1

#!/usr/bin/env python

     2

     3

"""

     4

    Process bind zonefiles.

     5

"""

     6

     7

import codecs

     8

import optparse

     9

    10

import pvl.args

    11

import pvl.dns.zone

    12

from pvl.dns import __version__

    13

from pvl.dns.zone import ZoneRecord, reverse_ipv4, reverse_ipv6, fqdn

    14

    15

import logging; log = logging.getLogger('main')

    16

    17

    18

def parse_options (argv) :

    19

    """

    20

        Parse command-line arguments.

    21

    """

    22

    23

    prog = argv[0]

    24

    25

    parser = optparse.OptionParser(

    26

            prog        = prog,

    27

            usage       = '%prog: [options]',

    28

            version     = __version__,

    29

    30

            # module docstring

    31

            description = __doc__,

    32

    )

    33

    34

    # logging

    35

    parser.add_option_group(pvl.args.parser(parser))

    36

    37

    # input/output

    38

    parser.add_option('-c', '--input-charset',  metavar='CHARSET',  default='utf-8', 

    39

            help="Encoding used for input files")

    40

    41

    parser.add_option('-o', '--output',         metavar='FILE',     default='-',

    42

            help="Write to output file; default stdout")

    43

    44

    parser.add_option('--output-charset',       metavar='CHARSET',  default='utf-8', 

    45

            help="Encoding used for output files")

    46

    47

    # check stage

    48

    parser.add_option('--check-hosts',          action='store_true',

    49

            help="Check that host/IPs are unique. Use --quiet to silence warnings, and test exit status")

    50

    51

    parser.add_option('--check-exempt',         metavar='HOST', action='append',

    52

            help="Allow given names to have multiple records")

    53

    54

    # meta stage

    55

    parser.add_option('--meta-zone',            action='store_true',

    56

            help="Generate host metadata zone; requires --input-line-date")

    57

    58

    parser.add_option('--meta-ignore',          metavar='HOST', action='append',

    59

            help="Ignore given hostnames in metadata output")

    60

    61

    parser.add_option('--input-line-date',      action='store_true',

    62

            help="Parse timestamp prefix from each input line (e.g. `hg blame | ...`)")

    63

    64

    # forward stage

    65

    parser.add_option('--forward-zone',         action='store_true', 

    66

            help="Generate forward zone")

    67

    68

    parser.add_option('--forward-txt',          action='store_true',

    69

            help="Generate TXT records for forward zone")

    70

    71

    parser.add_option('--forward-mx',           metavar='MX',

    72

            help="Generate MX records for forward zone")

    73

    74

    # reverse stage

    75

    parser.add_option('--reverse-domain',       metavar='DOMAIN',

    76

            help="Domain to use for hosts in reverse zone")

    77

    78

    parser.add_option('--reverse-zone',         metavar='NET',

    79

            help="Generate forward zone for given subnet (x.z.y | a:b:c:d)")

    80

    85

    # defaults

    86

    parser.set_defaults(

    87

        # XXX: combine

    88

        check_exempt        = [],

    89

        meta_ignore         = [],

    90

    )

    91

    92

    # parse

    93

    options, args = parser.parse_args(argv[1:])

    94

    95

    # apply

    96

    pvl.args.apply(options, prog)

    97

    98

    return options, args

    99

   100

def check_zone_hosts (zone, whitelist=None, whitelist_types=set(['TXT'])) :

   101

    """

   102

        Parse host/IP pairs from the zone, and verify that they are unique.

   103

   104

        As an exception, names listed in the given whitelist may have multiple IPs.

   105

    """

   106

   107

    by_name = {}

   108

    by_ip = {}

   109

   110

    fail = None

   111

   112

    last_name = None

   113

   114

    for r in zone :

   115

        name = r.name or last_name

   116

   117

        name = (r.origin, name)

   118

   119

        # name

   120

        if r.type not in whitelist_types :

   121

            if name not in by_name :

   122

                by_name[name] = r

   123

   124

            elif r.name in whitelist :

   125

                log.debug("Duplicate whitelist entry: %s", r)

   126

   127

            else :

   128

                # fail!

   129

                log.warn("%s: Duplicate name: %s <-> %s", r.line, r, by_name[name])

   130

                fail = True

   131

   132

        # ip

   133

        if r.type == 'A' :

   134

            ip, = r.data

   135

   136

            if ip not in by_ip :

   137

                by_ip[ip] = r

   138

   139

            else :

   140

                # fail!

   141

                log.warn("%s: Duplicate IP: %s <-> %s", r.line, r, by_ip[ip])

   142

                fail = True

   143

   144

    return fail

   145

   160

def process_zone_forwards (zone, txt=False, mx=False) :

   161

    """

   162

        Process zone data -> forward zone data.

   163

    """

   164

   165

    for r in zone :

   166

        yield r

   167

   168

        if r.type == 'A' :

   169

            if txt :

   170

                # comment?

   171

                comment = r.line.comment

   172

   173

                if comment :

   174

                    yield ZoneRecord.TXT(None, comment, ttl=r.ttl)

   175

   176

   177

            # XXX: RP, do we need it?

   178

   179

            if mx :

   180

                # XXX: is this even a good idea?

   181

                yield ZoneRecord.MX(None, 10, mx, ttl=r.ttl)

   182

   183

def process_zone_meta (zone, ignore=None) :

   184

    """

   185

        Process zone metadata -> output.

