From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <root@kvmformation1.odiso.net>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id C746860403
 for <pve-devel@lists.proxmox.com>; Thu, 24 Sep 2020 10:41:34 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 2039BE92A
 for <pve-devel@lists.proxmox.com>; Thu, 24 Sep 2020 10:41:21 +0200 (CEST)
Received: from kvmformation1.odiso.net (globalOdiso.M6Lille.odiso.net
 [89.248.211.242])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 979B7E7C0
 for <pve-devel@lists.proxmox.com>; Thu, 24 Sep 2020 10:41:01 +0200 (CEST)
Received: by kvmformation1.odiso.net (Postfix, from userid 0)
 id 4EC6ED6857; Thu, 24 Sep 2020 10:40:55 +0200 (CEST)
From: Alexandre Derumier <aderumier@odiso.com>
To: pve-devel@lists.proxmox.com
Date: Thu, 24 Sep 2020 10:40:50 +0200
Message-Id: <20200924084054.611548-22-aderumier@odiso.com>
X-Mailer: git-send-email 2.20.1
In-Reply-To: <20200924084054.611548-1-aderumier@odiso.com>
References: <20200924084054.611548-1-aderumier@odiso.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  1
 AWL -0.675 Adjusted score from AWL reputation of From: address
 HEADER_FROM_DIFFERENT_DOMAINS 0.249 From and EnvelopeFrom 2nd level mail
 domains are different
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery
 methods
 KHOP_HELO_FCRDNS        0.399 Relay HELO differs from its IP's reverse DNS
 NO_DNS_FOR_FROM         0.379 Envelope sender has no MX or A DNS records
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_NONE                0.001 SPF: sender does not publish an SPF Record
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [in-addr.arpa, subnetplugin.pm, subnets.pm, powerdnsplugin.pm]
Subject: [pve-devel] [PATCH v8 pve-network 21/25] dns: fix reverse dns
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Thu, 24 Sep 2020 08:41:35 -0000

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
 PVE/Network/SDN/Dns/PowerdnsPlugin.pm | 12 +++----
 PVE/Network/SDN/SubnetPlugin.pm       |  1 +
 PVE/Network/SDN/Subnets.pm            | 50 ++++++++++++++++++---------
 3 files changed, 40 insertions(+), 23 deletions(-)

diff --git a/PVE/Network/SDN/Dns/PowerdnsPlugin.pm b/PVE/Network/SDN/Dns/PowerdnsPlugin.pm
index 8c5dd90..f02c2f1 100644
--- a/PVE/Network/SDN/Dns/PowerdnsPlugin.pm
+++ b/PVE/Network/SDN/Dns/PowerdnsPlugin.pm
@@ -79,12 +79,12 @@ sub add_ptr_record {
     my $key = $plugin_config->{key};
     my $ttl = $plugin_config->{ttl} ? $plugin_config->{ttl} : 14400;
     my $headers = ['Content-Type' => 'application/json; charset=UTF-8', 'X-API-Key' => $key];
+    $hostname .= ".";
 
-    my $reverseip = join(".", reverse(split(/\./, $ip)))."in-addr.arpa.";
-    my $fqdn = $hostname.".".$zone.".";
+    my $reverseip = join(".", reverse(split(/\./, $ip))).".in-addr.arpa.";
     my $type = "PTR";
 
-    my $record = { content => $fqdn, 
+    my $record = { content => $hostname, 
                    disabled => JSON::false, 
 		   name => $reverseip, 
                    type => $type, 
@@ -109,13 +109,13 @@ sub add_ptr_record {
 }
 
 sub del_a_record {
-    my ($class, $plugin_config, $zone, $hostname) = @_;
+    my ($class, $plugin_config, $zone, $hostname, $ip) = @_;
 
     my $url = $plugin_config->{url};
     my $key = $plugin_config->{key};
     my $headers = ['Content-Type' => 'application/json; charset=UTF-8', 'X-API-Key' => $key];
     my $fqdn = $hostname.".".$zone.".";
-    my $type = "PTR";
+    my $type = Net::IP::ip_is_ipv6($ip) ? "AAAA" : "A";
 
     my $rrset = { name => $fqdn, 
 		  type => $type, 
@@ -140,7 +140,7 @@ sub del_ptr_record {
     my $key = $plugin_config->{key};
     my $headers = ['Content-Type' => 'application/json; charset=UTF-8', 'X-API-Key' => $key];
 
-    my $reverseip = join(".", reverse(split(/\./, $ip)))."in-addr.arpa.";
+    my $reverseip = join(".", reverse(split(/\./, $ip))).".in-addr.arpa.";
     my $type = "PTR";
 
     my $rrset = { name => $reverseip, 
diff --git a/PVE/Network/SDN/SubnetPlugin.pm b/PVE/Network/SDN/SubnetPlugin.pm
index 6237867..b236c3f 100644
--- a/PVE/Network/SDN/SubnetPlugin.pm
+++ b/PVE/Network/SDN/SubnetPlugin.pm
@@ -142,6 +142,7 @@ sub on_update_hook {
     raise_param_exc({ dnszone => "missing dns zone"}) if $dns && !$dnszone;
     raise_param_exc({ reversedns => "missing dns provider"}) if $reversednszone && !$reversedns;
     raise_param_exc({ reversednszone => "missing dns zone"}) if $reversedns && !$reversednszone;
+    raise_param_exc({ reversedns => "missing forward dns zone"}) if $reversednszone && !$dnszone;
 
