|
 |
00bb8e6 |
#!/usr/bin/env python
|
|
|
00bb8e6 |
# Contributed 2006 by Stephane Bortzmeyer.
|
|
|
00bb8e6 |
# Changed 20070102 by Wouter to handle primary zones and file names.
|
|
|
00bb8e6 |
|
|
|
00bb8e6 |
# Converts a nsd 2 "nsd.zones" file to a nsd 3 "nsd.conf" file.
|
|
|
00bb8e6 |
|
|
|
00bb8e6 |
# Change at will
|
|
|
00bb8e6 |
nsd_zones_name = "/etc/nsd.zones"
|
|
|
00bb8e6 |
key_dir = "/etc/nsd/keys" # Directory holding the TSIG keys
|
|
|
00bb8e6 |
|
|
|
00bb8e6 |
import re
|
|
|
00bb8e6 |
import os.path
|
|
|
00bb8e6 |
|
|
|
00bb8e6 |
primary_line_re = re.compile("^zone\s+([a-z0-9\.-]+)\s+([a-z0-9/\.-]+)\s*$", re.IGNORECASE)
|
|
|
00bb8e6 |
secondary_line_re = re.compile("^zone\s+([a-z0-9\.-]+)\s+([a-z0-9/\.-]+)\s+masters\s+([0-9a-f:\. ]*)\s*$", re.IGNORECASE)
|
|
|
00bb8e6 |
notify_line_re = re.compile("^zone\s+([a-z0-9\.-]+)\s+([a-z0-9/\.-]+)\s+notify\s+([0-9a-f:\. ]*)\s*$", re.IGNORECASE)
|
|
|
00bb8e6 |
comment_re = re.compile("^\s*;")
|
|
|
00bb8e6 |
empty_re = re.compile("^\s*$")
|
|
|
00bb8e6 |
|
|
|
00bb8e6 |
nsd_zones = open(nsd_zones_name)
|
|
|
00bb8e6 |
keys = {}
|
|
|
00bb8e6 |
for line in nsd_zones.xreadlines():
|
|
|
00bb8e6 |
if comment_re.search(line) or empty_re.search(line):
|
|
|
00bb8e6 |
pass
|
|
|
00bb8e6 |
elif secondary_line_re.search(line):
|
|
|
00bb8e6 |
match = secondary_line_re.search(line)
|
|
|
00bb8e6 |
zone = match.group(1)
|
|
|
00bb8e6 |
zonefile = match.group(2)
|
|
|
00bb8e6 |
master_group = match.group(3)
|
|
|
00bb8e6 |
masters = re.split("\s+", master_group)
|
|
|
00bb8e6 |
print """zone:
|
|
|
00bb8e6 |
name: "%s"
|
|
|
00bb8e6 |
zonefile: "%s"
|
|
|
00bb8e6 |
# This is to allow "nsdc update" to work.
|
|
|
00bb8e6 |
allow-notify: 127.0.0.1 NOKEY
|
|
|
00bb8e6 |
# This is a slave zone. Masters are listed below.""" % (zone, zonefile)
|
|
|
00bb8e6 |
for master in masters:
|
|
|
00bb8e6 |
if re.search("^\s*$", master):
|
|
|
00bb8e6 |
continue
|
|
|
00bb8e6 |
key_filename = "%s/%s.tsiginfo" % (key_dir, master)
|
|
|
00bb8e6 |
if os.path.exists(key_filename):
|
|
|
00bb8e6 |
key_content = open(key_filename)
|
|
|
00bb8e6 |
peer_ip = key_content.readline()
|
|
|
00bb8e6 |
peer_ip = peer_ip[:-1]
|
|
|
00bb8e6 |
key_name = key_content.readline()
|
|
|
00bb8e6 |
key_name = key_name[:-1]
|
|
|
00bb8e6 |
algorithm = key_content.readline()
|
|
|
00bb8e6 |
algorithm = int(algorithm[:-1])
|
|
|
00bb8e6 |
if algorithm == 157:
|
|
|
00bb8e6 |
algorithm_name = "hmac-md5"
|
|
|
00bb8e6 |
else:
|
|
|
00bb8e6 |
raise Exception("Unsupported TSIG algorithm %i" % algorithm)
|
|
|
00bb8e6 |
secret = key_content.readline()
|
|
|
00bb8e6 |
secret = secret[:-1]
|
|
|
00bb8e6 |
key_content.close()
|
|
|
00bb8e6 |
key = key_name
|
|
|
00bb8e6 |
keys[key_name] = {
|
|
|
00bb8e6 |
'algorithm': algorithm_name,
|
|
|
00bb8e6 |
'secret': secret}
|
|
|
00bb8e6 |
else:
|
|
|
00bb8e6 |
key = "NOKEY"
|
|
|
00bb8e6 |
print """ allow-notify: %s %s
|
|
|
00bb8e6 |
request-xfr: %s %s""" % (master, key, master, key)
|
|
|
00bb8e6 |
print ""
|
|
|
00bb8e6 |
elif primary_line_re.search(line):
|
|
|
00bb8e6 |
match = primary_line_re.search(line)
|
|
|
00bb8e6 |
zone = match.group(1)
|
|
|
00bb8e6 |
zonefile = match.group(2)
|
|
|
00bb8e6 |
print """zone:
|
|
|
00bb8e6 |
name: "%s"
|
|
|
00bb8e6 |
zonefile: "%s"
|
|
|
00bb8e6 |
""" % (zone, zonefile)
|
|
|
00bb8e6 |
elif notify_line_re.search(line):
|
|
|
00bb8e6 |
match = notify_line_re.search(line)
|
|
|
00bb8e6 |
zone = match.group(1)
|
|
|
00bb8e6 |
zonefile = match.group(2)
|
|
|
00bb8e6 |
notify_group = match.group(3)
|
|
|
00bb8e6 |
notifies = re.split("\s+", notify_group)
|
|
|
00bb8e6 |
print """zone:
|
|
|
00bb8e6 |
name: "%s"
|
|
|
00bb8e6 |
zonefile: "%s"
|
|
|
00bb8e6 |
# This is a master zone. Slaves are listed below.""" % (zone, zonefile)
|
|
|
00bb8e6 |
for notify in notifies:
|
|
|
00bb8e6 |
if re.search("^\s*$", notify):
|
|
|
00bb8e6 |
continue
|
|
|
00bb8e6 |
key = "NOKEY"
|
|
|
00bb8e6 |
print """ notify: %s %s""" % (notify, key)
|
|
|
00bb8e6 |
print ""
|
|
|
00bb8e6 |
else:
|
|
|
00bb8e6 |
raise Exception("Invalid line \"%s\"" % line)
|
|
|
00bb8e6 |
nsd_zones.close()
|
|
|
00bb8e6 |
for key in keys.keys():
|
|
|
00bb8e6 |
print """key:
|
|
|
00bb8e6 |
name: "%s"
|
|
|
00bb8e6 |
algorithm: %s
|
|
|
00bb8e6 |
secret: "%s" """ % (key, keys[key]['algorithm'], keys[key]['secret'])
|
|
|
00bb8e6 |
print ""
|
|
|
00bb8e6 |
|
|
|
00bb8e6 |
## Local Variables: ##
|
|
|
00bb8e6 |
## mode:python ##
|
|
|
00bb8e6 |
## End: ##
|