Secure PHP Development- P136 pdf
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (96.71 KB, 5 trang )
All the IP addresses and host names are inserted using various $GLOBALS set
from the makezone script and makezone.conf file.
You can create as many zone templates as you wish. To use them, just call
the desired zone template using the template=zone_template option.
Remember to place your zone template in the templates directory pointed to by the
ZONE_TEMPLATE_DIR constant in makezone.conf.
Make sure your template is a PHP script containing the getZone
Configuration()
function, which returns the full zone configuration.
The zone template produced configuration is stored in the ZONE_DIR directory
as a separate zone file.
There is one other kind of template that makezone uses for creating the config-
uration needed to add a new zone configuration to /etc/named.conf. This template
is shown in Listing 18-4.
Listing 18-4: named.master_zone.conf
<?php
function getNamedZoneConfig()
{
$output = <<<MASTER_ZONE_NAMED_CONF
//
// Master zone configuration for $GLOBALS[ZONE]
//
zone “$GLOBALS[ZONE]” IN {
type master;
file “$GLOBALS[ZONE_FILE]”;
allow-update { none; };
};
MASTER_ZONE_NAMED_CONF;
return $output;
}
?>
646 Part IV: Using PHP for Sysadmin Tasks
23 549669 ch18.qxd 4/4/03 9:27 AM Page 646
Like the zone template, this is also a PHP script. It has a function called
getNamedZoneConfig(), which is called by makezone. This function returns the
configuration that is appended to the /etc/named.conf file to hook up the new
zone to the DNS server. The following code shows sample output of this template:
//
// Master zone configuration for example.com
//
zone “example.com” IN {
type master;
file “example.com.zone”;
allow-update { none; };
};
This configuration is appended to /etc/named.conf. Notice that we only create a
master configuration for the new forward domain.
When makezone is run successfully to create a new zone, a zone file is created in
the location specified by ZONE_DIR, and the appropriate configuration is appended
to the file specified by NAMED_CONF to enable the DNS server to find the new zone
configuration.
Once makezone is successful, you can restart the BIND name server using the
following:
/etc/rc.d/init.d/named restart
This will load the new zone, and you can test your new zone data using the dig
command, which is discussed in the section, “ Testing makezone.”
Understanding makezone
The makezone utility is implemented in Listing 18-5. This script works as follows:
◆
It expects the command-line arguments and options defined in
$CMD_SHORT_OPTIONS and $CMD_LONG_OPTIONS.
◆
It retrieves the command-line arguments and options into $cmd
using the getCommandLineOptions() function, which is called with
Console_Getopt::getopt() output, which returns valid command-line
arguments and options or an error object.
◆
If no command-line argument is provided, the syntax() function is called
to display syntax.
◆
If the add option is specified, the addZone() function is called to create
the new zone.
Chapter 18: BIND Domain Manager 647
23 549669 ch18.qxd 4/4/03 9:27 AM Page 647
Listing 18-5: makezone
#!/usr/bin/php -q
<?php
require_once(‘makezone.conf’);
$CMD_SHORT_OPTIONS = ‘h’;
$CMD_LONG_OPTIONS = array(‘help’,
‘add=’,
‘name=’,
‘template=’,
‘enable’,
‘disable’,
‘test’
);
$cmd = getCommandLineOptions(
Console_Getopt::getopt($GLOBALS[‘argv’],
$CMD_SHORT_OPTIONS,
$CMD_LONG_OPTIONS)
);
if (empty($cmd)) syntax();
if ($cmd[add] == ‘zone’)
{
addZone($cmd[name], $cmd[template]);
}
exit;
function addZone($zone =null, $template = null)
{
// First check if zone is already created
$zoneFile = getFQPNZoneFile($zone);
if (zoneExists($zoneFile))
{
echo “Error: $zoneFile exists.\n”;
return FALSE;
648 Part IV: Using PHP for Sysadmin Tasks
23 549669 ch18.qxd 4/4/03 9:27 AM Page 648
}
$zoneTemplate = getFQPNZoneTemplate($template);
if (empty($zoneTemplate)) return FALSE;
echo “Adding $zone using $zoneTemplate \n”;
require_once($zoneTemplate);
$GLOBALS[ZONE] = $zone;
$config = getZoneConfiguration();
echo $config;
$status = writeZoneFile($zoneFile, $config);
$namedMasterZoneTemplate =
getFQPNNamedMasterZoneTemplate();
if ( ! file_exists($namedMasterZoneTemplate))
{
echo “Error: $namedMasterZoneTemplate is missing\n”;
return FALSE;
}
echo “Loading $namedMasterZoneTemplate ”;
require_once($namedMasterZoneTemplate);
echo “OK.\n”;
$GLOBALS[ZONE_FILE] = basename($zoneFile);
$baseZoneFile = basename($zoneFile);
if (! zoneInNamedConf($baseZoneFile))
{
$namedConf = getNamedZoneConfig();
$status = appendNamedConfFile($namedConf);
Continued
Chapter 18: BIND Domain Manager 649
23 549669 ch18.qxd 4/4/03 9:27 AM Page 649
Listing 18-5 (Continued)
echo $namedConf;
} else {
echo “Warning: $baseZoneFile “.
“already used in “ . NAMED_CONF . “\n”;
}
return TRUE;
}
function zoneInNamedConf($file = null)
{
$lines = file(NAMED_CONF);
if (count($lines) <1) return FALSE;
$search = ‘/’ . $file . ‘/’;
foreach ($lines as $named_conf)
{
if (preg_match($search, $named_conf)) return TRUE;
}
return FALSE;
}
function appendNamedConfFile($config = null)
{
$fp = fopen(NAMED_CONF, ‘a’);
if (! $fp)
{
echo “Error: could not open “ .
NAMED_CONF . “ for update.\n”;
return FALSE;
}
fputs($fp, $config);
fclose($fp);
return TRUE;
650 Part IV: Using PHP for Sysadmin Tasks
23 549669 ch18.qxd 4/4/03 9:27 AM Page 650
