NicToolServer Change Log
2.14 - 2012.03.30
- added quotes to BIND SPF record
- export a named.conf.local file (for inclusion in named.conf)
- updated and included PowerDNS backend (server/bin/nt_powerdns.pl)
- added MaraDNS support (Matthias Bethke)
- enabled LOC records for new installs
2.13 - 2012.01.19
- removed sys/djb c++ export app (broken)
- allow domain labels to begin with a number (RFC 1123)
- expand valid TTL range from 300-2592000 to 0-2147483647 (RFC 2181)
- editing zone properties or NS didn't increment zone serial #
- other bug fixes.
2.12 - 2012.01.04
- fixed a problem where records from deleted zones were sometimes published
- rewrote SQL queries so they look like SQL
- improved the nameserver export status messages
- added additional tests
2.11 - 2011.11.28
- zone record types in the web interface (NicToolClient) are dynamic now. Edit the DB and see changes immediately.
- added signal catching to nt_export.pl
- automatic cleanup export log messages table
- added lots more tests.
- automatic expansion of compressed IPv6 addresses
- much stricter RFC validation of domain names
- the zone record type is properly normalized now
- added NicToolServer::Zone::valid_label (RFC validation of domain name)
- added NicToolServer::valid_ttl, and removed 6 duplicated instances
- deleted unused NicToolServer::valid_hostname
- deleted unused NicToolServer::valid_hostname
- consolidated duplicated definitions of _error into NicToolServer::error
- added RFC 2181 domain name length restrictions
- added IPv6 address expansion (from djbdnsRecordBuilder)
- SQL: moved nt_nameserver_export_procstatus.status to nt_nameserver.export_status and dropped nt_nameserver_export_procstatus
- SPF record support (in addition to TXT SPF records)
- beefed up bin/nt_install_deps.pl.
- SQL: added sql/upgrade.pl It logs into a NicTool database, determines which updates are required, and runs them.
- SQL: added resource_record_types table. IDs are the IETF record type number and the name is the IETF record type. Using a related table moves the data out of the database schema (ENUM(blah,blah)) and into rows, where it belongs. It also means adding new record types won't require altering db tables.
- if nt_export.pl was not provided a nsid, shows a list of active NSs before asking for a selection.
- added NicToolServer::Export::BIND. Tested with BIND 9.6
- SQL: renamed nt_nameserver.export_format='djb' -> 'tinydns'
- SQL: added nt_zone_record.timestamp field. See the timestamp description on the tinydns-data page. Allows start/stop times for records.
- added location support to database and tinydns exports.
- added RFC 2181 tests. CNAME records cannot coexist with any other record type (except DNSSEC). NS and MX must not point to a CNAME.
- SQL: added record types to database: DS, DNSKEY, KEY (not used yet)
- added addserver and zone2nic in api/contrib (from Adrian)
- do not replace : chars in record addresses. No longer necessary because export routines handle encoding of : during export.
- subclassed the tinydns portions of NTS::Export into NTS::Export::tinydns
- added support for exporting nsid=0 (all nameservers). Exports every zone, regardless of NS preference. Useful for virtual nameservers and the tinydns multiip patch.
- ripped out all the https support from NicTool (server, client, API) Approximately 0% of installs use this feature. Anyone inclined to use it would likely use stunnel or ssh -L instead.
- ripped out SSL certificate management (great idea, but unused)
- SQL: Fixed the data model for zone nameservers. Replaced the abhorrent nt_zone.ns0..ns9 columns with the table nt_zone_nameservers.
- there's no limit on how many nameservers a zone can publish to
- queries are much simpler
- deleted unpack_nameservers (no longer necessary)
- added set_zone_nameservers
- now we can run a simple, inexpensive query to determine if any zones that publish to a given NS have modification dates greater than the last successful export. Yay.
- I broke the old nt_export_djb.c program. Boo. Any c++ programmers want to help? Read the TODO file in sys/djb and send a patch.
