diff options
author | Andrew Cady <d@jerkface.net> | 2020-05-05 19:09:56 -0400 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2020-05-05 19:18:59 -0400 |
commit | db4cdab4a87e5cbe118535039e7a4cae0c140211 (patch) | |
tree | 4795bcbd44b6ea704239744d77620797f64dcfdb /src/dyndns-command.sh | |
parent | be86419c6f2282fd1387621833d13b165a50aefe (diff) |
avoid use of SHA-1
refactor producing samizdat-ssh-uid
Diffstat (limited to 'src/dyndns-command.sh')
-rwxr-xr-x | src/dyndns-command.sh | 89 |
1 files changed, 57 insertions, 32 deletions
diff --git a/src/dyndns-command.sh b/src/dyndns-command.sh index 1061b31..8530058 100755 --- a/src/dyndns-command.sh +++ b/src/dyndns-command.sh | |||
@@ -1,24 +1,24 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | subdomain=${SSH_REMOTE_FINGERPRINT//:/} | ||
3 | ip_address=${SSH_CLIENT%% *} | ||
4 | lan_address="$SSH_ORIGINAL_COMMAND" | ||
5 | 2 | ||
6 | domain=ssh.cryptonomic.net | 3 | die() { printf '%s\n' "$*" >&2; exit 1; } |
7 | 4 | ||
8 | sqlescape() | 5 | sql_string() |
9 | { | 6 | { |
10 | printf '%s' "'${1/\'/\'\'}'" | 7 | printf '%s' "'${1//\'/\'\'}'" |
11 | } | 8 | } |
12 | 9 | ||
13 | add() | 10 | powerdns_sqlite_add_replace_record() |
14 | { | 11 | { |
15 | local newdomain="$(sqlescape "$1.$domain")" ip_address="$(sqlescape "$2")" domain="$(sqlescape "$domain")" | 12 | local sql_new_domain="$(sql_string "$1.$3")" |
13 | local sql_ip_address="$(sql_string "$2")" | ||
14 | local sql_domain="$(sql_string "$3")" | ||
15 | local record_type="$(sql_string "$4")" | ||
16 | 16 | ||
17 | sqlite3 /etc/powerdns/powerdns.sqlite3 <<END | 17 | sqlite3 /etc/powerdns/powerdns.sqlite3 <<END |
18 | BEGIN; | 18 | BEGIN; |
19 | delete from records where type='A' and name=$newdomain; | 19 | DELETE FROM records WHERE type=$record_type AND name=$sql_new_domain; |
20 | 20 | ||
21 | insert into records | 21 | INSERT INTO records |
22 | 22 | ||
23 | (domain_id, | 23 | (domain_id, |
24 | name, | 24 | name, |
@@ -27,33 +27,58 @@ BEGIN; | |||
27 | ttl, | 27 | ttl, |
28 | prio) | 28 | prio) |
29 | 29 | ||
30 | select | 30 | SELECT |
31 | id, | 31 | id, |
32 | $newdomain, | 32 | $sql_new_domain, |
33 | 'A', | 33 | $record_type, |
34 | $ip_address, | 34 | $sql_ip_address, |
35 | 3600, | 35 | 3600, |
36 | 0 | 36 | 0 |
37 | from domains | 37 | FROM domains |
38 | where name=$domain; | 38 | WHERE name=$sql_domain; |
39 | COMMIT; | 39 | COMMIT; |
40 | END | 40 | END |
41 | if [ $? = 0 ]; then | ||
42 | printf '%s\n' "$1 $2" | ||
43 | fi | ||
44 | } | 41 | } |
45 | 42 | ||
46 | add "$subdomain" "$ip_address" | 43 | add() |
47 | 44 | { | |
48 | set -- $lan_address | 45 | local record_type |
49 | while [ $# -ge 2 ]; do | 46 | case "$2" in |
50 | d=$1 | 47 | *.*.*.*) record_type=A ;; |
51 | ip=$2 | 48 | *:*) record_type=AAAA ;; |
52 | shift 2 | 49 | *) exit 1 ;; |
53 | |||
54 | case "$d" in | ||
55 | *.*) continue;; | ||
56 | esac | 50 | esac |
57 | 51 | ||
58 | add "$d.$subdomain" "$ip" | 52 | powerdns_sqlite_add_replace_record "$1" "$2" "$domain" "$record_type" \ |
59 | done | 53 | && printf '%s %s\n' "$1.$domain $2" |
54 | } | ||
55 | |||
56 | main() | ||
57 | { | ||
58 | add "$subdomain" "$ip_address" | ||
59 | |||
60 | set -- $SSH_ORIGINAL_COMMAND | ||
61 | while [ $# -ge 2 ]; do | ||
62 | d=$1 | ||
63 | ip=$2 | ||
64 | shift 2 | ||
65 | |||
66 | case "$d" in | ||
67 | *.*) continue;; | ||
68 | esac | ||
69 | |||
70 | add "$d.$subdomain" "$ip" | ||
71 | done | ||
72 | } | ||
73 | |||
74 | PEM_DEST=$HOME/public_rsync | ||
75 | |||
76 | PATH=$HOME/bin:$PATH | ||
77 | |||
78 | eval "$(samizdat-ssh-uid --copy-pem "$PEM_DEST")" | ||
79 | |||
80 | domain=${SSH_CLIENT_DOMAIN} | ||
81 | subdomain=${SSH_CLIENT_FINGERPRINT} | ||
82 | ip_address=${SSH_CLIENT%% *} | ||
83 | |||
84 | main "$@" | ||