]>
Commit | Line | Data |
---|---|---|
e0639d80 JPT |
1 | #!/usr/bin/perl |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
24d7c5ef | 5 | # Copyright (C) 2020 IPFire Development Team # |
e0639d80 JPT |
6 | # # |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
22 | use strict; | |
24d7c5ef | 23 | use IO::Socket; |
e0639d80 JPT |
24 | |
25 | # enable only the following on debugging purpose | |
26 | #use warnings; | |
27 | #use CGI::Carp 'fatalsToBrowser'; | |
28 | ||
29 | require '/var/ipfire/general-functions.pl'; | |
24d7c5ef | 30 | require "${General::swroot}/geoip-functions.pl"; |
e0639d80 JPT |
31 | require "${General::swroot}/lang.pl"; |
32 | require "${General::swroot}/header.pl"; | |
33 | ||
24d7c5ef SS |
34 | #workaround to suppress a warning when a variable is used only once |
35 | my @dummy = ( ${Header::colouryellow} ); | |
36 | undef (@dummy); | |
37 | ||
38 | my %cgiparams=(); | |
39 | my %checked=(); | |
40 | my %selected=(); | |
e0639d80 JPT |
41 | my $errormessage = ''; |
42 | ||
24d7c5ef SS |
43 | # Config file which stores the DNS settings. |
44 | my $settings_file = "${General::swroot}/dns/settings"; | |
45 | ||
46 | # File which stores the configured DNS-Servers. | |
47 | my $servers_file = "${General::swroot}/dns/servers"; | |
48 | ||
49 | # Create files if the does not exist. | |
50 | unless (-f $settings_file) { system("touch $settings_file") }; | |
51 | unless (-f $servers_file) { system("touch $servers_file") }; | |
52 | ||
53 | # File which stores the ISP assigned DNS servers. | |
54 | my @ISP_nameserver_files = ( "${General::swroot}/dns/dns1", "${General::swroot}/dns/dns2" ); | |
55 | ||
56 | # File which contains the ca-certificates. | |
57 | my $ca_certs_file = "/etc/ssl/certs/ca-bundle.crt"; | |
58 | ||
59 | my %color = (); | |
60 | my %mainsettings = (); | |
61 | &General::readhash("${General::swroot}/main/settings", \%mainsettings); | |
62 | &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color); | |
63 | ||
e0639d80 | 64 | &Header::showhttpheaders(); |
24d7c5ef | 65 | &Header::getcgihash(\%cgiparams); |
e0639d80 | 66 | |
24d7c5ef SS |
67 | ## |
68 | # Save general settings. | |
69 | # | |
70 | if ($cgiparams{'GENERAL'} eq $Lang::tr{'save'}) { | |
71 | # Prevent form name from been stored in conf file. | |
72 | delete $cgiparams{'GENERAL'}; | |
e0639d80 | 73 | |
24d7c5ef SS |
74 | # Add value for non-checked checkbox. |
75 | if ($cgiparams{'USE_ISP_NAMESERVERS'} ne "on") { | |
76 | $cgiparams{'USE_ISP_NAMESERVERS'} = "off"; | |
77 | } | |
e0639d80 | 78 | |
24d7c5ef SS |
79 | # Add value for non-checked checkbox. |
80 | if ($cgiparams{'ENABLE_SAFE_SEARCH'} ne "on") { | |
81 | $cgiparams{'ENABLE_SAFE_SEARCH'} = "off"; | |
82 | } | |
e0639d80 | 83 | |
24d7c5ef SS |
84 | # Store settings into settings file. |
85 | &General::writehash("$settings_file", \%cgiparams); | |
86 | } | |
87 | ||
88 | ### | |
89 | # Add / Edit entries. | |
90 | # | |
91 | if (($cgiparams{'SERVERS'} eq $Lang::tr{'save'}) || ($cgiparams{'SERVERS'} eq $Lang::tr{'update'})) { | |
92 | # Hash to store the generic DNS settings. | |
93 | my %settings = (); | |
94 | ||
95 | # Read-in generic settings. | |
96 | &General::readhash("$settings_file", \%settings); | |
e0639d80 | 97 | |
24d7c5ef SS |
98 | # Check if the given DNS server is valid. |
99 | if(!&General::validip($cgiparams{"NAMESERVER"})) { | |
100 | $errormessage = "$Lang::tr{'invalid ip'}: $cgiparams{'NAMESERVER'}"; | |
101 | } | |
102 | ||
103 | # Check if a TLS is enabled and no TLS_HOSTNAME has benn specified. | |