- SQL: renamed nt_zone.output_format to export_format
- SQL: converted deleted database fields from enum to tinyint(1) (enums are evil. Their contents are strings. Having to quote numeric values in every query has ALWAYS irritated me about NicTool. ENUM is MySQL proprietary, and they often don't behave as expected).
- SQL: added nt_nameserver.export_serials (controls export of serial nums for tinydns export).
- removed the quotes from many integers. Someone wasn't thinking...
- ripped out nt_nameserver.service_type
- removed all summary code (unused)
- added nt_options database table (and db_version value). Expect the contents of nictoolserver.conf and nictoolclient.conf to be here.
NOTICE: this version requires updating the database:
$ mysql -u nictool -p nictool < sql/upgrade/update_v2_08.sql
- added support for encrypted passwords in nt_user table
- Added file existence test before comparing for differences in nt_export_djb.pl
- Updated the Ipv6 implementation to choose between AAAA records with and without auto created PTR records. Lines prefixed with a 6 will have both an AAAA and a PTR record created. Those prefixed with a 3 will only have an AAAA record created.
- Fixed a bug in Zone/Record/Sanity that allowed : character to be allowed when it shouldn't have been. This was causing tests to fail.
- Restrictions on passwords were imposed but the test weren't updated. Fixed.
- Updated the export routine to djbdns so it supports Ipv6 adresses
- Add the option to add IPv6 AAAA addresses checked by Net::IP
- fixed a bug that prevented Advanced Search feature from working
- removed 28 lines of redundant code (thanks, maxv)
- fixed a bug in nt_export_djb.pl ($UID)
- sort the zone records as signed integers (so reverse zone records are sorted correctly) - thanks Patrick Woo at telus
- sort the zones as signed integers if group name has "reverse" in it
- added additional user and password validity checks
- max pass length of 15 chars
- max user length of 50 chars
- increased min password length to 6 chars
- password cannot be same as username
- password cannot contain the username
- removed a bunch of code duplication in User/Sanity.pm by abstracting the user and password tests into their own subroutines
- Changed the hard coded paging limit from 100 to 255 and noted the limit in the API docs.
- nt_export_djb.pl fixes:
- export always reported failure if rsync was not being used.
- disabled some superfluous db logging that is not used.
- nicer formatting of the "export status" message
NOTICE: this version requires updating your SQL tables!
mysql -u nictool -p nictool < sql/upgrade/update_v2_05.sql
- abstracted NicToolServer::Zone::Record::Sanity::new_or_edit_basic_verify into a suite of functions instead of one really big long nasty hard to read and poorly documented one
- nt_export_djb updates to support SRV records
- nameserver/install.pl, rewrote, prompts for all required values with reasonable defaults. Setting up a nameserver export process is now much easier.
- NicToolServer::Zone::get_zone_records: patch from slink, see forum thread
- nt_export_djb.pl - provides better error messages if your ns export isn't set up right
- bin/install_deps.sh - tries to install perl modules NicTool requires
- added "use Apache2::SOAP to nictoolserver.conf (mps)
- djbdjb/nameserver/install.pl updates (rl)
- NicToolServer/Zone/Record/Sanity.pm - allow / character in TXT records
- NicToolServer/Response.pm - added mod_perl 2 check and use content_type instead of send_http_header if mod_perl 2.
- Added Copyright and Affero GPL license text to all source files
- Added files LICENSE & COPYING
- Updated files to reflect version 2.01
- sys/djb - make clean now cleans up nameserver/sample/nt_export_djb*
- consistent password among the variety of config files, now you can grep for it and change it everywhere at once.
- Added support for TXT records, now you can set up SPF records for email
-Protocol version is now specified via the "nt_protocol_version" parameter. This is an optional parameter. If specified NicToolServer will require that the version string is allowed
-Protocol version changed to 1.0. Only this version is supported in NicToolServer version 2.00.
Entirely new permissions system.
The affected API functions are:
new_user, edit_user,get_user, new_group,edit_group,get_group
Nearly all actual function calls are affected, because certain actions may
not be allowed depending on a user's permissions.
