i]["dn"]."
"; } print "

Warning: $mesg

"; exit; } if ($entries[count]==1) { return $entries[0][dn]; } else switch (authorized($zonename)) { case -2: error_confirm("The zone does not belong to a valid top level domain"); exit; case -1: error_confirm("The zone is owned by someone else"); print_whois($zonename); exit; default: return; } } function print_zone_soa($zonedata, $constr) { print "Serial: "; if (ereg("[amo]", $constr)) { print ""; } else { print " ".$zonedata["dnsserial"]." "; } print "Refresh: "; if (ereg("[amo]", $constr)) { print ""; } else { print " ".$zonedata["dnsrefresh"]." "; } print "\nRetry: "; if (ereg("[amo]", $constr)) { print ""; } else { print " ".$zonedata["dnsretry"]." "; } print "\nExpire: "; if (ereg("[amo]", $constr)) { print ""; } else { print " ".$zonedata["dnsexpire"]." "; } print "\nMinimum: "; if (ereg("[amo]", $constr)) { print ""; } else { print " ".$zonedata["dnsminimum"]." "; } print "\nAdminmailbox: "; if (ereg("[amo]", $constr)) { print ""; } else { print " ".$zonedata["dnsadminmailbox"]." "; } print "\nZonemaster: "; if (ereg("[amo]", $constr)) { print ""; } else { print " ".$zonedata["dnszonemaster"]." "; } print "\nTime to live: "; if (ereg("[amo]", $constr)) { print ""; } else { print " ".$zonedata["dnsttl"]." "; } print "\n"; } function get_zone_name($zonedn) { global $ldap; $query = ldap_read($ldap, $zonedn, "(objectclass=dnszone)", array("dnszonename")); $entries = ldap_get_entries($ldap, $query); $zonename = $entries[0][dnszonename][0]; ldap_free_result($query); return $zonename; } function modify_zone_soa($zonedn) { global $ldap, $ZONE_INFO, $HTTP_POST_VARS; $zonename = get_zone_name($zonedn); $entry = array(); foreach ($ZONE_INFO as $za) { if (strlen($HTTP_POST_VARS["$za"])>0) $entry["$za"] = $HTTP_POST_VARS["$za"]; } if (ereg("[a]", check_constraint($zonedn))) { $entry[dnszonename] = array("$zonename"); for ($i = 0; isset($HTTP_POST_VARS["dnszonename$i"]); $i++) { if (strlen($HTTP_POST_VARS["dnszonename$i"])>3) array_push($entry[dnszonename], $HTTP_POST_VARS["dnszonename$i"]); } } ldap_modify($ldap, $zonedn, $entry) or die("ldap_modify failed to update SOA for $zonedn"); } function authorized($zonename) { return 1; } function zone_edit_plus($zonedn) { $zonename = get_zone_name($zonedn); $auth = authorized($zonename); if ($auth==1) { print "

The nameserver is active and authorized to handle this zone

\n"; edit_zone_attrs($zonedn); print_whois($zonename); } elseif ($auth==0) { print "

The nameserver is not active for this zone

\n"; edit_zone_attrs($zonedn); print_whois($zonename); } elseif ($auth==-1) { print "

The nameserver is not authorized to handle this zone

\n"; edit_zone_attrs($zonedn); print_whois($zonename); } else { print "

Zone $zonename does not not belong to a valid TLD

\n"; delete_zone(); } } function edit_zone_attrs($zonedn) { global $ldap, $ZONE_INFO, $ZONEEDIT, $HTTP_GET_VARS, $HTTP_POST_VARS; if (isset($HTTP_GET_VARS[selet])) $selet = $HTTP_GET_VARS[selet]; elseif (isset($HTTP_POST_VARS[selet])) $selet = $HTTP_POST_VARS[selet]; $query = ldap_read($ldap, $zonedn, "(objectclass=dnszone)"); $entries = ldap_get_entries($ldap, $query); $zonename = $entries[0][dnszonename][0]; ldap_free_result($query); $zonedn = $entries[0][dn]; $zonename0 = $entries[0][dnszonename][0]; $zonenames = array(); for ($i = 1; $i<$entries[0][dnszonename][count]; $i++) { array_push($zonenames, $entries[0][dnszonename][$i]); } $zonedata = array(); foreach ($ZONE_INFO as $za) { $zonedata[$za] = $entries[0][$za][0]; } print "

