[git.ipfire.org] IPFire 2.x development tree branch, next, updated. 3d4b48ceb2a8f4a83666c673073939256b181cdd
This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via 3d4b48ceb2a8f4a83666c673073939256b181cdd (commit) via 9d63220bf65ac75b178166e5cb7a7399ee885d12 (commit) via ee7a9de321a2b3d23241965cd542ed047ed602fc (commit) via cd56eb6db16f01bf9e111d9fce651d323faab19b (commit) via cfcfb947c3d33bed44adc23bdc6854e4a71c8eb0 (commit) via 3c781f637532551f4833799b567e993ececfd56a (commit) via 3887d23e1dbd27f50d9851c63d3fb74573592527 (commit) via 281f18fcb9b40834cf79671b3b489390a9826af1 (commit) via 4188fbf1f0efd70cd444ddb2398d35367ddab67f (commit) via 32b9c7394ec3ccd4bcb411efe303020a3da0dec0 (commit) via 1f8fccc5bc403191c2f869d9316f5c57ec001b10 (commit) via 0d273ebb0df5ede37e8af5f61bd4eac311f4541a (commit) via a6794072490890cb369d8a00df2e72e9457d94f8 (commit) via 0423e13b7f140fbf108392ab84562c4413b47c99 (commit) via b66edc18d7954e235c08a0ea4bc82f0896f8cf59 (commit) via 51f5ed7decb9bbd081781d776d7d03a7217f0e24 (commit) via 3da4cc02e3a32b2b7567ebba2bad2b685b77c052 (commit) via 2c405584b852dc49806a7547511a88e2fd229b93 (commit) via c0845171de62064b620ad28f3c1798fdee532169 (commit) via 45e65f1dd90ffe06d2e80c0aa3c2e4f82a0cede7 (commit) via c3a951a1ae248693c97cd548041bcd2ba3193d33 (commit) from 9cf4a7f4188a5e68fc3daaf26661205ea3b69629 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 3d4b48ceb2a8f4a83666c673073939256b181cdd Merge: 3887d23 9d63220 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jul 8 16:19:31 2014 +0200
Merge branch 'ddns' into next
commit 9d63220bf65ac75b178166e5cb7a7399ee885d12 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jul 8 16:18:00 2014 +0200
core80: Update crontab for ddns
commit ee7a9de321a2b3d23241965cd542ed047ed602fc Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jul 8 16:12:27 2014 +0200
core80: ddns: Generate ddns.conf during update.
commit cd56eb6db16f01bf9e111d9fce651d323faab19b Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jul 8 16:10:46 2014 +0200
ddns.cgi: Add hook to generate ddns.conf from CLI.
commit cfcfb947c3d33bed44adc23bdc6854e4a71c8eb0 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jul 8 16:07:30 2014 +0200
ddns: Execute a forced update once a month
commit 3c781f637532551f4833799b567e993ececfd56a Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jul 8 15:41:23 2014 +0200
ddns.cgi: Add support for keys with nsupdate.
commit 3887d23e1dbd27f50d9851c63d3fb74573592527 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jul 8 11:08:00 2014 +0200
core80: Ship DNSSEC-enabled dnsmasq
http://wishlist.ipfire.org/wish/integration-of-a-dnssec-validating-dns-proxy
commit 281f18fcb9b40834cf79671b3b489390a9826af1 Merge: 9cf4a7f b66edc1 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jul 8 10:52:36 2014 +0200
Merge branch 'dnsmasq-dnssec' into next
commit 4188fbf1f0efd70cd444ddb2398d35367ddab67f Author: Stefan Schantl stefan.schantl@ipfire.org Date: Sun Jul 6 22:44:47 2014 +0200
ddns.cgi: Do not show the used hostname in parts.
commit 32b9c7394ec3ccd4bcb411efe303020a3da0dec0 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Sun Jul 6 22:11:18 2014 +0200
ddns.cgi: Drop code for wildcard support.
It seems all ddns providers removed their support for wildcards.
commit 1f8fccc5bc403191c2f869d9316f5c57ec001b10 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Sun Jul 6 21:30:23 2014 +0200
ddns.cgi: Rework to use new ddns update client.
commit 0d273ebb0df5ede37e8af5f61bd4eac311f4541a Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Jul 6 13:01:17 2014 +0200
Remove setddns.pl script.
commit a6794072490890cb369d8a00df2e72e9457d94f8 Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Jul 6 12:58:18 2014 +0200
Replace setddns.pl by new ddns tool.
commit 0423e13b7f140fbf108392ab84562c4413b47c99 Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Jul 6 12:10:20 2014 +0200
Add ddns package.
commit b66edc18d7954e235c08a0ea4bc82f0896f8cf59 Author: Michael Tremer michael.tremer@ipfire.org Date: Sat Jul 5 13:39:13 2014 +0200
Update nettle to version 3.0.
Requires some fixes in dnsmasq which can be dropped with the next release.
commit 51f5ed7decb9bbd081781d776d7d03a7217f0e24 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue May 20 11:25:12 2014 +0200
dnsmasq: Update to 2.71.
commit 3da4cc02e3a32b2b7567ebba2bad2b685b77c052 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed May 7 12:16:57 2014 +0200
dnsmasq: Update ISC dhcpd reader patch.
commit 2c405584b852dc49806a7547511a88e2fd229b93 Author: Michael Tremer michael.tremer@ipfire.org Date: Fri May 2 12:17:03 2014 +0200
bind: Update to 9.9.5.
Enable DNSSEC.
commit c0845171de62064b620ad28f3c1798fdee532169 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu May 1 20:52:52 2014 +0200
openssl: Build earlier in build process.
commit 45e65f1dd90ffe06d2e80c0aa3c2e4f82a0cede7 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Apr 28 18:26:20 2014 +0200
dnsmasq: Update to 2.70.
Adds support for DNSSEC validation, increases the cache size and adds a patch to read ISC dhcpd lease file (for IPv4).
commit c3a951a1ae248693c97cd548041bcd2ba3193d33 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Apr 28 17:13:45 2014 +0200
nettle: Add new crypto library.
-----------------------------------------------------------------------
Summary of changes: config/bind/trusted-key.key | 1 + config/cron/crontab | 10 +- config/rootfiles/common/bind | 9 +- config/rootfiles/common/ddns | 63 ++ config/rootfiles/common/nettle | 71 ++ config/rootfiles/common/stage2 | 1 - .../{oldcore/66 => core/80}/filelists/bind | 0 .../{oldcore/32 => core/80}/filelists/dnsmasq | 0 config/rootfiles/core/80/filelists/files | 2 +- config/rootfiles/core/80/filelists/nettle | 1 + config/rootfiles/core/80/update.sh | 20 + html/cgi-bin/ddns.cgi | 959 ++++++++++++--------- lfs/bind | 16 +- lfs/{fireinfo => ddns} | 14 +- lfs/dnsmasq | 29 +- lfs/{libpng => nettle} | 10 +- make.sh | 18 +- src/initscripts/init.d/dnsmasq | 23 +- src/initscripts/init.d/networking/red.up/30-ddns | 4 +- ...0-Add-support-to-read-ISC-DHCP-lease-file.patch | 365 ++++++++ src/patches/dnsmasq-2.71-support-nettle-3.0.patch | 65 ++ .../dnsmasq-2.71-use-nettle-with-minigmp.patch | 88 ++ src/scripts/setddns.pl | 862 ------------------ 23 files changed, 1314 insertions(+), 1317 deletions(-) create mode 100644 config/bind/trusted-key.key create mode 100644 config/rootfiles/common/ddns create mode 100644 config/rootfiles/common/nettle copy config/rootfiles/{oldcore/66 => core/80}/filelists/bind (100%) copy config/rootfiles/{oldcore/32 => core/80}/filelists/dnsmasq (100%) create mode 120000 config/rootfiles/core/80/filelists/nettle copy lfs/{fireinfo => ddns} (90%) copy lfs/{libpng => nettle} (94%) create mode 100644 src/patches/dnsmasq-2.70-Add-support-to-read-ISC-DHCP-lease-file.patch create mode 100644 src/patches/dnsmasq-2.71-support-nettle-3.0.patch create mode 100644 src/patches/dnsmasq-2.71-use-nettle-with-minigmp.patch delete mode 100644 src/scripts/setddns.pl
Difference in files: diff --git a/config/bind/trusted-key.key b/config/bind/trusted-key.key new file mode 100644 index 0000000..ea07836 --- /dev/null +++ b/config/bind/trusted-key.key @@ -0,0 +1 @@ +. 3600 IN DNSKEY 257 3 8 AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjFFVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoXbfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaDX6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpzW5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relSQageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulqQxA+Uk1ihz0= diff --git a/config/cron/crontab b/config/cron/crontab index 92c3a78..d78d08f 100644 --- a/config/cron/crontab +++ b/config/cron/crontab @@ -24,12 +24,10 @@ HOME=/ */5 * * * * /usr/local/bin/makegraphs >/dev/null 17 5 * * * /etc/init.d/tmpfs backup >/dev/null
-# Force update the dynamic dns registration once a week -# Force update even if IP has not changed once a month if 'minimize update' selected in GUI -# to avoid account declared as dead -*/5 * * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/setddns.pl -9 2 * * 0 [ -f "/var/ipfire/red/active" ] && /usr/local/bin/setddns.pl -f -3 2 1 * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/setddns.pl -f -m +# Update dynamic DNS records every five minutes. +# Force an update once a month +*/5 * * * * [ -f "/var/ipfire/red/active" ] && /usr/bin/ddns update-all +3 2 1 * * [ -f "/var/ipfire/red/active" ] && /usr/bin/ddns update-all --force
# Logwatch 01 0 * * * /usr/local/bin/logwatch > /var/log/logwatch/`date -I -d yesterday`; \ diff --git a/config/rootfiles/common/bind b/config/rootfiles/common/bind index df66853..303c5b8 100644 --- a/config/rootfiles/common/bind +++ b/config/rootfiles/common/bind @@ -1,8 +1,9 @@ +etc/trusted-key.key usr/bin/dig usr/bin/host usr/bin/nslookup usr/bin/nsupdate -#usr/man/man1/dig.1 -#usr/man/man1/host.1 -#usr/man/man1/nslookup.1 -#usr/man/man8/nsupdate.8 +#usr/share/man/man1/dig.1 +#usr/share/man/man1/host.1 +#usr/share/man/man1/nslookup.1 +#usr/share/man/man1/nsupdate.1 diff --git a/config/rootfiles/common/ddns b/config/rootfiles/common/ddns new file mode 100644 index 0000000..2f0bdf7 --- /dev/null +++ b/config/rootfiles/common/ddns @@ -0,0 +1,63 @@ +usr/bin/ddns +usr/lib/python2.7/site-packages/ddns +usr/lib/python2.7/site-packages/ddns/__init__.py +usr/lib/python2.7/site-packages/ddns/__init__.pyc +usr/lib/python2.7/site-packages/ddns/__init__.pyo +usr/lib/python2.7/site-packages/ddns/__version__.py +usr/lib/python2.7/site-packages/ddns/__version__.pyc +usr/lib/python2.7/site-packages/ddns/__version__.pyo +usr/lib/python2.7/site-packages/ddns/errors.py +usr/lib/python2.7/site-packages/ddns/errors.pyc +usr/lib/python2.7/site-packages/ddns/errors.pyo +usr/lib/python2.7/site-packages/ddns/i18n.py +usr/lib/python2.7/site-packages/ddns/i18n.pyc +usr/lib/python2.7/site-packages/ddns/i18n.pyo +usr/lib/python2.7/site-packages/ddns/providers.py +usr/lib/python2.7/site-packages/ddns/providers.pyc +usr/lib/python2.7/site-packages/ddns/providers.pyo +usr/lib/python2.7/site-packages/ddns/system.py +usr/lib/python2.7/site-packages/ddns/system.pyc +usr/lib/python2.7/site-packages/ddns/system.pyo +#usr/share/doc/ddns +#usr/share/doc/ddns/COPYING +#usr/share/locale/ar/LC_MESSAGES/ddns.mo +#usr/share/locale/ca/LC_MESSAGES/ddns.mo +#usr/share/locale/cs_CZ +#usr/share/locale/cs_CZ/LC_MESSAGES +#usr/share/locale/cs_CZ/LC_MESSAGES/ddns.mo +#usr/share/locale/da/LC_MESSAGES/ddns.mo +#usr/share/locale/de/LC_MESSAGES/ddns.mo +#usr/share/locale/el_GR +#usr/share/locale/el_GR/LC_MESSAGES +#usr/share/locale/el_GR/LC_MESSAGES/ddns.mo +#usr/share/locale/es/LC_MESSAGES/ddns.mo +#usr/share/locale/fa/LC_MESSAGES/ddns.mo +#usr/share/locale/fr/LC_MESSAGES/ddns.mo +#usr/share/locale/hu/LC_MESSAGES/ddns.mo +#usr/share/locale/id/LC_MESSAGES/ddns.mo +#usr/share/locale/it/LC_MESSAGES/ddns.mo +#usr/share/locale/ja/LC_MESSAGES/ddns.mo +#usr/share/locale/km_KH +#usr/share/locale/km_KH/LC_MESSAGES +#usr/share/locale/km_KH/LC_MESSAGES/ddns.mo +#usr/share/locale/nl/LC_MESSAGES/ddns.mo +#usr/share/locale/pl/LC_MESSAGES/ddns.mo +#usr/share/locale/pt_BR/LC_MESSAGES/ddns.mo +#usr/share/locale/pt_PT/LC_MESSAGES/ddns.mo +#usr/share/locale/ro_RO +#usr/share/locale/ro_RO/LC_MESSAGES +#usr/share/locale/ro_RO/LC_MESSAGES/ddns.mo +#usr/share/locale/ru/LC_MESSAGES/ddns.mo +#usr/share/locale/sq/LC_MESSAGES/ddns.mo +#usr/share/locale/sv/LC_MESSAGES/ddns.mo +#usr/share/locale/th/LC_MESSAGES/ddns.mo +#usr/share/locale/tk +#usr/share/locale/tk/LC_MESSAGES +#usr/share/locale/tk/LC_MESSAGES/ddns.mo +#usr/share/locale/tr/LC_MESSAGES/ddns.mo +#usr/share/locale/uk/LC_MESSAGES/ddns.mo +#usr/share/locale/uz@Latn +#usr/share/locale/uz@Latn/LC_MESSAGES +#usr/share/locale/uz@Latn/LC_MESSAGES/ddns.mo +#usr/share/locale/vi/LC_MESSAGES/ddns.mo +#var/ipfire/ddns/ddns.conf.sample diff --git a/config/rootfiles/common/nettle b/config/rootfiles/common/nettle new file mode 100644 index 0000000..e6e4552 --- /dev/null +++ b/config/rootfiles/common/nettle @@ -0,0 +1,71 @@ +#usr/bin/nettle-hash +#usr/bin/nettle-lfib-stream +#usr/bin/nettle-pbkdf2 +#usr/bin/pkcs1-conv +#usr/bin/sexp-conv +#usr/include/nettle +#usr/include/nettle/aes.h +#usr/include/nettle/arcfour.h +#usr/include/nettle/arctwo.h +#usr/include/nettle/asn1.h +#usr/include/nettle/base16.h +#usr/include/nettle/base64.h +#usr/include/nettle/bignum.h +#usr/include/nettle/blowfish.h +#usr/include/nettle/buffer.h +#usr/include/nettle/camellia.h +#usr/include/nettle/cast128.h +#usr/include/nettle/cbc.h +#usr/include/nettle/ccm.h +#usr/include/nettle/chacha-poly1305.h +#usr/include/nettle/chacha.h +#usr/include/nettle/ctr.h +#usr/include/nettle/des-compat.h +#usr/include/nettle/des.h +#usr/include/nettle/dsa-compat.h +#usr/include/nettle/dsa.h +#usr/include/nettle/eax.h +#usr/include/nettle/ecc-curve.h +#usr/include/nettle/ecc.h +#usr/include/nettle/ecdsa.h +#usr/include/nettle/gcm.h +#usr/include/nettle/gosthash94.h +#usr/include/nettle/hmac.h +#usr/include/nettle/knuth-lfib.h +#usr/include/nettle/macros.h +#usr/include/nettle/md2.h +#usr/include/nettle/md4.h +#usr/include/nettle/md5-compat.h +#usr/include/nettle/md5.h +#usr/include/nettle/memxor.h +#usr/include/nettle/nettle-meta.h +#usr/include/nettle/nettle-stdint.h +#usr/include/nettle/nettle-types.h +#usr/include/nettle/pbkdf2.h +#usr/include/nettle/pgp.h +#usr/include/nettle/pkcs1.h +#usr/include/nettle/poly1305.h +#usr/include/nettle/realloc.h +#usr/include/nettle/ripemd160.h +#usr/include/nettle/rsa.h +#usr/include/nettle/salsa20.h +#usr/include/nettle/serpent.h +#usr/include/nettle/sexp.h +#usr/include/nettle/sha.h +#usr/include/nettle/sha1.h +#usr/include/nettle/sha2.h +#usr/include/nettle/sha3.h +#usr/include/nettle/twofish.h +#usr/include/nettle/umac.h +#usr/include/nettle/yarrow.h +#usr/lib/libhogweed.a +#usr/lib/libhogweed.so +usr/lib/libhogweed.so.3 +usr/lib/libhogweed.so.3.0 +#usr/lib/libnettle.a +#usr/lib/libnettle.so +usr/lib/libnettle.so.5 +usr/lib/libnettle.so.5.0 +#usr/lib/pkgconfig/hogweed.pc +#usr/lib/pkgconfig/nettle.pc +#usr/share/info/nettle.info diff --git a/config/rootfiles/common/stage2 b/config/rootfiles/common/stage2 index 87649e9..085092d 100644 --- a/config/rootfiles/common/stage2 +++ b/config/rootfiles/common/stage2 @@ -90,7 +90,6 @@ usr/local/bin/rebuild-initrd usr/local/bin/run-parts #usr/local/bin/sanedloop usr/local/bin/scanhd -usr/local/bin/setddns.pl usr/local/bin/settime usr/local/bin/timecheck usr/local/bin/timezone-transition diff --git a/config/rootfiles/core/80/filelists/bind b/config/rootfiles/core/80/filelists/bind new file mode 120000 index 0000000..48a0eba --- /dev/null +++ b/config/rootfiles/core/80/filelists/bind @@ -0,0 +1 @@ +../../../common/bind \ No newline at end of file diff --git a/config/rootfiles/core/80/filelists/dnsmasq b/config/rootfiles/core/80/filelists/dnsmasq new file mode 120000 index 0000000..d469c74 --- /dev/null +++ b/config/rootfiles/core/80/filelists/dnsmasq @@ -0,0 +1 @@ +../../../common/dnsmasq \ No newline at end of file diff --git a/config/rootfiles/core/80/filelists/files b/config/rootfiles/core/80/filelists/files index 3ea7ee2..5281378 100644 --- a/config/rootfiles/core/80/filelists/files +++ b/config/rootfiles/core/80/filelists/files @@ -1,9 +1,9 @@ etc/system-release etc/issue etc/rc.d/init.d/dhcrelay +etc/rc.d/init.d/dnsmasq srv/web/ipfire/cgi-bin/ovpnmain.cgi srv/web/ipfire/cgi-bin/routing.cgi -usr/local/bin/setddns.pl usr/sbin/dhcrelay var/ipfire/general-functions.pl var/ipfire/langs diff --git a/config/rootfiles/core/80/filelists/nettle b/config/rootfiles/core/80/filelists/nettle new file mode 120000 index 0000000..f0dba7a --- /dev/null +++ b/config/rootfiles/core/80/filelists/nettle @@ -0,0 +1 @@ +../../../common/nettle \ No newline at end of file diff --git a/config/rootfiles/core/80/update.sh b/config/rootfiles/core/80/update.sh index 67f8c3a..26e0044 100644 --- a/config/rootfiles/core/80/update.sh +++ b/config/rootfiles/core/80/update.sh @@ -37,6 +37,7 @@ done extract_files
# Start services +/etc/init.d/dnsmasq restart
# Update Language cache perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang" @@ -46,6 +47,25 @@ rm -f \ /opt/pakfire/db/installed/meta-libgpg-error \ /opt/pakfire/db/rootfiles/libgpg-error
+# Generate ddns configuration file +/srv/web/ipfire/cgi-bin/ddns.cgi + +touch /var/ipfire/ddns/ddns.conf +chown nobody.nobody /var/ipfire/ddns/ddns.conf + +# Update crontab +sed -i /var/spool/cron/root.orig -e "/setddns.pl/d" + +grep -q /usr/bin/ddns /var/spool/cron/root.orig || cat <<EOF >> /var/spool/cron/root.orig + +# Update dynamic DNS records every five minutes. +# Force an update once a month +*/5 * * * * [ -f "/var/ipfire/red/active" ] && /usr/bin/ddns update-all +3 2 1 * * [ -f "/var/ipfire/red/active" ] && /usr/bin/ddns update-all --force +EOF + +fcrontab -z &>/dev/null + sync
# This update need a reboot... diff --git a/html/cgi-bin/ddns.cgi b/html/cgi-bin/ddns.cgi index 4b4bc63..51deb03 100644 --- a/html/cgi-bin/ddns.cgi +++ b/html/cgi-bin/ddns.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2011 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2014 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -29,370 +29,455 @@ require '/var/ipfire/general-functions.pl'; require "${General::swroot}/lang.pl"; require "${General::swroot}/header.pl";
+# Hook to regenerate the configuration files, if cgi got called from command line. +if ($ENV{"REMOTE_ADDR"} eq "") { + &GenerateDDNSConfigFile(); + exit(0); +} + #workaround to suppress a warning when a variable is used only once my @dummy = ( ${Header::table2colour}, ${Header::colouryellow} ); undef (@dummy);
-my $ddnsprefix = $Lang::tr{'ddns noip prefix'}; -$ddnsprefix =~ s/%/$General::noipprefix/; - my %color = (); my %mainsettings = (); &General::readhash("${General::swroot}/main/settings", %mainsettings); &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", %color);
-# Files used -my $setting = "${General::swroot}/ddns/settings"; -our $datafile = "${General::swroot}/ddns/config"; +# Config file for basic configuration. +my $settingsfile = "${General::swroot}/ddns/settings"; + +# Config file to store the configured ddns providers. +my $datafile = "${General::swroot}/ddns/config"; + +# Dynamic ddns programm call. +my @ddnsprog = ("/usr/bin/ddns", "--config", + "/var/ipfire/ddns/ddns.conf", + "update-all", "--force" );
my %settings=(); -#Settings1 +my $errormessage = ''; + +# DDNS General settings. $settings{'BEHINDROUTER'} = 'RED_IP'; -$settings{'MINIMIZEUPDATES'} = '';
-#Settings2 for editing the multi-line list -#Must not be saved ! +# Account settings. $settings{'HOSTNAME'} = ''; $settings{'DOMAIN'} = ''; $settings{'LOGIN'} = ''; $settings{'PASSWORD'} = ''; -$settings{'PASSWORD2'} = ''; $settings{'ENABLED'} = ''; $settings{'PROXY'} = ''; -$settings{'WILDCARDS'} = ''; $settings{'SERVICE'} = '';
-my @nosaved=('HOSTNAME','DOMAIN','LOGIN','PASSWORD','PASSWORD2', - 'ENABLED','PROXY','WILDCARDS','SERVICE'); # List here ALL setting2 fields. Mandatory - -$settings{'ACTION'} = ''; # add/edit/remove -$settings{'KEY1'} = ''; # point record for ACTION -$settings{'KEY2'} = ''; # point record for ACTION - -my $errormessage = ''; -my $warnmessage = ''; +$settings{'ACTION'} = '';
&Header::showhttpheaders();
#Get GUI values &Header::getcgihash(%settings);
-# Load multiline data -our @current = (); -if (open(FILE, "$datafile")) { - @current = <FILE>; - close (FILE); -} +# Read configuration file. +open(FILE, "$datafile") or die "Unable to open $datafile."; +my @current = <FILE>; +close (FILE); + +# Get supported ddns providers. +my @providers = &GetProviders();
# -# Check Settings1 first because they are needed before working on @current +# Save General Settings. # if ($settings{'ACTION'} eq $Lang::tr{'save'}) { - # No user input to check. ! - #unless ($errormessage) { # Everything is ok, save settings - $settings{'BEHINDROUTERWAITLOOP'} = '-1'; # init & will update on next setddns.pl call - map (delete ($settings{$_}) ,(@nosaved,'ACTION','KEY1','KEY2'));# Must never be saved - &General::writehash($setting, %settings); # Save good settings - $settings{'ACTION'} = $Lang::tr{'save'}; # Recreate 'ACTION' - map ($settings{$_}= '',(@nosaved,'KEY1','KEY2')); # and reinit var to empty - #} -} else { - &General::readhash($setting, %settings); # Get saved settings and reset to good if needed + + # Open /var/ipfire/ddns/settings for writing. + open(FILE, ">$settingsfile") or die "Unable to open $settingsfile."; + + # Lock file for writing. + flock FILE, 2; + + # Check if BEHINDROUTER has been configured. + if ($settings{'BEHINDROUTER'} ne '') { + print FILE "BEHINDROUTER=$settings{'BEHINDROUTER'}\n"; + } + + # Close file after writing. + close(FILE); + + # Unset given CGI parmas. + undef %settings; + + # Update ddns config file. + &GenerateDDNSConfigFile(); }
# -# Now manipulate the multi-line list with Settings2 -# # Toggle enable/disable field. Field is in second position +# if ($settings{'ACTION'} eq $Lang::tr{'toggle enable disable'}) { - #move out new line - chomp(@current[$settings{'KEY1'}]); - my @temp = split(/,/,@current[$settings{'KEY1'}]); - my $K2=$settings{'KEY2'}; - $temp[ $K2 ] = ( $temp[ $K2 ] eq 'on') ? '' : 'on'; # Toggle the field - @current[$settings{'KEY1'}] = join (',',@temp)."\n"; - $settings{'KEY1'} = ''; # End edit mode - &General::log($Lang::tr{'ddns hostname modified'}); - - # Write changes to config file. - &WriteDataFile; # sort newly added/modified entry -}
-if ($settings{'ACTION'} eq $Lang::tr{'add'}) { - # Validate inputs - - unless ($settings{'LOGIN'} ne '') { - $errormessage = $Lang::tr{'username not set'}; - } - - # list box returns 'service optional synonyms' - # keep only first name - $settings{'SERVICE'} =~ s/ .*$//; - - # for freedns.afraid.org, only 'connect string' is mandatory - if ($settings{'SERVICE'} ne 'freedns.afraid.org') { - unless ($settings{'SERVICE'} eq 'regfish.com' || $settings{'PASSWORD'} ne '') { - $errormessage = $Lang::tr{'password not set'}; - } - unless ($settings{'PASSWORD'} eq $settings{'PASSWORD2'}) { - $errormessage = $Lang::tr{'passwords do not match'}; - } - - # Permit an empty HOSTNAME for the nsupdate, regfish, dyndns, enom, ovh, zoneedit, no-ip, easydns - #and namecheap - unless ($settings{'SERVICE'} eq 'zoneedit.com' || $settings{'SERVICE'} eq 'nsupdate' || - $settings{'SERVICE'} eq 'dyndns-custom'|| $settings{'SERVICE'} eq 'regfish.com' || - $settings{'SERVICE'} eq 'enom.com' || $settings{'SERVICE'} eq 'dnspark.com' || - $settings{'SERVICE'} eq 'ovh.com' || $settings{'HOSTNAME'} ne '' || - $settings{'SERVICE'} eq 'no-ip.com' || $settings{'SERVICE'} eq 'easydns.com' || - $settings{'SERVICE'} eq 'namecheap.com' ) { - $errormessage = $Lang::tr{'hostname not set'}; - } - unless ($settings{'HOSTNAME'} eq '' || $settings{'HOSTNAME'} =~ /^[a-zA-Z_0-9-]+$/) { - $errormessage = $Lang::tr{'invalid hostname'}; - } - unless ($settings{'DOMAIN'} ne '') { - $errormessage = $Lang::tr{'domain not set'}; + # Open /var/ipfire/ddns/config for writing. + open(FILE, ">$datafile") or die "Unable to open $datafile."; + + # Lock file for writing. + flock FILE, 2; + + my @temp; + my $id = 0; + + # Read file line by line. + foreach my $line (@current) { + + # Remove newlines. + chomp($line); + + if ($settings{'ID'} eq $id) { + + # Splitt lines (splitting element is a single ",") and save values into temp array. + @temp = split(/,/,$line); + + # Check if we want to toggle ENABLED or WILDCARDS. + if ($settings{'ENABLED'} ne '') { + + # Update ENABLED. + print FILE "$temp[0],$temp[1],$temp[2],$temp[3],$temp[4],$temp[5],$temp[6],$settings{'ENABLED'}\n"; + } + } else { + + # Print unmodified line. + print FILE "$line\n"; + } + + # Increase $id. + $id++; } - unless ($settings{'DOMAIN'} =~ /^[a-zA-Z_0-9.-]+$/) { - $errormessage = $Lang::tr{'invalid domain name'}; + + # Close file after writing. + close(FILE); + + # Unset given CGI params. + undef %settings; + + # Write out logging notice. + &General::log($Lang::tr{'ddns hostname modified'}); + + # Update ddns config file. + &GenerateDDNSConfigFile(); +} + +# +# Add new accounts, or edit existing ones. +# +if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang::tr{'update'})) { + + # Check if a hostname has been given. + if ($settings{'HOSTNAME'} eq '') { + $errormessage = $Lang::tr{'hostname not set'}; } - unless ($settings{'DOMAIN'} =~ /[.]/) { - $errormessage = $Lang::tr{'invalid domain name'}; + + # Check if a valid domainname has been provided. + if (!&General::validdomainname($settings{'HOSTNAME'})) { + $errormessage = $Lang::tr{'invalid domain name'}; } - }
