|
#--
|
|
# CyborgHood, a distributed system management software.
|
|
# Copyright (c) 2009-2011 Marc Dequènes (Duck) <Duck@DuckCorp.org>
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
#++
|
|
|
|
|
|
module CyborgHood
|
|
module MapMakerLand
|
|
class Zone
|
|
def initialize(config, dns, dnssec, zone_editor, name)
|
|
@config = config
|
|
@dns = dns
|
|
@dnssec = dnssec
|
|
@zone_editor = zone_editor
|
|
@name = name
|
|
|
|
@dns_zone = @dns.get_zone(@name)
|
|
@dns_zone_file = @dns.get_zone_file(@name)
|
|
@dnssec_zone = @dnssec.get_zone(@name)
|
|
end
|
|
|
|
def exists?
|
|
not @dns_zone.nil? and not @dns_zone_file.nil?
|
|
end
|
|
|
|
def info
|
|
i = {}
|
|
i.merge!(@dns_zone.info) unless @dns_zone.nil?
|
|
i.merge!(@dns_zone_file.info) unless @dns_zone_file.nil?
|
|
i.merge!(@dnssec_zone.info) unless @dnssec_zone.nil?
|
|
i
|
|
end
|
|
|
|
def content
|
|
@dns_zone_file.content
|
|
end
|
|
|
|
def content=(c)
|
|
@dns_zone_file.content = c
|
|
|
|
unless @dns_zone_file.changed?
|
|
raise CyberError.new(:unrecoverable, "zone", "zone did not change")
|
|
end
|
|
|
|
report = @dns_zone_file.check
|
|
unless report[:ok]
|
|
raise CyberError.new(:unrecoverable, "zone", "zone content is buggy: " + report[:errors].join(", "))
|
|
end
|
|
|
|
zone_signed = @dns_zone.signed?
|
|
|
|
# DNSSEC tools automatically increase serial
|
|
unless zone_signed
|
|
unless @dns_zone_file.parsed_content.serial > @dns_zone.serial
|
|
raise CyberError.new(:unrecoverable, "zone", "zone content serial is not superior to current serial")
|
|
end
|
|
end
|
|
|
|
@dns_zone_file.create_backup
|
|
@dns_zone_file.save
|
|
begin
|
|
if zone_signed
|
|
@dnssec_zone.resign
|
|
else
|
|
@dns_zone_file.activate
|
|
end
|
|
rescue
|
|
@dns_zone_file.import_from_backup
|
|
@dns_zone_file.save
|
|
raise CyberError.new(:unrecoverable, "zone", "zone activation failed, replacing old content")
|
|
end
|
|
end
|
|
|
|
def alter(recipe)
|
|
# TODO: use a ZoneEditor to handle the recipe and save the result
|
|
# TODO: put as many things in common with content=()
|
|
# TODO: auto-increase the serial if not already done in the recipe and the zone is not signed
|
|
end
|
|
|
|
def check
|
|
report = {
|
|
:errors => [],
|
|
:warnings => []
|
|
}
|
|
|
|
if @dns_zone.signed?
|
|
if @dns_zone_file.filename != @dnssec_zone.input_file
|
|
report[:errors] << _("DNS and DNSSEC original zone files do not match")
|
|
end
|
|
if @dns_zone_file.filename_signed != @dnssec_zone.output_file
|
|
report[:errors] << _("DNS and DNSSEC signed zone files do not match")
|
|
end
|
|
end
|
|
|
|
zone_file_serial = @dns_zone.signed? ? @dns_zone_file.parsed_signed_content.serial :
|
|
@dns_zone_file.parsed_content.serial
|
|
if zone_file_serial != @dns_zone.serial
|
|
report[:warnings] << _("The zone serial does not match the one in the zone file")
|
|
end
|
|
|
|
# TODO: more checks
|
|
|
|
report
|
|
end
|
|
end
|
|
end # MapMakerLand
|
|
end
|