Project

General

Profile

Feature #6621 ยป ddns_algortithm-choice.patch

Joeri Capens, 12/03/2017 03:48 PM

View differences:

src/etc/inc/services.inc
1169 1169
			if ($need_ddns_updates) {
1170 1170
				$newzone['dns-servers'] = array($dhcpifconf['ddnsdomainprimary']);
1171 1171
				$newzone['ddnsdomainkeyname'] = $dhcpifconf['ddnsdomainkeyname'];
1172
				$newzone['ddnsdomainkeyalgorithm'] = $dhcpifconf['ddnsdomainkeyalgorithm'];
1172 1173
				$newzone['ddnsdomainkey'] = $dhcpifconf['ddnsdomainkey'];
1173 1174
				$dhcpdconf .= dhcpdkey($dhcpifconf);
1174 1175
			}
......
1215 1216

  
1216 1217
function dhcpdkey($dhcpifconf) {
1217 1218
	$dhcpdconf = "";
1218
	if ($dhcpifconf['ddnsdomainkeyname'] <> "" && $dhcpifconf['ddnsdomainkey'] <> "") {
1219
	if ($dhcpifconf['ddnsdomainkeyname'] <> "" && $dhcpifconf['ddnsdomainkeyalgorithm'] <> "" && $dhcpifconf['ddnsdomainkey'] <> "") {
1219 1220
		$dhcpdconf .= "key {$dhcpifconf['ddnsdomainkeyname']} {\n";
1220
		$dhcpdconf .= "	algorithm hmac-md5;\n";
1221
		$dhcpdconf .= "	algorithm {$dhcpifconf['ddnsdomainkeyalgorithm']};\n";
1221 1222
		$dhcpdconf .= "	secret {$dhcpifconf['ddnsdomainkey']};\n";
1222 1223
		$dhcpdconf .= "}\n";
1223 1224
	}
src/usr/local/www/services_dhcp.php
183 183
	$pconfig['ddnsdomain'] = $dhcpdconf['ddnsdomain'];
184 184
	$pconfig['ddnsdomainprimary'] = $dhcpdconf['ddnsdomainprimary'];
185 185
	$pconfig['ddnsdomainkeyname'] = $dhcpdconf['ddnsdomainkeyname'];
186
	$pconfig['ddnsdomainkeyalgorithm'] = $dhcpdconf['ddnsdomainkeyalgorithm'];
186 187
	$pconfig['ddnsdomainkey'] = $dhcpdconf['ddnsdomainkey'];
187 188
	$pconfig['ddnsupdate'] = isset($dhcpdconf['ddnsupdate']);
188 189
	$pconfig['ddnsforcehostname'] = isset($dhcpdconf['ddnsforcehostname']);
......
313 314
	if ($_POST['maxtime'] && (!is_numeric($_POST['maxtime']) || ($_POST['maxtime'] < 60) || ($_POST['maxtime'] <= $_POST['deftime']))) {
314 315
		$input_errors[] = gettext("The maximum lease time must be at least 60 seconds and higher than the default lease time.");
315 316
	}
316
	if (($_POST['ddnsdomain'] && !is_domain($_POST['ddnsdomain']))) {
317
	if ($_POST['ddnsupdate'] && !is_domain($_POST['ddnsdomain'])) {
317 318
		$input_errors[] = gettext("A valid domain name must be specified for the dynamic DNS registration.");
318 319
	}
319
	if (($_POST['ddnsdomain'] && !is_ipaddrv4($_POST['ddnsdomainprimary']))) {
320
	if ($_POST['ddnsupdate'] && !is_ipaddrv4($_POST['ddnsdomainprimary'])) {
320 321
		$input_errors[] = gettext("A valid primary domain name server IP address must be specified for the dynamic domain name.");
321 322
	}
322
	if (($_POST['ddnsdomainkey'] && !$_POST['ddnsdomainkeyname']) ||
323
		($_POST['ddnsdomainkeyname'] && !$_POST['ddnsdomainkey'])) {
324
		$input_errors[] = gettext("Both a valid domain key and key name must be specified.");
323
	if ($_POST['ddnsupdate'] && (!$_POST['ddnsdomainkeyname'] || !$_POST['ddnsdomainkeyalgorithm'] || !$_POST['ddnsdomainkey'])) {
324
		$input_errors[] = gettext("A valid domain key name, algorithm and secret must be specified.");
325 325
	}
326 326
	if ($_POST['domainsearchlist']) {
327 327
		$domain_array = preg_split("/[ ;]+/", $_POST['domainsearchlist']);
......
579 579
		$dhcpdconf['ddnsdomain'] = $_POST['ddnsdomain'];
580 580
		$dhcpdconf['ddnsdomainprimary'] = $_POST['ddnsdomainprimary'];
581 581
		$dhcpdconf['ddnsdomainkeyname'] = $_POST['ddnsdomainkeyname'];
582
		$dhcpdconf['ddnsdomainkeyalgorithm'] = $_POST['ddnsdomainkeyalgorithm'];
582 583
		$dhcpdconf['ddnsdomainkey'] = $_POST['ddnsdomainkey'];
583 584
		$dhcpdconf['ddnsupdate'] = ($_POST['ddnsupdate']) ? true : false;
584 585
		$dhcpdconf['ddnsforcehostname'] = ($_POST['ddnsforcehostname']) ? true : false;
......
1124 1125
	$pconfig['ddnsdomainkeyname']
1125 1126
))->setHelp('Dynamic DNS domain key name which will be used to register client names in the DNS server.');
1126 1127

