add HTTPS DNS record type support (1721d2c) - webinterface.git

add HTTPS DNS record type support

Hanno Böck commited on 2024-07-09 18:07:25
Zeige 3 geänderte Dateien mit 39 Einfügungen und 2 Löschungen.

modules/dns/dns_domain.php 7a311f1..cf9f8fc
modules/dns/dns_record_edit.php cd0a81c..fd0d493
modules/dns/include/dnsinclude.php 8cb1e21..6c31658

@@ -132,6 +132,7 @@ output('<h4>Neuen DNS-Record anlegen</h4>
 <li>' . internal_link('dns_record_edit', 'SSHFP', 'id=new&type=sshfp&domain=' . $domain->id) . '</li>
 <li>' . internal_link('dns_record_edit', 'CAA', 'id=new&type=caa&domain=' . $domain->id) . '</li>
 <li>' . internal_link('dns_record_edit', 'SRV', 'id=new&type=srv&domain=' . $domain->id) . '</li>
+<li>' . internal_link('dns_record_edit', 'HTTPS', 'id=new&type=https&domain=' . $domain->id) . '</li>
 </ul>
 
 <h4>Automatische DNS-Records</h4>

modules/dns/dns_record_edit.php

Zeige Datei @ 1721d2c

@@ -177,6 +177,13 @@ if ($type == 'srv') {
 ';
 }
 
+if ($type == 'https') {
+    $form .= '
+<tr><td><label for="spec">Priorität (normalerweise <em>1</em>):</label></td><td><input type="text" name="spec" id="spec" value="' . $data['spec'] . '" /></td></tr>
+<tr><td><label for="data">Inhalt (z.B. <em>. alpn=h2</em>):</label></td><td><input type="text" name="data" id="data" value="' . filter_output_html($data['data']) . '" /></td></tr>
+';
+}
+
 
 output(html_form('dns_record_edit', 'dns_record_save', "type={$type}&domain={$domain->id}&id={$_REQUEST['id']}", '<table>
 <tr><td><label for="hostname">Hostname:</label></td><td><input type="text" name="hostname" id="hostname" value="' . $data['hostname'] . '" />&#160;<strong>.' . $domain->fqdn . '</strong></td></tr>

modules/dns/include/dnsinclude.php

Zeige Datei @ 1721d2c

@@ -144,7 +144,7 @@ function get_dyndns_records($id)
     return $data;
 }
 
-$valid_record_types = ['a', 'aaaa', 'mx', 'ns', 'txt', 'cname', 'ptr', 'srv', 'sshfp', 'caa', 'raw'];
+$valid_record_types = ['a', 'aaaa', 'mx', 'ns', 'txt', 'cname', 'ptr', 'srv', 'sshfp', 'caa', 'https', 'raw'];
 
 
 function blank_dns_record($type)
@@ -229,7 +229,7 @@ function warn_autorecord_collission($hostname, $domain, $type, $data)
 }
 
 
-$implemented_record_types = ['a', 'aaaa', 'mx', 'ns', 'txt', 'cname', 'ptr', 'srv', 'sshfp', 'caa'];
+$implemented_record_types = ['a', 'aaaa', 'mx', 'ns', 'txt', 'cname', 'ptr', 'srv', 'sshfp', 'caa', 'https'];
 
 function save_dns_record($id, $record)
 {
@@ -251,7 +251,10 @@ function save_dns_record($id, $record)
         $record['hostname'] = null;
     }
     verify_input_hostname($record['hostname'], true);
+    /* HTTPS record type allows quotes, we check format below */
+    if ($record['type'] != 'https') {
         verify_input_recorddata($record['data']);
+    }
     if ($record['ttl'] && (int) $record['ttl'] < 1) {
         system_failure('Fehler bei TTL');
     }
@@ -371,6 +374,32 @@ function save_dns_record($id, $record)
             }
             $record['ip'] = null;
             break;
+
+        case 'https':
+            $record['dyndns'] = null;
+            $record['ip'] = null;
+            $record['spec'] = (int) $record['spec'];
+            if ($record['spec'] < 0) {
+                system_failure("invalid priority");
+            }
+            if ((!$record['data']) || (strlen($record['data']) == 0)) {
+                system_failure('data is missing');
+            }
+            if (strlen($record['data']) > 255) {
+                system_failure('data field is too long');
+            }
+            $data = explode(' ', $record['data']);
+            $host = array_shift($data);
+            if ($host != "." && !filter_var($host, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME)) {
+                system_failure("Ungültiger Hostname!");
+            }
+            foreach($data as $d) {
+                if (!(preg_match('/[a-z0-9]+=([a-z0-9,:.]+|"[a-z0-9,:.]+")/', $d))) {
+                    system_failure("Ungültiger HTTPS record!");
+                }
+            }
+            break;
+
         default:
             system_failure('Not implemented');
     }


