Fix bugs and make tsig working

2012-08-07 21:48:19 +02:00 · 2012-08-07 21:48:19 +02:00 · 0bb09aad72
parent fa093f0dc3
commit 0bb09aad72
4 changed files with 27 additions and 12 deletions
--- a/ex/fksd/cmds/listuser
+++ b/ex/fksd/cmds/listuser
@ -0,0 +1,5 @@
+server 127.0.0.1 8053
+zone ZONE.
+update add USER. 60 IN TXT "LIST"
+key root c3R1cGlk
+send
--- a/ex/fksd/cmds/listzone-miekg
+++ b/ex/fksd/cmds/listzone-miekg
@ -1,5 +1,5 @@
 server 127.0.0.1 8053
 zone ZONE.
 update add ZONE. 60 IN TXT "LIST"
-key miekg c3R1cGlk
+key miekg bWlla2c=
 send
--- a/ex/fksd/config.go
+++ b/ex/fksd/config.go
@ -16,15 +16,14 @@ const (

 // fks config
 type Config struct {
+	Server *dns.Server	    // Server instance for this configuration
 	Zones  map[string]*dns.Zone // All zones we are authoritative for
-	Tsigs  map[string]string    // Tsig keys for all users
 	Rights map[string]int       // Rights for all users
 }

 func NewConfig() *Config {
 	c := new(Config)
 	c.Zones = make(map[string]*dns.Zone)
-	c.Tsigs = make(map[string]string)
 	c.Rights = make(map[string]int)
 	return c
 }
@ -72,8 +71,8 @@ func config(w dns.ResponseWriter, req *dns.Msg, c *Config) {
 		return
 	}

-	if w.TsigStatus() != nil {
-		logPrintf("non config command (tsig fail)")
+	if e := w.TsigStatus(); e != nil {
+		logPrintf("non config command (tsig fail): %s", e.Error())
 		formerr(w, req)
 		return
 	}
@ -179,17 +178,26 @@ func configUSER(w dns.ResponseWriter, req *dns.Msg, t *dns.RR_TXT, c *Config) er
 			return nil
 		}
 		logPrintf("config: ADD %s with %s\n", dns.Fqdn(sx[1]), sx[2])
-		c.Tsigs[sx[1]] = sx[2]
-		c.Rights[sx[1]] = R_NONE
+		c.Server.TsigSecret[dns.Fqdn(sx[1])] = sx[2]
+		c.Rights[dns.Fqdn(sx[1])] = R_NONE
+		noerr(w, req)
 	case "DROP":
 		if len(sx) != 2 {
 			return nil
 		}
 		logPrintf("config: DROP %s\n", dns.Fqdn(sx[1]))
-		delete(c.Tsigs, sx[1])
-		delete(c.Rights, sx[1])
+		delete(c.Server.TsigSecret, dns.Fqdn(sx[1]))
+		delete(c.Rights, dns.Fqdn(sx[1]))
+		noerr(w, req)
+	case "LIST":
+		for u, p := range c.Server.TsigSecret {
+			logPrintf("config: USER %s: %s\n", u, p)
+		}
+		fallthrough
 	case "ADDRIGHT":
+		fallthrough
 	case "DROPRIGHT":
+		noerr(w, req)
 	}
 	return nil
 }
--- a/ex/fksd/main.go
+++ b/ex/fksd/main.go
@ -16,9 +16,8 @@ var (

 func main() {
 	flag.Parse()
-	conf := NewConfig()
 	*superuser = strings.ToLower(*superuser)
-	conf.Tsigs[dns.Fqdn(*superuser)] = *superkey
+	conf := NewConfig()
 	conf.Rights[*superuser] = R_LIST | R_WRITE | R_DROP | R_USER // *all* of them

 	go func() {
@ -28,11 +27,14 @@ func main() {
 		}
 	}()
 	go func() {
-		err := dns.ListenAndServeTsig(":8053", "tcp", nil, conf.Tsigs)
+		conf.Server = &dns.Server{Addr: ":8053", Net: "tcp", TsigSecret: map[string]string{dns.Fqdn(*superuser): *superkey}}
+		err := conf.Server.ListenAndServe()
 		if err != nil {
 			log.Fatal("fksd: could not start config listener: %s", err.Error())
 		}
 	}()
+
+
 	// Yes, we HIJACK zone. ... not sure on how to make this "private"
 	dns.HandleFunc("ZONE.", func(w dns.ResponseWriter, req *dns.Msg) { config(w, req, conf) })
 	// Gasp!! And USER.