104 | elsif($settings{'PROTO'} eq "TLS") { | |
105 | unless($cgiparams{"TLS_HOSTNAME"}) { | |
106 | $errormessage = "$Lang::tr{'dns no tls hostname given'}"; | |
107 | } else { | |
108 | # Check if the provided domain is valid. | |
109 | unless(&General::validfqdn($cgiparams{"TLS_HOSTNAME"})) { | |
110 | $errormessage = "$Lang::tr{'invalid ip or hostname'}: $cgiparams{'TLS_HOSTNAME'}"; | |
111 | } | |
e0639d80 | 112 | } |
24d7c5ef SS |
113 | } |
114 | ||
115 | # Check the nameserver. | |
116 | my $status = &check_nameserver("$cgiparams{'NAMESERVER'}", "ping.ipfire.org", "$settings{'PROTO'}", "$cgiparams{'TLS_HOSTNAME'}"); | |
117 | ||
118 | # Assign errormessage, if the nameserver does not support dnssec or any other kind of error happened. | |
119 | if ($status eq "0") { | |
120 | $errormessage = "$Lang::tr{'dns could not add server'} $Lang::tr{'dnssec not supported'}"; | |
121 | } elsif (($status ne "1") && ($status ne "2")) { | |
122 | $errormessage = "$Lang::tr{'dns could not add server'} $status"; | |
123 | } | |
124 | ||
125 | # Go further if there was no error. | |
126 | if ( ! $errormessage) { | |
127 | # Check if a remark has been entered. | |
128 | $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'}); | |
129 | ||
130 | my %dns_servers = (); | |
131 | my $id; | |
132 | my $status; | |
133 | ||
134 | # Read-in configfile. | |
135 | &General::readhasharray($servers_file, \%dns_servers); | |
136 | ||
137 | # Check if we should edit an existing entry and got an ID. | |
138 | if (($cgiparams{'SERVERS'} eq $Lang::tr{'update'}) && ($cgiparams{'ID'})) { | |
139 | # Assin the provided id. | |
140 | $id = $cgiparams{'ID'}; | |
141 | ||
142 | # Undef the given ID. | |
143 | undef($cgiparams{'ID'}); | |
144 | ||
145 | # Grab the configured status of the corresponding entry. | |
146 | $status = $dns_servers{$id}[2]; | |
147 | } else { | |
148 | # Each newly added entry automatically should be enabled. | |
149 | $status = "enabled"; | |
150 | ||
151 | # Generate the ID for the new entry. | |
152 | # | |
153 | # Sort the keys by their ID and store them in an array. | |
154 | my @keys = sort { $a <=> $b } keys %dns_servers; | |
155 | ||
156 | # Reverse the key array. | |
157 | my @reversed = reverse(@keys); | |
158 | ||
159 | # Obtain the last used id. | |
160 | my $last_id = @reversed[0]; | |
161 | ||
162 | # Increase the last id by one and use it as id for the new entry. | |
163 | $id = ++$last_id; | |
164 | ||
165 | # The first allowed id is 3 to keep space for | |
166 | # possible ISP assigned DNS servers. | |
167 | if ($id le "2") { | |
168 | $id = "3"; | |
169 | } | |
e0639d80 | 170 | } |
24d7c5ef SS |
171 | |
172 | # Add/Modify the entry to/in the dns_servers hash. | |
173 | $dns_servers{$id} = ["$cgiparams{'NAMESERVER'}", "$cgiparams{'TLS_HOSTNAME'}", "$status", "$cgiparams{'REMARK'}"]; | |
174 | ||
175 | # Write the changed hash to the config file. | |
176 | &General::writehasharray($servers_file, \%dns_servers); | |
177 | } else { | |
178 | # Switch back to previous mode. | |
179 | $cgiparams{'SERVERS'} = $cgiparams{'MODE'}; | |
180 | } | |
181 | ### | |
182 | # Toggle enable / disable. | |
183 | # | |
184 | } elsif ($cgiparams{'SERVERS'} eq $Lang::tr{'toggle enable disable'}) { | |
185 | my %dns_servers = (); | |
186 | ||
187 | # Only go further, if an ID has been passed. | |
188 | if ($cgiparams{'ID'}) { | |
189 | # Assign the given ID. | |
190 | my $id = $cgiparams{'ID'}; | |
191 | ||
192 | # Undef the given ID. | |
193 | undef($cgiparams{'ID'}); | |
194 | ||