     if ($ipam) {
 	my $ipam_cfg = PVE::Network::SDN::Ipams::config();
diff --git a/PVE/Network/SDN/Subnets.pm b/PVE/Network/SDN/Subnets.pm
index d20af9e..626b71d 100644
--- a/PVE/Network/SDN/Subnets.pm
+++ b/PVE/Network/SDN/Subnets.pm
@@ -87,24 +87,33 @@ my $verify_dns_zone = sub {
 };
 
 my $add_dns_record = sub {
-    my ($zone, $dns, $hostname, $dnszoneprefix, $ip, $reverse) = @_;
-
-   return if !$zone || !$dns || !$hostname || !$ip;
+    my ($zone, $dns, $hostname, $dnszoneprefix, $ip) = @_;
+    return if !$zone || !$dns || !$hostname || !$ip;
 
     $hostname .= ".$dnszoneprefix" if $dnszoneprefix;
 
     my $dns_cfg = PVE::Network::SDN::Dns::config();
     my $plugin_config = $dns_cfg->{ids}->{$dns};
     my $plugin = PVE::Network::SDN::Dns::Plugin->lookup($plugin_config->{type});
-    if($reverse) {
-	$plugin->add_ptr_record($plugin_config, $zone, $hostname, $ip);
-    } else {
-	$plugin->add_a_record($plugin_config, $zone, $hostname, $ip);
-    }
+    $plugin->add_a_record($plugin_config, $zone, $hostname, $ip);
+
+};
+
+my $add_dns_ptr_record = sub {
+    my ($reversezone, $zone, $dns, $hostname, $dnszoneprefix, $ip) = @_;
+
+    return if !$zone || !$reversezone || !$dns || !$hostname || !$ip;
+
+    $hostname .= ".$dnszoneprefix" if $dnszoneprefix;
+    $hostname .= ".$zone";
+    my $dns_cfg = PVE::Network::SDN::Dns::config();
+    my $plugin_config = $dns_cfg->{ids}->{$dns};
+    my $plugin = PVE::Network::SDN::Dns::Plugin->lookup($plugin_config->{type});
+    $plugin->add_ptr_record($plugin_config, $reversezone, $hostname, $ip);
 };
 
 my $del_dns_record = sub {
-    my ($zone, $dns, $hostname, $dnszoneprefix, $ip, $reverse) = @_;
+    my ($zone, $dns, $hostname, $dnszoneprefix, $ip) = @_;
 
     return if !$zone || !$dns || !$hostname || !$ip;
 
@@ -113,11 +122,18 @@ my $del_dns_record = sub {
     my $dns_cfg = PVE::Network::SDN::Dns::config();
     my $plugin_config = $dns_cfg->{ids}->{$dns};
     my $plugin = PVE::Network::SDN::Dns::Plugin->lookup($plugin_config->{type});
-    if($reverse) {
-	$plugin->del_ptr_record($plugin_config, $zone, $ip);
-    } else {
-	$plugin->del_a_record($plugin_config, $zone, $hostname);
-    }
+    $plugin->del_a_record($plugin_config, $zone, $hostname, $ip);
+};
+
+my $del_dns_ptr_record = sub {
+    my ($reversezone, $dns, $ip) = @_;
+
+    return if !$reversezone || !$dns || !$ip;
+
+    my $dns_cfg = PVE::Network::SDN::Dns::config();
+    my $plugin_config = $dns_cfg->{ids}->{$dns};
+    my $plugin = PVE::Network::SDN::Dns::Plugin->lookup($plugin_config->{type});
+    $plugin->del_ptr_record($plugin_config, $reversezone, $ip);
 };
 
 sub next_free_ip {
@@ -152,7 +168,7 @@ sub next_free_ip {
 	#add dns
 	&$add_dns_record($dnszone, $dns, $hostname, $dnszoneprefix, $ip);
 	#add reverse dns
-	&$add_dns_record($reversednszone, $reversedns, $hostname, $dnszoneprefix, $ip, 1);
+	&$add_dns_ptr_record($reversednszone, $dnszone, $reversedns, $hostname, $dnszoneprefix, $ip);
     };
     if ($@) {
 	#rollback
@@ -195,7 +211,7 @@ sub add_ip {
 	#add dns
 	&$add_dns_record($dnszone, $dns, $hostname, $dnszoneprefix, $ip);
 	#add reverse dns
-	&$add_dns_record($reversednszone, $reversedns, $hostname, $dnszoneprefix, $ip, 1);
+	&$add_dns_ptr_record($reversednszone, $dnszone, $reversedns, $hostname, $dnszoneprefix, $ip);
     };
     if ($@) {
 	#rollback
@@ -231,7 +247,7 @@ sub del_ip {
 
     eval {
 	&$del_dns_record($dnszone, $dns, $hostname, $dnszoneprefix, $ip);
-	&$del_dns_record($reversednszone, $reversedns, $hostname, $dnszoneprefix, $ip, 1);
+	&$del_dns_ptr_record($reversednszone, $reversedns, $ip);
     };
     if ($@) {
 	warn $@;
-- 
2.20.1