Changes for new dnsutil

dnssec* files were changed to allow poweradmin work with new dnsutil. You need to have single pdns.conf in /etc/powerdns/ because poweradmin dont know "include" statement in config file. This is ugly workaround to obtain full functionality at pdns 4.0.0. Everything seems to work around dnssec keys: - signing - unsigning - create additional keys (CSK) - delete keys - activate/deactivate keys - list keys Not working or maybe bad behaviour: - adding key add only CSK (even if you select ZSK, KSK) - there should be more then one active key for zone
Lennie · Jul 19, 2016 · 98ecbb5 · 98ecbb5
1 parent 3f35a56
commit 98ecbb5
Show file tree

Hide file tree

Showing 7 changed files with 239 additions and 17 deletions.
diff --git a/dnssec.php b/dnssec.php
@@ -34,6 +34,8 @@
 include_once("inc/header.inc.php");
 
 global $pdnssec_use;
+global $perm_meta_edit;
+global $perm_view;
 
 $zone_id = "-1";
 if (isset($_GET['id']) && v_num($_GET['id'])) {

diff --git a/dnssec_add_key.php b/dnssec_add_key.php
@@ -55,7 +55,7 @@
 if (isset($_POST['key_type'])) {
     $key_type = $_POST['key_type'];
 
-    if ($key_type != 'ksk' && $key_type != 'zsk') {
+    if ($key_type != 'ksk' && $key_type != 'zsk' && $key_type != 'csk') {
         error(ERR_INV_INPUT);
         include_once("inc/footer.inc.php");
         exit;
@@ -104,6 +104,7 @@
 echo "        <td class=\"n\">\n";
 echo "         <select name=\"key_type\">\n";
 echo "          <option value=\"\"></option>\n";
+echo "		<option value=\"csk\">CSK</option>\n";
 echo "          <option value=\"ksk\">KSK</option>\n";
 echo "          <option value=\"zsk\">ZSK</option>\n";
 echo "         </select>\n";
@@ -146,5 +147,6 @@
 echo "       </tr>\n";
 echo "      </table>\n";
 echo "     </form>\n";
+echo "<br/><a href='dnssec.php?id=" . $zone_id . "'>Back to DNSSEC " . $domain_name . "</a>";
 
 include_once("inc/footer.inc.php");
diff --git a/dnssec_delete_key.php b/dnssec_delete_key.php
@@ -89,10 +89,10 @@
         echo "      " . _('Active') . ": " . ($key_info[5] ? _('Yes') : _('No')) . "\n";
         echo "     <p>" . _('Are you sure?') . "</p>\n";
         echo "     <input type=\"button\" class=\"button\" OnClick=\"location.href='dnssec_delete_key.php?id=" . $zone_id . "&amp;key_id=$key_id&amp;confirm=1'\" value=\"" . _('Yes') . "\">\n";
-        echo "     <input type=\"button\" class=\"button\" OnClick=\"location.href='index.php'\" value=\"" . _('No') . "\">\n";
+        echo "     <input type=\"button\" class=\"button\" OnClick=\"location.href='dnssec.php?id=" . $zone_id . "'\" value=\"" . _('No') . "\">\n";
     } else {
         error(ERR_PDNSSEC_DEL_ZONE_KEY);
     }
 }
-
+echo "<br/><a href='dnssec.php?id=" . $zone_id . "'>Back to DNSSEC " . $domain_name . "</a>";
 include_once("inc/footer.inc.php");
diff --git a/dnssec_ds_dnskey.php b/dnssec_ds_dnskey.php
@@ -34,6 +34,8 @@
 include_once("inc/header.inc.php");
 
 global $pdnssec_use;
+global $perm_view;
+global $perm_meta_edit;
 
 $zone_id = "-1";
 if (isset($_GET['id']) && v_num($_GET['id'])) {
@@ -79,9 +81,12 @@
 echo "   <h2>" . _('DNSSEC public records for zone') . " \"" . get_zone_name_from_id($zone_id) . "\"</h2>\n";
 
 echo "   <h3>" . _('DNSKEY') . "</h3>\n";
-$dnskey_record = dnssec_get_dnskey_record($domain_name);
-echo $dnskey_record."<br>\n";
-
+$dnskey_records = dnssec_get_dnskey_record($domain_name);
+echo "<pre>\n";
+foreach ($dnskey_records as $record) {
+    echo $record."<br/>";
+}
+echo "</pre>\n";
 echo "<br>";
 
 echo "   <h3>" . _('DS record') . "</h3>\n";
@@ -91,5 +96,6 @@
 }
 
 echo "<br>";
+echo "<br/><a href='dnssec.php?id=" . $zone_id . "'>Back to DNSSEC " . $domain_name . "</a>";
 
 include_once("inc/footer.inc.php");
diff --git a/inc/dnssec.inc.php b/inc/dnssec.inc.php
@@ -285,11 +285,20 @@ function dnssec_get_ds_records($domain_name) {
     }
 