- # recheck service wich don't need too much fields - if ($settings{'SERVICE'} eq 'cjb.net') { - $errormessage = ''; # clear previous error - unless ($settings{'LOGIN'} ne '') { - $errormessage = $Lang::tr{'username not set'}; + # Check if a username has been sent. + if ($settings{'LOGIN'} eq '') { + $errormessage = $Lang::tr{'username not set'}; } - unless ($settings{'PASSWORD'} ne '') { - $errormessage = $Lang::tr{'password not set'}; + + # Check if a password has been typed in. + # freedns.afraid.org does not require this field. + if (($settings{'PASSWORD'} eq '') && ($settings{'SERVICE'} ne 'freedns.afraid.org')) { + $errormessage = $Lang::tr{'password not set'}; } - unless ($settings{'PASSWORD'} eq $settings{'PASSWORD2'}) { - $errormessage = $Lang::tr{'passwords do not match'}; + + # Go furter if there was no error. + if ( ! $errormessage) { + + # Splitt hostname field into 2 parts for storrage. + my($hostname, $domain) = split(/./, $settings{'HOSTNAME'}, 2); + + # Handle adding new accounts. + if ($settings{'ACTION'} eq $Lang::tr{'add'}) { + + # Open /var/ipfire/ddns/config for writing. + open(FILE, ">>$datafile") or die "Unable to open $datafile."; + + # Lock file for writing. + flock FILE, 2; + + # Add account data to the file. + print FILE "$settings{'SERVICE'},$hostname,$domain,$settings{'PROXY'},$settings{'WILDCARDS'},$settings{'LOGIN'},$settings{'PASSWORD'},$settings{'ENABLED'}\n"; + + # Close file after writing. + close(FILE); + + # Write out notice to logfile. + &General::log($Lang::tr{'ddns hostname added'}); + + # Update ddns config file. + + # Handle account edditing. + } elsif ($settings{'ACTION'} eq $Lang::tr{'update'}) { + + # Open /var/ipfire/ddns/config for writing. + open(FILE, ">$datafile") or die "Unable to open $datafile."; + + # Lock file for writing. + flock FILE, 2; + + my $id = 0; + + # Read file line by line. + foreach my $line (@current) { + + if ($settings{'ID'} eq $id) { + print FILE "$settings{'SERVICE'},$hostname,$domain,$settings{'PROXY'},$settings{'WILDCARDS'},$settings{'LOGIN'},$settings{'PASSWORD'},$settings{'ENABLED'}\n"; + } else { + print FILE "$line"; + } + + # Increase $id. + $id++; + } + + # Close file after writing. + close(FILE); + + # Write out notice to logfile. + &General::log($Lang::tr{'ddns hostname modified'}); + } + + # Unset given CGI params. + undef %settings; + + # Update ddns config file. + &GenerateDDNSConfigFile(); } - } +}
- unless ($errormessage) { - if ($settings{'KEY1'} eq '') { #add or edit ? - unshift (@current, "$settings{'SERVICE'},$settings{'HOSTNAME'},$settings{'DOMAIN'},$settings{'PROXY'},$settings{'WILDCARDS'},$settings{'LOGIN'},$settings{'PASSWORD'},$settings{'ENABLED'}\n"); - &General::log($Lang::tr{'ddns hostname added'}); - } else { - @current[$settings{'KEY1'}] = "$settings{'SERVICE'},$settings{'HOSTNAME'},$settings{'DOMAIN'},$settings{'PROXY'},$settings{'WILDCARDS'},$settings{'LOGIN'},$settings{'PASSWORD'},$settings{'ENABLED'}\n"; - $settings{'KEY1'} = ''; # End edit mode - &General::log($Lang::tr{'ddns hostname modified'}); +# +# Remove existing accounts. +# +if ($settings{'ACTION'} eq $Lang::tr{'remove'}) { + + # Open /var/ipfire/ddns/config for writing. + open(FILE, ">$datafile") or die "Unable to open $datafile."; + + # Lock file for writing. + flock FILE, 2; + + my $id = 0; + + # Read file line by line. + foreach my $line (@current) { + + # Write back every line, except the one we want to drop + # (identified by the ID) + unless ($settings{'ID'} eq $id) { + print FILE "$line"; + } + + # Increase id. + $id++; } - map ($settings{$_}='' ,@nosaved); # Clear fields - # Write changes to config file. - &WriteDataFile; # sort newly added/modified entry - } + + # Close file after writing. + close(FILE); + + # Unset given CGI params. + undef %settings; + + # Write out notice to logfile. + &General::log($Lang::tr{'ddns hostname removed'}); + + # Update ddns config file. + &GenerateDDNSConfigFile(); }
+# +# Read items for editing. +# if ($settings{'ACTION'} eq $Lang::tr{'edit'}) { - #move out new line - my $line = @current[$settings{'KEY1'}]; # KEY1 is the index in current - chomp($line); - my @temp = split(/,/, $line); - $settings{'SERVICE'} = $temp[0]; - $settings{'HOSTNAME'} = $temp[1]; - $settings{'DOMAIN'} = $temp[2]; - $settings{'PROXY'} = $temp[3]; - $settings{'WILDCARDS'} = $temp[4]; - $settings{'LOGIN'} = $temp[5]; - $settings{'PASSWORD'} = $settings{'PASSWORD2'} = $temp[6]; - $settings{'ENABLED'} = $temp[7]; -}
-if ($settings{'ACTION'} eq $Lang::tr{'remove'}) { - splice (@current,$settings{'KEY1'},1); # Delete line - open(FILE, ">$datafile") or die 'ddns datafile error'; - print FILE @current; - close(FILE); - $settings{'KEY1'} = ''; # End remove mode - &General::log($Lang::tr{'ddns hostname removed'}); - # Write changes to config file. - &WriteDataFile; + my $id = 0; + my @temp; + + # Read file line by line. + foreach my $line (@current) { + + if ($settings{'ID'} eq $id) { + + # Remove newlines. + chomp($line); + + # Splitt lines (splitting element is a single ",") and save values into temp array. + @temp = split(/,/,$line); + + $settings{'SERVICE'} = $temp[0]; + $settings{'HOSTNAME'} = "$temp[1].$temp[2]"; + $settings{'PROXY'} = $temp[3]; + $settings{'WILDCARDS'} = $temp[4]; + $settings{'LOGIN'} = $temp[5]; + $settings{'PASSWORD'} = $temp[6]; + $settings{'ENABLED'} = $temp[7]; + } + # Increase $id. + $id++; + + } }
+# +# Handle forced updates. +# if ($settings{'ACTION'} eq $Lang::tr{'instant update'}) { - system('/usr/local/bin/setddns.pl', '-f'); + system(@ddnsprog) == 0 or die "@ddnsprog failed: $?\n"; }
- -if ($settings{'ACTION'} eq '') -{ - $settings{'SERVICE'} = 'dyndns.org'; - $settings{'ENABLED'} = 'on'; +# +# Set default values. +# +if (! $settings{'ACTION'}) { + $settings{'SERVICE'} = 'dyndns.org'; + $settings{'ENABLED'} = 'on'; }
&Header::openpage($Lang::tr{'dynamic dns'}, 1, ''); &Header::openbigbox('100%', 'left', '', $errormessage);
-my %checked =(); # Checkbox manipulations -$checked{'SERVICE'}{'all-inkl.com'} = ''; -$checked{'SERVICE'}{'cjb.net'} = ''; -$checked{'SERVICE'}{'dhs.org'} = ''; -$checked{'SERVICE'}{'dnspark.com'} = ''; -$checked{'SERVICE'}{'dns.lightningwirelabs.com'} = ''; -$checked{'SERVICE'}{'dtdns.com'} = ''; -$checked{'SERVICE'}{'dyndns.org'} = ''; -$checked{'SERVICE'}{'dyndns-custom'} = ''; -$checked{'SERVICE'}{'dyndns-static'} = ''; -$checked{'SERVICE'}{'dyns.cx'} = ''; -$checked{'SERVICE'}{'dynu.ca'} = ''; -$checked{'SERVICE'}{'easydns.com'} = ''; -$checked{'SERVICE'}{'enom.com'} = ''; -$checked{'SERVICE'}{'freedns.afraid.org'} = ''; -$checked{'SERVICE'}{'hn.org'} = ''; -$checked{'SERVICE'}{'namecheap.com'} = ''; -$checked{'SERVICE'}{'no-ip.com'} = ''; -$checked{'SERVICE'}{'nsupdate'} = ''; -$checked{'SERVICE'}{'ovh.com'} = ''; -$checked{'SERVICE'}{'regfish.com'} = ''; -$checked{'SERVICE'}{'selfhost.de'} = ''; -$checked{'SERVICE'}{'spdns.org'} = ''; -$checked{'SERVICE'}{'strato.com'} = ''; -$checked{'SERVICE'}{'twodns.de'} = ''; -$checked{'SERVICE'}{'tzo.com'} = ''; -$checked{'SERVICE'}{'variomedia.de'} = ''; -$checked{'SERVICE'}{'zoneedit.com'} = ''; -$checked{'SERVICE'}{$settings{'SERVICE'}} = "selected='selected'"; +# Read file for general ddns settings. +&General::readhash($settingsfile, %settings);
+my %checked =(); $checked{'BEHINDROUTER'}{'RED_IP'} = ''; $checked{'BEHINDROUTER'}{'FETCH_IP'} = ''; $checked{'BEHINDROUTER'}{$settings{'BEHINDROUTER'}} = "checked='checked'"; -$checked{'MINIMIZEUPDATES'} = ($settings{'MINIMIZEUPDATES'} eq '' ) ? '' : "checked='checked'";
-$checked{'PROXY'}{'on'} = ($settings{'PROXY'} eq '') ? '' : "checked='checked'"; -$checked{'WILDCARDS'}{'on'} = ($settings{'WILDCARDS'} eq '') ? '' : "checked='checked'"; $checked{'ENABLED'}{'on'} = ($settings{'ENABLED'} eq '' ) ? '' : "checked='checked'";
+# Show box for errormessages.. if ($errormessage) { &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); print "<font class='base'>$errormessage </font>"; &Header::closebox(); }
-if ($warnmessage) { - $warnmessage = "<font color=${Header::colourred}><b>$Lang::tr{'capswarning'}</b></font>: $warnmessage"; -} &Header::openbox('100%', 'left', $Lang::tr{'settings'}); -print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>"; + +## +# Section for general ddns setup. print <<END +<form method='post' action='$ENV{'SCRIPT_NAME'}'> <table width='100%'> -<tr> - <td class='base'>$Lang::tr{'dyn dns source choice'}</td> -</tr><tr> - <td class='base'><input type='radio' name='BEHINDROUTER' value='RED_IP' $checked{'BEHINDROUTER'}{'RED_IP'} /> - $Lang::tr{'use ipfire red ip'}</td> -</tr><tr> - <td class='base'><input type='radio' name='BEHINDROUTER' value='FETCH_IP' $checked{'BEHINDROUTER'}{'FETCH_IP'} /> - $Lang::tr{'fetch ip from'} <img src='/blob.gif' alt='*' /></td> -</tr> -<tr> - <td class='base'><input type='checkbox' name='MINIMIZEUPDATES' $checked{'MINIMIZEUPDATES'} /> - $Lang::tr{'ddns minimize updates'}</td> -</tr> + <tr> + <td class='base'>$Lang::tr{'dyn dns source choice'}</td> + </tr> + <tr> + <td class='base'><input type='radio' name='BEHINDROUTER' value='RED_IP' $checked{'BEHINDROUTER'}{'RED_IP'} /> + $Lang::tr{'use ipfire red ip'}</td> + </tr> + <tr> + <td class='base'><input type='radio' name='BEHINDROUTER' value='FETCH_IP' $checked{'BEHINDROUTER'}{'FETCH_IP'} /> + $Lang::tr{'fetch ip from'}</td> + </tr> </table> -<br /><hr /> -END -; +<br /> +<hr />
-print <<END <table width='100%'> -<tr> - <td class='base' valign='top'><img src='/blob.gif' alt='*' /></td> - <td width='70%' class='base'>$Lang::tr{'avoid dod'}</td> - <td width='30%' align='right' valign='top' class='base'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td> -</tr> + <tr> + <td align='right' valign='top' class='base'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td> + </tr> </table> </form> END ; -&Header::closebox(); # end of Settings1
+&Header::closebox(); + +## +# Section to add or edit an existing entry.
