Used e_grep_o instead grep -Po, dns_pdns_rm() now deletes only entry with matching txt value

This commit is contained in:
Nils Sandmann 2018-03-24 18:46:04 +01:00
parent 1f3f8a5073
commit a3f7ff90e3
No known key found for this signature in database
GPG Key ID: 605B8EC396A1D3B9

View File

@ -69,15 +69,21 @@ dns_pdns_add() {
#fulldomain #fulldomain
dns_pdns_rm() { dns_pdns_rm() {
fulldomain=$1 fulldomain=$1
txtvalue=$2
if [ -z "$PDNS_Ttl" ]; then
PDNS_Ttl="$DEFAULT_PDNS_TTL"
fi
_debug "Detect root zone" _debug "Detect root zone"
if ! _get_root "$fulldomain"; then if ! _get_root "$fulldomain"; then
_err "invalid domain" _err "invalid domain"
return 1 return 1
fi fi
_debug _domain "$_domain" _debug _domain "$_domain"
if ! rm_record "$_domain" "$fulldomain"; then if ! rm_record "$_domain" "$fulldomain" "$txtvalue"; then
return 1 return 1
fi fi
@ -90,12 +96,10 @@ set_record() {
full=$2 full=$2
new_challenge=$3 new_challenge=$3
_pdns_rest "GET" "/api/v1/servers/$PDNS_ServerId/zones/$root"
_record_string="" _record_string=""
_build_record_string "$new_challenge" _build_record_string "$new_challenge"
_existing_challenges=$(echo "$response" | _normalizeJson | grep -Po "\"name\":\"$fulldomain\\K.*?}]" | grep -Po 'content\":\"\\"\K[^\\]*') _list_existingchallenges
for oldchallenge in $_existing_challenges; do for oldchallenge in $_existing_challenges; do
_record_string="${_record_string}, "
_build_record_string "$oldchallenge" _build_record_string "$oldchallenge"
done done
@ -104,6 +108,10 @@ set_record() {
return 1 return 1
fi fi
if ! notify_slaves "$root"; then
return 1
fi
return 0 return 0
} }
@ -111,14 +119,37 @@ rm_record() {
_info "Remove record" _info "Remove record"
root=$1 root=$1
full=$2 full=$2
txtvalue=$3
if ! _pdns_rest "PATCH" "/api/v1/servers/$PDNS_ServerId/zones/$root" "{\"rrsets\": [{\"changetype\": \"DELETE\", \"name\": \"$full.\", \"type\": \"TXT\"}]}"; then #Enumerate existing acme challenges
_err "Delete txt record error." _list_existingchallenges
return 1
fi
if ! notify_slaves "$root"; then if _contains "$_existing_challenges" "$txtvalue"; then
return 1 #Delete all challenges (PowerDNS API does not allow to delete content)
if ! _pdns_rest "PATCH" "/api/v1/servers/$PDNS_ServerId/zones/$root" "{\"rrsets\": [{\"changetype\": \"DELETE\", \"name\": \"$full.\", \"type\": \"TXT\"}]}"; then
_err "Delete txt record error."
return 1
fi
_record_string=""
#If the only existing challenge was the challenge to delete: nothing to do
if ! [ "$_existing_challenges" = "$txtvalue" ]; then
for oldchallenge in $_existing_challenges; do
#Build up the challenges to re-add, ommitting the one what should be deleted
if ! [ "$oldchallenge" = "$txtvalue" ]; then
_build_record_string "$oldchallenge"
fi
done
#Recreate the existing challenges
if ! _pdns_rest "PATCH" "/api/v1/servers/$PDNS_ServerId/zones/$root" "{\"rrsets\": [{\"changetype\": \"REPLACE\", \"name\": \"$full.\", \"type\": \"TXT\", \"ttl\": $PDNS_Ttl, \"records\": [$_record_string]}]}"; then
_err "Set txt record error."
return 1
fi
fi
if ! notify_slaves "$root"; then
return 1
fi
else
_info "Record not found, nothing to remove"
fi fi
return 0 return 0
@ -192,5 +223,10 @@ _pdns_rest() {
} }
_build_record_string() { _build_record_string() {
_record_string="${_record_string}{\"content\": \"\\\"$1\\\"\", \"disabled\": false}" _record_string="${_record_string:+${_record_string}, }{\"content\": \"\\\"${1}\\\"\", \"disabled\": false}"
}
_list_existingchallenges() {
_pdns_rest "GET" "/api/v1/servers/$PDNS_ServerId/zones/$root"
_existing_challenges=$(echo "$response" | _normalizeJson | _egrep_o "\"name\":\"${fulldomain}[^]]*}" | _egrep_o 'content\":\"\\"[^\\]*' | sed -n 's/^content":"\\"//p')
} }