maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Implement global CAA settings

Browse Source
This commit is contained in:
Marc-André Kolly
2019-07-28 19:49:32 +02:00
parent 358ca61a26
commit 240178eba7
6 changed files with 45 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
lib/Froxlor/Dns/Dns.php
View File

@@ -131,15 +131,9 @@ class Dns
}
// additional required records for CAA if activated
if (!is_null($domain['caa'])) {
if (Settings::Get('system.dns_createcaaentry') && Settings::Get('system.use_ssl') == "1" && !empty($domain['p_ssl_ipandports'])) {
// check for CAA content later
self::addRequiredEntry('@', 'CAA', $required_entries);
// additional required records by subdomain setting
if ($domain['iswildcarddomain'] == '1') {
self::addRequiredEntry('*', 'CAA', $required_entries);
} elseif ($domain['wwwserveralias'] == '1') {
self::addRequiredEntry('www', 'CAA', $required_entries);
}
self::addRequiredEntry('@CAA@', 'CAA', $required_entries);
}
// additional required records for SPF and DKIM if activated
@@ -162,6 +156,10 @@ class Dns
if (array_key_exists($entry['type'], $required_entries) && array_key_exists(md5($entry['record']), $required_entries[$entry['type']])) {
unset($required_entries[$entry['type']][md5($entry['record'])]);
}
if (Settings::Get('system.dns_createcaaentry') == '1' && $entry['type'] == 'CAA' && strtolower(substr($entry['content'], 0, 7)) == '"v=caa1') {
// unset special CAA required-entry
unset($required_entries[$entry['type']][md5("@CAA@")]);
}
if (Settings::Get('spf.use_spf') == '1' && $entry['type'] == 'TXT' && $entry['record'] == '@' && strtolower(substr($entry['content'], 0, 7)) == '"v=spf1') {
// unset special spf required-entry
unset($required_entries[$entry['type']][md5("@SPF@")]);
@@ -296,9 +294,20 @@ class Dns
foreach ($required_entries as $type => $records) {
if ($type == 'CAA') {
foreach ($records as $record) {
$caa_entries = explode(PHP_EOL, $domain['caa']);
foreach ($caa_entries as $entry) {
$zonerecords[] = new DnsEntry($record, 'CAA', self::encloseTXTContent($entry));
if ($record == '@CAA@') {
$caa_entries = explode(PHP_EOL, Settings::Get('caa.caa_entry'));
if ($domain['letsencrypt'] == 1) {
$le_entry = $domain['iswildcarddomain'] == '1' ? '0 issuewild "letsencrypt.org"' : '0 issue "letsencrypt.org"';
array_push($caa_entries, $le_entry);
}
foreach ($caa_entries as $entry) {
$zonerecords[] = new DnsEntry('@', 'CAA', self::encloseTXTContent($entry));
// additional required records by subdomain setting
if ($domain['wwwserveralias'] == '1') {
$zonerecords[] = new DnsEntry('www', 'CAA', self::encloseTXTContent($entry));
}
}
}
}
}