+# Default is add. my $buttontext = $Lang::tr{'add'}; -if ($settings{'KEY1'} ne '') { - $buttontext = $Lang::tr{'update'}; - &Header::openbox('100%', 'left', $Lang::tr{'edit an existing host'}); + +# Change buttontext and headline if we edit an account. +if ($settings{'ACTION'} eq $Lang::tr{'edit'}) { + + # Rename button and print headline for updating. + $buttontext = $Lang::tr{'update'}; + &Header::openbox('100%', 'left', $Lang::tr{'edit an existing host'}); } else { - &Header::openbox('100%', 'left', $Lang::tr{'add a host'}); + + # Otherwise use default button text and show headline for adding a new account. + &Header::openbox('100%', 'left', $Lang::tr{'add a host'}); }
-#Edited line number (KEY1) passed until cleared by 'save' or 'remove' print <<END + <form method='post' action='$ENV{'SCRIPT_NAME'}'> -<input type='hidden' name='KEY1' value='$settings{'KEY1'}' /> +<input type='hidden' name='ID' value='$settings{'ID'}' /> <table width='100%'> -<tr> - <td width='25%' class='base'>$Lang::tr{'service'}:</td> - <td width='25%'><select size='1' name='SERVICE'> - <option $checked{'SERVICE'}{'all-inkl.com'}>all-inkl.com</option> - <option $checked{'SERVICE'}{'cjb.net'}>cjb.net</option> - <option $checked{'SERVICE'}{'dhs.org'}>dhs.org</option> - <option $checked{'SERVICE'}{'dnspark.com'}>dnspark.com</option> - <option $checked{'SERVICE'}{'dns.lightningwirelabs.com'}>dns.lightningwirelabs.com</option> - <option $checked{'SERVICE'}{'dtdns.com'}>dtdns.com</option> - <option $checked{'SERVICE'}{'dyndns.org'}>dyndns.org</option> - <option $checked{'SERVICE'}{'dyndns-custom'}>dyndns-custom</option> - <option $checked{'SERVICE'}{'dyndns-static'}>dyndns-static</option> - <option $checked{'SERVICE'}{'dyns.cx'}>dyns.cx</option> - <option $checked{'SERVICE'}{'dynu.ca'}>dynu.ca dyn.ee dynserv.(ca|org|net|com)</option> - <option $checked{'SERVICE'}{'easydns.com'}>easydns.com</option> - <option $checked{'SERVICE'}{'enom.com'}>enom.com</option> - <option $checked{'SERVICE'}{'freedns.afraid.org'}>freedns.afraid.org</option> - <option $checked{'SERVICE'}{'hn.org'}>hn.org</option> - <option $checked{'SERVICE'}{'namecheap.com'}>namecheap.com</option> - <option $checked{'SERVICE'}{'no-ip.com'}>no-ip.com</option> - <option $checked{'SERVICE'}{'nsupdate'}>nsupdate</option> - <option $checked{'SERVICE'}{'ovh.com'}>ovh.com</option> - <option $checked{'SERVICE'}{'regfish.com'}>regfish.com</option> - <option $checked{'SERVICE'}{'selfhost.de'}>selfhost.de</option> - <option $checked{'SERVICE'}{'spdns.org'}>spdns.org</option> - <option $checked{'SERVICE'}{'strato.com'}>strato.com</option> - <option $checked{'SERVICE'}{'twodns.de'}>twodns.de</option> -<!-- <option $checked{'SERVICE'}{'tzo.com'}>tzo.com</option> comment this service out until a working fix is developed --> - <option $checked{'SERVICE'}{'variomedia.de'}>variomedia.de</option> - <option $checked{'SERVICE'}{'zoneedit.com'}>zoneedit.com</option> - </select></td> - <td width='20%' class='base'>$Lang::tr{'hostname'}: <img src='/blob.gif' alt='*' /></td> - <td width='30%'><input type='text' name='HOSTNAME' value='$settings{'HOSTNAME'}' /></td> -</tr><tr> - <td class='base'>$Lang::tr{'behind a proxy'}</td> - <td><input type='checkbox' name='PROXY' value='on' $checked{'PROXY'}{'on'} /></td> - <td class='base'>$Lang::tr{'domain'}:</td> - <td><input type='text' name='DOMAIN' value='$settings{'DOMAIN'}' /></td> -</tr><tr> - <td class='base'>$Lang::tr{'enable wildcards'}</td> - <td><input type='checkbox' name='WILDCARDS' value='on' $checked{'WILDCARDS'}{'on'} /></td> - <td class='base'>$Lang::tr{'username'}</td> - <td><input type='text' name='LOGIN' value='$settings{'LOGIN'}' /></td> -</tr><tr> - <td></td> - <td></td> - <td class='base'>$Lang::tr{'password'}</td> - <td><input type='password' name='PASSWORD' value='$settings{'PASSWORD'}' /></td> -</tr><tr> - <td class='base'>$Lang::tr{'enabled'}</td> - <td><input type='checkbox' name='ENABLED' value='on' $checked{'ENABLED'}{'on'} /></td> - <td class='base'>$Lang::tr{'again'}</td> - <td><input type='password' name='PASSWORD2' value='$settings{'PASSWORD2'}' /></td> -</tr> + <tr> + <td width='25%' class='base'>$Lang::tr{'service'}:</td> + <td width='25%'> +END +; + # Generate dropdown menu for service selection. + print"<select size='1' name='SERVICE'>\n"; + + my $selected; + + # Loop to print the providerlist. + foreach my $provider (@providers) { + + # Check if the current provider needs to be selected. + if ($provider eq $settings{'SERVICE'}) { + $selected = 'selected'; + } else { + $selected = ""; + } + + # Print out the HTML option field. + print "<option value="$provider" $selected>$provider</option>\n"; + } + + print"</select></td>\n"; +print <<END + <td width='20%' class='base'>$Lang::tr{'hostname'}:</td> + <td width='30%'><input type='text' name='HOSTNAME' value='$settings{'HOSTNAME'}' /></td> + </tr> + + <tr> + <td class='base'></td> + <td></td> + <td class='base'>$Lang::tr{'username'}:</td> + <td><input type='text' name='LOGIN' value='$settings{'LOGIN'}' /></td> + </tr> + + <tr> + <td class='base'></td> + <td></td> + <td class='base'>$Lang::tr{'password'}</td> + <td><input type='password' name='PASSWORD' value='$settings{'PASSWORD'}' /></td> + </tr> + + <tr> + <td class='base'>$Lang::tr{'enabled'}</td> + <td><input type='checkbox' name='ENABLED' value='on' $checked{'ENABLED'}{'on'} /></td> + <td class='base'></td> + <td></td> + </tr> </table> <br> -<hr /> +<hr> + <table width='100%'> <tr> - <td class='base' valign='top'><img src='/blob.gif' alt='*' /></td> - <td width='70%' class='base'>$ddnsprefix</td> - <td width='30%' align='right' class='base'> - <input type='hidden' name='ACTION' value='$Lang::tr{'add'}' /> - <input type='submit' name='SUBMIT' value='$buttontext' /> </td> + <input type='hidden' name='ACTION' value='$buttontext'> + <input type='submit' name='SUBMIT' value='$buttontext'></td> </tr> </table> </form> @@ -400,158 +485,117 @@ END ; &Header::closebox();
-# -# Third box shows the list, in columns -# +## +# Third section, display all created ddns hosts. + &Header::openbox('100%', 'left', $Lang::tr{'current hosts'}); print <<END <table width='100%' class='tbl'> -<tr> - <th width='15%' align='center' class='boldbase'><b>$Lang::tr{'service'}</b></th> - <th width='25%' align='center' class='boldbase'><b>$Lang::tr{'hostname'}</b></th> - <th width='30%' align='center' class='boldbase'><b>$Lang::tr{'domain'}</b></th> - <th width='10%' align='center' class='boldbase'><b>$Lang::tr{'proxy'}</b></th> - <th width='10%' align='center' class='boldbase'><b>$Lang::tr{'wildcards'}</b></th> - <th width='10%' colspan='3' class='boldbase' align='center'><b>$Lang::tr{'action'}</b></th> -</tr> + <tr> + <th width='30%' align='center' class='boldbase'><b>$Lang::tr{'service'}</b></th> + <th width='50%' align='center' class='boldbase'><b>$Lang::tr{'hostname'}</b></th> + <th width='20%' colspan='3' class='boldbase' align='center'><b>$Lang::tr{'action'}</b></th> + </tr> END ; + +# Re-open file to get changes. +open(FILE, $datafile) or die "Unable to open $datafile."; +@current = <FILE>; +close(FILE); + +# Get IP address of the red interface. my $ip = &General::GetDyndnsRedIP; -my $key = 0; +my $id = 0; +my $toggle_enabled; + foreach my $line (@current) { - chomp($line); # remove newline - my @temp = split(/,/,$line); - - if ($temp[0] eq 'no-ip.com') { - $temp[1] =~ s!$General::noipprefix(.*)!<b>group:</b>$1 !; - } - - #Choose icon for checkbox - - my $gifproxy=''; - my $descproxy=''; - if ($temp[3] eq "on") { - $gifproxy = 'on.gif'; - $descproxy = $Lang::tr{'click to disable'}; - } else { - $gifproxy = 'off.gif'; - $descproxy = $Lang::tr{'click to enable'}; - } - - my $gifwildcard=''; - my $descwildcard=''; - if ($temp[4] eq "on") { - $gifwildcard = 'on.gif'; - $descwildcard = $Lang::tr{'click to disable'}; - } else { - $gifwildcard = 'off.gif'; - $descwildcard = $Lang::tr{'click to enable'}; - } - - my $sync = "<font color='blue'>"; - my $gif = ''; - my $gdesc = ''; - if ($temp[7] eq "on") { - $gif = 'on.gif'; - $gdesc = $Lang::tr{'click to disable'}; - $sync = (&General::DyndnsServiceSync ($ip,$temp[1], $temp[2]) ? "<font color='green'>": "<font color='red'>") ; - } else { - $gif = 'off.gif'; - $gdesc = $Lang::tr{'click to enable'}; - }
- my $col=""; - #Colorize each line - if ($settings{'KEY1'} eq $key) { - print "<tr>"; - $col="bgcolor='${Header::colouryellow}'"; - } elsif ($key % 2) { - print "<tr>"; - $col="bgcolor='$color{'color20'}'"; - } else { - print "<tr>"; - $col="bgcolor='$color{'color22'}'"; - } - - #if a field is empty, replace it with a '---' to see colorized info! - $temp[1] = '---' if (!$temp[1]); - $temp[2] = '---' if (!$temp[2]); - - print <<END -<td align='center' $col><a href='http://$temp[0]'>$temp[0]</a></td> -<td align='center' $col>$sync$temp[1]</td> -<td align='center' $col>$sync$temp[2]</td> - -<td align='center' $col> -<form method='post' action='$ENV{'SCRIPT_NAME'}'> -<input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' /> -<input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gifproxy' alt='$descproxy' title='$descproxy' /> -<input type='hidden' name='KEY1' value='$key' /> -<input type='hidden' name='KEY2' value='3' /> -</form> -</td> + # Remove newlines. + chomp(@current); + my @temp = split(/,/,$line);
-<td align='center' $col> -<form method='post' action='$ENV{'SCRIPT_NAME'}'> -<input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' /> -<input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gifwildcard' alt='$descwildcard' title='$descwildcard' /> -<input type='hidden' name='KEY1' value='$key' /> -<input type='hidden' name='KEY2' value='4' /> -</form> -</td> + # Generate value for enable/disable checkbox. + my $sync = "<font color='blue'>"; + my $gif = ''; + my $gdesc = '';
-<td align='center' $col> -<form method='post' action='$ENV{'SCRIPT_NAME'}'> -<input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' /> -<input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$gdesc' title='$gdesc' /> -<input type='hidden' name='KEY1' value='$key' /> -<input type='hidden' name='KEY2' value='7' /> -</form> -</td> + if ($temp[7] eq "on") { + $gif = 'on.gif'; + $gdesc = $Lang::tr{'click to disable'}; + $sync = (&General::DyndnsServiceSync ($ip,$temp[1], $temp[2]) ? "<font color='green'>": "<font color='red'>") ; + $toggle_enabled = 'off'; + } else { + $gif = 'off.gif'; + $gdesc = $Lang::tr{'click to enable'}; + $toggle_enabled = 'on'; + }
-<td align='center' $col> -<form method='post' action='$ENV{'SCRIPT_NAME'}'> -<input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' /> -<input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' /> -<input type='hidden' name='KEY1' value='$key' /> -</form> -</td> + # Background color. + my $col="";
-<td align='center' $col> -<form method='post' action='$ENV{'SCRIPT_NAME'}'> -<input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' /> -<input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' /> -<input type='hidden' name='KEY1' value='$key' /> -</form> -</td> + if ($settings{'ID'} eq $id) { + $col="bgcolor='${Header::colouryellow}'"; + } elsif (!&General::is_part_of("$temp[0]", @providers)) { + $col="bgcolor='#FF4D4D'"; + } elsif ($id % 2) { + $col="bgcolor='$color{'color20'}'"; + } else { + $col="bgcolor='$color{'color22'}'"; + } + +# The following HTML Code still is part of the loop. +print <<END +<tr> + <td align='center' $col><a href='http://$temp[0]'>$temp[0]</a></td> + <td align='center' $col>$sync$temp[1].$sync$temp[2]</td> + + <td align='center' $col><form method='post' action='$ENV{'SCRIPT_NAME'}'> + <input type='hidden' name='ID' value='$id'> + <input type='hidden' name='ENABLED' value='$toggle_enabled'> + <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' /> + <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$gdesc' title='$gdesc' /> + </form></td> + + <td align='center' $col><form method='post' action='$ENV{'SCRIPT_NAME'}'> + <input type='hidden' name='ID' value='$id'> + <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' /> + <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' /> + </form></td> + + <td align='center' $col><form method='post' action='$ENV{'SCRIPT_NAME'}'> + <input type='hidden' name='ID' value='$id'> + <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' /> + <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' /> + </form></td> </tr> END ; - $key++; + $id++; } print "</table>";