195 | # Read-in configfile. | |
196 | &General::readhasharray($servers_file, \%dns_servers); | |
197 | ||
198 | # Grab the configured status of the corresponding entry. | |
199 | my $status = $dns_servers{$id}[2]; | |
200 | ||
201 | # Switch the status. | |
202 | if ($status eq "disabled") { | |
203 | $status = "enabled"; | |
204 | } else { | |
205 | $status = "disabled"; | |
e0639d80 | 206 | } |
24d7c5ef SS |
207 | |
208 | # Modify the status of the existing entry. | |
209 | $dns_servers{$id} = ["$dns_servers{$id}[0]", "$dns_servers{$id}[1]", "$status", "$dns_servers{$id}[3]"]; | |
210 | ||
211 | # Write the changed hash back to the config file. | |
212 | &General::writehasharray($servers_file, \%dns_servers); | |
e0639d80 | 213 | } |
24d7c5ef SS |
214 | |
215 | ## Remove entry from DNS servers list. | |
216 | # | |
217 | } elsif ($cgiparams{'SERVERS'} eq $Lang::tr{'remove'}) { | |
218 | my %dns_servers = (); | |
219 | ||
220 | # Read-in configfile. | |
221 | &General::readhasharray($servers_file, \%dns_servers); | |
222 | ||
223 | # Drop entry from the hash. | |
224 | delete($dns_servers{$cgiparams{'ID'}}); | |
225 | ||
226 | # Undef the given ID. | |
227 | undef($cgiparams{'ID'}); | |
228 | ||
229 | # Write the changed hash to the config file. | |
230 | &General::writehasharray($servers_file, \%dns_servers); | |
e0639d80 JPT |
231 | } |
232 | ||
24d7c5ef SS |
233 | # Hash to store the generic DNS settings. |
234 | my %settings = (); | |
235 | ||
236 | # Read-in general DNS settings. | |
237 | &General::readhash("$settings_file", \%settings); | |
238 | ||
239 | # Hash which contains the configured DNS servers. | |
240 | my %dns_servers = (); | |
241 | ||
242 | # Read-in config file. | |
243 | &General::readhasharray("$servers_file", \%dns_servers); | |
244 | ||
245 | &Header::openpage($Lang::tr{'dns'}, 1, ''); | |
246 | ||
247 | &Header::openbigbox('100%', 'left', '', $errormessage); | |
248 | ||
249 | ### | |
250 | # Error messages layout. | |
251 | # | |
252 | if ($errormessage) { | |
253 | &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); | |
254 | print "<class name='base'>$errormessage\n"; | |
255 | print " </class>\n"; | |
256 | &Header::closebox(); | |
e0639d80 JPT |
257 | } |
258 | ||
24d7c5ef SS |
259 | # Handle if a nameserver should be added or edited. |
260 | if (($cgiparams{'SERVERS'} eq "$Lang::tr{'add'}") || ($cgiparams{'SERVERS'} eq "$Lang::tr{'edit'}")) { | |
261 | # Display the sub page. | |
262 | &show_add_edit_nameserver(); | |
263 | ||
264 | # Close webpage. | |
265 | &Header::closebigbox(); | |
266 | &Header::closepage(); | |
267 | ||
268 | # Finished here for the moment. | |
269 | exit(0); | |
2e1432c4 JPT |
270 | } |
271 | ||
24d7c5ef SS |
272 | $cgiparams{'GENERAL'} = ''; |
273 | $cgiparams{'SERVERS'} = ''; | |
274 | $cgiparams{'NAMESERVER'} = ''; | |
275 | $cgiparams{'TLS_HOSTNAME'} = ''; | |
276 | $cgiparams{'REMARK'} =''; | |
277 | ||
278 | $checked{'USE_ISP_NAMESERVERS'}{'off'} = ''; | |
279 | $checked{'USE_ISP_NAMESERVERS'}{'on'} = ''; | |
280 | $checked{'USE_ISP_NAMESERVERS'}{$settings{'USE_ISP_NAMESERVERS'}} = "checked='checked'"; | |
281 | ||
282 | $checked{'ENABLE_SAFE_SEARCH'}{'off'} = ''; | |
283 | $checked{'ENABLE_SAFE_SEARCH'}{'on'} = ''; | |
284 | $checked{'ENABLE_SAFE_SEARCH'}{$settings{'ENABLE_SAFE_SEARCH'}} = "checked='checked'"; | |
285 | ||
286 | $selected{'PROTO'}{'UDP'} = ''; | |
287 | $selected{'PROTO'}{'TLS'} = ''; | |
288 | $selected{'PROTO'}{'TCP'} = ''; | |
289 | $selected{'PROTO'}{$settings{'PROTO'}} = "selected='selected'"; | |