Edit DNS zone $zonename0

"; $zoneconstr = check_constraint($zonedn); if (ereg("[a]", $zoneconstr)) { # Print modifiable table for SOA if (ereg("[f]", $selet)) { print "
". "". ""; } else { print "". "". "". ""; } print "\n"; $zc = 0; foreach ($zonenames as $zn) { print "\n"; $zc++; } if (ereg("[a]", $zoneconstr)) { print "\n"; } print_zone_soa($zonedata, $zoneconstr); print "
Aliasing Zonename: "; if (ereg("[a]", $zoneconstr)) print ""; else print "$zn"; print "
Add aliasing Zonename: ". "
". "

"; } else { # Print non-modifiable table for SOA print "\n"; foreach ($zonenames as $zn) { print "\n"; } print_zone_soa($zonedata, $zoneconstr); print "
Aliasing Zonename: $zn

\n"; } # Tables for RRsets $query = ldap_list($ldap, $zonedn, "(objectclass=dnsrrset)"); $rrsets = ldap_get_entries($ldap, $query); ldap_free_result($query); print "\n". "". "\n"; for ($i = 0; $i<$rrsets[count]; $i++) { $setdn = $rrsets[$i][dn]; $setconstr = $zoneconstr.check_constraint($setdn); $domainname = $rrsets[$i][dnsdomainname][0]; $ipaddr = $rrsets[$i][dnsipaddr]; $cipaddr = $rrsets[$i][dnscipaddr][0]; $cname = $rrsets[$i][dnscname][0]; $type = $rrsets[$i][dnstype][0]; $ttl = $rrsets[$i][dnsttl][0]; $preference = $rrsets[$i][dnspreference][0]; if (ereg("[amo]", $setconstr)) { if (ereg("[f]", $selet)) { print "". "". "". "". ""; } else { print "". "". "". ""; } } if (ereg("[amo]", $setconstr)) { print "
Delete"; } print ""; if (ereg("[amo]", $setconstr)) { print "\n"; } else { print "\n"; } } if (ereg("[amo]", $setconstr)) { if (ereg("[f]", $selet)) { print "\n". "". "". "". "". "". "". "". ""; } print "
DNS NameTypeMappingTTL/Pref 
$type"; if ($type=="CNAME" || $type=="MX" || $type=="NS") { print ""; if (ereg("[amo]", $setconstr)) print "\n"; else print "\n"; } if ($type=="A" || $type=="MX" || $type=="NS") { if (ereg("[a]", $setconstr)) { print "". "\n"; } else if (isset($cipaddr)) { print "\n"; } for ($k = 0; $k<$rrsets[$i][dnsipaddr][count]; $k++) { print ""; $ipaddr = $rrsets[$i][dnsipaddr][$k]; if (ereg("[amo]", $setconstr)) print "\n"; else print "\n"; } if (ereg("[amo]", $setconstr)) { print "\n"; } } print "
CName:
$cname
Canonical IP:
Canonical IP:$cipaddr
Modify IP:
$ipaddr
Add IP:
TTL: "; if ($type=="MX") print "
Pref: "; print "
TTL: $ttl"; if ($type=="MX") print "
Pref: $preference"; print "
 

\n"; print ""; // 'Delete' form $onclick = "if(confirm('Do you really want to remove zone: $zonename0 and all its resource records?'))"; if (ereg("[f]", $selet)) { $onclick .= "{ parent.frames.menu.location='$ZONEEDIT?call=dnslist&selet=$selet&wait=1';". "parent.frames.main.location='$ZONEEDIT?call=removezone&zonedn=$zonedn&selet=$selet'; }"; } else { $onclick .= "{ parent.window.location='$ZONEEDIT?call=removezone&zonedn=$zonedn'; }"; } if (ereg("[am]", $setconstr)) { print "\n"; } // form for reset/refresh button if (ereg("[f]", $selet)) { print "". "". "". ""; } else { print "". "". ""; } print "". "
\n"; } function new_zone($new_zonename = "") { global $HTTP_GET_VARS, $ZONE_SOA, $ZONEEDIT, $BASEDN; if (isset($HTTP_GET_VARS[selet])) $selet = $HTTP_GET_VARS[selet]; $zonedata = $ZONE_SOA; $zonedata[dnsserial] = new_serial(); $onsubmit = "{ parent.frames.menu.location='$ZONEEDIT?call=dnslist&selet=$selet&wait=1'; }"; print "