  
1128
$section->addInput(new Form_Select(
1129
	'ddnsdomainkeyalgorithm',
1130
	'Key algorithm',
1131
	$pconfig['ddnsdomainkeyalgorithm'],
1132
	array(
1133
		'hmac-md5' => 'HMAC-MD5 (legacy default)',
1134
		'hmac-sha1' => 'HMAC-SHA1',
1135
		'hmac-sha224' => 'HMAC-SHA224',
1136
		'hmac-sha256' => 'HMAC-SHA256 (current bind9 default)',
1137
		'hmac-sha384' => 'HMAC-SHA384',
1138
		'hmac-sha512' => 'HMAC-SHA512 (most secure)',
1139
	)
1140
));
1141

  
1127 1142
$section->addInput(new Form_Input(
1128 1143
	'ddnsdomainkey',
1129 1144
	'DNS Domain key secret',
......
1522 1537
		if (ispageload) {
1523 1538
<?php
1524 1539
			if (!$pconfig['ddnsupdate'] && !$pconfig['ddnsforcehostname'] && empty($pconfig['ddnsdomain']) && empty($pconfig['ddnsdomainprimary']) &&
1525
			    empty($pconfig['ddnsdomainkeyname']) && empty($pconfig['ddnsdomainkey'])) {
1540
			    empty($pconfig['ddnsdomainkeyname']) && empty($pconfig['ddnsdomainkeyalgorithm']) && empty($pconfig['ddnsdomainkey'])) {
1526 1541
				$showadv = false;
1527 1542
			} else {
1528 1543
				$showadv = true;
......
1539 1554
		hideCheckbox('ddnsforcehostname', !showadvdns);
1540 1555
		hideInput('ddnsdomainprimary', !showadvdns);
1541 1556
		hideInput('ddnsdomainkeyname', !showadvdns);
1557
		hideInput('ddnsdomainkeyalgorithm', !showadvdns);
1542 1558
		hideInput('ddnsdomainkey', !showadvdns);
1543 1559

