From b3cfb8533b9d9ab2fa046801a6245366f0d49cd0 Mon Sep 17 00:00:00 2001
From: Franco Fichtner <franco@opnsense.org>
Date: Mon, 20 Mar 2017 08:08:23 +0100
Subject: [PATCH] rfc2136: still prep for #996

This needs much maintenance, it's amazing really.
---
 src/etc/inc/plugins.inc.d/dyndns.inc          |   7 +
 .../inc/plugins.inc.d/dyndns/phpDynDNS.inc    |  10 +-
 src/etc/inc/plugins.inc.d/rfc2136.inc         | 164 ++++++++++--------
 src/www/services_dyndns.php                   |   7 +-
 src/www/services_rfc2136.php                  |   7 +-
 .../widgets/widgets/dyn_dns_status.widget.php |   4 +-
 6 files changed, 109 insertions(+), 90 deletions(-)

diff --git a/src/etc/inc/plugins.inc.d/dyndns.inc b/src/etc/inc/plugins.inc.d/dyndns.inc
index 6f6fc37b3..f1b1a4671 100644
--- a/src/etc/inc/plugins.inc.d/dyndns.inc
+++ b/src/etc/inc/plugins.inc.d/dyndns.inc
@@ -123,6 +123,13 @@ function dyndns_list()
     );
 }
 
+function dyndns_cache_file($conf, $ipver = 4)
+{
+    $ipver = $ipver == 6 ? '_v6' : '';
+
+    return "/var/cache/dyndns_{$conf['interface']}_{$conf['host']}_{$dyndns['id']}{$ipver}.cache";
+}
+
 function dyndns_configure_client($conf)
 {
     if (!isset($conf['enable'])) {
diff --git a/src/etc/inc/plugins.inc.d/dyndns/phpDynDNS.inc b/src/etc/inc/plugins.inc.d/dyndns/phpDynDNS.inc
index 617f03c9f..cf003ee83 100644
--- a/src/etc/inc/plugins.inc.d/dyndns/phpDynDNS.inc
+++ b/src/etc/inc/plugins.inc.d/dyndns/phpDynDNS.inc
@@ -137,11 +137,11 @@
 				    $dnsZoneID ='', $dnsTTL='', $dnsResultMatch = '', $dnsRequestIf = '',
 				    $dnsID = '', $dnsVerboseLog = false, $curlIpresolveV4 = false, $curlSslVerifypeer = true) {
 
-			global $config;
-
-			$this->_cacheFile = "/conf/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}.cache";
-			$this->_cacheFile_v6 = "/conf/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}_v6.cache";
-			$this->_debugFile = "/var/etc/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}.debug";
+			/* XXX because the call stack is upside down we need to reassemble config parts here... */
+			$conf = array('host' => $dnsHost, 'id' => $dnsID, 'interface' => $dnsIf);
+			$this->_cacheFile = dyndns_cache_file($conf, 4);
+			$this->_cacheFile_v6 = dyndns_cache_file($conf, 6);
+			$this->_debugFile = dyndns_cache_file($conf, 4) . '.debug';
 
 			$this->_curlIpresolveV4 = $curlIpresolveV4;
 			$this->_curlSslVerifypeer = $curlSslVerifypeer;
diff --git a/src/etc/inc/plugins.inc.d/rfc2136.inc b/src/etc/inc/plugins.inc.d/rfc2136.inc
index 6c85f01fd..c23a01f42 100644
--- a/src/etc/inc/plugins.inc.d/rfc2136.inc
+++ b/src/etc/inc/plugins.inc.d/rfc2136.inc
@@ -84,6 +84,13 @@ function rfc2136_cron()
     return $jobs;
 }
 
+function rfc2136_cache_file($dnspdate, $ipver = 4)
+{
+    $ipver = $ipver == 6 ? '_v6' : '';
+
+    return "/var/cache/rfc2136_{$dnsupdate['interface']}_{$dnsupdate['host']}_{$dnsupdate['server']}{$ipver}.cache";
+}
+
 function rfc2136_configure_do($verbose = false, $int = '', $updatehost = '', $forced = false)
 {
     global $config;
@@ -108,84 +115,75 @@ function rfc2136_configure_do($verbose = false, $int = '', $updatehost = '', $fo
             continue;
         }
 