290 | ||
291 | $selected{'QNAME_MIN'}{'standard'} = ''; | |
292 | $selected{'QNAME_MIN'}{'strict'} = ''; | |
293 | $selected{'QNAME_MIN'}{$settings{'QNAME_MIN'}} = "selected='selected'"; | |
294 | ||
295 | # Display nameserver and configuration sections. | |
296 | &show_nameservers(); | |
297 | &show_general_dns_configuration(); | |
298 | ||
299 | &Header::closebigbox(); | |
300 | &Header::closepage(); | |
301 | ||
302 | ### | |
303 | # General DNS-Servers sektion. | |
304 | # | |
305 | sub show_general_dns_configuration () { | |
306 | &Header::openbox('100%', 'center', "$Lang::tr{'dns configuration'}"); | |
307 | ||
308 | print <<END; | |
309 | <form method='post' action='$ENV{'SCRIPT_NAME'}'> | |
310 | <table width="100%"> | |
311 | <tr> | |
312 | <td width="33%"> | |
313 | $Lang::tr{'dns use isp assigned nameservers'} | |
314 | </td> | |
315 | ||
316 | <td> | |
317 | <input type="checkbox" name="USE_ISP_NAMESERVERS" $checked{'USE_ISP_NAMESERVERS'}{'on'}> | |
318 | </td> | |
319 | </tr> | |
320 | ||
321 | <tr> | |
322 | <td colspan="2"> | |
323 | <br> | |
324 | </td> | |
325 | </tr> | |
326 | ||
327 | <tr> | |
328 | <td width="33%"> | |
329 | $Lang::tr{'dns use protocol for dns queries'} | |
330 | </td> | |
331 | ||
332 | <td> | |
333 | <select name="PROTO"> | |
334 | <option value="UDP" $selected{'PROTO'}{'UDP'}>UDP</option> | |
335 | <option value="TLS" $selected{'PROTO'}{'TLS'}>TLS</option> | |
336 | <option value="TCP" $selected{'PROTO'}{'TCP'}>TCP</option> | |
337 | </select> | |
338 | </td> | |
339 | </tr> | |
340 | ||
341 | <tr> | |
342 | <td colspan="2"> | |
343 | <br> | |
344 | </td> | |
345 | </tr> | |
346 | ||
347 | <tr> | |
348 | <td width="33%"> | |
349 | $Lang::tr{'dns enable safe-search'} | |
350 | </td> | |
351 | ||
352 | <td> | |
353 | <input type="checkbox" name="ENABLE_SAFE_SEARCH" $checked{'ENABLE_SAFE_SEARCH'}{'on'}> | |
354 | </td> | |
355 | </tr> | |
356 | ||
357 | <tr> | |
358 | <td colspan="2"> | |
359 | <br> | |
360 | </td> | |
361 | </tr> | |
362 | ||
363 | <tr> | |
364 | <td width="33%"> | |
365 | $Lang::tr{'dns mode for qname minimisation'} | |
366 | </td> | |
367 | ||
368 | <td> | |
369 | <select name="QNAME_MIN"> | |
370 | <option value="standard" $selected{'QNAME_MIN'}{'standard'}>$Lang::tr{'standard'}</option> | |
371 | <option value="strict" $selected{'QNAME_MIN'}{'strict'}>$Lang::tr{'strict'}</option> | |
372 | </select> | |
373 | </td> | |
374 | </tr> | |
375 | ||
376 | <tr> | |
377 | <td colspan="2" align="right"> | |
378 | <input type="submit" name="GENERAL" value="$Lang::tr{'save'}"> | |
379 | </td> | |
380 | </tr> | |
381 | </table> | |
382 | </form> | |
383 | END | |
384 | ||
e0639d80 JPT |
385 | &Header::closebox(); |
386 | } | |
387 | ||
24d7c5ef SS |
388 | ### |
389 | # Section to display the configured and used DNS servers. | |
390 | # | |
391 | sub show_nameservers () { | |
392 | &Header::openbox('100%', 'center', "DNS-Servers"); | |
e0639d80 | 393 | |
24d7c5ef SS |
394 | print <<END; |
395 | <table class="tbl" width='100%'> | |
396 | <tr> | |
397 | <td align="center"> | |
398 | <strong>$Lang::tr{'nameserver'}</strong> | |
399 | </td> | |
400 | ||
401 | <td align="center"> | |
402 | <strong>$Lang::tr{'country'}</strong> | |
403 | </td> | |
404 | ||
405 | <td align="center"> | |
406 | <strong>$Lang::tr{'rdns'}</strong> | |
407 | </td> | |
408 | ||
409 | <td align="center"> | |
410 | <strong>$Lang::tr{'remark'}</strong> | |
411 | </td> | |
412 | ||
413 | <td align="center"> | |
414 | <strong>$Lang::tr{'status'}</strong> | |
415 | </td> | |