     $ds_records = array();
+    $oldid = $id = 0;
     foreach ($output as $line) {
         if (substr($line, 0, 2) == 'DS') {
+	    $oldid = $id;
             $items = explode(' ', $line);
+
             $ds_line = join(" ", array_slice($items, 2));
-            $ds_records[] = $ds_line;
+	    $id = $items[5];
+            if ($oldid != $id and $oldid !=0) {
+		$ds_records[] = "<br/>".$ds_line;
+	    }
+	    else {
+		$ds_records[] = $ds_line;
+	    }
         }
     }
 
@@ -450,14 +459,15 @@ function dnssec_get_dnskey_record($domain_name) {
     }
 
     $dns_key = '';
+    $dns_keys = array();
     foreach ($output as $line) {
-        if (substr($line, 0, 3) == 'KSK') {
+        if (substr($line, 0, 3) == 'CSK' or substr($line, 0, 3) == 'ZSK' or substr($line, 0, 3) == 'KSK' or substr($line, 0, 3) == 'ID ' ) {
             $items = explode(' ', $line);
             $dns_key = join(" ", array_slice($items, 3));
+	    $dns_keys[] = $dns_key; 
         }
     }
-
-    return $dns_key;
+    return $dns_keys;
 }
 
 /** Activate zone key
@@ -523,9 +533,22 @@ function dnssec_get_keys($domain_name) {
     $keys = array();
     foreach ($output as $line) {
         if (substr($line, 0, 2) == 'ID') {
-            $items = explode(' ', $line);
-            $bits_array = explode("\t", $items[12]);
-            $keys[] = array($items[2], substr($items[3], 1, -2), substr($items[6], 0, -1), substr($items[9], 0, -1), $bits_array[0], $items[13]);
+	    $items[0] = explode(' ', (explode('ID = ', $line)[1]))[0];
+	    $items[1] = substr(explode(' ', (explode('ID = ', $line)[1]))[1], 1, -2);
+	    $items[2] = substr(explode(' ', (explode('flags = ', $line)[1]))[0], 0, -1);
+	    $items[3] = substr(explode(' ', (explode('tag = ', $line)[1]))[0], 0, -1);
+	    $items[4] = substr(explode(' ', (explode('algo = ', $line)[1]))[0], 0, -1);
+	    $items[5] = preg_replace('/[^0-9]/', '', explode(' ', (explode('bits = ', $line)[1]))[0]);
+	    if (strpos($line, 'Active') !== false) {
+		$items[6] = 1;
+	    } else {
+		$items[6] = 0;
+	    }
+//		print "<pre>";
+//		print "$line<br/>";
+//		print_r ($items);
+//		print "</pre>";
+            $keys[] = array($items[0], $items[1], $items[3], $items[4], $items[5], $items[6]);
         }
     }
 
@@ -538,11 +561,12 @@ function dnssec_get_keys($domain_name) {
  * @param string $key_type Key type
  * @param string $bits Bits in length
  * @param string $algorithm Algorithm
- *
+1*
  * @return boolean true on success, false on failure
  */
+//pdnsutil add-zone-key egaro.cz zsk 1048 inactive rsasha256
 function dnssec_add_zone_key($domain_name, $key_type, $bits, $algorithm) {
-    $call_result = dnssec_call_pdnssec('add-zone-key', join(" ", array($domain_name, $key_type, $bits, $algorithm)));
+    $call_result = dnssec_call_pdnssec('add-zone-key', join(" ", array($domain_name, $key_type, $bits, "inactive", $algorithm)));
     $return_code = $call_result[1];
 