-        $if = get_real_interface($dnsupdate['interface']);
-
-        if (isset($dnsupdate['usepublicip'])) {
-            $wanip = get_dyndns_ip($dnsupdate['interface'], 4);
-            $wanipv6 = get_dyndns_ip($dnsupdate['interface'], 6);
-        } else {
-            $wanip = get_interface_ip($dnsupdate['interface']);
-            $wanipv6 = get_interface_ipv6($dnsupdate['interface']);
-        }
-
-        $cacheFile = "/conf/dyndns_{$dnsupdate['interface']}_rfc2136_" . escapeshellarg($dnsupdate['host']) . "_{$dnsupdate['server']}.cache";
         $currentTime = time();
 
-        if ($wanip || $wanipv6) {
-            $keyname = $dnsupdate['keyname'];
-            /* trailing dot */
-            if (substr($keyname, -1) != ".") {
-                $keyname .= ".";
-            }
+        $keyname = $dnsupdate['keyname'];
+        /* trailing dot */
+        if (substr($keyname, -1) != ".") {
+            $keyname .= ".";
+        }
 
-            $hostname = $dnsupdate['host'];
-            /* trailing dot */
-            if (substr($hostname, -1) != ".") {
-                $hostname .= ".";
-            }
+        $hostname = $dnsupdate['host'];
+        /* trailing dot */
+        if (substr($hostname, -1) != ".") {
+            $hostname .= ".";
+        }
 
-            /* write private key file
-               this is dumb - public and private keys are the same for HMAC-MD5,
-               but nsupdate insists on having both */
-            $fd = fopen("/var/etc/K{$i}{$keyname}+157+00000.private", "w");
-            $privkey = <<<EOD
+        /* write private key file
+           this is dumb - public and private keys are the same for HMAC-MD5,
+           but nsupdate insists on having both */
+        $fd = fopen("/var/etc/K{$i}{$keyname}+157+00000.private", "w");
+        $privkey = <<<EOD
 Private-key-format: v1.2
 Algorithm: 157 (HMAC)
 Key: {$dnsupdate['keydata']}
 
 EOD;
-            fwrite($fd, $privkey);
-            fclose($fd);
+        fwrite($fd, $privkey);
+        fclose($fd);
 
-            /* write public key file */
-            if ($dnsupdate['keytype'] == "zone") {
-                $flags = 257;
-                $proto = 3;
-            } elseif ($dnsupdate['keytype'] == "host") {
-                $flags = 513;
-                $proto = 3;
-            } elseif ($dnsupdate['keytype'] == "user") {
-                $flags = 0;
-                $proto = 2;
-            }
+        /* write public key file */
+        if ($dnsupdate['keytype'] == "zone") {
+            $flags = 257;
+            $proto = 3;
+        } elseif ($dnsupdate['keytype'] == "host") {
+            $flags = 513;
+            $proto = 3;
+        } elseif ($dnsupdate['keytype'] == "user") {
+            $flags = 0;
+            $proto = 2;
+        }
 
-            $fd = fopen("/var/etc/K{$i}{$keyname}+157+00000.key", "w");
-            fwrite($fd, "{$keyname} IN KEY {$flags} {$proto} 157 {$dnsupdate['keydata']}\n");
-            fclose($fd);
+        $fd = fopen("/var/etc/K{$i}{$keyname}+157+00000.key", "w");
+        fwrite($fd, "{$keyname} IN KEY {$flags} {$proto} 157 {$dnsupdate['keydata']}\n");
+        fclose($fd);
 
