diff options
author | jim-p <jimp@pfsense.org> | 2017-07-13 12:37:36 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2017-07-13 12:37:36 -0400 |
commit | 4541f84d12c86775022b0e49d527d6f4f9a6911f (patch) | |
tree | 590905ffd0d21e88ada4743818a80489f629cea7 /src/etc/inc | |
parent | 4e4cac0dd53afcf26aa2b523dc16916730d92133 (diff) | |
download | pfsense-4541f84d12c86775022b0e49d527d6f4f9a6911f.zip pfsense-4541f84d12c86775022b0e49d527d6f4f9a6911f.tar.gz |
Restructure how unbound zone data is written to fix processing of "redirect" zone entries. Fixes #7690
Also corrects some other misc issues for formatting of zone data.
While here, add an option, not exposed in the GUI, for users to get the previous behavior of defining short names for hosts.
Diffstat (limited to 'src/etc/inc')
-rw-r--r-- | src/etc/inc/system.inc | 55 | ||||
-rw-r--r-- | src/etc/inc/unbound.inc | 85 |
2 files changed, 102 insertions, 38 deletions
diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc index ed93d0f..b6b1444 100644 --- a/src/etc/inc/system.inc +++ b/src/etc/inc/system.inc @@ -298,13 +298,15 @@ function system_hosts_local_entries() { $hosts = array(); $hosts[] = array( 'ipaddr' => '127.0.0.1', - 'fqdn' => 'localhost', - 'name' => 'localhost.' . $syscfg['domain'] + 'fqdn' => 'localhost.' . $syscfg['domain'], + 'name' => 'localhost', + 'domain' => $syscfg['domain'] ); $hosts[] = array( 'ipaddr' => '::1', - 'fqdn' => 'localhost', - 'name' => 'localhost.' . $syscfg['domain'] + 'fqdn' => 'localhost.' . $syscfg['domain'], + 'name' => 'localhost', + 'domain' => $syscfg['domain'] ); if ($config['interfaces']['lan']) { @@ -323,7 +325,9 @@ function system_hosts_local_entries() { if (is_ipaddrv4($cfgip)) { $hosts[] = array( 'ipaddr' => $cfgip, - 'fqdn' => $local_fqdn + 'fqdn' => $local_fqdn, + 'name' => $syscfg['hostname'], + 'domain' => $syscfg['domain'] ); $hosts_if_found = true; } @@ -332,7 +336,9 @@ function system_hosts_local_entries() { if (is_ipaddrv6($cfgipv6)) { $hosts[] = array( 'ipaddr' => $cfgipv6, - 'fqdn' => $local_fqdn + 'fqdn' => $local_fqdn, + 'name' => $syscfg['hostname'], + 'domain' => $syscfg['domain'] ); $hosts_if_found = true; } @@ -364,7 +370,9 @@ function system_hosts_override_entries($dnscfg) { $hosts[] = array( 'ipaddr' => $host['ip'], - 'fqdn' => $fqdn + 'fqdn' => $fqdn, + 'name' => $host['host'], + 'domain' => $host['domain'] ); if (!is_array($host['aliases']) || @@ -381,7 +389,9 @@ function system_hosts_override_entries($dnscfg) { $hosts[] = array( 'ipaddr' => $host['ip'], - 'fqdn' => $fqdn + 'fqdn' => $fqdn, + 'name' => $alias['host'], + 'domain' => $alias['domain'] ); } } @@ -414,17 +424,20 @@ function system_hosts_dhcpd_entries() { } $fqdn = $host['hostname'] . "."; + $domain = ""; if ($host['domain']) { - $fqdn .= $host['domain']; + $domain = $host['domain']; } elseif ($dhcpifconf['domain']) { - $fqdn .= $dhcpifconf['domain']; + $domain = $dhcpifconf['domain']; } else { - $fqdn .= $syscfg['domain']; + $domain = $syscfg['domain']; } $hosts[] = array( 'ipaddr' => $host['ipaddr'], - 'fqdn' => $fqdn + 'fqdn' => $fqdn . $domain, + 'name' => $host['hostname'], + 'domain' => $domain ); } } @@ -468,17 +481,20 @@ function system_hosts_dhcpd_entries() { } $fqdn = $host['hostname'] . "."; + $domain = ""; if ($host['domain']) { - $fqdn .= $host['domain']; - } else if ($dhcpifconf['domain']) { - $fqdn .= $dhcpifconf['domain']; + $domain = $host['domain']; + } elseif ($dhcpifconf['domain']) { + $domain = $dhcpifconf['domain']; } else { - $fqdn .= $syscfg['domain']; + $domain = $syscfg['domain']; } $hosts[] = array( 'ipaddr' => $ipaddrv6, - 'fqdn' => $fqdn + 'fqdn' => $fqdn . $domain, + 'name' => $host['hostname'], + 'domain' => $domain ); } } @@ -532,10 +548,11 @@ function system_hosts_generate() { $hosts_array = system_hosts_entries($dnsmasqcfg); foreach ($hosts_array as $host) { - $hosts .= "{$host['ipaddr']}\t{$host['fqdn']}"; + $hosts .= "{$host['ipaddr']}\t"; if (!empty($host['name'])) { - $hosts .= " {$host['name']}"; + $hosts .= "{$host['name']} "; } + $hosts .= "{$host['fqdn']}"; $hosts .