e0639d80 | 416 | |
24d7c5ef SS |
417 | <td align="center" colspan="3"> |
418 | <strong>$Lang::tr{'action'}</strong> | |
419 | </td> | |
420 | </tr> | |
830f6177 | 421 | END |
24d7c5ef SS |
422 | |
423 | # Check the usage of ISP assigned nameservers is enabled. | |
424 | if ($settings{'USE_ISP_NAMESERVERS'} eq "on") { | |
425 | my $id="1"; | |
426 | ||
427 | # Loop through the array which stores the files. | |
428 | foreach my $file (@ISP_nameserver_files) { | |
429 | # Grab the address of the nameserver. | |
430 | my $address = &grab_address_from_file($file); | |
431 | ||
432 | # Check if we got an address. | |
433 | if ($address) { | |
434 | # Add the address to the hash of nameservers. | |
435 | $dns_servers{$id} = [ "$address", "none", "enabled", "$Lang::tr{'dns isp assigned nameserver'}" ]; | |
436 | ||
437 | # Increase id by one. | |
438 | $id++; | |
439 | } | |
440 | } | |
441 | } | |
442 | ||
443 | # Check some DNS servers have been configured. In this case | |
444 | # the hash contains at least one key. | |
445 | my $server_amount; | |
446 | if (keys %dns_servers) { | |
447 | # Sort the keys by their ID and store them in an array. | |
448 | my @keys = sort { $a <=> $b } keys %dns_servers; | |
449 | ||
450 | # Loop through all entries of the array/hash. | |
451 | foreach my $id (@keys) { | |
452 | # Inrease server_amount. | |
453 | $server_amount++; | |
454 | ||
455 | # Assign data array positions to some nice variable names. | |
456 | my $nameserver = $dns_servers{$id}[0]; | |
457 | my $tls_hostname = $dns_servers{$id}[1]; | |
458 | my $enabled = $dns_servers{$id}[2]; | |
459 | my $remark = $dns_servers{$id}[3]; | |
460 | ||
461 | my $col = ''; | |
462 | my $toggle = ''; | |
463 | my $gif = ''; | |
464 | my $gdesc = ''; | |
465 | my $notice = ""; | |
466 | ||
467 | # Colorize columns. | |
468 | if ($server_amount % 2) { | |
469 | $col="bgcolor='$color{'color22'}'"; } | |
470 | else { | |
471 | $col="bgcolor='$color{'color20'}'"; | |
472 | } | |
473 | ||
474 | if ($enabled eq 'enabled') { | |
475 | $gif='on.gif'; $toggle='off'; $gdesc=$Lang::tr{'click to disable'}; | |
476 | } else { | |
477 | $gif='off.gif'; $toggle='on'; $gdesc=$Lang::tr{'click to enable'}; | |
478 | } | |
479 | ||
480 | my $status; | |
481 | my $status_short; | |
482 | my $status_message; | |
483 | my $status_colour; | |
484 | ||
485 | # Only grab the status if the nameserver is enabled. | |
486 | if ($enabled eq "enabled") { | |
487 | $status = &check_nameserver("$nameserver", "ping.ipfire.org", "$settings{'PROTO'}", "$tls_hostname"); | |
488 | } | |
489 | ||
490 | if (!$status) { | |
491 | $status_short = "$Lang::tr{'disabled'}"; | |
492 | ||
493 | # DNSSEC Not supported | |
494 | } elsif ($status eq 0) { | |
495 | $status_short = "$Lang::tr{'broken'}"; | |
496 | $status_message = $Lang::tr{'dnssec not supported'}; | |
497 | $status_colour = ${Header::colourred}; | |
498 | ||
499 | # DNSSEC Aware | |
500 | } elsif ($status eq 1) { | |
501 | $status_short = "$Lang::tr{'not validating'}"; | |
502 | $status_message = $Lang::tr{'dnssec aware'}; | |
503 | $status_colour = ${Header::colourblack}; | |
504 | ||
505 | # DNSSEC Validating | |
506 | } elsif ($status eq 2) { | |
507 | $status_short = "$Lang::tr{'ok'}"; | |
508 | $status_message = $Lang::tr{'dnssec validating'}; | |
509 | $status_colour = ${Header::colourgreen}; | |
510 | ||
511 | # Error | |
512 | } else { | |
513 | $status_short = "$Lang::tr{'error'}"; | |
514 | $status_message = $status; | |
515 | $status_colour = ${Header::colourred}; | |
