Skip to content

Commit ab5b4ee

Browse files
tbrehmtbrehm
committed
Delete DNSSEC key files when zone gets deleted.
1 parent 7d50e54 commit ab5b4ee

File tree

1 file changed

+27
-6
lines changed

1 file changed

+27
-6
lines changed

server/plugins-available/bind_plugin.inc.php

Lines changed: 27 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -227,7 +227,7 @@ function soa_dnssec_update(&$data, $new=false) {
227227
$this->soa_dnssec_sign($data);
228228
}
229229

230-
function soa_dnssec_delete(&$data) {
230+
function soa_dnssec_delete(&$data, $sql_update = true) {
231231
global $app, $conf;
232232

233233
//* Load libraries
@@ -236,17 +236,35 @@ function soa_dnssec_delete(&$data) {
236236
//* load the server configuration options
237237
$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
238238

239+
if(isset($data['new']['origin'])) {
239240
$domain = substr($data['new']['origin'], 0, strlen($data['new']['origin'])-1);
240-
241+
} elseif (isset($data['old']['origin'])) {
242+
$domain = substr($data['old']['origin'], 0, strlen($data['old']['origin'])-1);
243+
} else {
244+
//* We have not domain
245+
$app->log('DNSSEC Delete: Unable to find domain', LOGLEVEL_WARN);
246+
return;
247+
}
248+
249+
//* Delete key files
241250
$key_files = glob($dns_config['bind_keyfiles_dir'].'/K'.$domain.'.+*');
242251
foreach($key_files as $file) {
243252
unlink($file);
244253
}
245-
unlink($dns_config['bind_zonefiles_dir'].'/'.$dns_config['bind_zonefiles_masterprefix'].$domain.'.signed');
246-
unlink($dns_config['bind_keyfiles_dir'].'/dsset-'.$domain.'.');
247254

248-
if ($app->running_on_slaveserver()) $app->dbmaster->query('UPDATE dns_soa SET dnssec_info=\'\', dnssec_initialized=\'N\' WHERE id=?', intval($data['new']['id']));
249-
$app->db->query('UPDATE dns_soa SET dnssec_info=\'\', dnssec_initialized=\'N\' WHERE id=?', intval($data['new']['id']));
255+
//* Delete signed zone file
256+
$signed_zone_file = $dns_config['bind_zonefiles_dir'].'/'.$dns_config['bind_zonefiles_masterprefix'].$domain.'.signed';
257+
if(file_exists($signed_zone_file)) unlink($signed_zone_file);
258+
259+
//* Delete dsset file
260+
$dsset_file = $dns_config['bind_keyfiles_dir'].'/dsset-'.$domain.'.';
261+
if(file_exists($dsset_file)) unlink($dsset_file);
262+
263+
//* Update DNSSEC info in database
264+
if($sql_update) {
265+
if ($app->running_on_slaveserver()) $app->dbmaster->query('UPDATE dns_soa SET dnssec_info=\'\', dnssec_initialized=\'N\' WHERE id=?', intval($data['new']['id']));
266+
$app->db->query('UPDATE dns_soa SET dnssec_info=\'\', dnssec_initialized=\'N\' WHERE id=?', intval($data['new']['id']));
267+
}
250268
}
251269

252270
function soa_insert($event_name, $data) {
@@ -421,6 +439,9 @@ function soa_delete($event_name, $data) {
421439
//* rebuild the named.conf file
422440
$this->write_named_conf($data, $dns_config);
423441

442+
//* Delete DNSSEC files
443+
$this->soa_dnssec_delete($data,false);
444+
424445
//* Delete the domain file
425446
$zone_file_name = $dns_config['bind_zonefiles_dir'].'/' . $dns_config['bind_zonefiles_masterprefix'] . str_replace("/", "_", substr($data['old']['origin'], 0, -1));
426447
if(is_file($zone_file_name)) unlink($zone_file_name);

0 commit comments

Comments
 (0)