X-Git-Url: https://git.ralfj.de/dyn-nsupdate.git/blobdiff_plain/88af7a47fc7194a1bd4c699f1da55e86f4576dec..9292050b47d5c0a6c076da2c1a8f22c307c19ed2:/dyn-nsupdate.cpp diff --git a/dyn-nsupdate.cpp b/dyn-nsupdate.cpp index e378082..25381cf 100644 --- a/dyn-nsupdate.cpp +++ b/dyn-nsupdate.cpp @@ -1,37 +1,119 @@ #include +#include +#include + +#include #include #include +#include +#include -#include +using namespace boost; -int main(int argc, const char **argv) +static void write(int fd, const char *str) { - if (argc < 2) { - std::cerr << "Usage: " << argv[0] << " " << std::endl; - return 1; + size_t len = strlen(str); + ssize_t written = write(fd, str, len); + if (written < 0 || (size_t)written != len) { + std::cerr << "Error writing pipe." << std::endl; + exit(1); } - const char *filename = argv[1]; +} + +int main(int argc, const char ** argv) +{ + static const regex regex_ip("\\d{1,3}.\\d{1,3}.\\d{1,3}.\\d{1,3}"); + static const regex regex_user("[a-zA-Z]+"); + - struct stat file_stat; - int ret = lstat(filename, &file_stat); - if (ret != 0) { - std::cerr << "Unable to stat " << filename << "." << std::endl; + if (argc != 5) { + std::cerr << "Usage: " << argv[0] << " " << std::endl; return 1; } - /* Check if the file is suited */ - if (!S_ISREG(file_stat.st_mode)) { - std::cerr << filename << " is not a file." << std::endl; - return 1; + + /* Obtain and validate inpit */ + std::string user = argv[1]; + std::string password = argv[2]; + std::string domain = argv[3]; + std::string ip = argv[4]; + + if (!regex_match(ip, regex_ip)) { + std::cerr << "Invalid IP address " << ip << "." << std::endl; + exit(1); } - if (file_stat.st_uid != geteuid()) { - std::cerr << filename << " must be owned by user executing " << argv[0] << "." << std::endl; - return 1; + if (!regex_match(user, regex_user)) { + std::cerr << "Invalid username " << user << "." << std::endl; + exit(1); } - if (file_stat.st_mode & (S_IWGRP | S_IWOTH)) { /* can be written by group/others */ - std::cerr << filename << " must not be writeable by group or others." << std::endl; - return 1; + + /* read configuration */ + property_tree::ptree config; + property_tree::ini_parser::read_ini(CONFIG_FILE, config); + std::string nsupdate = config.get("nsupdate"); + + /* Check username, password, domain */ + optional correct_password = config.get_optional(user+".password"); + if (!correct_password || *correct_password != password) { + std::cerr << "Username or password incorrect." << std::endl; + exit(1); + } + if (config.get(user+".domain") != domain) { + std::cerr << "Domain incorrect." << std::endl; + exit(1); + } + + /* preapre the pipe */ + int pipe_ends[2]; + if (pipe(pipe_ends) < 0) { + std::cerr << "Error opening pipe." << std::endl; + exit(1); + } + + /* Launch nsupdate */ + pid_t child_pid = fork(); + if (child_pid < 0) { + std::cerr << "Error while forking." << std::endl; + exit(1); + } + if (child_pid == 0) { + /* We're in the child */ + /* Close write end, use read and as stdin */ + close(pipe_ends[1]); + if (dup2(pipe_ends[0], fileno(stdin)) < 0) { + std::cerr << "There was an error redirecting stdin." << std::endl; + exit(1); + } + /* exec nsupdate */ + execl(nsupdate.c_str(), nsupdate.c_str(), "-l", (char *)NULL); + /* There was an error */ + std::cerr << "There was an error executing nsupdate." << std::endl; + exit(1); + } + + /* Send it the command */ + write(pipe_ends[1], "update delete "); + write(pipe_ends[1], domain.c_str()); + write(pipe_ends[1], ". A\n"); + + write(pipe_ends[1], "update add "); + write(pipe_ends[1], domain.c_str()); + write(pipe_ends[1], ". 60 A "); + write(pipe_ends[1], ip.c_str()); + write(pipe_ends[1], "\n"); + + write(pipe_ends[1], "send\n"); + + /* Close both ends */ + close(pipe_ends[0]); + close(pipe_ends[1]); + + /* Wait for child to be gone */ + int child_status; + waitpid(child_pid, &child_status, 0); + if (child_status != 0) { + std::cerr << "There was an error in the child." << std::endl; + exit(1); } - std::cout << "Hi world!" << std::endl; return 0; }