[ SEA-GHOST MINI SHELL]

Path : /scripts/
FILE UPLOADER :
Current File : //scripts/cleandns

#!/usr/local/cpanel/3rdparty/bin/perl

# cpanel - scripts/cleandns                        Copyright 2022 cPanel, L.L.C.
#                                                           All rights reserved.
# copyright@cpanel.net                                         http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited

package scripts::cleandns;

use strict;
use warnings;

use Getopt::Long              ();
use File::Basename            ();
use Cpanel::SafeFile          ();
use Cpanel::DNSLib            ();
use Cpanel::Hostname          ();
use Cpanel::FileUtils::Move   ();
use Cpanel::FileUtils::Copy   ();
use Cpanel::Logger            ();
use Cpanel::SafetyBits        ();
use Cpanel::StringFunc::Count ();
use Cpanel::StringFunc::Match ();

exit main(@ARGV) unless caller();

sub help {
    print "USAGE:\n\t$0\n\nRemoves zones no longer operated by cPanel users on this host, and removes duplicate zone definitions.\n";
    return 1;
}

#Only use prints if you expect to shoot this over to a web interface, otherwise logger() stuff
sub main {
    my @args = @_;

    my $logger = Cpanel::Logger->new();
    my ( $restart, $help );
    Getopt::Long::GetOptionsFromArray(
        \@args,
        v        => \$Cpanel::Debug::level,
        r        => \$restart,
        'h|help' => \$help,
    );
    return help() if $help;

    my $dnslib    = Cpanel::DNSLib->new();
    my $namedconf = $dnslib->{'namedconf'};

    my ( $confstatus, $confresult ) = remove_warnings_checknamedconf( $dnslib->checknamedconf() );

    my @confresults      = split( /\n/, $confresult );
    my @only_dupes       = grep { m/already exists previous definition/i } @confresults;
    my $only_dupe_errors = ( scalar(@only_dupes) == scalar(@confresults) );

    if ( !$confstatus && !$only_dupe_errors ) {
        $logger->warn("Fatal! $namedconf fails named-checkconf, please repair named.conf and try again");
        $logger->warn($confresult);
        print "$namedconf is in a state that cannot be automatically corrected.\n";
        print "Please address these issues and before trying again.";
        return 1;
    }

    my $binduser = $dnslib->{'data'}{'binduser'};
    my $bindgrp  = $dnslib->{'data'}{'bindgroup'};

    my %ZONES = gather_zones( $logger, $dnslib, $namedconf, $binduser, $bindgrp );

    $logger->debug("The following zone and zonefiles were found");
    $logger->debug("zones with out corresponding zone file (and duplicates) will be removed");
    $logger->debug("========================================================");
    foreach my $key ( sort keys %ZONES ) {
        $logger->debug("$key ==> $ZONES{$key}");
    }
    $logger->debug("========================================================");

    Cpanel::FileUtils::Copy::safecopy( $namedconf, $namedconf . '.precleandns' );

    my ( $NDC, $namelock, @CONF ) = build_clean_config( $logger, $namedconf, %ZONES );
    write_cleaned_config( $namedconf, $namelock, $NDC, @CONF );

    ( $confstatus, $confresult ) = remove_warnings_checknamedconf( $dnslib->checknamedconf() );

    if ( !$confstatus ) {
        $logger->warn("cleandns was unable to properly clean $namedconf");
        $logger->warn($confresult);
        $logger->info("Reverting to original version.");
        Cpanel::FileUtils::Copy::safecopy( $namedconf, $namedconf . '.brokencleandns' );
        Cpanel::FileUtils::Move::safemv( "-f", $namedconf . 'precleandns', $namedconf );
        Cpanel::SafetyBits::safe_chown( $binduser, $bindgrp, $namedconf );
        print "There was an error running the DNS cleanup. Please check the cPanel error logs.";
        return 2;
    }

    my $shorthost = Cpanel::Hostname::shorthostname();
    if ( !$shorthost ) {
        $shorthost = 'localhost';
        my $host_name_not_properly_set_msg = "Your hostname is not properly set, please run /usr/local/cpanel/bin/set_hostname";
        say STDERR ($host_name_not_properly_set_msg);
        $logger->warn($host_name_not_properly_set_msg);
    }

    my $numzones = scalar keys %ZONES;
    $logger->info("DNS cleanup successful");
    print "Cleaned up " . $numzones . " zone(s) on $shorthost.";

    if ($restart) {
        $logger->info("Restarting Bind using restartsrv");
        exec '/usr/local/cpanel/scripts/restartsrv', 'named';
    }
    $logger->debug("Bind will not be restarted automatically.");
    $logger->debug("To restart Bind run the following: /usr/local/cpanel/scripts/restartsrv_named");

    return 0;
}

sub _is_line_comment {
    my ( $line, $cppcomment, $callback ) = @_;