516 | } | |
517 | ||
518 | # collect more information about name server (rDNS, GeoIP country code) | |
519 | my $ccode = &GeoIP::lookup($nameserver); | |
520 | my $flag_icon = &GeoIP::get_flag_icon($ccode); | |
521 | ||
522 | my $iaddr = inet_aton($nameserver); | |
523 | my $rdns = gethostbyaddr($iaddr, AF_INET); | |
524 | ||
525 | if (!$rdns) { $rdns = $Lang::tr{'lookup failed'}; } | |
526 | ||
527 | print <<END; | |
528 | <tr> | |
529 | <td align="center" $col> | |
530 | $nameserver | |
531 | </td> | |
532 | ||
533 | <td align="center" $col> | |
534 | <a href='country.cgi#$ccode'><img src="$flag_icon" border="0" alt="$ccode" title="$ccode" /></a> | |
535 | </td> | |
536 | ||
537 | <td align="center" $col> | |
538 | $rdns | |
539 | </td> | |
540 | ||
541 | <td align="center" $col> | |
542 | $remark | |
543 | </td> | |
544 | ||
545 | <td align="center" $col> | |
546 | <strong><font color="$status_colour"><abbr title="$status_message">$status_short</abbr></font></strong> | |
547 | </td> | |
830f6177 | 548 | END |
24d7c5ef SS |
549 | ; |
550 | # Check if the id is greater than "2". | |
551 | # | |
552 | # Nameservers with an ID's of one or two are ISP assigned, | |
553 | # and we cannot perform any actions on them, so hide the tools for | |
554 | # them. | |
555 | if ($id gt "2") { | |
556 | ||
557 | print <<END; | |
558 | <td align='center' width='5%' $col> | |
559 | <form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'> | |
560 | <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' title='$gdesc' alt='$gdesc' /> | |
561 | <input type='hidden' name='ID' value='$id' /> | |
562 | <input type='hidden' name='ENABLE' value='$toggle' /> | |
563 | <input type='hidden' name='SERVERS' value='$Lang::tr{'toggle enable disable'}' /> | |
564 | </form> | |
565 | </td> | |
566 | ||
567 | <td align='center' width='5%' $col> | |
568 | <form method='post' name='frmb$id' action='$ENV{'SCRIPT_NAME'}'> | |
569 | <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' title='$Lang::tr{'edit'}' alt='$Lang::tr{'edit'}' /> | |
570 | <input type='hidden' name='ID' value='$id' /> | |
571 | <input type='hidden' name='SERVERS' value='$Lang::tr{'edit'}' /> | |
572 | </form> | |
573 | </td> | |
574 | ||
575 | <td align='center' width='5%' $col> | |
576 | <form method='post' name='frmc$id' action='$ENV{'SCRIPT_NAME'}'> | |
577 | <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' title='$Lang::tr{'remove'}' alt='$Lang::tr{'remove'}' /> | |
578 | <input type='hidden' name='ID' value='$id' /> | |
579 | <input type='hidden' name='SERVERS' value='$Lang::tr{'remove'}' /> | |
580 | </form> | |
581 | </td> | |
830f6177 | 582 | END |
24d7c5ef SS |
583 | ; |
584 | } else { | |
585 | print "<td colspan='3' $col> </td>\n"; | |
586 | } | |
587 | ||
588 | ||
589 | print"</tr>\n"; | |
590 | ||
591 | } | |
592 | ||
593 | print"</table>\n"; | |
594 | ||
595 | print"<table width='100%'>\n"; | |
596 | ||
597 | # Check if the usage of the ISP nameservers is enabled and there are more than 2 servers. | |
598 | if (($settings{'USE_ISP_NAMESERVERS'} eq "on") && ($server_amount gt "2")) { | |
599 | print <<END; | |
600 | <tr> | |
601 | <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td> | |
602 | <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td> | |
603 | <td class='base'>$Lang::tr{'click to disable'}</td> | |
604 | <td> <img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td> | |
605 | <td class='base'>$Lang::tr{'click to enable'}</td> | |
606 | <td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td> | |