-            /* generate update instructions */
-            $upinst = "";
-            if (!empty($dnsupdate['server'])) {
-                $upinst .= "server {$dnsupdate['server']}\n";
-            }
+        /* generate update instructions */
+        $upinst = "";
+        if (!empty($dnsupdate['server'])) {
+            $upinst .= "server {$dnsupdate['server']}\n";
+        }
 
+        $maxCacheAgeSecs = 25 * 24 * 60 * 60;
+        $need_update = false;
+
+        if (empty($dnsupdate['recordtype']) || $dnsupdate['recordtype'] == 'A') {
+            $cacheFile = rfc2136_cache_file($dnsupdate, 4);
             if (file_exists($cacheFile)) {
-                list($cachedipv4, $cacheTimev4) = explode("|", file_get_contents($cacheFile));
+                list($cachedipv4, $cacheTimev4) = explode('|', file_get_contents($cacheFile));
+            } else {
+                list($cachedipv4, $cacheTimev4) = array('', '');
             }
-            if (file_exists("{$cacheFile}.ipv6")) {
-                list($cachedipv6, $cacheTimev6) = explode("|", file_get_contents("{$cacheFile}.ipv6"));
+            if (isset($dnsupdate['usepublicip'])) {
+                $wanip = get_dyndns_ip($dnsupdate['interface'], 4);
+            } else {
+                $wanip = get_interface_ip($dnsupdate['interface']);
             }
-
-            // 25 Days
-            $maxCacheAgeSecs = 25 * 24 * 60 * 60;
-            $need_update = false;
-
-            /* Update IPv4 if we have it. */
-            if (is_ipaddrv4($wanip) && (empty($dnsupdate['recordtype']) || $dnsupdate['recordtype'] == 'A')) {
+            if (is_ipaddrv4($wanip)) {
                 if (($wanip != $cachedipv4) || (($currentTime - $cacheTimev4) > $maxCacheAgeSecs) || $forced) {
                     $upinst .= "update delete {$dnsupdate['host']}. A\n";
                     $upinst .= "update add {$dnsupdate['host']}. {$dnsupdate['ttl']} A {$wanip}\n";
-                    $notify_text .= sprintf(gettext('Dynamic DNS updated IP Address (A) for %s on %s (%s) to %s'), $dnsupdate['host'], convert_real_interface_to_friendly_descr($if), $if, $wanip) . "\n";
+                    $notify_text .= sprintf(gettext('Dynamic DNS updated IP Address (A) for %s on %s to %s'), $dnsupdate['host'], strtoupper($dnsupdate['interface']), $wanip) . "\n";
                     @file_put_contents($cacheFile, "{$wanip}|{$currentTime}");
                     log_error("Dynamic DNS: updating cache file {$cacheFile}: {$wanip}");
                     $need_update = true;
@@ -195,36 +193,48 @@ EOD;
             } else {
                 @unlink($cacheFile);
             }
+        }
 
