From ab73efec8ea23789058442cbf201c921156bf51f Mon Sep 17 00:00:00 2001
From: Luke Bratch <luke@bratch.co.uk>
Date: Thu, 6 Apr 2017 02:13:18 +0100
Subject: Version 0.1, it works!

---
 dns.php | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++++++----------
 1 file changed, 76 insertions(+), 14 deletions(-)

diff --git a/dns.php b/dns.php
index 2ac85d1..ffb7654 100644
--- a/dns.php
+++ b/dns.php
@@ -3,23 +3,85 @@ ini_set("display_errors", 1);
 ini_set("display_startup_errors", 1);
 error_reporting(E_ALL);
 
-if ($_POST['domain']) {
-  echo "domain posted\n";
+function sshrun($command) {
+  $host = "misc.tghost.co.uk";
+  $user = "bladns.net";
+  $keypub = "/home/bladns.net/.ssh/id_rsa.pub";
+  $keypriv = "/home/bladns.net/.ssh/id_rsa";
 
-  $connection = ssh2_connect("misc.tghost.co.uk", 22, array("hostkey" => "ssh-rsa"));
+  $connection = ssh2_connect($host, 22, array("hostkey" => "ssh-rsa"));
 
-  if (ssh2_auth_pubkey_file($connection, "bladns.net", "/home/bladns.net/.ssh/id_rsa.pub", "/home/bladns.net/.ssh/id_rsa")) {
-    echo "Public Key Authentication Successful\n<br>\n<br>";
-  } else {
-    echo "Public Key Authentication Failed\n<br>\n<br>";
-  }
+  ssh2_auth_pubkey_file($connection, $user, $keypub, $keypriv);
 
-  echo "<pre>";
-  $stream = ssh2_exec($connection, "ps aux | grep named");
+  $stream = ssh2_exec($connection, $command);
   stream_set_blocking($stream, true);
   $stream_out = ssh2_fetch_stream($stream, SSH2_STREAM_STDIO);
-  echo stream_get_contents($stream_out);
-  echo "</pre>";
+  return stream_get_contents($stream_out);
+}
+
+function getzone($domain, $password) {
+  $zoneroot = "/var/bind/pri/";
+  $zonesuffix = ".zone";
+
+  if (!preg_match('/^[0-9A-Za-z\.\-]*$/', $_POST['domain'])) {
+    die("invalid domain");
+  }
+
+  $string = sshrun("cat " . $zoneroot . $domain . $zonesuffix);
+
+  $zonelines = explode("\n", $string);
+  $zonehash = explode(" ", $zonelines[0]);
+
+  if ($zonehash[sizeof($zonehash) - 1] == $password) {
+    return $string;
+  } else {
+    return;
+  }
+}
+
+function writezone($domain, $password, $zonetext) {
+  $zoneroot = "/var/bind/pri/";
+  $zonesuffix = ".zone";
+
+  if (!preg_match('/^[0-9A-Za-z\.\-]*$/', $_POST['domain'])) {
+    die("invalid domain");
+  }
+
+  if (!getzone($domain, $password)) {
+    die("somehow the password went bad");
+  }
+
+  $zonetext = str_replace('$', '\$', $zonetext);
+
+  sshrun("echo -e \"$zonetext\" > $zoneroot$domain$zonesuffix");
+  sshrun("rndc reload $domain");
+}
+
+// Main entry point
+
+if (isset($_POST['domain']) && isset($_POST['password']) && !isset($_POST['zonetext'])) {
+  if (!preg_match('/^[0-9A-Za-z\.\-]*$/', $_POST['domain'])) {
+    die("invalid domain");
+  }
+
+  $password = hash("sha256", $_POST['password']);
+
+  if ($zonefile = getzone($_POST['domain'], $password)) {
+?>
+    <form action="dns.php" method="post">
+    <textarea rows="24" cols="80" name="zonetext" autofocus><?php echo $zonefile; ?></textarea><br>
+    <input type="hidden" name="domain" value="<?php echo $_POST['domain']; ?>">
+    <input type="hidden" name="password" value="<?php echo $password; ?>">
+    <input type="submit" value="Update zonefile"><br>
+    </form>
+<?php
+  } else {
+    die("sorry, the domain or password is wrong :(");
+  }
+} else if (isset($_POST['domain']) && isset($_POST['password']) && isset($_POST['zonetext'])) {
+  $zonetext = str_replace("\r", '', $_POST['zonetext']);
+  writezone($_POST['domain'], $_POST['password'], $zonetext);
+  echo "all done :)";
 } else {
 ?>
 <!DOCTYPE html>
@@ -30,9 +92,9 @@ if ($_POST['domain']) {
   </head>
   <body>
     <form name="login" action="dns.php" method="post">
-      Domain name: <input type="text" name="domain"><br>
+      Domain name: <input type="text" name="domain" autofocus><br>
       Password: <input type="password" name="password"><br>
-      <input type="submit">
+      <input type="submit" value="Login">
     </form>
   </body>
 </html>
-- 
cgit v1.2.3