607 | <td class='base'>$Lang::tr{'edit'}</td> | |
608 | <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td> | |
609 | <td class='base'>$Lang::tr{'remove'}</td> | |
610 | </tr> | |
830f6177 | 611 | END |
24d7c5ef SS |
612 | ; |
613 | } | |
614 | print <<END; | |
615 | <tr> | |
616 | <form method="post" action="$ENV{'SCRIPT_NAME'}"> | |
617 | <td colspan="9" align="right"><input type="submit" name="SERVERS" value="$Lang::tr{'add'}"></td> | |
618 | </form> | |
619 | </tr> | |
620 | </table> | |
830f6177 | 621 | END |
24d7c5ef SS |
622 | ; |
623 | ||
624 | } else { | |
625 | print <<END; | |
626 | <table width="100%"> | |
627 | <tr> | |
628 | <td colspan="6" align="center"> | |
629 | <br>$Lang::tr{'guardian no entries'}<br> | |
630 | </td> | |
631 | </tr> | |
632 | ||
633 | <tr> | |
634 | <form method="post" action="$ENV{'SCRIPT_NAME'}"> | |
635 | <td colspan="6" align="right"><input type="submit" name="SERVERS" value="$Lang::tr{'add'}"></td> | |
636 | </form> | |
637 | </tr> | |
638 | </table> | |
639 | ||
830f6177 | 640 | END |
24d7c5ef SS |
641 | ; |
642 | } | |
643 | ||
644 | &Header::closebox(); | |
830f6177 | 645 | } |
24d7c5ef SS |
646 | |
647 | ### | |
648 | # Section to display the add or edit subpage. | |
649 | # | |
650 | sub show_add_edit_nameserver() { | |
651 | print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n"; | |
652 | ||
653 | my $buttontext = $Lang::tr{'save'}; | |
654 | my $dnssec_checked; | |
655 | my $dot_checked; | |
656 | if ($cgiparams{'SERVERS'} eq $Lang::tr{'edit'}) { | |
657 | &Header::openbox('100%', 'left', $Lang::tr{'dnsforward edit an entry'}); | |
658 | ||
659 | # Update button text for upate the existing entry. | |
660 | $buttontext = $Lang::tr{'update'}; | |
661 | ||
662 | # Add hidden input for sending ID. | |
663 | print"<input type='hidden' name='ID' value='$cgiparams{'ID'}'>\n"; | |
664 | ||
665 | # Check if an ID has been given. | |
666 | if ($cgiparams{'ID'}) { | |
667 | # Assign cgiparams values. | |
668 | $cgiparams{'NAMESERVER'} = $dns_servers{$cgiparams{'ID'}}[0]; | |
669 | $cgiparams{'TLS_HOSTNAME'} = $dns_servers{$cgiparams{'ID'}}[1]; | |
670 | $cgiparams{'REMARK'} = $dns_servers{$cgiparams{'ID'}}[3]; | |
671 | } | |
672 | } else { | |
673 | &Header::openbox('100%', 'left', $Lang::tr{'dnsforward add a new entry'}); | |
674 | } | |
675 | ||
676 | # Add hidden input to store the mode. | |
677 | print "<input type='hidden' name='MODE' value='$cgiparams{'SERVERS'}'>\n"; | |
678 | ||
679 | print <<END | |
680 | <table width='100%'> | |
681 | <tr> | |
682 | <td width='20%' class='base'>$Lang::tr{'ip address'}: <img src='/blob.gif' alt='*' /></td> | |
683 | <td><input type='text' name='NAMESERVER' value='$cgiparams{"NAMESERVER"}' size='24' /></td> | |
684 | </tr> | |
830f6177 JPT |
685 | END |
686 | ; | |
24d7c5ef SS |
687 | # If the protocol is TLS, display the TLS hostname input. |
688 | if ($settings{'PROTO'} eq "TLS") { | |
830f6177 | 689 | print <<END |
24d7c5ef SS |
690 | <tr> |
691 | <td width='20%' class='base'>$Lang::tr{'dns tls hostname'}: <img src='/blob.gif' alt='*'></td> | |
692 | <td><input type='text' name='TLS_HOSTNAME' value='$cgiparams{'TLS_HOSTNAME'}' size='24'></td> | |
693 | </tr> | |
830f6177 | 694 | END |
24d7c5ef SS |
695 | ; |
696 | } | |
697 | ||
698 | print <<END | |
e0639d80 | 699 | |
24d7c5ef SS |
700 | <tr> |
701 | <td width ='20%' class='base'>$Lang::tr{'remark'}:</td> | |
702 | <td><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='40' maxlength='50' /></td> | |
703 | </tr> | |
704 | </table> | |