# If table contains entries, print 'Key to action icons' -if ($key) { +if ($id) { print <<END <table width='100%'> -<tr> - <td class='boldbase'> <b>$Lang::tr{'legend'}: </b></td> - <td><img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td> - <td class='base'>$Lang::tr{'click to disable'}</td> - <td> </td> - <td><img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td> - <td class='base'>$Lang::tr{'click to enable'}</td> - <td> </td> - <td><img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td> - <td class='base'>$Lang::tr{'edit'}</td> - <td> </td> - <td><img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td> - <td class='base'>$Lang::tr{'remove'}</td> - <form method='post' action='$ENV{'SCRIPT_NAME'}'> - <td align='right' width='30%'><input type='submit' name='ACTION' value='$Lang::tr{'instant update'}' /></td> - </form> -</tr> + <tr> + <td class='boldbase'> <b>$Lang::tr{'legend'}: </b></td> + <td><img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td> + <td class='base'>$Lang::tr{'click to disable'}</td> + <td> </td> + <td><img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td> + <td class='base'>$Lang::tr{'click to enable'}</td> + <td> </td> + <td><img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td> + <td class='base'>$Lang::tr{'edit'}</td> + <td> </td> + <td><img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td> + <td class='base'>$Lang::tr{'remove'}</td> + <form method='post' action='$ENV{'SCRIPT_NAME'}'> + <td align='right' width='30%'><input type='submit' name='ACTION' value='$Lang::tr{'instant update'}' /></td> + </form> + </tr> </table> END ; @@ -561,13 +605,116 @@ END &Header::closebigbox(); &Header::closepage();
-## Ouf it's the end ! +# Function to generate the required configuration file for the DDNS tool. +sub GenerateDDNSConfigFile { + # Open datafile file + open(SETTINGS, "<$datafile") or die "Could not open $datafile."; + + open(FILE, ">${General::swroot}/ddns/ddns.conf"); + + # Global configuration options. + print FILE "[config]\n"; + + # Check if we guess our IP address by an extranal server. + if ($settings{'BEHINDROUTER'} eq "FETCH_IP") { + print FILE "guess_external_ip = true\n"; + } else { + print FILE "guess_external_ip = false\n"; + } + + # Use an upstream proxy and generate proxy url. + my %proxysettings; + &General::readhash("${General::swroot}/proxy/settings", %proxysettings); + if ($proxysettings{'UPSTREAM_PROXY'}) { + my $proxy_string = "http://"; + + if ($proxysettings{'UPSTREAM_USER'} && $proxysettings{'UPSTREAM_PASSWORD'}) { + $proxy_string .= "$proxysettings{'UPSTREAM_USER'}:$proxysettings{'UPSTREAM_PASSWORD'}@"; + } + + $proxy_string .= $proxysettings{'UPSTREAM_PROXY'}; + + print FILE "proxy = $proxy_string\n"; + } + + print FILE "\n"; + + while (<SETTINGS>) { + my $line = $_; + + # Generate array based on the line content (seperator is a single or multiple space's) + my @settings = split(/,/, $line); + my ($provider, $hostname, $domain, $proxy, $wildcards, $username, $password, $enabled) = @settings; + + # Skip entries if they are not (longer) supported. + next if (!&General::is_part_of("$provider", @providers)); + + # Skip disabled entries. + next if ($enabled eq "off"); + + print FILE "[$hostname.$domain]\n"; + print FILE "provider = $provider\n"; + + my $use_token = 0; + + # Handle token based auth for various providers. + if ($provider ~~ ["dns.lightningwirelabs.com", "regfish.com"] && $username eq "token") { + $use_token = 1; + + # Handle token auth for freedns.afraid.org. + } elsif ($provider eq "freedns.afraid.org" && $password eq "") { + $use_token = 1; + $password = $username; + + # Handle keys for nsupdate + } elsif (($provider eq "nsupdate") && $username && $password) { + print FILE "key = $username\n"; + print FILE "secret = $password\n"; + + $username = ""; + $password = ""; + } + + # Write auth details. + if ($use_token) { + print FILE "token = $password\n"; + } elsif ($username && $password) { + print FILE "username = $username\n"; + print FILE "password = $password\n"; + } + + # These providers need to be set to only use IPv4. + if ($provider ~~ ["freedns.afraid.org", "variomedia.de", "zoneedit.com"]) { + print FILE "proto = ipv4\n"; + } + + print FILE "\n"; + } + + close(SETTINGS); + close(FILE); +} + +# Function which generates an array (@providers) which contains the supported providers. +sub GetProviders { + # Get supported providers. + open(PROVIDERS, "/usr/bin/ddns list-providers |"); + + # Create new array to store the providers. + my @providers = (); + + while (<PROVIDERS>) { + my $provider = $_; + + # Remove following newlines. + chomp($provider); + + # Add provider to the array. + push(@providers, $provider); + }
+ close(PROVIDERS);
-# write the "current" array -sub WriteDataFile { - #Save current - open(FILE, ">$datafile") or die 'ddns datafile error'; - print FILE @current; - close (FILE); + # Return our array. + return @providers; } diff --git a/lfs/bind b/lfs/bind index 0223358..36b2340 100644 --- a/lfs/bind +++ b/lfs/bind @@ -25,7 +25,7 @@
include Config
-VER = 9.3.2 +VER = 9.9.5
THISAPP = bind-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -33,6 +33,8 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP)
+export CPPFLAGS = -DDIG_SIGCHASE + ############################################################################### # Top-level Rules ############################################################################### @@ -41,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 55e709501a7780233c36e25ccd15ece2 +$(DL_FILE)_MD5 = e676c65cad5234617ee22f48e328c24e
install : $(TARGET)
@@ -71,7 +73,11 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && ./configure --prefix=/usr --disable-nls --disable-ipv6 + cd $(DIR_APP) && STD_CDEFINES="$(CPPFLAGS)" \ + ./configure \ + --prefix=/usr \ + --disable-static \ + --disable-openssl-version-check cd $(DIR_APP) && make -C lib/dns cd $(DIR_APP) && make -C lib/isc cd $(DIR_APP) && make -C lib/bind9 @@ -81,5 +87,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && make -C bin/dig install cd $(DIR_APP) && make -C bin/nsupdate cd $(DIR_APP) && make -C bin/nsupdate install + + install -v -m 644 $(DIR_SRC)/config/bind/trusted-key.key \ + /etc/trusted-key.key + @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/ddns b/lfs/ddns new file mode 100644 index 0000000..64e33de --- /dev/null +++ b/lfs/ddns @@ -0,0 +1,80 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2010 IPFire Team info@ipfire.org # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 001 + +THISAPP = ddns-$(VER) +DL_FILE = $(THISAPP).tar.xz +DL_FROM = http://source.ipfire.org/releases/ddns/ +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 49137d9f796d90f50df5a33981cafae1 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + + cd $(DIR_APP) && [ -x "configure" ] || sh ./autogen.sh + cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/var/ipfire + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/dnsmasq b/lfs/dnsmasq index 29fb9b3..58b0017 100644 --- a/lfs/dnsmasq +++ b/lfs/dnsmasq @@ -24,14 +24,16 @@
include Config
-VER = 2.45 +VER = 2.71
THISAPP = dnsmasq-$(VER) -DL_FILE = $(THISAPP).tar.gz +DL_FILE = $(THISAPP).tar.xz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP)
+COPTS = -DHAVE_ISC_READER + ############################################################################### # Top-level Rules ############################################################################### @@ -40,7 +42,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = b7956e15c9766e05b3eca3ce88fdb616 +$(DL_FILE)_MD5 = 9e2e4d59c75e71ee3ca817ff0f9be69e
install : $(TARGET)
@@ -69,13 +71,18 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && sed -i -e 's|/usr/local|/usr|g' Makefile - cd $(DIR_APP)/src && sed -i \ - -e 's|^/* #define HAVE_ISC_READER .*$$|#define HAVE_ISC_READER\n#define NO_IPV6|' \ - -e 's|^#define HAVE_TFTP *$$|//#define HAVE_TFTP|' \ - -e 's/^#define CHUSER .*$$/#define CHUSER "dnsmasq"/' config.h - cd $(DIR_APP) && make $(MAKETUNING) - cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-2.71-use-nettle-with-minigmp.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-2.71-support-nettle-3.0.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-2.70-Add-support-to-read-ISC-DHCP-lease-file.patch + cd $(DIR_APP) && sed -i src/config.h \ + -e 's|/* #define HAVE_IDN */|#define HAVE_IDN|g' \ + -e 's|/* #define HAVE_DNSSEC */|#define HAVE_DNSSEC|g' \ + -e 's|#define HAVE_DHCP|//#define HAVE_DHCP|g' \ + -e 's|#define HAVE_DHCP6|//#define HAVE_DHCP6|g' \ + -e 's|#define HAVE_TFTP|//#define HAVE_TFTP|g' + + cd $(DIR_APP) && make CFLAGS="$(CFLAGS)" COPTS="$(COPTS)" $(MAKETUNING) + cd $(DIR_APP) && make PREFIX=/usr install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/nettle b/lfs/nettle new file mode 100644 index 0000000..0ea42f3 --- /dev/null +++ b/lfs/nettle @@ -0,0 +1,79 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 3.0 + +THISAPP = nettle-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = f64b1bf1e774b7ae6e507318e340250e + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && ./configure \ + --prefix=/usr \ + --enable-shared + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/make.sh b/make.sh index f756033..174ef25 100755 --- a/make.sh +++ b/make.sh @@ -385,9 +385,6 @@ buildipfire() { export LOGFILE ipfiremake configroot ipfiremake backup - ipfiremake bind - ipfiremake dhcp - ipfiremake dhcpcd ipfiremake libusb ipfiremake libusbx ipfiremake libpcap @@ -459,22 +456,26 @@ buildipfire() { ;; esac ipfiremake pkg-config + ipfiremake openssl + ipfiremake openssl-compat + ipfiremake libgpg-error + ipfiremake libgcrypt + ipfiremake libassuan + ipfiremake bind + ipfiremake dhcp + ipfiremake dhcpcd ipfiremake linux-atm ipfiremake cpio ipfiremake dracut ipfiremake expat ipfiremake gdbm ipfiremake pam - ipfiremake openssl - ipfiremake openssl-compat - ipfiremake libgpg-error - ipfiremake libgcrypt - ipfiremake libassuan ipfiremake curl ipfiremake tcl ipfiremake sqlite ipfiremake python ipfiremake fireinfo + ipfiremake ddns ipfiremake libnet ipfiremake libnl ipfiremake libidn @@ -508,6 +509,7 @@ buildipfire() { ipfiremake arping ipfiremake beep ipfiremake dvdrtools + ipfiremake nettle ipfiremake dnsmasq ipfiremake dosfstools ipfiremake reiserfsprogs diff --git a/src/initscripts/init.d/dnsmasq b/src/initscripts/init.d/dnsmasq index 34eee0c..48b9d19 100644 --- a/src/initscripts/init.d/dnsmasq +++ b/src/initscripts/init.d/dnsmasq @@ -20,7 +20,20 @@ if [ -e "/etc/sysconfig/dnsmasq" ]; then . /etc/sysconfig/dnsmasq fi
+CACHE_SIZE=2500 +ENABLE_DNSSEC=1 SHOW_SRV=1 +TRUST_ANCHOR=".,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5" + +function dnssec_args() { + local cmdline="--dnssec" + + if [ -n "${TRUST_ANCHOR}" ]; then + cmdline="${cmdline} --trust-anchor=${TRUST_ANCHOR}" + fi + + echo "${cmdline}" +}
function dns_forward_args() { local file="${1}" @@ -41,7 +54,6 @@ function dns_forward_args() { echo "${cmdline}" }
- case "${1}" in start) # kill already running copy of dnsmasq... @@ -73,6 +85,15 @@ case "${1}" in # Add custom forward dns zones. ARGS="${ARGS} $(dns_forward_args /var/ipfire/dnsforward/config)"
+ # Enabled DNSSEC validation + if [ "${ENABLE_DNSSEC}" -eq 1 ]; then + ARGS="${ARGS} $(dnssec_args)" + fi + + if [ -n "${CACHE_SIZE}" ]; then + ARGS="${ARGS} --cache-size=${CACHE_SIZE}" + fi + loadproc /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases $ARGS if [ "${SHOW_SRV}" -eq 1 ] && [ "${DNS1}" != "" -o "${DNS2}" != "" ]; then diff --git a/src/initscripts/init.d/networking/red.up/30-ddns b/src/initscripts/init.d/networking/red.up/30-ddns index 66d6fdb..6eba04b 100644 --- a/src/initscripts/init.d/networking/red.up/30-ddns +++ b/src/initscripts/init.d/networking/red.up/30-ddns @@ -1,5 +1,3 @@ #!/bin/bash