-            /* Update IPv6 if we have it. */
-            if (is_ipaddrv6($wanipv6) && (empty($dnsupdate['recordtype']) || $dnsupdate['recordtype'] == 'AAAA')) {
+        if (empty($dnsupdate['recordtype']) || $dnsupdate['recordtype'] == 'AAAA') {
+            $cacheFile6 = rfc2136_cache_file($dnsupdate, 6);
+            if (file_exists($cacheFile6)) {
+                list($cachedipv6, $cacheTimev6) = explode('|', file_get_contents($cacheFile6));
+            } else {
+                list($cachedipv6, $cacheTimev6) = array('', '');
+            }
+            if (isset($dnsupdate['usepublicip'])) {
+                $wanipv6 = get_dyndns_ip($dnsupdate['interface'], 6);
+            } else {
+                $wanipv6 = get_interface_ipv6($dnsupdate['interface']);
+            }
+            if (is_ipaddrv6($wanipv6)) {
                 if (($wanipv6 != $cachedipv6) || (($currentTime - $cacheTimev6) > $maxCacheAgeSecs) || $forced) {
                     $upinst .= "update delete {$dnsupdate['host']}. AAAA\n";
                     $upinst .= "update add {$dnsupdate['host']}. {$dnsupdate['ttl']} AAAA {$wanipv6}\n";
-                    $notify_text .= sprintf(gettext('Dynamic DNS updated IPv6 Address (AAAA) for %s on %s (%s) to %s'), $dnsupdate['host'], convert_real_interface_to_friendly_descr($if), $if, $wanipv6) . "\n";
-                    @file_put_contents("{$cacheFile}.ipv6", "{$wanipv6}|{$currentTime}");
-                    log_error("Dynamic DNS: updating cache file {$cacheFile}.ipv6: {$wanipv6}");
+                    $notify_text .= sprintf(gettext('Dynamic DNS updated IPv6 Address (AAAA) for %s on %s to %s'), $dnsupdate['host'], strtoupper($dnsupdate['interface']), $wanipv6) . "\n";
+                    @file_put_contents($cacheFile6, "{$wanipv6}|{$currentTime}");
+                    log_error("Dynamic DNS: updating cache file {$cacheFile6}: {$wanipv6}");
                     $need_update = true;
                 } else {
                     log_error("Dynamic DNS: Not updating {$dnsupdate['host']} AAAA record because the IPv6 address has not changed.");
                 }
             } else {
-                @unlink("{$cacheFile}.ipv6");
+                @unlink($cacheFile6);
             }
+        }
 
-            $upinst .= "\n";  /* mind that trailing newline! */
+        $upinst .= "\n";  /* mind that trailing newline! */
 
-            if ($need_update) {
-                @file_put_contents("/var/etc/nsupdatecmds{$i}", $upinst);
-                unset($upinst);
-                /* invoke nsupdate */
-                $cmd = "/usr/local/bin/nsupdate -k /var/etc/K{$i}{$keyname}+157+00000.key";
-                if (isset($dnsupdate['usetcp']))
-                  $cmd .= " -v";
-                $cmd .= " /var/etc/nsupdatecmds{$i}";
-                mwexec_bg($cmd);
-                unset($cmd);
-            }
+        if ($need_update) {
+            @file_put_contents("/var/etc/nsupdatecmds{$i}", $upinst);
+            unset($upinst);
+            /* invoke nsupdate */
+            $cmd = "/usr/local/bin/nsupdate -k /var/etc/K{$i}{$keyname}+157+00000.key";
+            if (isset($dnsupdate['usetcp']))
+              $cmd .= " -v";
+            $cmd .= " /var/etc/nsupdatecmds{$i}";
+            mwexec_bg($cmd);
+            unset($cmd);
         }
     }
 
diff --git a/src/www/services_dyndns.php b/src/www/services_dyndns.php
index f0460931d..ddab3cec8 100644
--- a/src/www/services_dyndns.php
+++ b/src/www/services_dyndns.php
@@ -42,7 +42,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     if (isset($_POST['act']) && $_POST['act'] == "del" && isset($_POST['id'])) {
         if (!empty($a_dyndns[$_POST['id']])) {
             $conf = $a_dyndns[$_POST['id']];
-            @unlink("/conf/dyndns_{$conf['interface']}{$conf['type']}" . escapeshellarg($conf['host']) . "{$conf['id']}.cache");
+            @unlink(dyndns_cache_file($conf, 4));
+            @unlink(dyndns_cache_file($conf, 6));
             unset($a_dyndns[$_POST['id']]);
             write_config();
             system_cron_configure();
@@ -146,14 +147,14 @@ $main_buttons = array(
                       <td><?=$dyndns['host'];?></td>
                       <td>
 <?php
-                      $filename = "/conf/dyndns_{$dyndns['interface']}{$dyndns['type']}" . escapeshellarg($dyndns['host']) . "{$dyndns['id']}.cache";
+                      $filename = dyndns_cache_file($dyndns, 4);
                       $fdata = '';
                       if (file_exists($filename) && !empty($dyndns['enable'])) {
                           $ipaddr = get_dyndns_ip($dyndns['interface'], 4);
                           $fdata = @file_get_contents($filename);
                       }
 