  
1544 1560
		if (showadvdns) {
src/usr/local/www/services_dhcpv6.php
154 154
	$pconfig['ddnsdomain'] = $config['dhcpdv6'][$if]['ddnsdomain'];
155 155
	$pconfig['ddnsdomainprimary'] = $config['dhcpdv6'][$if]['ddnsdomainprimary'];
156 156
	$pconfig['ddnsdomainkeyname'] = $config['dhcpdv6'][$if]['ddnsdomainkeyname'];
157
	$pconfig['ddnsdomainkeyalgorithm'] = $config['dhcpdv6'][$if]['ddnsdomainkeyalgorithm'];
157 158
	$pconfig['ddnsdomainkey'] = $config['dhcpdv6'][$if]['ddnsdomainkey'];
158 159
	$pconfig['ddnsupdate'] = isset($config['dhcpdv6'][$if]['ddnsupdate']);
159 160
	$pconfig['ddnsforcehostname'] = isset($config['dhcpdv6'][$if]['ddnsforcehostname']);
......
316 317
	if ($_POST['maxtime'] && (!is_numeric($_POST['maxtime']) || ($_POST['maxtime'] < 60) || ($_POST['maxtime'] <= $_POST['deftime']))) {
317 318
		$input_errors[] = gettext("The maximum lease time must be at least 60 seconds and higher than the default lease time.");
318 319
	}
319
	if (($_POST['ddnsdomain'] && !is_domain($_POST['ddnsdomain']))) {
320
	if ($_POST['ddnsupdate'] && !is_domain($_POST['ddnsdomain'])) {
320 321
		$input_errors[] = gettext("A valid domain name must be specified for the dynamic DNS registration.");
321 322
	}
322
	if (($_POST['ddnsdomain'] && !is_ipaddrv4($_POST['ddnsdomainprimary']))) {
323
	if ($_POST['ddnsupdate'] && !is_ipaddrv4($_POST['ddnsdomainprimary'])) {
323 324
		$input_errors[] = gettext("A valid primary domain name server IPv4 address must be specified for the dynamic domain name.");
324 325
	}
325
	if (($_POST['ddnsdomainkey'] && !$_POST['ddnsdomainkeyname']) ||
326
		($_POST['ddnsdomainkeyname'] && !$_POST['ddnsdomainkey'])) {
327
		$input_errors[] = gettext("Both a valid domain key and key name must be specified.");
326
	if ($_POST['ddnsupdate'] && (!$_POST['ddnsdomainkeyname'] || !$_POST['ddnsdomainkeyalgorithm'] || !$_POST['ddnsdomainkey'])) {
327
		$input_errors[] = gettext("A valid domain key name, algorithm and secret must be specified.");
328 328
	}
329 329
	if ($_POST['domainsearchlist']) {
330
		$domain_array=preg_split("/[ ;]+/", $_POST['domainsearchlist']);
330
		$domain_array = preg_split("/[ ;]+/", $_POST['domainsearchlist']);
331 331
		foreach ($domain_array as $curdomain) {
332 332
			if (!is_domain($curdomain)) {
333 333
				$input_errors[] = gettext("A valid domain search list must be specified.");
......
453 453
		$config['dhcpdv6'][$if]['ddnsdomain'] = $_POST['ddnsdomain'];
454 454
		$config['dhcpdv6'][$if]['ddnsdomainprimary'] = $_POST['ddnsdomainprimary'];
455 455
		$config['dhcpdv6'][$if]['ddnsdomainkeyname'] = $_POST['ddnsdomainkeyname'];
456
		$config['dhcpdv6'][$if]['ddnsdomainkeyalgorithm'] = $_POST['ddnsdomainkeyalgorithm'];
456 457
		$config['dhcpdv6'][$if]['ddnsdomainkey'] = $_POST['ddnsdomainkey'];
457 458
		$config['dhcpdv6'][$if]['ddnsupdate'] = ($_POST['ddnsupdate']) ? true : false;
458 459
		$config['dhcpdv6'][$if]['ddnsforcehostname'] = ($_POST['ddnsforcehostname']) ? true : false;
......
809 810
	$pconfig['ddnsdomainkeyname']
810 811
))->setHelp('Enter the dynamic DNS domain key name which will be used to register client names in the DNS server.');
811 812

  
813
$section->addInput(new Form_Select(
814
	'ddnsdomainkeyalgorithm',
815
	'Key algorithm',
816
	$pconfig['ddnsdomainkeyalgorithm'],
817
	array(
818
		'hmac-md5' => 'HMAC-MD5 (legacy default)',
819
		'hmac-sha1' => 'HMAC-SHA1',
820
		'hmac-sha224' => 'HMAC-SHA224',
821
		'hmac-sha256' => 'HMAC-SHA256 (current bind9 default)',
822
		'hmac-sha384' => 'HMAC-SHA384',
823
		'hmac-sha512' => 'HMAC-SHA512 (most secure)',
824
	)
825
));
826

  
812 827
$section->addInput(new Form_Input(
813 828
	'ddnsdomainkey',
814 829
	'DDNS Domain Key secret',
......
1093 1108
			    empty($pconfig['ddnsdomain']) &&
1094 1109
			    empty($pconfig['ddnsdomainprimary']) &&
1095 1110
			    empty($pconfig['ddnsdomainkeyname']) &&
1111
			    empty($pconfig['ddnsdomainkeyalgorithm']) &&
1096 1112
			    empty($pconfig['ddnsdomainkey']) &&
1097 1113
			    (empty($pconfig['ddnsclientupdates']) || ($pconfig['ddnsclientupdates'] == "allow")) &&
1098 1114
			    !$pconfig['ddnsreverse']) {
......
1112 1128
		hideCheckbox('ddnsforcehostname', !showadvdns);
1113 1129
		hideInput('ddnsdomainprimary', !showadvdns);
1114 1130
		hideInput('ddnsdomainkeyname', !showadvdns);
1131
		hideInput('ddnsdomainkeyalgorithm', !showadvdns);
1115 1132
		hideInput('ddnsdomainkey', !showadvdns);
1116 1133
		hideInput('ddnsclientupdates', !showadvdns);
1117 1134
		hideCheckbox('ddnsreverse', !showadvdns);
    (1-1/1)