-/usr/local/bin/setddns.pl -f - -exit 0 +exec /usr/bin/ddns update-all --force diff --git a/src/patches/dnsmasq-2.70-Add-support-to-read-ISC-DHCP-lease-file.patch b/src/patches/dnsmasq-2.70-Add-support-to-read-ISC-DHCP-lease-file.patch new file mode 100644 index 0000000..3194e1f --- /dev/null +++ b/src/patches/dnsmasq-2.70-Add-support-to-read-ISC-DHCP-lease-file.patch @@ -0,0 +1,365 @@ +diff --git a/Makefile b/Makefile +index 292c8bd..5e0cdbe 100644 +--- a/Makefile ++++ b/Makefile +@@ -69,7 +69,7 @@ objs = cache.o rfc1035.o util.o option.o forward.o network.o \ + dnsmasq.o dhcp.o lease.o rfc2131.o netlink.o dbus.o bpf.o \ + helper.o tftp.o log.o conntrack.o dhcp6.o rfc3315.o \ + dhcp-common.o outpacket.o radv.o slaac.o auth.o ipset.o \ +- domain.o dnssec.o blockdata.o ++ domain.o dnssec.o blockdata.o isc.o + + hdrs = dnsmasq.h config.h dhcp-protocol.h dhcp6-protocol.h \ + dns-protocol.h radv-protocol.h ip6addr.h +diff --git a/src/cache.c b/src/cache.c +index 5cec918..1f5657f 100644 +--- a/src/cache.c ++++ b/src/cache.c +@@ -17,7 +17,7 @@ + #include "dnsmasq.h" + + static struct crec *cache_head = NULL, *cache_tail = NULL, **hash_table = NULL; +-#ifdef HAVE_DHCP ++#if (defined HAVE_DHCP) || (defined HAVE_ISC_READER) + static struct crec *dhcp_spare = NULL; + #endif + static struct crec *new_chain = NULL; +@@ -222,6 +222,9 @@ static void cache_free(struct crec *crecp) + crecp->flags &= ~F_BIGNAME; + } + ++ if (crecp->flags & F_DHCP) ++ free(crecp->name.namep); ++ + #ifdef HAVE_DNSSEC + cache_blockdata_free(crecp); + #endif +@@ -1110,7 +1113,7 @@ void cache_reload(void) + total_size = read_hostsfile(ah->fname, ah->index, total_size, (struct crec **)daemon->packet, revhashsz); + } + +-#ifdef HAVE_DHCP ++#if (defined HAVE_DHCP) || (defined HAVE_ISC_READER) + struct in_addr a_record_from_hosts(char *name, time_t now) + { + struct crec *crecp = NULL; +@@ -1188,7 +1191,7 @@ void cache_add_dhcp_entry(char *host_name, int prot, + addrlen = sizeof(struct in6_addr); + } + #endif +- ++ + inet_ntop(prot, host_address, daemon->addrbuff, ADDRSTRLEN); + + while ((crec = cache_find_by_name(crec, host_name, 0, flags | F_CNAME))) +@@ -1253,7 +1256,11 @@ void cache_add_dhcp_entry(char *host_name, int prot, + else + crec->ttd = ttd; + crec->addr.addr = *host_address; ++#ifdef HAVE_ISC_READER ++ crec->name.namep = strdup(host_name); ++#else + crec->name.namep = host_name; ++#endif + crec->uid = next_uid(); + cache_hash(crec); + +diff --git a/src/dnsmasq.c b/src/dnsmasq.c +index 1c96a0e..156ac9a 100644 +--- a/src/dnsmasq.c ++++ b/src/dnsmasq.c +@@ -934,6 +934,11 @@ int main (int argc, char **argv) + + poll_resolv(0, daemon->last_resolv != 0, now); + daemon->last_resolv = now; ++ ++#ifdef HAVE_ISC_READER ++ if (daemon->lease_file && !daemon->dhcp) ++ load_dhcp(now); ++#endif + } + + if (FD_ISSET(piperead, &rset)) +diff --git a/src/dnsmasq.h b/src/dnsmasq.h +index 3032546..a40b2a9 100644 +--- a/src/dnsmasq.h ++++ b/src/dnsmasq.h +@@ -1447,3 +1447,8 @@ void slaac_add_addrs(struct dhcp_lease *lease, time_t now, int force); + time_t periodic_slaac(time_t now, struct dhcp_lease *leases); + void slaac_ping_reply(struct in6_addr *sender, unsigned char *packet, char *interface, struct dhcp_lease *leases); + #endif ++ ++/* isc.c */ ++#ifdef HAVE_ISC_READER ++void load_dhcp(time_t now); ++#endif +diff --git a/src/isc.c b/src/isc.c +new file mode 100644 +index 0000000..5106442 +--- /dev/null ++++ b/src/isc.c +@@ -0,0 +1,251 @@ ++/* dnsmasq is Copyright (c) 2014 John Volpe, Simon Kelley and ++ Michael Tremer ++ ++ This program is free software; you can redistribute it and/or modify ++ it under the terms of the GNU General Public License as published by ++ the Free Software Foundation; version 2 dated June, 1991, or ++ (at your option) version 3 dated 29 June, 2007. ++ ++ This program is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ GNU General Public License for more details. ++ ++ You should have received a copy of the GNU General Public License ++ along with this program. If not, see http://www.gnu.org/licenses/. ++ ++ Code in this file is based on contributions by John Volpe and ++ Simon Kelley. Updated for recent versions of dnsmasq by ++ Michael Tremer. ++*/ ++ ++#include "dnsmasq.h" ++ ++#ifdef HAVE_ISC_READER ++#define MAXTOK 50 ++ ++struct isc_dhcp_lease { ++ char* name; ++ char* fqdn; ++ time_t expires; ++ struct in_addr addr; ++ struct isc_dhcp_lease* next; ++}; ++ ++static struct isc_dhcp_lease* dhcp_lease_new(const char* hostname) { ++ struct isc_dhcp_lease* lease = whine_malloc(sizeof(*lease)); ++ ++ lease->name = strdup(hostname); ++ if (daemon->domain_suffix) { ++ asprintf(&lease->fqdn, "%s.%s", hostname, daemon->domain_suffix); ++ } ++ lease->expires = 0; ++ lease->next = NULL; ++ ++ return lease; ++} ++ ++static void dhcp_lease_free(struct isc_dhcp_lease* lease) { ++ if (!lease) ++ return; ++ ++ if (lease->name) ++ free(lease->name); ++ if (lease->fqdn) ++ free(lease->fqdn); ++ free(lease); ++} ++ ++static int next_token(char* token, int buffsize, FILE* fp) { ++ int c, count = 0; ++ char* cp = token; ++ ++ while ((c = getc(fp)) != EOF) { ++ if (c == '#') { ++ do { ++ c = getc(fp); ++ } while (c != '\n' && c != EOF); ++ } ++ ++ if (c == ' ' || c == '\t' || c == '\n' || c == ';') { ++ if (count) ++ break; ++ } else if ((c != '"') && (count < buffsize - 1)) { ++ *cp++ = c; ++ count++; ++ } ++ } ++ ++ *cp = 0; ++ return count ? 1 : 0; ++} ++ ++static long get_utc_offset() { ++ time_t t = time(NULL); ++ struct tm* time_struct = localtime(&t); ++ ++ return time_struct->tm_gmtoff; ++} ++ ++static time_t parse_lease_time(const char* token_date, const char* token_time) { ++ time_t time = (time_t)(-1); ++ struct tm lease_time; ++ ++ if (sscanf(token_date, "%d/%d/%d", &lease_time.tm_year, &lease_time.tm_mon, &lease_time.tm_mday) == 3) { ++ lease_time.tm_year -= 1900; ++ lease_time.tm_mon -= 1; ++ ++ if (sscanf(token_time, "%d:%d:%d", &lease_time.tm_hour, &lease_time.tm_min, &lease_time.tm_sec) == 3) { ++ time = mktime(&lease_time) + get_utc_offset(); ++ } ++ } ++ ++ return time; ++} ++ ++static struct isc_dhcp_lease* find_lease(const char* hostname, struct isc_dhcp_lease* leases) { ++ struct isc_dhcp_lease* lease = leases; ++ ++ while (lease) { ++ if (strcmp(hostname, lease->name) == 0) { ++ return lease; ++ } ++ lease = lease->next; ++ } ++ ++ return NULL; ++} ++ ++static off_t lease_file_size = (off_t)0; ++static ino_t lease_file_inode = (ino_t)0; ++ ++void load_dhcp(time_t now) { ++ struct isc_dhcp_lease* leases = NULL; ++ ++ struct stat statbuf; ++ if (stat(daemon->lease_file, &statbuf) == -1) { ++ return; ++ } ++ ++ /* Do nothing if the lease file has not changed. */ ++ if ((statbuf.st_size <= lease_file_size) && (statbuf.st_ino == lease_file_inode)) ++ return; ++ ++ lease_file_size = statbuf.st_size; ++ lease_file_inode = statbuf.st_ino; ++ ++ FILE* fp = fopen(daemon->lease_file, "r"); ++ if (!fp) { ++ my_syslog(LOG_ERR, _("failed to load %s:%s"), daemon->lease_file, strerror(errno)); ++ return; ++ } ++ ++ my_syslog(LOG_INFO, _("reading %s"), daemon->lease_file); ++ ++ char* hostname = daemon->namebuff; ++ struct in_addr host_address; ++ time_t time_starts = -1; ++ time_t time_ends = -1; ++ int nomem; ++ ++ char token[MAXTOK]; ++ while ((next_token(token, MAXTOK, fp))) { ++ if (strcmp(token, "lease") == 0) { ++ hostname[0] = '\0'; ++ ++ if (next_token(token, MAXTOK, fp) && ((host_address.s_addr = inet_addr(token)) != (in_addr_t)-1)) { ++ if (next_token(token, MAXTOK, fp) && *token == '{') { ++ while (next_token(token, MAXTOK, fp) && *token != '}') { ++ if ((strcmp(token, "client-hostname") == 0) || (strcmp(token, "hostname") == 0)) { ++ if (next_token(hostname, MAXDNAME, fp)) { ++ if (!canonicalise(hostname, &nomem)) { ++ *hostname = 0; ++ my_syslog(LOG_ERR, _("bad name in %s"), daemon->lease_file); ++ } ++ } ++ } else if ((strcmp(token, "starts") == 0) || (strcmp(token, "ends") == 0)) { ++ char token_date[MAXTOK]; ++ char token_time[MAXTOK]; ++ ++ int is_starts = strcmp(token, "starts") == 0; ++ ++ // Throw away the weekday and parse the date. ++ if (next_token(token, MAXTOK, fp) && next_token(token_date, MAXTOK, fp) && next_token(token_time, MAXTOK, fp)) { ++ time_t time = parse_lease_time(token_date, token_time); ++ ++ if (is_starts) ++ time_starts = time; ++ else ++ time_ends = time; ++ } ++ } ++ } ++ ++ if (!*hostname) ++ continue; ++ ++ if ((time_starts == -1) || (time_ends == -1)) ++ continue; ++ ++ if (difftime(now, time_ends) > 0) ++ continue; ++ ++ char* dot = strchr(hostname, '.'); ++ if (dot) { ++ if (!daemon->domain_suffix || hostname_isequal(dot + 1, daemon->domain_suffix)) { ++ my_syslog(LOG_WARNING, ++ _("Ignoring DHCP lease for %s because it has an illegal domain part"), ++ hostname); ++ continue; ++ } ++ *dot = 0; ++ } ++ ++ // Search for an existing lease in the list ++ // with the given host name and update the data ++ // if needed. ++ struct isc_dhcp_lease* lease = find_lease(hostname, leases); ++ ++ // If no lease already exists, we create a new one ++ // and append it to the list. ++ if (!lease) { ++ lease = dhcp_lease_new(hostname); ++ ++ lease->next = leases; ++ leases = lease; ++ } ++ ++ // Only update more recent leases. ++ if (lease->expires > time_ends) ++ continue; ++ ++ lease->addr = host_address; ++ lease->expires = time_ends; ++ } ++ } ++ } ++ } ++ ++ fclose(fp); ++ ++ // Drop all entries. ++ cache_unhash_dhcp(); ++ ++ while (leases) { ++ struct isc_dhcp_lease *lease = leases; ++ leases = lease->next; ++ ++ if (lease->fqdn) { ++ cache_add_dhcp_entry(lease->fqdn, AF_INET, (struct all_addr*)&lease->addr.s_addr, lease->expires); ++ } ++ ++ if (lease->name) { ++ cache_add_dhcp_entry(lease->name, AF_INET, (struct all_addr*)&lease->addr.s_addr, lease->expires); ++ } ++ ++ // Cleanup ++ dhcp_lease_free(lease); ++ } ++} ++ ++#endif +diff --git a/src/option.c b/src/option.c +index daa728f..d16c982 100644 +--- a/src/option.c ++++ b/src/option.c +@@ -1642,7 +1642,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma + ret_err(_("bad MX target")); + break; + +-#ifdef HAVE_DHCP ++#if (defined HAVE_DHCP) || (defined HAVE_ISC_READER) + case 'l': /* --dhcp-leasefile */ + daemon->lease_file = opt_string_alloc(arg); + break; diff --git a/src/patches/dnsmasq-2.71-support-nettle-3.0.patch b/src/patches/dnsmasq-2.71-support-nettle-3.0.patch new file mode 100644 index 0000000..593a7cd --- /dev/null +++ b/src/patches/dnsmasq-2.71-support-nettle-3.0.patch @@ -0,0 +1,65 @@ +From cdb755c5f16a6768c3e8b1f345fe15fc9244228d Mon Sep 17 00:00:00 2001 +From: Simon Kelley simon@thekelleys.org.uk +Date: Wed, 18 Jun 2014 20:52:53 +0100 +Subject: [PATCH] Fix FTBFS with Nettle-3.0. + +--- + CHANGELOG | 3 +++ + src/dnssec.c | 18 ++++++++++++------ + 2 files changed, 15 insertions(+), 6 deletions(-) + +diff --git a/src/dnssec.c b/src/dnssec.c +index 2ffb75d..69bfc29 100644 +--- a/src/dnssec.c ++++ b/src/dnssec.c +@@ -28,6 +28,12 @@ + #include <nettle/nettle-meta.h> + #include <nettle/bignum.h> + ++/* Nettle-3.0 moved to a new API for DSA. We use a name that's defined in the new API ++ to detect Nettle-3, and invoke the backwards compatibility mode. */ ++#ifdef dsa_params_init ++#include <nettle/dsa-compat.h> ++#endif ++ + + #define SERIAL_UNDEF -100 + #define SERIAL_EQ 0 +@@ -121,8 +127,8 @@ static int hash_init(const struct nettle_hash *hash, void **ctxp, unsigned char + return 1; + } + +-static int rsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len, +- unsigned char *digest, int algo) ++static int dnsmasq_rsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len, ++ unsigned char *digest, int algo) + { + unsigned char *p; + size_t exp_len; +@@ -173,8 +179,8 @@ static int rsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned + return 0; + } + +-static int dsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len, +- unsigned char *digest, int algo) ++static int dnsmasq_dsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len, ++ unsigned char *digest, int algo) + { + unsigned char *p; + unsigned int t; +@@ -293,10 +299,10 @@ static int verify(struct blockdata *key_data, unsigned int key_len, unsigned cha + switch (algo) + { + case 1: case 5: case 7: case 8: case 10: +- return rsa_verify(key_data, key_len, sig, sig_len, digest, algo); ++ return dnsmasq_rsa_verify(key_data, key_len, sig, sig_len, digest, algo); + + case 3: case 6: +- return dsa_verify(key_data, key_len, sig, sig_len, digest, algo); ++ return dnsmasq_dsa_verify(key_data, key_len, sig, sig_len, digest, algo); + + #ifndef NO_NETTLE_ECC + case 13: case 14: +-- +1.7.10.4 + diff --git a/src/patches/dnsmasq-2.71-use-nettle-with-minigmp.patch b/src/patches/dnsmasq-2.71-use-nettle-with-minigmp.patch new file mode 100644 index 0000000..374c9ec --- /dev/null +++ b/src/patches/dnsmasq-2.71-use-nettle-with-minigmp.patch @@ -0,0 +1,88 @@ +From 063efb330a3f341c2548e2cf1f67f83e49cd6395 Mon Sep 17 00:00:00 2001 +From: Simon Kelley simon@thekelleys.org.uk +Date: Tue, 17 Jun 2014 19:49:31 +0100 +Subject: [PATCH] Build config: add -DNO_GMP for use with nettle/mini-gmp + +--- + Makefile | 2 +- + bld/pkg-wrapper | 9 +++++++-- + src/config.h | 7 +++++++ + src/dnssec.c | 3 ++- + 4 files changed, 17 insertions(+), 4 deletions(-) + +diff --git a/Makefile b/Makefile +index c58b50b..17eeb27 100644 +--- a/Makefile ++++ b/Makefile +@@ -61,7 +61,7 @@ lua_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CON + lua_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --libs lua5.1` + nettle_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --cflags nettle hogweed` + nettle_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --libs nettle hogweed` +-gmp_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --copy -lgmp` ++gmp_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC NO_GMP --copy -lgmp` + sunos_libs = `if uname | grep SunOS >/dev/null 2>&1; then echo -lsocket -lnsl -lposix4; fi` + version = -DVERSION='"`$(top)/bld/get-version $(top)`"' + +diff --git a/bld/pkg-wrapper b/bld/pkg-wrapper +index 9f9332d..0ddb678 100755 +--- a/bld/pkg-wrapper ++++ b/bld/pkg-wrapper +@@ -11,9 +11,14 @@ in=`cat` + + if grep "^#[[:space:]]*define[[:space:]]*$search" config.h >/dev/null 2>&1 || \ + echo $in | grep $search >/dev/null 2>&1; then +- ++# Nasty, nasty, in --copy, arg 2 is another config to search for, use with NO_GMP + if [ $op = "--copy" ]; then +- pkg="$*" ++ if grep "^#[[:space:]]*define[[:space:]]*$pkg" config.h >/dev/null 2>&1 || \ ++ echo $in | grep $pkg >/dev/null 2>&1; then ++ pkg="" ++ else ++ pkg="$*" ++ fi + elif grep "^#[[:space:]]*define[[:space:]]*${search}_STATIC" config.h >/dev/null 2>&1 || \ + echo $in | grep ${search}_STATIC >/dev/null 2>&1; then + pkg=`$pkg --static $op $*` +diff --git a/src/config.h b/src/config.h +index 2155544..ee6d218 100644 +--- a/src/config.h ++++ b/src/config.h +@@ -105,6 +105,8 @@ HAVE_AUTH + define this to include the facility to act as an authoritative DNS + server for one or more zones. + ++HAVE_DNSSEC ++ include DNSSEC validator. + + NO_IPV6 + NO_TFTP +@@ -118,6 +120,11 @@ NO_AUTH + which are enabled by default in the distributed source tree. Building dnsmasq + with something like "make COPTS=-DNO_SCRIPT" will do the trick. + ++NO_NETTLE_ECC ++ Don't include the ECDSA cypher in DNSSEC validation. Needed for older Nettle versions. ++NO_GMP ++ Don't use and link against libgmp, Useful if nettle is built with --enable-mini-gmp. ++ + LEASEFILE + CONFFILE + RESOLVFILE +diff --git a/src/dnssec.c b/src/dnssec.c +index 44d626b..2ffb75d 100644 +--- a/src/dnssec.c ++++ b/src/dnssec.c +@@ -26,7 +26,8 @@ + # include <nettle/ecc-curve.h> + #endif + #include <nettle/nettle-meta.h> +-#include <gmp.h> ++#include <nettle/bignum.h> ++ + + #define SERIAL_UNDEF -100 + #define SERIAL_EQ 0 +-- +1.7.10.4 + diff --git a/src/scripts/setddns.pl b/src/scripts/setddns.pl deleted file mode 100644 index 5a19565..0000000 --- a/src/scripts/setddns.pl +++ /dev/null @@ -1,862 +0,0 @@ -#!