    # Rudimentary comment exclusion.
    if ($cppcomment) {
        if ( $line =~ m/\*\// ) {
            $cppcomment = 0;
        }
        $callback->($line) if $callback;
        return ( 1, $cppcomment );
    }
    if ( $line =~ m/^\s*\#/ ) {
        $callback->($line) if $callback;
        return ( 1, $cppcomment );
    }
    if ( $line =~ m/^\s\/\// ) {
        $callback->($line) if $callback;
        return ( 1, $cppcomment );
    }
    if ( $line =~ m/^\s*\/\*/ ) {
        $cppcomment = 1;
        $callback->($line) if $callback;
        return ( 1, $cppcomment );
    }
    return ( 0, $cppcomment );
}

# XXX I am dissatisfied with this loop and build_clean_config being nearly the same.
# This means we are straight up wasting time in this script which is called by dnsadmin
# and hence needs good performance.

sub gather_zones {    ## no critic(ProhibitExcessComplexity)
    my ( $logger, $dnslib, $namedconf, $binduser, $bindgrp ) = @_;

    my %ZONES;
    my $inc      = 0;
    my $seenhint = 0;
    my $zone     = '';
    my ( $numbrace, $zonemarker, $cppcomment, $continue ) = ( 0, 0, 0, 0 );
    my $zonedir = $dnslib->{'data'}{'zonefiledir'};

    # Read through named.conf. Gather hash of zones and zone files
    open( my $NDC, '<', $namedconf ) || $logger->die("Unable to open $namedconf: $!");

    while (<$NDC>) {
        ( $continue, $cppcomment ) = _is_line_comment( $_, $cppcomment );
        next if $continue;

        if ($zonemarker) {
            $numbrace += Cpanel::StringFunc::Count::get_curly_brace_count($_);
            if ( $numbrace == 0 ) {
                $zonemarker = 0;
            }
            if (m/.*[\s\t\;\{]file\s+["']([^"']+)/) {
                my $file        = $1;
                my $relativedir = '';
                if ( !Cpanel::StringFunc::Match::beginmatch( $file, '/' ) ) {
                    if ( $file =~ m/^([^\/]+)/ ) {
                        $relativedir = $1;
                    }
                }
                if ( -e $file ) {
                    $ZONES{$zone} = $file;
                }
                else {
                    my $filename = File::Basename::basename($file);
                    my $filenew  = $zonedir . '/' . $filename;
                    if ( -e $filenew ) {
                        $ZONES{$zone} = $filenew;
                    }
                    elsif ( $relativedir ne ''
                        && -e $zonedir . '/' . $relativedir . '/' . $filename ) {
                        $ZONES{$zone} = $zonedir . '/' . $relativedir . '/' . $filename;
                    }
                    elsif ( -e '/' . $file ) {
                        $ZONES{$zone} = '/' . $file;
                    }
                    else {
                        $ZONES{$zone} = '';
                    }
                }
                next();
            }
            if (m/.*[\s\t\;\{]type\s+slave/) {
                delete( $ZONES{$zone} );
            }
        }
        if (m/\s*zone\s+["']([^"']+)/) {
            $zone       = $1;
            $zonemarker = 1;
            $numbrace += Cpanel::StringFunc::Count::get_curly_brace_count($_);

            if (m/.*[\s\t\;\{]file\s+["']([^"']+)/) {
                my $file        = $1;
                my $relativedir = '';
                if ( !Cpanel::StringFunc::Match::beginmatch( $file, '/' ) ) {
                    if ( $file =~ m/^([^\/]+)/ ) {
                        $relativedir = $1;
                    }
                }
                if ( -e $file ) {
                    $ZONES{$zone} = $file;
                }
                else {
                    my $filename = File::Basename::basename($file);
                    my $filenew  = $zonedir . '/' . $filename;
                    if ( -e $filenew ) {
                        $ZONES{$zone} = $filenew;
                    }
                    elsif ( $relativedir ne ''
                        && -e $zonedir . '/' . $relativedir . '/' . $filename ) {
                        $ZONES{$zone} = $zonedir . '/' . $relativedir . '/' . $filename;
                    }
                    elsif ( -e '/' . $file ) {
                        $ZONES{$zone} = '/' . $file;
                    }
                    elsif ( $zone eq '.' ) {
                        Cpanel::FileUtils::Copy::safecopy( '/usr/local/cpanel/scripts/named.ca', $filenew );
                        Cpanel::SafetyBits::safe_chown( $binduser, $bindgrp, $filenew );
                        $ZONES{$zone} = $filenew;
                    }
                    else {
                        $ZONES{$zone} = '';
                    }
                }
                next;
            }
        }

        if ( !$zonemarker ) {
            next;
        }
        else {
            $numbrace += Cpanel::StringFunc::Count::get_curly_brace_count($_);
            if ( $numbrace == 0 ) {
                $inc = 0;
            }
        }
    }
    close($NDC);
    return %ZONES;
}

sub build_clean_config {
    my ( $logger, $namedconf, %ZONES ) = @_;

    my @CONF;
    my $zone = '';
    my ( $numbrace, $zonemarker, $cppcomment, $continue ) = ( 0, 0, 0, 0 );