   186

    """

   187

   188

    TIMESTAMP_FORMAT = '%Y/%m/%d'

   189

   190

    for r in zone :

   191

        if ignore and r.name in ignore :

   192

            # skip

   193

            log.debug("Ignore record: %s", r)

   194

            continue

   195

   196

        # for hosts..

   197

        if r.type == 'A' :

   198

            # timestamp?

   199

            timestamp = r.line.timestamp

   200

   201

            if timestamp :

   202

                yield ZoneRecord.TXT(r.name, timestamp.strftime(TIMESTAMP_FORMAT), ttl=r.ttl)

   203

   204

def process_zone_reverse (zone, origin, domain) :

   205

    """

   206

        Process zone data -> reverse zone data.

   207

    """

   208

   209

    name = None

   210

   211

    for r in zone :

   212

        # keep name from previous..

   213

        if r.name :

   214

            name = r.name

   215

   216

        if r.type == 'A' :

   217

            ip, = r.data

   218

            ptr = reverse_ipv4(ip)

   219

   220

        elif r.type == 'AAAA' :

   221

            ip, = r.data

   222

            ptr = reverse_ipv6(ip)

   223

   224

        else :

   225

            continue

   226

   227

        # verify

   228

        if zone and ptr.endswith(origin) :

   229

            ptr = ptr[:-(len(origin) + 1)]

   230

   231

        else :

   232

            log.warning("Reverse does not match zone origin, skipping: (%s) -> %s <-> %s", ip, ptr, origin)

   233

            continue

   234

   235

        # domain to use

   236

        host_domain = r.origin or domain

   237

        host_fqdn = fqdn(name, host_domain)

   238

   239

        yield ZoneRecord.PTR(ptr, host_fqdn)

   240

   241

def write_zone_records (file, zone) :

   242

    for r in zone :

   243

        file.write(unicode(r))

   244

        file.write('\n')

   245

   246

def open_file (path, mode, charset) :

   247

    """

   248

        Open unicode-enabled file from path, with - using stdio.

   249

    """

   250

   251

    if path == '-' :

   252

        # use stdin/out based on mode

   253

        stream, func = {

   254

            'r':    (sys.stdin, codecs.getreader),

   255

            'w':    (sys.stdout, codecs.getwriter),

   256

        }[mode[0]]

   257

   258

        # wrap

   259

        return func(charset)(stream)

   260

   261

    else :

   262

        # open

   263

        return codecs.open(path, mode, charset)

   264

   265

def main (argv) :

   266

    options, args = parse_options(argv)

   267

   268

    if args :

   269

        # open files

   270

        input_files = [open_file(path, 'r', options.input_charset) for path in args]

   271

   272

    else :

   273

        # default to stdout

   274

        input_files = [open_file('-', 'r', options.input_charset)]

   275

   276

    # process zone data

   277

    zone = []

   278

   279

    for file in input_files :

   280

        log.info("Reading zone: %s", file)

   281

   282

        zone += list(pvl.dns.zone.ZoneRecord.load(file, 

   283

            line_timestamp_prefix   = options.input_line_date,

   284

        ))

   285

   286

    # check?

   287

    if options.check_hosts :

   288

        whitelist = set(options.check_exempt)

   289

   290

        log.debug("checking hosts; whitelist=%r", whitelist)

   291

   292

        if check_zone_hosts(zone, whitelist=whitelist) :

   293

            log.warn("Hosts check failed")

   294

            return 2

   295

   296

        else :

   297

            log.info("Hosts check OK")

   298

   304

    # output file

   305

    output = open_file(options.output, 'w', options.output_charset)

   306

   307

    if options.forward_zone :

   308

        log.info("Write forward zone: %s", output)

   309

   310

        zone = list(process_zone_forwards(zone, txt=options.forward_txt, mx=options.forward_mx))

   311

   312

    elif options.meta_zone :

   313

        log.info("Write metadata zone: %s", output)

   314

   315

        if not options.input_line_date :

   316

            log.error("--meta-zone requires --input-line-date")

   317

            return 1

   318

   319

        zone = list(process_zone_meta(zone, ignore=set(options.meta_ignore)))

   320

   321

    elif options.reverse_zone :

   322

        if ':' in options.reverse_zone :

   323

            # IPv6

   324

            origin = reverse_ipv6(options.reverse_zone)

   325

   326

        else :

   327

            # IPv4

   328

            origin = reverse_ipv4(options.reverse_zone)

   329

   330

        domain = options.reverse_domain

   331

   332

        if not domain :

   333

            log.error("--reverse-zone requires --reverse-domain")

   334

            return 1

   335

   336

        zone = list(process_zone_reverse(zone, origin=origin, domain=domain))

   337

   338

    elif options.check_hosts :

   339

        # we only did that, done

   340

        return 0

   341

   342

    else :

   343

        # pass-through

   344

        log.info("Passing through zonefile")

   345

   346

    write_zone_records(output, zone)

   347

   348

    return 0

   349

   350

if __name__ == '__main__':

   351

    import sys

   352

    sys.exit(main(sys.argv))