Add new DNS zone

"; print "
". "". "". "\n". "\n"; print_zone_soa($zonedata, check_constraint()); print "
New Zonename: ". "". "
". "". "". "". "
\n". "
"; } function add_zone() { global $ldap, $HTTP_POST_VARS, $BASEDN, $ZONE_SOA, $ZONE_ENTRY, $ZONE_INFO; $zonedata = array(); foreach ($ZONE_INFO as $za) { if (strlen($HTTP_POST_VARS[$za])>0) { $zonedata[$za] = $HTTP_POST_VARS[$za]; } } $zonedata["cn"] = $zonedata["dnszonename"]; $zonedata["objectclass"] = "dnszone"; $zonedn = "cn=$zonedata[cn],$BASEDN"; ldap_add($ldap, $zonedn, $zonedata) or die("Failed to add zonedn: $zonedn"); foreach ($ZONE_ENTRY as $ze) { $dnch = "cn=$ze[cn],$zonedn"; ldap_add($ldap, $dnch, $ze) or die("Failed to add rrset dn: $dnch"); } return $zonedn; } function remove_zone($zonedn) { global $ldap; $query = ldap_list($ldap, $zonedn, "(objectclass=DNSrrset)"); $entries = ldap_get_entries($ldap, $query); ldap_free_result($query); for ($i = 0; $i<$entries[count]; $i++) { ldap_delete($ldap, $entries[$i][dn]) or die("Failed to delete dn: $entries[$i][dn]"); } ldap_delete($ldap, $zonedn) or die("Failed to delete dn: $zonedn"); return 1; } function new_serial($zonedn = 0) { global $ldap; $newserial = date("Ymd")."00"; if ($zonedn) { $query = ldap_read($ldap, $zonedn, "(objectclass=DNSzone)"); $entries = ldap_get_entries($ldap, $query); $oldserial = $entries[0][dnsserial][0]; } return ($newserial>$oldserial) ? $newserial : $oldserial+1; } function add_rrset($zonedn) { global $ldap, $binddn, $HTTP_POST_VARS, $DEFAULT_TTL, $DEFAULT_PREFERENCE; if (!isset($HTTP_POST_VARS[dnsdomainname])) die("No domainname specified"); if (strlen($HTTP_POST_VARS[dnsdomainname])>0) $entry[dnsdomainname] = $HTTP_POST_VARS[dnsdomainname]; if (!isset($HTTP_POST_VARS[dnstype])) die("No type specified"); $entry[dnstype] = $HTTP_POST_VARS[dnstype]; $entry[dnsclass] = "IN"; // INternet is hardcoded $entry[dnsttl] = $DEFAULT_TTL; // $entry[owner] = $binddn; if ($entry[dnstype]=="MX" || $entry[dnstype]=="NS") { for ($i = 1;; $i++) { $setcn = "$entry[dnstype]$i:$entry[dnsdomainname]"; $query = ldap_list($ldap, $zonedn, "(&(objectclass=dnsrrset)(cn=$setcn))"); $rrset = ldap_get_entries($ldap, $query); ldap_free_result($query); if ($rrset[count]==0) break; } if ($entry[dnstype]=="MX") $entry[dnspreference] = $DEFAULT_PREFERENCE; } else { $setcn = "$entry[dnstype]:$entry[dnsdomainname]"; $query = ldap_list($ldap, $zonedn, "(&(objectclass=dnsrrset)(cn=$setcn))"); $rrset = ldap_get_entries($ldap, $query); ldap_free_result($query); if ($rrset[count]>0) { error_confirm("$entry[dnsdomainname] has already been added to this zone"); return; } } $entry[objectclass] = "dnsrrset"; $entry[cn] = $setcn; $setdn = "cn=$setcn,$zonedn"; ldap_add($ldap, $setdn, $entry) or die("Faild to add DNSrrset $setdn to DNSzone $zonedn"); } function modify_rrset($zonedn, $setdn) { global $ldap, $HTTP_POST_VARS; $zonename = get_zone_name($zonedn); $entry = array(); if (isset($HTTP_POST_VARS[dnscname])) { if ($HTTP_POST_VARS[dnscname]=="") { $entry[dnscname] = array(); } elseif (ereg("\.$", $HTTP_POST_VARS[dnscname])) { if (checkdnsrr($HTTP_POST_VARS[dnscname], "A")) { $entry[dnscname] = $HTTP_POST_VARS[dnscname]; } else { error_confirm("Error: $HTTP_POST_VARS[dnscname] does not resolve to a valid IP-address"); return; } } elseif (isset($HTTP_POST_VARS[dnsipaddr0]) || isset($HTTP_POST_VARS[dnscipaddr])) { // records with their own address settings are not checked against DNS $entry[dnscname] = $HTTP_POST_VARS[dnscname]; } else { if (!checkdnsrr("$HTTP_POST_VARS[dnscname].$zonename", "A")) { print "