= "\n"; } unset($hosts_array); diff --git a/src/etc/inc/unbound.inc b/src/etc/inc/unbound.inc index e8adc89..c541c87 100644 --- a/src/etc/inc/unbound.inc +++ b/src/etc/inc/unbound.inc @@ -536,23 +536,13 @@ function unbound_add_domain_overrides($pvt_rev="", $cfgsubdir = "") { } } -function unbound_add_host_entries($cfgsubdir = "") { - global $config, $g; - - // Check if auto add host entries is not set - if (!isset($config['unbound']['disable_auto_added_host_entries'])) { - // Make sure the config setting is a valid unbound local zone type. If not use "transparent". - if (array_key_exists($config['unbound']['system_domain_local_zone_type'], unbound_local_zone_types())) { - $system_domain_local_zone_type = $config['unbound']['system_domain_local_zone_type']; - } else { - $system_domain_local_zone_type = "transparent"; - } - - $unbound_entries = "local-zone: \"{$config['system']['domain']}\" {$system_domain_local_zone_type}\n"; +function unbound_generate_zone_data($domain, $hosts, &$added_ptr, $zone_type = "transparent", $write_domiain_zone_declaration = false, $always_add_short_names = false) { + global $config; + if ($write_domiain_zone_declaration) { + $zone_data = "local-zone: \"{$domain}.\" {$zone_type}\n"; + } else { + $zone_data = ""; } - - $hosts = system_hosts_entries($config['unbound']); - $added_ptr = array(); foreach ($hosts as $host) { if (is_ipaddrv4($host['ipaddr'])) { $type = 'A'; @@ -561,12 +551,69 @@ function unbound_add_host_entries($cfgsubdir = "") { } else { continue; } - if (!$added_ptr[$host['ipaddr']]) { - $unbound_entries .= "local-data-ptr: \"{$host['ipaddr']} {$host['fqdn']}\"\n"; + $zone_data .= "local-data-ptr: \"{$host['ipaddr']} {$host['fqdn']}\"\n"; $added_ptr[$host['ipaddr']] = true; } - $unbound_entries .= "local-data: \"{$host['fqdn']} {$type} {$host['ipaddr']}\"\n"; + /* For the system localhost entry, write an entry for just the hostname. */ + if ((($host['name'] == "localhost") && ($domain == $config['system']['domain'])) || $always_add_short_names) { + $zone_data .= "local-data: \"{$host['name']}. {$type} {$host['ipaddr']}\"\n"; + } + /* Redirect zones must have a zone declaration that matches the + * local-data record exactly, it cannot have entries "under" the + * domain. + */ + if ($zone_type == "redirect") { + $zone_data .= "local-zone: \"{$host['fqdn']}.\" {$zone_type}\n";; + } + $zone_data .= "local-data: \"{$host['fqdn']}. {$type} {$host['ipaddr']}\"\n"; + } + return $zone_data; +} + +function unbound_add_host_entries($cfgsubdir = "") { + global $config, $g; + + $hosts = system_hosts_entries($config['unbound']); + + /* Pass 1: Build domain list and hosts inside domains */ + $hosts_by_domain = array(); + foreach ($hosts as $host) { + if (!array_key_exists($host['domain'], $hosts_by_domain)) { + $hosts_by_domain[$host['domain']] = array(); + } + $hosts_by_domain[$host['domain']][] = $host; + } + + $added_ptr = array(); + /* Build local zone data */ + // Check if auto add host entries is not set + $system_domain_local_zone_type = "transparent"; + if (!isset($config['unbound']['disable_auto_added_host_entries'])) { + // Make sure the config setting is a valid unbound local zone type. If not use "transparent". + if (array_key_exists($config['unbound']['system_domain_local_zone_type'], unbound_local_zone_types())) { + $system_domain_local_zone_type = $config['unbound']['system_domain_local_zone_type']; + } + } + /* Add entries for the system domain before all others */ + if (array_key_exists($config['system']['domain'], $hosts_by_domain)) { + $unbound_entries .= unbound_generate_zone_data($config['system']['domain'], + $hosts_by_domain[$config['system']['domain']], + $added_ptr, + $system_domain_local_zone_type, + true); + /* Unset this so it isn't processed again by the loop below. */ + unset($hosts_by_domain[$config['system']['domain']]); + } + + /* Build zone data for other domain */ + foreach ($hosts_by_domain as $domain => $hosts) { + $unbound_entries .= unbound_generate_zone_data($domain, + $hosts, + $added_ptr, + "transparent", + false, + isset($config['unbound']['always_add_short_names'])); } // Write out entries |