From 5af557f630aedc419ddbb85e944142ad085cfa5b Mon Sep 17 00:00:00 2001
From: Miraty <miraty+git@antopie.org>
Date: Thu, 27 Apr 2023 03:24:34 +0200
Subject: [PATCH] Better return code checking, --force for zone-purge

---
 fn/ns.php               | 4 +++-
 pg-act/ht/add-onion.php | 4 +++-
 pg-act/ns/zone-add.php  | 4 +++-
 pg-act/reg/transfer.php | 4 +++-
 4 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/fn/ns.php b/fn/ns.php
index 4dbea0f..eeb7547 100644
--- a/fn/ns.php
+++ b/fn/ns.php
@@ -66,7 +66,9 @@ function nsDeleteZone($zone) {
 		output(500, 'Failed to remove Knot zone file.');
 
 	// Remove Knot related data
-	exec(CONF['dns']['knotc_path'] . ' zone-purge ' . $zone);
+	exec(CONF['dns']['knotc_path'] . ' --force zone-purge ' . $zone, result_code: $code);
+	if ($code !== 0)
+		output(500, 'Failed to purge zone data.');
 
 	// Remove from database
 	query('delete', 'zones', [
diff --git a/pg-act/ht/add-onion.php b/pg-act/ht/add-onion.php
index 3b62e86..86ff98e 100644
--- a/pg-act/ht/add-onion.php
+++ b/pg-act/ht/add-onion.php
@@ -22,7 +22,9 @@ if ($code !== 0)
 usleep(10000);
 
 // Get the hostname generated by Tor
-$onion = exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['cat_path'] . ' ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['id'] . '/' . $_POST['dir'] . '/hostname');
+$onion = exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['cat_path'] . ' ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['id'] . '/' . $_POST['dir'] . '/hostname', result_code: $code);
+if ($code !== 0)
+	output(500, 'Unable to read hostname file.');
 if (preg_match('/^[0-9a-z]{56}\.onion$/D', $onion) !== 1)
 	output(500, 'No onion address found.');
 
diff --git a/pg-act/ns/zone-add.php b/pg-act/ns/zone-add.php
index 3c0f503..e711d34 100644
--- a/pg-act/ns/zone-add.php
+++ b/pg-act/ns/zone-add.php
@@ -5,7 +5,9 @@ $_POST['domain'] = formatAbsoluteDomain($_POST['domain']);
 if (query('select', 'zones', ['zone' => $_POST['domain']], 'zone') !== [])
 	output(403, _('This zone already exists on the service.'));
 
-exec(CONF['dns']['kdig_path'] . ' ' . ltrim(strstr($_POST['domain'], '.'), '.') . ' NS +short' . (CONF['ns']['local_only_check'] ? (' @' . CONF['reg']['address']) : ''), $parentAuthoritatives);
+exec(CONF['dns']['kdig_path'] . ' ' . ltrim(strstr($_POST['domain'], '.'), '.') . ' NS +short' . (CONF['ns']['local_only_check'] ? (' @' . CONF['reg']['address']) : ''), $parentAuthoritatives, $code);
+if ($code !== 0)
+	output(500, 'Unable to query parent name servers.');
 if ($parentAuthoritatives === [])
 	output(403, _('Parent zone\'s name servers not found.'));
 foreach ($parentAuthoritatives as $parentAuthoritative)
diff --git a/pg-act/reg/transfer.php b/pg-act/reg/transfer.php
index ab90167..8af8fa5 100644
--- a/pg-act/reg/transfer.php
+++ b/pg-act/reg/transfer.php
@@ -11,7 +11,9 @@ $domain = formatAbsoluteDomain($_POST['subdomain'] . '.' . $_POST['suffix']);
 if (query('select', 'registry', ['username' => $_SESSION['id'], 'domain' => $domain], 'domain') !== [])
 	output(403, _('The current account already owns this domain.'));
 
-exec(CONF['dns']['kdig_path'] . ' ' . $domain . ' NS @' . CONF['reg']['address'] . ' +noidn', $results);
+exec(CONF['dns']['kdig_path'] . ' ' . $domain . ' NS @' . CONF['reg']['address'] . ' +noidn', $results, $code);
+if ($code !== 0)
+	output(500, 'Unable to query registry\'s name servers.');
 if (preg_match('/^' . preg_quote($domain, '/') . '[\t ]+[0-9]{1,8}[\t ]+IN[\t ]+NS[\t ]+(?<salt>[0-9a-f]{8})-(?<hash>[0-9a-f]{32})\._transfer-verification\.' . preg_quote(SERVER_NAME, '/') . '\.$/Dm', implode(LF, $results), $matches) !== 1)
 	output(403, _('NS authentication record not found.'));