From 6a2c67f160dc552ad2ea14aaaf7fee0f751c09b8 Mon Sep 17 00:00:00 2001 From: Stricted Date: Sun, 22 Feb 2015 21:12:41 +0100 Subject: [PATCH] show ds records on dnssec key list page --- lib/page/SecListPage.class.php | 15 ++++++++++++++- lib/util/DNSSECUtil.class.php | 10 +++++----- templates/default/secList.tpl | 6 ++++++ 3 files changed, 25 insertions(+), 6 deletions(-) diff --git a/lib/page/SecListPage.class.php b/lib/page/SecListPage.class.php index 62b7189..6a205be 100644 --- a/lib/page/SecListPage.class.php +++ b/lib/page/SecListPage.class.php @@ -2,6 +2,7 @@ namespace dns\page; use dns\system\DNS; use dns\system\User; +use dns\util\DNSSECUtil; /** * @author Jan Altensen (Stricted) @@ -26,13 +27,25 @@ class SecListPage extends AbstractPage { $soa = DNS::getDB()->fetch_array($res); $records = array(); + $ds = array(); $sql = "SELECT * FROM dns_sec WHERE zone = ?"; $res = DNS::getDB()->query($sql, array($_GET['id'])); while ($row = DNS::getDB()->fetch_array($res)) { + if ($row['type'] == 'KSK') { + preg_match("/".$soa['origin']." IN DNSKEY 257 3 ([0-9]+) ([\s\S]+)/i", $row['public'], $match); + preg_match("/; This is a key-signing key, keyid ([0-9]+), for ".$soa['origin']."/i", $row['public'], $match2); + if (!empty($match) && !empty($match2)) { + if ($match[1] == $row['algo']) { + $ds = DNSSECUtil::calculateDS($soa['origin'], $match[1], $match[2]); + $ds['algo'] = $match[1]; + $ds['keyid'] = $match2[1]; + } + } + } $records[] = $row; } - DNS::getTPL()->assign(array("records" => $records, "soa" => $soa)); + DNS::getTPL()->assign(array("records" => $records, "soa" => $soa, 'ds' => $ds)); } } diff --git a/lib/util/DNSSECUtil.class.php b/lib/util/DNSSECUtil.class.php index 62b84c6..d17f1a4 100644 --- a/lib/util/DNSSECUtil.class.php +++ b/lib/util/DNSSECUtil.class.php @@ -17,13 +17,13 @@ class DNSSECUtil { $string = hex2bin($owner.$flags.$protocol.$algorithm.$publicKey); - $sha1 = sha1($string); - $sha256 = hash('sha256', $string); + $sha1 = strtoupper(sha1($string)); + $sha256 = strtoupper(hash('sha256', $string)); return array('sha1' => $sha1, 'sha256' => $sha256); } - public static convertOwner ($owner) { + public static function convertOwner ($owner) { $return = ''; $data = explode(".", $owner); @@ -54,7 +54,7 @@ class DNSSECUtil { $pattern .= "; Created: (?P[0-9]+) \(([a-z0-9: ]+)\)\n"; $pattern .= "; Publish: (?P[0-9]+) \(([a-z0-9: ]+)\)\n"; $pattern .= "; Activate: (?P[0-9]+) \(([a-z0-9: ]+)\)\n"; - $pattern .= "([\s\S]+). IN DNSKEY 25(6|7) 3 (?P[0-9]+) (?P[\s\S]+)"; + $pattern .= "([\s\S]+). IN DNSKEY 25(6|7) 3 (?P[0-9]+) (?P[\s\S]+)(\n)?"; preg_match('/'.$pattern.'/i', $content, $matches); if (!empty($matches)) { if (!in_array($matches['algorithm'], array(1, 2, 3, 5, 6, 7, 8, 10, 12, 13, 14))) { @@ -87,7 +87,7 @@ class DNSSECUtil { $pattern .= "Coefficient: (?P[\s\S]+)\n"; $pattern .= "Created: (?P[0-9]+)\n"; $pattern .= "Publish: (?P[0-9]+)\n"; - $pattern .= "Activate: (?P[0-9]+)"; + $pattern .= "Activate: (?P[0-9]+)(\n)?"; preg_match('/'.$pattern.'/i', $content, $matches); if (!empty($matches)) { diff --git a/templates/default/secList.tpl b/templates/default/secList.tpl index 90d5ead..4bf967d 100644 --- a/templates/default/secList.tpl +++ b/templates/default/secList.tpl @@ -5,6 +5,12 @@
  • {$soa['origin']}
    • +{if !empty($ds)} +
    + {$soa['origin']} IN DS {$ds['keyid']} {$ds['algo']} 1 {$ds['sha1']}
    + {$soa['origin']} IN DS {$ds['keyid']} {$ds['algo']} 2 {$ds['sha256']} +
    +{/if} {hascontent}
    -- 2.20.1