X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=doc%2FjenkinsJob%2Fdyn-txt.php;h=c7b6cfeccb387ea9d363abc2696133955d2d31ec;hb=0a72fb51898c89d155f959dc8fb15c52e017a731;hp=c7c73e4c4350d55ae93f2cbb5aaa532521df5015;hpb=7d12c09641a69f141b92d9914d0915d62a436a2d;p=gigi.git

diff --git a/doc/jenkinsJob/dyn-txt.php b/doc/jenkinsJob/dyn-txt.php
index c7c73e4c..c7b6cfec 100644
--- a/doc/jenkinsJob/dyn-txt.php
+++ b/doc/jenkinsJob/dyn-txt.php
@@ -1,27 +1,65 @@
 <?php
 header("Content-type: text/plain");
 
-if($_GET['token'] != "<here a secure password>"){
-	die ();
+define("ZONENAME", "cacert.dyn.dogcraft.de");
+define("KEYNAME", "keys/Kcacert.dyn.dogcraft.de.+165+54687.key");
+
+if(!isset($_GET['token']) || !isset($_GET['t1']) || !isset($_GET['t2']) || !isset($_GET['action'])){
+  die("Error");
+}
+if($_GET['token'] != "rD1m3A9ew6Hs4DIv7lnTxNbR6dr"){
+  die ();
 }
 $t1 = $_GET['t1'];
 $t2 = $_GET['t2'];
-if(!preg_match("/[a-zA-Z0-9]+/", $t1) || !preg_match("/[a-zA-Z0-9]+/", $t2)){
+if(!preg_match("/^[a-zA-Z0-9]+$/", $t1) || !preg_match("/^[a-zA-Z0-9]+$/", $t2)){
   die("Error");
 }
+$todelete = array();
 
-$call = <<<EOF
-server localhost
-update delete cacert-{$t1}.<your fakezone here> TXT
-update add cacert-{$t1}.<your fakezone here>  60 TXT {$t2}
-send
-quit
+if(file_exists("data.php")){
+  include ("data.php");
+}
 
-EOF;
-echo $call;
+$time = time()/60;
+if(!isset($todelete[$time])){
+  $todelete[$time] = array();
+}
+
+$dnscalls = "";
 
-$nsupdate = popen("/usr/bin/nsupdate -k <here your dnssec key>.key", 'w');
-fwrite($nsupdate, $call);
-$retval = pclose($nsupdate); // nsupdate doesn't return anything useful when called this way
+if($_GET['action'] == "http"){
+  $todelete[$time][] = array("http", $t1);
+  file_put_contents("cacert-$t1.txt", $t2);
+} else if($_GET['action'] == "dns") {
+  $todelete[$time][] = array("dns", $t1);
+  $dnscalls .= "update delete {$t1}._cacert._auth." . ZONENAME . " TXT\n"
+    ."update add {$t1}._cacert._auth." . ZONENAME . " 60 TXT {$t2}\n";
+}
+$copy = $todelete;
+foreach($copy as $nt => $ar){
+  if($nt < $time - 2){
+    unset($todelete[$nt]);
+    foreach($ar as $act){
+      if($act[0] == "http"){
+        unlink("cacert-{$act[1]}.txt");
+      } else if($act[0] == "dns") {
+        $dnscalls .= "update delete {$act[1]}._cacert._auth." . ZONENAME . " TXT\n";
+      }
+    }
+  }
+}
+file_put_contents("data.php", "<?php \$todelete = ".var_export($todelete,true).";\n?>");
+
+if($dnscalls != ""){
+  dnsAction($dnscalls);
+}
+
+function dnsAction($command) {
+  $call = "server localhost\n$command\nsend\nquit\n";
+
+  $nsupdate = popen("/usr/bin/nsupdate -k " . KEYNAME, 'w');
+  fwrite($nsupdate, $call);
+  $retval = pclose($nsupdate); // nsupdate doesn't return anything useful when called this way
+}
 
-?>