Warning: $HTTP_POST_VARS[dnscname].$zonename". " does not resolve to a valid IP-address

\n"; } $entry[dnscname] = $HTTP_POST_VARS[dnscname]; } } if (isset($HTTP_POST_VARS[dnscipaddr])) { if (ereg("^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$", $HTTP_POST_VARS[dnscipaddr], $reg)) { $regip = "$reg[1].$reg[2].$reg[3].$reg[4]"; if (check_unique_cipaddr($setdn, $regip)) $entry[dnscipaddr] = $regip; else return; } elseif ($HTTP_POST_VARS[dnscipaddr]=="") { $entry[dnscipaddr] = array(); } else { error_confirm("$HTTP_POST_VARS[dnscipaddr] is not a valid IP-address"); return; } } if (isset($HTTP_POST_VARS[dnsttl])) { if (ereg("([0-9]+)", $HTTP_POST_VARS[dnsttl], $reg)) { $entry[dnsttl] = $reg[1]; } else { error_confirm("$HTTP_POST_VARS[dnsttl] is not a valid Time To Live"); return; } } if (isset($HTTP_POST_VARS[dnspreference])) { if (ereg("([0-9]+)", $HTTP_POST_VARS[dnspreference], $reg)) { $entry[dnspreference] = $reg[1]; } else { error_confirm("$HTTP_POST_VARS[dnspreference] is not a valid MX-prefrence"); return; } } $entry[dnsipaddr] = array(); for ($i = 0; isset($HTTP_POST_VARS["dnsipaddr$i"]); $i++) { $ipaddr = $HTTP_POST_VARS["dnsipaddr$i"]; if (ereg("^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$", $ipaddr, $reg)) { array_push($entry[dnsipaddr], "$reg[1].$reg[2].$reg[3].$reg[4]"); } elseif ($ipaddr!="") { error_confirm("$ipaddr is not a valid IP-address"); return; } } ldap_modify($ldap, $setdn, $entry) or die("Faild to modify DNSrrest $setdn in DNSzone $zonedn"); ldap_mod_replace($ldap, $zonedn, array("dnsserial"=>new_serial($zonedn))); } function delete_rrset($zonedn, $setdn) { global $ldap; ldap_delete($ldap, $setdn) or die("Failed to delete $setdn from LDAP");; ldap_mod_replace($ldap, $zonedn, array("dnsserial"=>new_serial($zonedn))); } function check_unique_cipaddr($setdn, $cipaddr) { global $ldap, $BASEDN; $query = ldap_search($ldap, $BASEDN, "(&(objectclass=dnsrrset)(dnscipaddr=$cipaddr))"); $entries = ldap_get_entries($ldap, $query); ldap_free_result($query); for ($i = 0; $i<$entries[count]; $i++) { $dn = $entries[$i][dn]; if ($dn!=$setdn) { error_confirm("Canonical IP-address $cipaddr is already used by $dn"); return 0; } } return 1; } function print_whois($zonename) { global $WHOISSERVERS; return; // weil unser FW-Gschaftler den Port 43 von innen nach aussen zugedreht hat if (ereg("\.([a-zA-Z]+)$", $zonename, $regex)) { $whoissrv = $WHOISSERVERS["$regex[1]"]; if (isset($whoissrv)) { $whoisrecord = system("whois -h $whoissrv $zonename"); print "

Whois-record for zone $zonename

\n". "as serverd by $whoissrv
\n". "". "
$whoisrecord
\n"; } else { print "

No WHOIS-Server found for \"$regex[1]\"

\n"; } } } ?>