    # Modify named.conf and remove bad entries.
    my $namelock = Cpanel::SafeFile::safeopen( my $NDC, "+<", $namedconf );
    if ( !$namelock ) {
        $logger->die("Could not open $namedconf");
    }

    my $seen_already = {};
    my $what_view    = 'none';
    while (<$NDC>) {

        ( $continue, $cppcomment ) = _is_line_comment( $_, $cppcomment, sub { push( @CONF, shift ) } );
        next if $continue;

        #Gotta know what view we are in to filter dupes out
        m/\s*view\s+["']([^"']+)/;
        $what_view = $1 if $1;

        if ($zonemarker) {
            $numbrace += Cpanel::StringFunc::Count::get_curly_brace_count($_);
            if ( $numbrace == 0 ) {
                $zonemarker = 0;
            }
            if ( defined( $ZONES{$zone} ) && $ZONES{$zone} eq '' ) {
                next;
            }
            elsif ( !defined( $ZONES{$zone} ) ) {
                push @CONF, $_;
                next;
            }
            elsif (m/(.*[\s\t\;\{])file\s+["']/) {
                my $space = $1;
                push @CONF, $space . "file \"$ZONES{$zone}\"\;\n";
                next;
            }
            else {
                push @CONF, $_;
                next;
            }
        }
        if (m/\s*zone\s+["']([^"']+)/) {
            $zone = $1;
            $seen_already->{"$what_view.$zone"}++;
            if ( $seen_already->{"$what_view.$zone"} && $seen_already->{"$what_view.$zone"} > 1 ) {
                $zonemarker = 0;
                next;
            }

            $zonemarker = 1;
            $numbrace += Cpanel::StringFunc::Count::get_curly_brace_count($_);
            if ( defined( $ZONES{$zone} ) && $ZONES{$zone} eq '' ) {
                next();
            }
            elsif ( !defined( $ZONES{$zone} ) ) {
                push( @CONF, $_ );
                next();
            }
            elsif (m/(.*[\s\t\;\{])file\s+["']/) {
                my $space = $1;
                push @CONF, $space . "file \"$ZONES{$zone}\"\;\n";
                next;
            }
            else {
                push @CONF, $_;
                next;
            }
        }

        #Evade warnings
        my $skip_dupe_body = ( $what_view && $zone && $seen_already->{"$what_view.$zone"} && $seen_already->{"$what_view.$zone"} > 1 );

        if ( !$zonemarker && !$skip_dupe_body ) {
            push @CONF, $_;
        }
    }

    seek( $NDC, 0, 0 );
    return ( $NDC, $namelock, @CONF );
}

sub write_cleaned_config {
    my ( $namedconf, $namelock, $NDC, @CONF ) = @_;

    my $deadline = 0;
    foreach (@CONF) {
        if (m/^[\r\n\s\t]*$/) {
            $deadline++;
        }
        else {
            $deadline = 0;
        }
        if ( $deadline < 2 ) {
            print $NDC $_;
        }
    }
    print $NDC "\n";

    truncate( $NDC, tell($NDC) );
    unlink("$namedconf.cache");
    Cpanel::SafeFile::safeclose( $NDC, $namelock );
    return 1;
}

sub remove_warnings_checknamedconf {
    my ( $configstatus, $configresult ) = @_;
    return ( $configstatus, $configresult ) if $configstatus;
    my $config_warning_rx = qr/option 'additional-from-cache' is obsolete/;
    my @errors            = split "\n", $configresult;
    return ( $configstatus, $configresult ) unless scalar @errors;
    my $new_config_result = [];
    foreach my $errorLine (@errors) {
        push @{$new_config_result}, $errorLine unless $errorLine =~ /$config_warning_rx/;
    }
    $configstatus = 1 if $#{$new_config_result} < 0;
    $configresult = join( "\n", @{$new_config_result} );
    return ( $configstatus, $configresult );

}

1;    #magic true since this is included in build-tools/clean_test_cruft

SEA-GHOST - SHELL CODING BY SEA-GHOST