[feladat @ 270]
Added validation for SRV records. Closes #45. Updated validation for TXT records to allow for DKIM. Closes #49. Renamed is_valid_mx_or_ns_target function to more generic name is_valid_non_alias_target.
--- a/docs/i18n-template-php.pot Thu May 15 19:02:53 2008 +0000
+++ b/docs/i18n-template-php.pot Thu May 15 21:50:20 2008 +0000
@@ -874,3 +874,20 @@
#: index.php:213
msgid "After you have removed the directory, you can login to <a href=\"index.php\">Poweradmin</a> with username \"admin\" and password \"admin\". You are highly encouraged to change these as soon as you are logged in."
msgstr ""
+
+msgid "Invalid value for name field of SRV record."
+msgstr ""
+
+msgid "Invalid value for the weight field of the SRV record."
+msgstr ""
+
+msgid "Invalid value for the port field of the SRV record."
+msgstr ""
+
+msgid "Invalid SRV target."
+msgstr ""
+
+msgid "Invalid characters have been used in this record."
+msgstr ""
+
+
--- a/inc/dns.inc.php Thu May 15 19:02:53 2008 +0000
+++ b/inc/dns.inc.php Thu May 15 21:50:20 2008 +0000
@@ -35,47 +35,60 @@
case "A":
if (!is_valid_ipv4($content)) return false;
+ if (!is_valid_hostname_fqdn($name,1)) return false;
break;
case "AAAA":
if (!is_valid_ipv6($content)) return false;
+ if (!is_valid_hostname_fqdn($name,1)) return false;
break;
case "CNAME":
if (!is_valid_rr_cname_name($name)) return false;
+ if (!is_valid_hostname_fqdn($name,1)) return false;
if (!is_valid_hostname_fqdn($content,0)) return false;
break;
case "HINFO":
if (!is_valid_rr_hinfo_content($content)) return false;
+ if (!is_valid_hostname_fqdn($name,1)) return false;
break;
case "MX":
if (!is_valid_hostname_fqdn($content,0)) return false;
- if (!is_valid_mx_or_ns_target($content)) return false;
+ if (!is_valid_hostname_fqdn($name,1)) return false;
+ if (!is_valid_non_alias_target($content)) return false;
break;
case "NS":
if (!is_valid_hostname_fqdn($content,0)) return false;
- if (!is_valid_mx_or_ns_target($content)) return false;
+ if (!is_valid_hostname_fqdn($name,1)) return false;
+ if (!is_valid_non_alias_target($content)) return false;
break;
case "PTR":
if (!is_valid_hostname_fqdn($content,0)) return false;
+ if (!is_valid_hostname_fqdn($name,1)) return false;
break;
case "SOA":
if (!is_valid_rr_soa_name($name,$zone)) return false;
+ if (!is_valid_hostname_fqdn($name,1)) return false;
if (!is_valid_rr_soa_content($content)) return false;
break;
+
+ case "SRV":
+ if (!is_valid_rr_srv_name($name)) return false;
+ if (!is_valid_rr_srv_content($content)) return false;
+ break;
case "TXT":
- if (!is_valid_rr_txt_content($content)) return false;
+ if (!is_valid_printable($name)) return false;
+ if (!is_valid_printable($content)) return false;
break;
case "MBOXFW":
case "NAPTR":
- case "SRV":
case "URL":
// These types are supported by PowerDNS, but there is not
// yet code for validation. Validation needs to be added
@@ -87,7 +100,6 @@
return false;
}
- if (!is_valid_hostname_fqdn($name,1)) return false;
if (!is_valid_rr_prio($prio,$type)) return false;
if (!is_valid_rr_ttl($ttl)) return false;
@@ -208,6 +220,11 @@
return true;
}
+function is_valid_printable($string) {
+ if (!ereg('^[[:print:]]+$', trim($string))) { error(ERR_DNS_PRINTABLE); return false; }
+ return true;
+}
+
function is_valid_rr_cname_name($name) {
global $db;
@@ -226,30 +243,19 @@
return true;
}
-function is_valid_mx_or_ns_target($content) {
+function is_valid_non_alias_target($target) {
global $db;
$query = "SELECT type, name
FROM records
- WHERE name = " . $db->quote($content) . "
+ WHERE name = " . $db->quote($target) . "
AND TYPE = 'CNAME'";
$response = $db->query($query);
if (PEAR::isError($response)) { error($response->getMessage()); return false; };
-
if ($response->numRows() > 0) {
error(ERR_DNS_MX_NS_TO_CNAME); return false;
}
-
- return true;
-}
-
-function is_valid_rr_txt_content($content) {
-