-                      $filename_v6 = "/conf/dyndns_{$dyndns['interface']}{$dyndns['type']}" . escapeshellarg($dyndns['host']) . "{$dyndns['id']}_v6.cache";
+                      $filename_v6 = dyndns_cache_file($dyndns, 6);
                       $fdata6 = '';
                       if (file_exists($filename_v6) && !empty($dyndns['enable'])) {
                           $ipv6addr = get_dyndns_ip($dyndns['interface'], 6);
diff --git a/src/www/services_rfc2136.php b/src/www/services_rfc2136.php
index 064e1c5d4..580e99849 100644
--- a/src/www/services_rfc2136.php
+++ b/src/www/services_rfc2136.php
@@ -145,7 +145,7 @@ $main_buttons = array(
                       <td><?=$rfc2136['host'];?></td>
                       <td>
 <?php
-                        $filename = "/conf/dyndns_{$rfc2136['interface']}_rfc2136_" . escapeshellarg($rfc2136['host']) . "_{$rfc2136['server']}.cache";
+                        $filename = rfc2136_cache_file($rfc2136, 4);
                         if (file_exists($filename) && !empty($rfc2136['enable']) && (empty($dnsupdate['recordtype']) || $dnsupdate['recordtype'] == 'A')) {
                             echo "IPv4: ";
                             if (isset($rfc2136['usepublicip'])) {
@@ -166,14 +166,15 @@ $main_buttons = array(
                             echo "IPv4: N/A";
                         }
                         echo "<br />";
-                        if (file_exists("{$filename}.ipv6") && !empty($rfc2136['enable']) && (empty($dnsupdate['recordtype']) || $dnsupdate['recordtype'] == 'AAAA')) {
+                        $filename6 = rfc2136_cache_file($rfc2136, 6);
+                        if (file_exists($filename6) && !empty($rfc2136['enable']) && (empty($dnsupdate['recordtype']) || $dnsupdate['recordtype'] == 'AAAA')) {
                             echo "IPv6: ";
                             if (isset($rfc2136['usepublicip'])) {
                                 $ipaddr = get_dyndns_ip($rfc2136['interface'], 6);
                             } else {
                                 $ipaddr = get_interface_ipv6($rfc2136['interface']);
                             }
-                            $cached_ip_s = explode("|", file_get_contents("{$filename}.ipv6"));
+                            $cached_ip_s = explode("|", file_get_contents($filename6));
                             $cached_ip = $cached_ip_s[0];
                             if ($ipaddr <> $cached_ip) {
                                 echo "<font color='red'>";
diff --git a/src/www/widgets/widgets/dyn_dns_status.widget.php b/src/www/widgets/widgets/dyn_dns_status.widget.php
index 65f736f73..b346bc069 100644
--- a/src/www/widgets/widgets/dyn_dns_status.widget.php
+++ b/src/www/widgets/widgets/dyn_dns_status.widget.php
@@ -50,14 +50,14 @@ if (!empty($_REQUEST['getdyndnsstatus'])) {
             echo '|';
         }
 
-        $filename = "/conf/dyndns_{$dyndns['interface']}{$dyndns['type']}" . escapeshellarg($dyndns['host']) . "{$dyndns['id']}.cache";
+        $filename = dyndns_cache_file($dyndns, 4);
         $fdata = '';
         if (!empty($dyndns['enable']) && file_exists($filename)) {
             $ipaddr = get_dyndns_ip($dyndns['interface'], 4);
             $fdata = @file_get_contents($filename);
         }
 
-        $filename_v6 = "/conf/dyndns_{$dyndns['interface']}{$dyndns['type']}" . escapeshellarg($dyndns['host']) . "{$dyndns['id']}_v6.cache";
+        $filename_v6 = dyndns_cache_file($dyndns, 6);
         $fdata6 = '';
         if (!empty($dyndns['enable']) && file_exists($filename_v6)) {
             $ipv6addr = get_dyndns_ip($dyndns['interface'], 6);