/usr/bin/perl -# -# SmoothWall CGIs -# -# This code is distributed under the terms of the GPL -# -# (c) The SmoothWall Team -# -# $Id: setddns.pl,v 1.4.2.32 2006/02/07 01:29:47 franck78 Exp $ -# - -#close(STDIN); -#close(STDOUT); -#close(STDERR); - -use strict; -use IO::Socket; -use Net::SSLeay; - -require '/var/ipfire/general-functions.pl'; - -#Prototypes functions -sub encode_base64 ($;$); - -my %settings; -my $filename = "${General::swroot}/ddns/config"; -my $cachefile = "${General::swroot}/ddns/ipcache"; -my $ipcache = 0; -my @current = (); - -if (open(FILE, "$filename")) { - @current = <FILE>; - close(FILE); - unless(@current) { - exit 0; - } -} else { - &General::log('Dynamic DNS failure : unable to open config file.'); - exit 0; -} - -&General::readhash("${General::swroot}/ddns/settings", %settings); - -# ignore monthly update if not in minimize update mode -exit 0 if (($settings{'MINIMIZEUPDATES'} ne 'on') && ($ARGV[1] eq '-m')); - -my $ip = &General::GetDyndnsRedIP(); - -if ($ip eq "unavailable") { - &General::log("Dynamic DNS error: RED/Public IP is unavailable"); - exit(0); -} - -#&General::log("Dynamic DNS public router IP is: $ip"); - -if ($ARGV[0] eq '-f') { - unlink ($cachefile); # next regular calls will try again if this force update fails. -} else { - open(IPCACHE, "$cachefile"); - $ipcache = <IPCACHE>; - close(IPCACHE); - chomp $ipcache; -} - -if ($ip ne $ipcache) { - my $id = 0; - my $success = 0; - my $line; - my $lines = @current; - - foreach $line (@current) { - $id++; - chomp($line); - my @temp = split(/,/,$line); - unless ($temp[7] ne "on") { - $settings{'SERVICE'} = $temp[0]; - $settings{'HOSTNAME'} = $temp[1]; - $settings{'DOMAIN'} = $temp[2]; - $settings{'PROXY'} = $temp[3]; - $settings{'WILDCARDS'} = $temp[4]; - $settings{'LOGIN'} = $temp[5]; - $settings{'PASSWORD'} = $temp[6]; - $settings{'ENABLED'} = $temp[7]; - - #Some connection are very stable (more than 40 days). Finally force - #one update / month to avoid account lost - #cron call once/week with -f & once/month with -f -m options - #minimize update ? - if ( ($settings{'MINIMIZEUPDATES'} eq 'on') && ($ARGV[1] ne '-m') ) { - if (General::DyndnsServiceSync($ip, $settings{'HOSTNAME'},$settings{'DOMAIN'})) { - &General::log ("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} is uptodate [$ip]"); - $success++; - next; # do not update, go to test next service - } - } - if ($settings{'SERVICE'} ne "dns.lightningwirelabs.com") { - my @service = split(/./, "$settings{'SERVICE'}"); - $settings{'SERVICE'} = "$service[0]"; - } - if ($settings{'SERVICE'} eq 'no-ip') { - open(F, ">${General::swroot}/ddns/noipsettings"); - flock F, 2; - print F "PROXY=" . ($settings{'PROXY'} eq 'on' ? "Y\n" : "N\n"); - print F "PASSWORD=$settings{'PASSWORD'}\n"; - print F "NAT=N\n"; - print F "LOGIN=$settings{'LOGIN'}\n"; - print F "INTERVAL=1\n"; - if ($settings{'HOSTNAME'} !~ s/$General::noipprefix//) { - print F "HOSTNAME=$settings{'HOSTNAME'}\n"; - print F "GROUP=\n"; - } else { - print F "HOSTNAME=\n"; - print F "GROUP=$settings{'HOSTNAME'}\n"; - } - print F "DOMAIN=$settings{'DOMAIN'}\n"; - print F "DEVICE=\n"; - print F "DAEMON=N\n"; - close(F); - - my @ddnscommand = ('/usr/bin/noip','-c',"${General::swroot}/ddns/noipsettings",'-i',"$ip"); - - my $result = system(@ddnscommand); - if ( $result != 0) { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success"); - $success++; - } - } - - elsif ($settings{'SERVICE'} eq 'all-inkl') { - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - - my ($out, $response) = Net::SSLeay::get_https("dyndns.kasserver.com", 443, "/", Net::SSLeay::make_headers( - 'User-Agent' => 'IPFire', 'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}") - )); - - # Valid response are 'ok' 'nochange' - if ($response =~ m%HTTP/1.. 200 OK%) { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success"); - $success++; - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure (could not connect to server, check your credentials)"); - } - } - - elsif ($settings{'SERVICE'} eq 'cjb') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - - my ($out, $response) = Net::SSLeay::get_http( 'www.cjb.net', - 80, - "/cgi-bin/dynip.cgi?username=$settings{'LOGIN'}&password=$settings{'PASSWORD'}&ip=$ip", - Net::SSLeay::make_headers('User-Agent' => 'IPFire' ) - ); - - if ($response =~ m%HTTP/1.. 200 OK%) { - if ( $out !~ m/has been updated to point to/ ) { - &General::log("Dynamic DNS ip-update for cjb.net ($settings{'LOGIN'}) : failure (bad password or login)"); - } else { - &General::log("Dynamic DNS ip-update for cjb.net ($settings{'LOGIN'}) : success"); - $success++; - } - } else { - &General::log("Dynamic DNS ip-update for cjb.net ($settings{'LOGIN'}) : failure (could not connect to server)"); - } - } - elsif ($settings{'SERVICE'} eq 'selfhost') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - - my ($out, $response) = Net::SSLeay::get_https( 'carol.selfhost.de', - 443, - "/update?username=$settings{'LOGIN'}&password=$settings{'PASSWORD'}&textmodi=1", - Net::SSLeay::make_headers('User-Agent' => 'IPFire' ) - ); - - if ($response =~ m%HTTP/1.. 200 OK%) { - if ( $out !~ m/status=(200|204)/ ) { - $out =~ s/\n/ /g; - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure ($out)"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success"); - $success++; - } - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure (could not connect to server)"); - } - } - elsif ($settings{'SERVICE'} eq 'dnspark') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - - if ($settings{'HOSTNAME'} eq '') { - $settings{'HOSTDOMAIN'} = $settings{'DOMAIN'}; - } else { - $settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}"; - } - - my ($out, $response) = Net::SSLeay::get_https( "www.dnspark.net", - 443, - "/api/dynamic/update.php?hostname=$settings{'HOSTDOMAIN'}&ip=$ip", - Net::SSLeay::make_headers('User-Agent' => 'IPFire', - 'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}") - ) - ); - # Valid response are 'ok' 'nochange' - if ($response =~ m%HTTP/1.. 200 OK%) { - if ( $out !~ m/^(ok|nochange)/ ) { - $out =~ s/\n/ /g; - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure ($out)"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : success"); - $success++; - } - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server, check your credentials)"); - } - } - elsif ($settings{'SERVICE'} eq 'dns.lightningwirelabs.com') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - - if ($settings{'HOSTNAME'} eq '') { - $settings{'HOSTDOMAIN'} = $settings{'DOMAIN'}; - } else { - $settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}"; - } - - my $authstring; - if ($settings{'LOGIN'} eq "token") { - $authstring = "token=$settings{'PASSWORD'}"; - } else { - $authstring = "username=$settings{'LOGIN'}&password=$settings{'PASSWORD'}"; - } - - my $user_agent = &General::MakeUserAgent(); - my ($out, $response) = Net::SSLeay::get_https("dns.lightningwirelabs.com", 443, - "/update?hostname=$settings{'HOSTDOMAIN'}&address4=$ip&$authstring", - Net::SSLeay::make_headers('User-Agent' => $user_agent) - ); - - # Valid response are 'ok' 'nochange' - if ($response =~ m%HTTP/1.. 200 OK%) { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : success"); - $success++; - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server, check your credentials)"); - } - } - elsif ($settings{'SERVICE'} eq 'enom') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - if ($settings{'HOSTNAME'} eq '') { - $settings{'HOSTDOMAIN'} = $settings{'DOMAIN'}; - } else { - $settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}"; - } - - my ($out, $response) = Net::SSLeay::get_http( 'dynamic.name-services.com', - 80, - "/interface.asp?Command=SetDNSHost&Zone=$settings{'DOMAIN'}&DomainPassword=$settings{'PASSWORD'}&Address=$ip", - Net::SSLeay::make_headers('User-Agent' => 'IPFire' ) - ); - - if ($response =~ m%HTTP/1.. 200 OK%) { - #Valid responses from update => ErrCount=0 - if ( $out !~ m/ErrCount=0/ ) { - $out =~ s/(\n|\x0D)/ /g; - $out =~ /Err1=([\w ]+) /; - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure ($1)"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success"); - $success++; - } - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure (could not connect to server)"); - } - } - elsif ($settings{'SERVICE'} eq 'nsupdate') { - # Fetch UI configurable values and assemble the host name. - - my $hostName="$settings{'DOMAIN'}"; - if ($settings{'HOSTNAME'} ne "") { - $hostName="$settings{'HOSTNAME'}.$hostName"; - } - my $keyName=$settings{'LOGIN'}; - my $keySecret=$settings{'PASSWORD'}; - - # Use a relatively long TTL value to reduce load on DNS. - # Some public Dynamic DNS servers use values around 4 hours, - # some use values as low as 60 seconds. - # XXX Maybe we could fetch the master value from the server - # (not the timed-down version supplied by DNS cache) - - my $timeToLive="3600"; - - # Internal setting that can be used to override the DNS server - # where the update is applied. It can be of use when testing - # against a private DNS server. - - my $masterServer=""; - - # Prepare the nsupdate command script to remove and re-add the - # updated A record for the domain. - - my $cmdFile="/tmp/nsupdate-$hostName-commands"; - my $logFile="/tmp/nsupdate-$hostName-result"; - open(TF, ">$cmdFile"); - if ($masterServer ne "") { - print TF "server $masterServer\n"; - } - if ($keyName ne "" && $keySecret ne "") { - print TF "key $keyName $keySecret\n"; - } - print TF "update delete $hostName A\n"; - print TF "update add $hostName $timeToLive A $ip\n"; - print TF "send\n"; - close(TF); - - # Run nsupdate with -v to use TCP instead of UDP because we're - # issuing multiple cmds and potentially long keys, and -d to - # get diagnostic result output. - - my $result = system("/usr/bin/nsupdate -v -d $cmdFile 2>$logFile"); - if ($result != 0) { - &General::log("Dynamic DNS ip-update for $hostName : failure"); - open(NSLOG, "$logFile"); - my @nsLog = <NSLOG>; - close(NSLOG); - my $logLine; - foreach $logLine (@nsLog) { - chomp($logLine); - if ($logLine ne "") { - &General::log("... $logLine"); - } - } - } else { - &General::log("Dynamic DNS ip-update for $hostName : success"); - $success++; - } - unlink $cmdFile, $logFile; - } - elsif ($settings{'SERVICE'} eq 'freedns') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - - my ($out, $response) = Net::SSLeay::get_https( 'freedns.afraid.org', - 443, - "/dynamic/update.php?$settings{'LOGIN'}", - Net::SSLeay::make_headers('User-Agent' => 'IPFire' ) - ); - #Valid responses from service are: - #Updated n host(s) <domain> - #ERROR: <ip> has not changed. - if ($response =~ m%HTTP/1.. 200 OK%) { - #Valid responses from update => ErrCount=0 - if ( $out !~ m/(^Updated|Address .* has not changed)/ig ) { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure ($out)"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success"); - $success++; - } - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure (could not connect to server)"); - } - } - elsif ($settings{'SERVICE'} eq 'spdns.de') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - - if ($settings{'HOSTNAME'} eq '') { - $settings{'HOSTDOMAIN'} = $settings{'DOMAIN'}; - } else { - $settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}"; - } - - my ($out, $response) = Net::SSLeay::get_https( 'update.spdns.de', 443, - "/nic/update?