3 * @author Jan Altensen (Stricted)
4 * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
5 * @copyright 2014-2016 Jan Altensen (Stricted)
7 $data = file_get_contents("https://dns-control.eu/API/?key=xxx");
8 $data = json_decode($data, true);
9 if (is_array($data) && !isset($data['error'])) {
10 shell_exec("rm -rf /srv/bind/*");
12 foreach ($data as $zone) {
13 $out = $zone['soa']['origin']."\t".$zone['soa']['minimum']."\tIN\tSOA\t".$zone['soa']['ns']." ".$zone['soa']['mbox']." (\n";
14 $out .= "\t\t\t\t".$zone['soa']['serial']."\t; Serial\n";
15 $out .= "\t\t\t\t".$zone['soa']['refresh']."\t\t; Refresh\n";
16 $out .= "\t\t\t\t".$zone['soa']['retry']."\t\t; Retry\n";
17 $out .= "\t\t\t\t".$zone['soa']['expire']."\t\t; Expire\n";
18 $out .= "\t\t\t\t180 )\t\t; Negative Cache TTL\n";
24 foreach ($zone['rr'] as $record) {
25 if ($record['type'] == "DNSKEY") {
26 if ($record['aux'] == 256) {
29 else if ($record['aux'] == 257) {
33 $out .= $record['name']."\t".$record['ttl']."\tIN\t".$record['type']."\t".$record['aux']."\t".$record['data']."\n";
35 else if ($record['type'] == "MX" ||
$record['type'] == "SRV" ||
$record['type'] == "TLSA" ||
$record['type'] == "DS") {
36 $out .= $record['name']."\t".$record['ttl']."\tIN\t".$record['type']."\t".$record['aux']."\t".$record['data']."\n";
38 else if ($record['type'] == "TXT") {
39 $txt = $record['data'];
41 if (strpos($txt, " ") !== false && strpos($txt, '" "') !== false && $txt != '" "') {
42 if (substr($txt, 0, 1) != '(' && substr($txt, -1) != ')') {
43 if (substr($txt, 0, 1) != '"' && substr($txt, -1) != '"') {
44 $record['data'] = '("'.$txt.'")';
47 $record['data'] = '('.$txt.')';
51 else if (substr($txt, 0, 1) != '"' && substr($txt, -1) != '"') {
52 $record['data'] = '"'.$txt.'"';
55 if (strpos($record['data'], "v=spf1") !== false) {
56 $out .= $record['name']."\t".$record['ttl']."\tIN\tSPF\t" . $record['data']."\n";
59 $out .= $record['name']."\t".$record['ttl']."\tIN\t".$record['type']."\t" . $record['data']."\n";
62 $out .= $record['name']."\t".$record['ttl']."\tIN\t".$record['type']."\t\t" . $record['data']."\n";
68 foreach ($zone['sec'] as $sec) {
69 $dir = "/srv/bind/dnssec/".$zone['soa']['origin']."/";
70 if (!file_exists($dir)) {
71 shell_exec("mkdir -p ".$dir);
74 if ($sec['type'] == "ZSK" ||
$sec['type'] == "KSK") {
75 if (!empty($sec['public']) && !empty($sec['private'])) {
76 preg_match("/; This is a (key|zone)-signing key, keyid ([0-9]+), for ".$zone['soa']['origin']."/i", $sec['public'], $match);
77 $filename1 = getFileName ($zone['soa']['origin'], $sec['algo'], $match[2], "pub");
78 $filename2 = getFileName ($zone['soa']['origin'], $sec['algo'], $match[2], "priv");
80 if (file_exists($dir.$filename1)) {
81 unlink($dir.$filename1);
84 if (file_exists($dir.$filename2)) {
85 unlink($dir.$filename2);
88 $handler = fOpen($dir.$filename1, "a+");
89 fWrite($handler, $sec['public']);
92 $handler = fOpen($dir.$filename2, "a+");
93 fWrite($handler, $sec['private']);
96 if (file_exists($dir.$filename1) && file_exists($dir.$filename2)) {
97 /* fallback for missing DNSKEY record */
98 if ($zsk === false ||
$ksk === false) {
99 preg_match("/".$zone['soa']['origin']." IN DNSKEY ([0-9]+) ([0-9]+) ([0-9]+) ([\s\S]+)/i", $sec['public'], $match);
100 $out .= $zone['soa']['origin']."\t60\tIN\tDNSKEY\t".$match[1]."\t".$match[2]." ".$match[3]." ".$match[4]."\n";
101 if ($sec['type'] == "ZSK") {
104 else if ($sec['type'] == "KSK") {
109 if ($sec['type'] == "ZSK") {
112 else if ($sec['type'] == "KSK") {
121 if ($zsk === true && $ksk === true && $zskkey === true && $kskkey === true) {
125 $handler = fOpen("/srv/bind/".$zone['soa']['origin']."db", "a+");
126 fWrite($handler, $out);
130 if ($sign === true) {
131 shell_exec("cd /srv/bind/ && /usr/sbin/dnssec-signzone -r /dev/urandom -A -N INCREMENT -K /srv/bind/dnssec/".$zone['soa']['origin']."/ -o ".$zone['soa']['origin']." -t ".$zone['soa']['origin']."db");
132 if (file_exists("/srv/bind/".$zone['soa']['origin']."db.signed")) {
137 $cout = "zone \"" . $zone['soa']['origin'] . "\" {\n";
138 $cout .= "\ttype master;\n";
139 $cout .= "\tnotify no;\n";
140 $cout .= "\tfile \"/srv/bind/".$zone['soa']['origin']."db".($signed === true ?
".signed" : "")."\";\n";
143 $handler = fOpen("/srv/bind/domains.cfg", "a+");
144 fWrite($handler, $cout);
148 shell_exec("/etc/init.d/bind9 reload");
151 function getFileName ($zone, $algo, $id, $type) {
156 else if ($len == "2") {
159 else if ($len == "3") {
162 else if ($len == "4") {
165 if ($type == "pub") {
168 else if ($type == "priv") {
175 else if ($algo == "10") {
179 return "K".$zone."+".$algo."+".$id.".".$type;