DelegationZones and Zone Records can be delegated to sub groups with a certain set of permissions. (Affected API functions : delegate_zones, delegate_zone_records, edit_zone_delegation, edit_zone_record_delegation, delete_zone_delegation, delete_zone_record_delegation, get_delegated_zones, get_delegated_zone_records, get_zone_delegates, get_zone_record_delegates).
Each Group now contains a list of Nameserver objects which are in effect delegated to the Group. Zones within the Group (and subgroups of the Group) can be published to any of these Nameservers.
get_user - 'nt_user_id' now only parameter
save_user - DEPRECATED (see new_user and edit_user)
new_user - creates new user (params 'nt_group_id','username','email' required)
can have all permissions specifications or "inherit_group_permissions"==1 for inherited. edit_user - modifies existing user (params nt_user_id required)
save_group - DEPRECATED (see new_group edit_group)
new_group - creates new group (params 'nt_group_id' 'name' required. can have 'usable_nameservers' list of nameserver ids.)
edit_group- param nt_group_id required (can have usable_nameservers)
delete_group - only 'nt_group_id' parameter reqd.
save_zone - DEPRECATED (see new_zone edit_zone)
new_zone - 'nt_group_id' and 'zone' required (optional 'nameservers' list of nameservers to publish to)
edit_zone - nt_zone_id required (optional 'nameservers' list of nameserver ids)
- parameter "deleted" = '0' means undelete a deleted zone
get_zone_application_log REMOVED (it was never implemented but was enabled)
save_zone_record - DEPRECATED (use new_zone_record and edit_zone_record)
new_zone_record - 'nt_zone_id','name','ttl','address' are required
edit_zone_record - only 'nt_zone_record_id' is required
save_nameserver - DEPRECATED (use new_nameserver and edit_nameserver)
new_nameserver - 'nt_nameserver_id','address','name','service_type','output_format' are required
edit_nameserver - only 'nt_zone_record_id' is required
get_group_zones - parameter "search_deleted" = '1' means only look for deleted zones with the specified properties
API additionserror responses may contain 'error_desc' in addition to 'error_code' and 'error_msg', with a short description of the error.
get_group_permissions - req: nt_group_id
get_user_permissions - req: nt_user_id
delegate_zones - nt_group_id, nt_zone_id
delegate_zone_records - nt_group_id, nt_zone_record_id
edit_zone_delegation - nt_group_id, nt_zone_id
edit_zone_record_delegation - nt_group_id, nt_zone_record_id
delete_zone_delegation - nt_group_id, nt_zone_id
delete_zone_record_delegation - nt_group_id, nt_zone_record_id
get_delegated_zones - nt_group_id
get_delegated_zone_records - nt_group_id
get_zone_delegates - nt_zone_id
get_zone_record_delegates - nt_zone_record_id
These are now the error codes:
300 Sanity Error
301 Required Parameters Missing
302 Some parameters were invalid
403 Invalid Username and/or Password
404 Access Permission Denied
500 Request for unknown action
501 Data transport Content-Type not supported
502 XML-RPC Parse Error
503 Method has been Deprecated
505 SQL Error
507 Internal Consistency Error
508 Internal Error
510 Incorrect Protocol Version
600 Failed to Complete Request
601 Object Not Found
700 Unknown Error
-Sanity checks for search/sort/paging parameters
-Sanity checks when creating Zones and Records to allow RFC 2317 style reverse lookup domains
added 3 tables: nt_delegate, nt_delegate_log, and nt_perm
changed: nt_user_global_log. added the fields: target,target_id,target_name. changed the field action to add more enum values ('delegated','recovered','modified delegation',and 'removed delegation')
-Many, many bug fixes.
-Creating or editing NS Records with 'name' set to the 'zone' of the enclosing zone will be disallowed (these records will be created automatically at export time). -gws
-err, somebody forgot to list the changes -gws
0.01 Fri Jan 26 10:42:19 2001
- original version; created by h2xs 1.20 with options
-X -n NicToolServer