     if ($return_code != 0) {

diff --git a/style/punk.css b/style/punk.css
@@ -39,7 +39,7 @@ h1 {
 
 h1, .menu {
 	margin: 10px auto;
-	width: 980px;
+	width: 90%;
 }
 
 h2, h3 {
@@ -48,7 +48,7 @@ h2, h3 {
 
 .content, .footer {
 	margin: 10px auto;
-	width: 940px;
+	width: 90%;
 }
 
 /*NAVIGATION*/

diff --git a/style/punk_edit.css b/style/punk_edit.css
@@ -0,0 +1,188 @@
+/*
+ * Author: Tim Herman
+ * Website: http://www.punk.be
+ * Comments: Based on the normalize.css design. The best I could do without touching the php files. Temp solution untill an MVC model is applied
+
+/* RESET */
+@import url("../style/normalize.css");
+
+/* BEGIN ACTUAL STYLESHEET */
+body {
+	background: #F7F7F7;
+}
+
+* {
+	color: #333333;
+}
+
+p, div, table tr, table tr td, table tr th, strong, li, b, input, textarea {
+	font-size: 0.9em;
+}
+
+/*HEADERS*/
+h1 {
+	font-size: 2.375em;
+	color: #69A619;
+	text-transform: lowercase;
+	text-shadow: 1px 1px 0 #304d08;
+	text-decoration: none;
+}
+
+h1, .menu {
+	margin: 10px auto;
+	width: 90%;
+}
+
+h2, h3 {
+	font-size: 1.17em;
+}
+
+.content, .footer {
+	margin: 10px auto;
+	width: 90%;
+}
+
+/*NAVIGATION*/
+.menu {
+}
+
+/*CONTENT*/
+.content {
+	padding: 20px 20px;
+	border: 1px solid #ccc;
+	background: #fff;
+}
+
+table {
+    border-collapse: collapse;
+}
+
+table tr th {
+	text-align: left;
+	padding-right: 10px;
+	font-weight: bold;
+}
+
+table tr td {
+	padding: 3px;
+}
+
+.success, .error {
+	padding: 10px;
+	font-weight: bold;
+}
+
+
+.success {
+	border: 1px solid green;
+	color: green;
+}
+
+.error {
+	border: 1px solid red;
+	color: red;
+}
+
+.footer {
+	font-size: 0.6em;
+}
+
+/*CUSTOM*/
+.button, .sbutton {
+	display: inline-block;
+	text-transform: uppercase;
+	letter-spacing: 2px;
+	font-size: 12px;
+	padding: 7px 15px;
+	margin-top: 10px;
+	border-radius: 5px;
+	-moz-border-radius: 5px;
+	-webkit-border-radius: 5px;
+	border: 1px solid rgba(0,0,0,0.3);
+	border-bottom-width: 3px;
+	background-color: #699DB6;
+	border-color: rgba(0,0,0,0.3);
+	text-shadow: 0 1px 0 rgba(0,0,0,0.5);
+	color: #FFF;
+}
+
+.button:hover, .sbutton:hover {
+		background-color: #4F87A2;
+		border-color: rgba(0,0,0,0.5);
+	}
+
+
+a {
+        text-decoration: none;
+        /*color: #069;*/
+}
+
+a:hover {
+        text-decoration: underline;
+}
+
+.menuitem {
+        display: inline-block;
+        font-size: 12px;
+        padding: 5px 5px;
+        margin-top: 5px;
+        border-radius: 5px;
+        -moz-border-radius: 5px;
+        -webkit-border-radius: 5px;
+        border: 1px solid rgba(0,0,0,0.3);
+        border-bottom-width: 3px;
+        /*background-color: #699DB6;*/
+        border-color: rgba(0,0,0,0.3);
+        /*color: #FFF;*/
+	word-wrap: normal;
+}
+
+
+input, textarea {
+        display: inline-block;
+        letter-spacing: 2px;
+        font-size: 12px;
+        padding: 6px 5px;
+        border-radius: 5px; 
+        -moz-border-radius: 5px;
+        -webkit-border-radius: 5px;
+        border: 1px solid rgba(0,0,0,0.3);
+        border-bottom-width: 3px;
+        border-color: rgba(0,0,0,0.3);
+        text-shadow: 0 1px 0 rgba(0,0,0,0.5);
+}
+
+select {
+        display: inline-block;
+        letter-spacing: 2px;
+        font-size: 12px;
+        padding: 5px 5px;
+        border-radius: 5px;
+        -moz-border-radius: 5px;
+        -webkit-border-radius: 5px;
+        border: 1px solid rgba(0,0,0,0.3);
+        border-bottom-width: 3px;
+        border-color: rgba(0,0,0,0.3);
+        text-shadow: 0 1px 0 rgba(0,0,0,0.5);
+}
+
+
+td.n, th {
+        font-size: 12px;
+        padding: 3px 10px;
+}
+
+form, meta { 
+   /*     display: inline-block;*/
+   /*     letter-spacing: 2px;*/
+        font-size: 12px;
+        padding: 6px 5px;
+        border-radius: 5px; 
+        -moz-border-radius: 5px;
+        -webkit-border-radius: 5px;
+        border: 1px solid rgba(0,0,0,0.3);
+        border-bottom-width: 3px;
+        border-color: rgba(0,0,0,0.3);
+       /* text-shadow: 0 1px 0 rgba(0,0,0,0.5);*/
+}
+