- if (!preg_match("/^([^\s]{1,1000}|\"([^\"]{1,998}\"))$/i", $content)) {
- error(ERR_DNS_TXT_INV_CONTENT); return false;
- }
-
return true;
}
@@ -334,8 +340,7 @@
}
function is_valid_rr_prio(&$prio, $type) {
-
- if ($type == "MX" ) {
+ if ($type == "MX" || $type == "SRV" ) {
if (!is_numeric($prio) || $prio < 0 || $prio > 65535 ) {
error(ERR_DNS_INV_PRIO); return false;
}
@@ -346,6 +351,24 @@
return true;
}
+function is_valid_rr_srv_name($name){
+ $fields = explode('.', $name, 3);
+ if (!preg_match('/^_[a-z0-9]+$/i', $fields[0])) { error(ERR_DNS_SRV_NAME) ; return false; }
+ if (!preg_match('/^_[a-z0-9]+$/i', $fields[1])) { error(ERR_DNS_SRV_NAME) ; return false; }
+ if (!is_valid_hostname_fqdn($fields[2],0)) { error(ERR_DNS_SRV_NAME) ; return false ; }
+ return true ;
+}
+
+function is_valid_rr_srv_content($content) {
+ $fields = preg_split("/\s+/", trim($content), 3);
+ if (!is_numeric($fields[0]) || $fields[0] < 0 || $fields[0] > 65535) { error(ERR_DNS_SRV_WGHT) ; return false; }
+ if (!is_numeric($fields[1]) || $fields[1] < 0 || $fields[1] > 65535) { error(ERR_DNS_SRV_PORT) ; return false; }
+ if ($fields[2] == "" || ($fields[2] != "." && !is_valid_hostname_fqdn($fields[2],0))) {
+ error(ERR_DNS_SRV_TRGT) ; return false;
+ }
+ return true;
+}
+
function is_valid_rr_ttl(&$ttl) {
if (!isset($ttl) || $ttl == "" ) {
--- a/inc/error.inc.php Thu May 15 19:02:53 2008 +0000
+++ b/inc/error.inc.php Thu May 15 21:50:20 2008 +0000
@@ -91,6 +91,11 @@
define("ERR_DNS_INV_TLD", _('You are using an invalid top level domain.'));
define("ERR_DNS_INV_TTL", _('Invalid value for TTL field. It should be numeric.'));
define("ERR_DNS_INV_PRIO", _('Invalid value for prio field. It should be numeric.'));
+define("ERR_DNS_SRV_NAME", _('Invalid value for name field of SRV record.'));
+define("ERR_DNS_SRV_WGHT", _('Invalid value for the priority field of the SRV record.'));
+define("ERR_DNS_SRV_PORT", _('Invalid value for the weight field of the SRV record.'));
+define("ERR_DNS_SRV_TRGT", _('Invalid SRV target.'));
+define("ERR_DNS_PRINTABLE", _('Invalid characters have been used in this record.'));
/* GOOD! */
define("SUC_ZONE_ADD", _('Zone has been added successfully.'));
--- a/inc/toolkit.inc.php Thu May 15 19:02:53 2008 +0000
+++ b/inc/toolkit.inc.php Thu May 15 21:50:20 2008 +0000
@@ -88,8 +88,8 @@
// If fancy records is enabled, extend this field.
if($dns_fancy) {
- $rtypes[10] = 'URL';
- $rtypes[11] = 'MBOXFW';
+ $rtypes[12] = 'URL';
+ $rtypes[13] = 'MBOXFW';
}
// $template - array of records that will be applied when adding a new zone file
Binary file locale/nl_NL/LC_MESSAGES/messages.mo has changed
--- a/locale/nl_NL/LC_MESSAGES/nl.po Thu May 15 19:02:53 2008 +0000
+++ b/locale/nl_NL/LC_MESSAGES/nl.po Thu May 15 21:50:20 2008 +0000
@@ -936,3 +936,22 @@
#: index.php:213
msgid "After you have removed the directory, you can login to <a href=\"index.php\">Poweradmin</a> with username \"admin\" and password \"admin\". You are highly encouraged to change these as soon as you are logged in."
msgstr "Nadat u de directory hebt verwijderd kunt u op <a href=\"index.php\">Poweradmin</a> inloggen met gebruikersnaam \"admin\" en het wachtwoord \"admin\". U wordt zeer aangeraden deze direct te wijzigen."
+
+
+msgid "Invalid value for name field of SRV record."
+msgstr "U heeft een ongeldige waarde voor het name veld van het SRV record opgegeven."
+
+msgid "Invalid value for the weight field of the SRV record."
+msgstr "U heeft een ongeldige waarde voor het weight veld van het SRV record opgegeven."
+
+msgid "Invalid value for the port field of the SRV record."
+msgstr "U heeft een ongeldige waarde voor het port veld van het SRV record opgegeven."
+
+msgid "Invalid SRV target."
+msgstr "Ongeldig SRV target."
+
+msgid "Invalid characters have been used in this record."
+msgstr "U heeft ongeldige characters gebruikt in het record."
+
+
+