705 | ||
706 | <br> | |
707 | <hr> | |
708 | ||
709 | <table width='100%'> | |
710 | <tr> | |
711 | <td class='base' width='55%'><img src='/blob.gif' alt ='*' align='top' /> $Lang::tr{'required field'}</td> | |
712 | <td width='40%' align='right'> | |
713 | <input type="submit" name="SERVERS" value="$buttontext"> | |
714 | <input type="submit" name="SERVERS" value="$Lang::tr{'back'}"> | |
715 | </td> | |
716 | </tr> | |
717 | </table> | |
e0639d80 JPT |
718 | END |
719 | ; | |
720 | ||
24d7c5ef SS |
721 | &Header::closebox(); |
722 | print "</form>\n"; | |
e0639d80 | 723 | |
24d7c5ef SS |
724 | &Header::closebox(); |
725 | } | |
e0639d80 | 726 | |
24d7c5ef SS |
727 | # Tiny function to grab an IP-address of a given file. |
728 | sub grab_address_from_file($) { | |
729 | my ($file) = @_; | |
e0639d80 | 730 | |
24d7c5ef SS |
731 | my $address; |
732 | ||
733 | # Check if the given file exists. | |
734 | if(-f $file) { | |
735 | # Open the file for reading. | |
736 | open(FILE, $file) or die "Could not read from $file. $!\n"; | |
737 | ||
738 | # Read the address from the file. | |
739 | $address = <FILE>; | |
e0639d80 | 740 | |
24d7c5ef SS |
741 | # Close filehandle. |
742 | close(FILE); | |
743 | ||
744 | # Remove newlines. | |
745 | chomp($address); | |
746 | ||
747 | # Check if the obtained address is valid. | |
748 | if (&General::validip($address)) { | |
749 | # Return the address. | |
750 | return $address; | |
751 | } | |
752 | } | |
753 | ||
754 | # Return nothing. | |
755 | return; | |
756 | } | |
757 | ||
758 | # Function to check a given nameserver against propper work. | |
759 | sub check_nameserver($$$$) { | |
760 | my ($nameserver, $record, $proto, $tls_hostname) = @_; | |
761 | ||
762 | # Timout for the query in seconds. | |
763 | my $timeout; | |
764 | my $retry = "+retry=0"; | |
765 | ||
766 | # Default values. | |
767 | my @command = ("kdig", "$timeout", "$retry", "+dnssec"); | |
768 | ||
769 | # Handle different protols. | |
770 | if ($proto eq "TCP") { | |
771 | # Add TCP switch to the command. | |
772 | push(@command, "+tcp"); | |
773 | ||
774 | } elsif($proto eq "TLS") { | |
775 | # Add TLS switch to the command and provide the | |
776 | # path to our file which contains the ca certs. | |
777 | push(@command, "+tls-ca=$ca_certs_file"); | |
778 | ||
779 | # Check if a TLS hostname has been provided. | |
780 | if ($tls_hostname) { | |
781 | # Add TLS hostname to the command. | |
782 | push(@command, "+tls-hostname=$tls_hostname"); | |
783 | } else { | |
784 | return "$Lang::tr{'dns no tls hostname given'}"; | |
785 | } | |
786 | } | |
787 | ||
788 | # Add record to the command array. | |
789 | push(@command, "$record"); | |
790 | ||
791 | # Add nameserver to the command array. | |
792 | push(@command, "\@$nameserver"); | |
793 | ||
794 | # Connect to STDOUT and STDERR. | |
795 | push(@command, "2>&1"); | |
796 | ||
797 | my @output = qx(@command); | |
798 | my $output = join("", @output); | |
799 | ||
800 | my $status = 0; | |
801 | if ($output =~ m/WARNING: (.*)/) { | |
802 | return $1; | |
803 | ||
804 | } | |
805 | ||
806 | if ($output =~ m/status: (\w+)/) { | |
807 | $status = ($1 eq "NOERROR"); | |
808 | ||
809 | if (!$status) { | |
810 | return -1; | |
811 | } | |
812 | } | |
813 | ||
814 | my @flags = (); | |
815 | if ($output =~ m/Flags: (.*);/) { | |
816 | @flags = split(/ /, $1); | |
817 | } | |
818 | ||
819 | my $aware = ($output =~ m/RRSIG/); | |
820 | my $validating = ("ad;" ~~ @flags); | |
821 | ||
822 | return $aware + $validating; | |
823 | } |