&hostname=$settings{'HOSTDOMAIN'}&myip=$ip", - Net::SSLeay::make_headers('User-Agent' => 'IPFire' , - 'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}")) - ); - - #Valid responses from service are: - # good xxx.xxx.xxx.xxx - # nochg xxx.xxx.xxx.xxx - if ($response =~ m%HTTP/1.. 200 OK%) { - if ($out !~ m/good |nochg /ig) { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure ($out)"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : success"); - $success++; - } - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server)"); - } - } - elsif ($settings{'SERVICE'} eq 'strato') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - - if ($settings{'HOSTNAME'} eq '') { - $settings{'HOSTDOMAIN'} = $settings{'DOMAIN'}; - } else { - $settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}"; - } - - my ($out, $response) = Net::SSLeay::get_https( 'dyndns.strato.com', - 443, - "/nic/update?hostname=$settings{'HOSTDOMAIN'}&myip=$ip", - Net::SSLeay::make_headers('User-Agent' => 'IPFire', - 'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}") ) - ); - - if ($response =~ m%HTTP/1.. 200 OK%) { - #Valid responses from update => ErrCount=0 - if ( $out =~ m/good |nochg /ig) { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success"); - $success++; - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure1 ($out)"); - $success++; - } - } elsif ( $out =~ m/<title>(.*)</title>/ig ) { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure2 ($1)"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure3 ($response)"); - } - } - elsif ($settings{'SERVICE'} eq 'regfish') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - my ($out, $response) = Net::SSLeay::get_https( 'dyndns.regfish.de', - 443, - "/?fqdn=$settings{'DOMAIN'}&ipv4=$ip&forcehost=1&authtype=secure&token=$settings{'LOGIN'}", - Net::SSLeay::make_headers('User-Agent' => 'Ipfire' ) - ); - #Valid responses from service are: - #success|100|update succeeded! - #success|101|no update needed at this time.. - if ($response =~ m%HTTP/1.. 200 OK%) { - if ( $out !~ m/(success|(100|101)|)/ig ) { - &General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : failure ($out)"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : success"); - $success++; - } - } else { - &General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : failure (could not connect to server)"); - } - } - elsif ($settings{'SERVICE'} eq 'ovh') { - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - - my $peer = 'www.ovh.com'; - my $peerport = 80; - - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - } - - my $sock; - unless($sock = new IO::Socket::INET (PeerAddr => $peer, PeerPort => $peerport, Proto => 'tcp', Timeout => 5)) { - &General::log("Dynamic DNS failure : could not connect to $peer:$peerport: $@"); - next; - } - - if ($settings{'HOSTNAME'} eq '') { - $settings{'HOSTDOMAIN'} = $settings{'DOMAIN'}; - } else { - $settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}"; - } - - my ($GET_CMD, $code64); - $GET_CMD = "GET http://www.ovh.com/nic/update?system=dyndns&hostname=$settings%7B%27HOST... HTTP/1.1\r\n"; - $GET_CMD .= "Host: www.ovh.com\r\n"; - chomp($code64 = encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}")); - $GET_CMD .= "Authorization: Basic $code64\r\n"; - $GET_CMD .= "User-Agent: ipfire\r\n"; - #$GET_CMD .= "Content-Type: application/x-www-form-urlencoded\r\n"; - $GET_CMD .= "\r\n"; - print $sock "$GET_CMD"; - - my $out = ''; - while(<$sock>) { - $out .= $_; - } - close($sock); - - #HTTP response => error (in Title tag) else text response - #Valid responses from service:good,nochg (ez-ipupdate like) - #Should use ez-ipdate but "system=dyndns" is not present - if ( $out =~ m/<Title>(.*)</Title>/ig ) { - &General::log("Dynamic DNS ovh.com : failure ($1)"); - } - elsif ($out !~ m/good |nochg /ig) { - $out =~ s/.+?\015?\012\015?\012//s; # header HTTP - my @out = split("\r", $out); - &General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : failure ($out[1])"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : success"); - $success++; - } - } - elsif ($settings{'SERVICE'} eq 'dtdns') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - - if ($settings{'HOSTNAME'} eq '') { - $settings{'HOSTDOMAIN'} = $settings{'DOMAIN'}; - } else { - $settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}"; - } - - my ($out, $response) = Net::SSLeay::get_http( 'www.dtdns.com', - 80, - "/api/autodns.cfm?id=$settings{'HOSTDOMAIN'}&pw=$settings{'PASSWORD'}", - Net::SSLeay::make_headers('User-Agent' => 'IPFire' ) - ); - #Valid responses from service are: - # now points to - # - if ($response =~ m%HTTP/1.. 200 OK%) { - if ( $out !~ m/Host .* now points to/ig ) { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure ($out)"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : success"); - $success++; - } - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server)"); - } - } - #namecheap test - elsif ($settings{'SERVICE'} eq 'namecheap') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - - my ($out, $response) = Net::SSLeay::get_https( 'dynamicdns.park-your-domain.com', - 443, - "/update?host=$settings{'HOSTNAME'}&domain=$settings{'DOMAIN'}&password=$settings{'PASSWORD'}&ip=$ip", - Net::SSLeay::make_headers('User-Agent' => 'IPFire' ) - ); - #Valid responses from service are: - # wait confirmation!! - if ($response =~ m%HTTP/1.. 200 OK%) { - if ( $out !~ m/<ErrCount>0</ErrCount>/ ) { - $out =~ m/<Err1>(.*)</Err1>/; - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure ($1)"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success"); - $success++; - } - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure (could not connect to server)"); - } - } - #end namecheap test - elsif ($settings{'SERVICE'} eq 'dynu') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - - if ($settings{'HOSTNAME'} eq '') { - $settings{'HOSTDOMAIN'} = $settings{'DOMAIN'}; - } else { - $settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}"; - } - - my ($out, $response) = Net::SSLeay::get_https( 'api.dynu.com', - 443, - "/nic/update?hostname=$settings{'HOSTDOMAIN'}&myip=$ip&username=$settings{'LOGIN'}&password=$settings{'PASSWORD'}", - Net::SSLeay::make_headers('User-Agent' => 'IPFire' ) - ); - # Valid responses are 'good xxx.xxx.xxx.xxx', 'nochg' - # see http://www.dynu.com/Default.aspx?page=dnsapi for further details - if ($response =~ m%HTTP/1.. 200 OK%) { - if ( $out !~ m/^(good|nochg)/ ) { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure ($out)"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : success ($out)"); - $success++; - } - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server---$out-$response)"); - } - } - elsif ($settings{'SERVICE'} eq 'udmedia') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - - if ($settings{'HOSTNAME'} eq '') { - $settings{'HOSTDOMAIN'} = $settings{'DOMAIN'}; - } else { - $settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}"; - } - - my ($out, $response) = Net::SSLeay::get_https( 'www.udmedia.de', - 443, - "/nic/update?myip=$ip&username=$settings{'HOSTDOMAIN'}&password=$settings{'PASSWORD'}", - Net::SSLeay::make_headers('User-Agent' => 'IPFire', - 'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}")) ); - - # Valid response are 'ok' 'nochange' - if ($response =~ m%HTTP/1.. 200 OK%) { - if ( $out !~ m/^(ok|nochg)/ ) { - $out =~ s/\n/ /g; - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure ($out)"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : success"); - $success++; - } - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server, check your credentials---$out-$response--)"); - } - } - elsif ($settings{'SERVICE'} eq 'twodns') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - - if ($settings{'HOSTNAME'} eq '') { - $settings{'HOSTDOMAIN'} = $settings{'DOMAIN'}; - } else { - $settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}"; - } - - my ($out, $response) = Net::SSLeay::get_https( 'update.twodns.de', - 443, - "/update?hostname=$settings{'HOSTDOMAIN'}&ip=$ip", - Net::SSLeay::make_headers('User-Agent' => 'IPFire', - 'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}")) ); - - # Valid response are 'ok' 'nochange' - if ($response =~ m%HTTP/1.. 200 OK%) { - if ( $out !~ m/^(good|nochg)/ ) { - $out =~ s/\n/ /g; - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure ($out)"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : success"); - $success++; - } - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server, check your credentials---$out-$response--)"); - } - } - elsif ($settings{'SERVICE'} eq 'variomedia') { - # use proxy ? - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - my ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} ); - } - - if ($settings{'HOSTNAME'} eq '') { - $settings{'HOSTDOMAIN'} = $settings{'DOMAIN'}; - } else { - $settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}"; - } - - my ($out, $response) = Net::SSLeay::get_https( 'dyndns.variomedia.de', - 443, - "/nic/update?hostname=$settings{'HOSTDOMAIN'}&myip=$ip", - Net::SSLeay::make_headers('User-Agent' => 'IPFire', - 'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}")) ); - - # Valid response is 'good $ip' - if ($response =~ m%HTTP/1.. 200 OK%) { - if ( $out !~ m/^good $ip/ ) { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} ($ip) : failure ($out)"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} ($ip) : success"); - $success++; - } - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server, check your credentials---$out-$response--)"); - } - } - else { - if ($settings{'WILDCARDS'} eq 'on') { - $settings{'WILDCARDS'} = '-w'; - } else { - $settings{'WILDCARDS'} = ''; - } - - if (($settings{'SERVICE'} eq 'dyndns-custom' || - $settings{'SERVICE'} eq 'easydns' || - $settings{'SERVICE'} eq 'zoneedit') && $settings{'HOSTNAME'} eq '') { - $settings{'HOSTDOMAIN'} = $settings{'DOMAIN'}; - } else { - $settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}"; - } - - my @ddnscommand = ('/usr/bin/ez-ipupdate', '-a', "$ip", '-S', "$settings{'SERVICE'}", '-u', "$settings{'LOGIN'}:$settings{'PASSWORD'}", '-h', "$settings{'HOSTDOMAIN'}", "$settings{'WILDCARDS'}", '-q'); - - my $result = system(@ddnscommand); - if ( $result != 0) { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'}: failure"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'}: success"); - $success++; - } - } - } else { - # If a line is disabled, then we should discount it - $lines--; - } - } - - if ($lines == $success) { - open(IPCACHE, ">$cachefile"); - flock IPCACHE, 2; - print IPCACHE $ip; - close(IPCACHE); - exit 1; - } - -} -exit 0; - -# Extracted from Base64.pm -sub encode_base64 ($;$) { - my $res = ""; - my $eol = $_[1]; - $eol = "\n" unless defined $eol; - pos($_[0]) = 0; # ensure start at the beginning - while ($_[0] =~ /(.{1,45})/gs) { - $res .= substr(pack('u', $1), 1); - chop($res); - } - $res =~ tr|` -_|AA-Za-z0-9+/|; # `# help emacs - # fix padding at the end - my $padding = (3 - length($_[0]) % 3) % 3; - $res =~ s/.{$padding}$/'=' x $padding/e if $padding; - # break encoded string into lines of no more than 76 characters each - if (length $eol) { - $res =~ s/(.{1,76})/$1$eol/g; - } - $res; -} - - - -__END__ -old code for selfhost.de - - my %proxysettings; - &General::readhash("${General::swroot}/proxy/settings", %proxysettings); - - my $peer = 'carol.selfhost.de'; - my $peerport = 80; - - if ($_=$proxysettings{'UPSTREAM_PROXY'}) { - ($peer, $peerport) = (/^(?:[a-zA-Z ]+://)?(?:[A-Za-z0-9_.-]*?(?::[A-Za-z0-9_.-]*?)?@)?([a-zA-Z0-9._-]*?)(?::([0-9]{1,5}))?(?:/.*?)?$/); - } - - my $sock; - unless($sock = new IO::Socket::INET (PeerAddr => $peer, PeerPort => $peerport, Proto => 'tcp', Timeout => 5)) { - die "Could not connect to $peer:$peerport: $@"; - return 1; - } - - my $GET_CMD; - $GET_CMD = "GET https://carol.selfhost.de/update?username=$settings%7B%27LOGIN%27%7D&pas... HTTP/1.1\r\n"; - $GET_CMD .= "Host: carol.selfhost.de\r\n"; - $GET_CMD .= "User-Agent: ipfire\r\n"; - $GET_CMD .= "Connection: close\r\n\r\n"; - print $sock "$GET_CMD"; - - my $out = ''; - while(<$sock>) { - $out .= $_; - } - close($sock); - - if ( $out !~ m/status=(200|204)/ ) { - #cleanup http response... - $out =~ s/.+?\015?\012\015?\012//s; # header HTTP - my @out = split("\r", $out); - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure ($out[1])"); - } else { - &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success"); - $success++; - } - - -
hooks/post-receive -- IPFire 2.x development tree
-
git@ipfire.org