From cd082e8719f82a5712a50650937bf902b2be109b Mon Sep 17 00:00:00 2001 From: Miraty Date: Wed, 25 May 2022 01:16:41 +0200 Subject: [PATCH] knotc error handling using knotcExec() --- common/html.php | 8 +++++-- common/init.php | 3 +-- config.ini | 6 +++-- dns.php | 16 ++++++++++++++ ns.php | 23 +++----------------- public/ns/caa.php | 12 +++++++--- public/ns/dnssec.php | 18 +++++---------- public/ns/index.php | 6 ++--- public/ns/ip.php | 9 +++++--- public/ns/loc.php | 52 -------------------------------------------- public/ns/mx.php | 11 +++++++--- public/ns/ns.php | 10 ++++++--- public/ns/srv.php | 13 ++++++++--- public/ns/sshfp.php | 12 +++++++--- public/ns/tlsa.php | 15 +++++++++---- public/ns/txt.php | 10 ++++++--- public/ns/zone.php | 16 +++++++------- public/reg/ds.php | 27 +++++++++++++---------- public/reg/glue.php | 21 ++++++++++-------- public/reg/ns.php | 25 +++++++-------------- 20 files changed, 148 insertions(+), 165 deletions(-) delete mode 100644 public/ns/loc.php diff --git a/common/html.php b/common/html.php index c14d8bf..fa08cf2 100644 --- a/common/html.php +++ b/common/html.php @@ -101,7 +101,7 @@ if (isset($page['title'])) // Protect against cross-site request forgery if a POST request is received if (empty($_POST) === false AND (isset($_SERVER['HTTP_SEC_FETCH_SITE']) !== true OR $_SERVER['HTTP_SEC_FETCH_SITE'] !== "same-origin")) - userError("Anti-CSRF verification failed ! (Wrong or unset Sec-Fetch-Site HTTP header)"); + userError("Anti-CSRF verification failed ! (Wrong or unset Sec-Fetch-Site HTTP header)"); function closeHTML() { ?> @@ -118,5 +118,9 @@ function closeHTML() { + + exit(); +} + +?> diff --git a/common/init.php b/common/init.php index 00485f7..411a62d 100644 --- a/common/init.php +++ b/common/init.php @@ -19,12 +19,11 @@ function userError($msg) { http_response_code(403); echo "

Erreur utilisataire : " . $msg . "

"; closeHTML(); - exit(); } function serverError($msg) { http_response_code(500); + error_log("Niver internal error: " . strip_tags($msg)); echo "

Server error: The server encountered an error: " . $msg . "

"; closeHTML(); - exit(); } diff --git a/config.ini b/config.ini index 28c2531..4e90629 100644 --- a/config.ini +++ b/config.ini @@ -9,13 +9,15 @@ ipv6_example = "2001:db8::3" ; From RFC5737: IPv4 Address Blocks Reserved for Documentation ipv4_example = "203.0.113.42" -[reg] +[dns] knotc_path = "/usr/sbin/knotc" + +[reg] registry = niver.test. +ttl = 86400 subdomain_regex = "^[a-z0-9]{4,63}$" [ns] -knotc_path = "/usr/sbin/knotc" knot_zones_path = "/srv/ns" [ht] diff --git a/dns.php b/dns.php index 4cfe171..15a4c4a 100644 --- a/dns.php +++ b/dns.php @@ -1,5 +1,21 @@ knotc failed with exit code " . $code['begin'] . ": " . $output['begin'][0] . "."); + + exec(CONF['dns']['knotc_path'] . " zone-" . $action . "set " . $suffix . " " . implode(" ", $cmd), $output['op'], $code['op']); + if ($code['op'] !== 0) + serverError("knotc failed with exit code " . $code['op'] . ": " . $output['op'][0] . "."); + + exec(CONF['dns']['knotc_path'] . " zone-commit " . $suffix, $output['commit'], $code['commit']); + if ($code['commit'] !== 0) + serverError("knotc failed with exit code " . $code['commit'] . ": " . $output['commit'][0] . "."); +} + function checkIpFormat($ip) { if (!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE)) userError("IP address is on the private range."); diff --git a/ns.php b/ns.php index f807390..a7860d8 100644 --- a/ns.php +++ b/ns.php @@ -10,8 +10,6 @@ function nsCommonRequirements() { } function nsParseCommonRequirements() { - $values['action'] = checkAction($_POST['action']); - nsCheckZonePossession($_POST['zone']); if (($_POST['subdomain'] === "") OR ($_POST['subdomain'] === "@")) @@ -35,24 +33,9 @@ function nsListUserZones($username) { $op = $db->prepare('SELECT zone FROM zones WHERE username = ?'); $op->execute($usernameArray); - $data = $op->fetch(); - if (isset($data['zone'])) - $zone = $data['zone']; - else - $zone = NULL; - - $i = 0; - $zones = NULL; - - while ($zone != NULL) { - $zones[$i] = $zone; - $i++; - $data = $op->fetch(); - if (isset($data['zone'])) - $zone = $data['zone']; - else - $zone = NULL; - } + $zones = array(); + foreach ($op->fetchAll() as $zone) + array_push($zones, $zone['zone']); return $zones; } diff --git a/public/ns/caa.php b/public/ns/caa.php index 043b2cf..48c23b9 100644 --- a/public/ns/caa.php +++ b/public/ns/caa.php @@ -39,9 +39,15 @@ if (nsCommonRequirements() if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value']))) userError("Wrong value for value."); - exec(CONF['ns']['knotc_path'] . " zone-begin " . $_POST['zone']); - exec(CONF['ns']['knotc_path'] . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN CAA " . $_POST['flag'] . " " . $_POST['tag'] . " " . $_POST['value']); - exec(CONF['ns']['knotc_path'] . " zone-commit " . $_POST['zone']); + knotcExec($_POST['zone'], array( + $values['domain'], + $values['ttl'], + "CAA", + $_POST['flag'], + $_POST['tag'], + $_POST['value'] + )); + echo "Enregistrement ajouté"; } diff --git a/public/ns/dnssec.php b/public/ns/dnssec.php index 2d363bc..27ce8ef 100644 --- a/public/ns/dnssec.php +++ b/public/ns/dnssec.php @@ -5,19 +5,11 @@ Afin d'activer DNSSEC, vous devez indiquer un enregistrement DS à la zone paren

diff --git a/public/ns/index.php b/public/ns/index.php index 5bfc1f8..5e318b9 100644 --- a/public/ns/index.php +++ b/public/ns/index.php @@ -42,12 +42,12 @@
Indiquer les empreintes de clés SSH d'un domaine
-
NOT DONE : Enregistrement LOC
+ +