Project

General

Profile

Download (3.71 KB) Statistics
| Branch: | Tag: | Revision:
90197e7b Marc Dequènes (Duck)
#--
# CyborgHood, a distributed system management software.
364e4a96 Marc Dequènes (Duck)
# Copyright (c) 2009-2011 Marc Dequènes (Duck) <Duck@DuckCorp.org>
90197e7b Marc Dequènes (Duck)
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#++


module CyborgHood
module MapMakerLand
class Zone
def initialize(config, dns, dnssec, zone_editor, name)
@config = config
@dns = dns
@dnssec = dnssec
@zone_editor = zone_editor
@name = name

@dns_zone = @dns.get_zone(@name)
@dns_zone_file = @dns.get_zone_file(@name)
@dnssec_zone = @dnssec.get_zone(@name)
end

def exists?
not @dns_zone.nil? and not @dns_zone_file.nil?
end

def info
i = {}
i.merge!(@dns_zone.info) unless @dns_zone.nil?
i.merge!(@dns_zone_file.info) unless @dns_zone_file.nil?
i.merge!(@dnssec_zone.info) unless @dnssec_zone.nil?
i
end

def content
@dns_zone_file.content
end

def content=(c)
@dns_zone_file.content = c

unless @dns_zone_file.changed?
raise CyberError.new(:unrecoverable, "zone", "zone did not change")
end

report = @dns_zone_file.check
unless report[:ok]
raise CyberError.new(:unrecoverable, "zone", "zone content is buggy: " + report[:errors].join(", "))
end

zone_signed = @dns_zone.signed?

# DNSSEC tools automatically increase serial
unless zone_signed
unless @dns_zone_file.parsed_content.serial > @dns_zone.serial
raise CyberError.new(:unrecoverable, "zone", "zone content serial is not superior to current serial")
end
end

@dns_zone_file.create_backup
@dns_zone_file.save
begin
if zone_signed
@dnssec_zone.resign
else
@dns_zone_file.activate
end
rescue
@dns_zone_file.import_from_backup
@dns_zone_file.save
raise CyberError.new(:unrecoverable, "zone", "zone activation failed, replacing old content")
end
end

def alter(recipe)
# TODO: use a ZoneEditor to handle the recipe and save the result
# TODO: put as many things in common with content=()
# TODO: auto-increase the serial if not already done in the recipe and the zone is not signed
end

def check
report = {
:errors => [],
:warnings => []
}

if @dns_zone.signed?
if @dns_zone_file.filename != @dnssec_zone.input_file
report[:errors] << _("DNS and DNSSEC original zone files do not match")
end
if @dns_zone_file.filename_signed != @dnssec_zone.output_file
report[:errors] << _("DNS and DNSSEC signed zone files do not match")
end
end

zone_file_serial = @dns_zone.signed? ? @dns_zone_file.parsed_signed_content.serial :
@dns_zone_file.parsed_content.serial
if zone_file_serial != @dns_zone.serial
report[:warnings] << _("The zone serial does not match the one in the zone file")
end

# TODO: more checks

report
end
end
end # MapMakerLand
end