...	...	@@ -132,6 +132,7 @@ output('<h4>Neuen DNS-Record anlegen</h4>
132	132	<li>' . internal_link('dns_record_edit', 'SSHFP', 'id=new&type=sshfp&domain=' . $domain->id) . '</li>
133	133	<li>' . internal_link('dns_record_edit', 'CAA', 'id=new&type=caa&domain=' . $domain->id) . '</li>
134	134	<li>' . internal_link('dns_record_edit', 'SRV', 'id=new&type=srv&domain=' . $domain->id) . '</li>
	135	+<li>' . internal_link('dns_record_edit', 'HTTPS', 'id=new&type=https&domain=' . $domain->id) . '</li>
135	136	</ul>
136	137
137	138	<h4>Automatische DNS-Records</h4>

...	...	@@ -177,6 +177,13 @@ if ($type == 'srv') {
177	177	';
178	178	}
179	179
	180	+if ($type == 'https') {
	181	+ $form .= '
	182	+<tr><td><label for="spec">Priorität (normalerweise <em>1</em>):</label></td><td><input type="text" name="spec" id="spec" value="' . $data['spec'] . '" /></td></tr>
	183	+<tr><td><label for="data">Inhalt (z.B. <em>. alpn=h2</em>):</label></td><td><input type="text" name="data" id="data" value="' . filter_output_html($data['data']) . '" /></td></tr>
	184	+';
	185	+}
	186	+
180	187
181	188	output(html_form('dns_record_edit', 'dns_record_save', "type={$type}&domain={$domain->id}&id={$_REQUEST['id']}", '<table>
182	189	<tr><td><label for="hostname">Hostname:</label></td><td><input type="text" name="hostname" id="hostname" value="' . $data['hostname'] . '" /> <strong>.' . $domain->fqdn . '</strong></td></tr>

...	...	@@ -144,7 +144,7 @@ function get_dyndns_records($id)
144	144	return $data;
145	145	}
146	146
147		-$valid_record_types = ['a', 'aaaa', 'mx', 'ns', 'txt', 'cname', 'ptr', 'srv', 'sshfp', 'caa', 'raw'];
	147	+$valid_record_types = ['a', 'aaaa', 'mx', 'ns', 'txt', 'cname', 'ptr', 'srv', 'sshfp', 'caa', 'https', 'raw'];
148	148
149	149
150	150	function blank_dns_record($type)
...	...	@@ -229,7 +229,7 @@ function warn_autorecord_collission($hostname, $domain, $type, $data)
229	229	}
230	230
231	231
232		-$implemented_record_types = ['a', 'aaaa', 'mx', 'ns', 'txt', 'cname', 'ptr', 'srv', 'sshfp', 'caa'];
	232	+$implemented_record_types = ['a', 'aaaa', 'mx', 'ns', 'txt', 'cname', 'ptr', 'srv', 'sshfp', 'caa', 'https'];
233	233
234	234	function save_dns_record($id, $record)
235	235	{
...	...	@@ -251,7 +251,10 @@ function save_dns_record($id, $record)
251	251	$record['hostname'] = null;
252	252	}
253	253	verify_input_hostname($record['hostname'], true);
	254	+ /* HTTPS record type allows quotes, we check format below */
	255	+ if ($record['type'] != 'https') {
254	256	verify_input_recorddata($record['data']);
	257	+ }
255	258	if ($record['ttl'] && (int) $record['ttl'] < 1) {
256	259	system_failure('Fehler bei TTL');
257	260	}
...	...	@@ -371,6 +374,32 @@ function save_dns_record($id, $record)
371	374	}
372	375	$record['ip'] = null;
373	376	break;
	377	+
	378	+ case 'https':
	379	+ $record['dyndns'] = null;
	380	+ $record['ip'] = null;
	381	+ $record['spec'] = (int) $record['spec'];
	382	+ if ($record['spec'] < 0) {
	383	+ system_failure("invalid priority");
	384	+ }
	385	+ if ((!$record['data']) \|\| (strlen($record['data']) == 0)) {
	386	+ system_failure('data is missing');
	387	+ }
	388	+ if (strlen($record['data']) > 255) {
	389	+ system_failure('data field is too long');
	390	+ }
	391	+ $data = explode(' ', $record['data']);
	392	+ $host = array_shift($data);
	393	+ if ($host != "." && !filter_var($host, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME)) {
	394	+ system_failure("Ungültiger Hostname!");
	395	+ }
	396	+ foreach($data as $d) {
	397	+ if (!(preg_match('/[a-z0-9]+=([a-z0-9,:.]+\|"[a-z0-9,:.]+")/', $d))) {
	398	+ system_failure("Ungültiger HTTPS record!");
	399	+ }
	400	+ }
	401	+ break;
	402	+
374	403	default:
375	404	system_failure('Not implemented');
376	405	}
377	406