Fixed issue that prevent aliases from using same name for different IP types, updated unit test to check this case

Author: jaredhendrickson13

.gitignore

@@ -1,4 +1,5 @@
 .idea
+*/__pycache__/
 *.DS_Store
 .phplint-cache
 

pfSense-pkg-API/files/etc/inc/api/framework/APIResponse.inc

@@ -272,7 +272,7 @@ function get($id, $data=[], $all=false) {
             "status" => "bad request",
             "code" => 400,
             "return" => $id,
-            "message" => "Unbound host override alias already exists"
+            "message" => "Unbound host override alias already exists with this IP address type"
         ],
         2010 => [
             "status" => "bad request",
@@ -490,6 +490,18 @@ function get($id, $data=[], $all=false) {
             "return" => $id,
             "message" => "DHCPd static mapping ID does not exist"
         ],
+        2046 => [
+            "status" => "bad request",
+            "code" => 400,
+            "return" => $id,
+            "message" => "Invalid unbound host value"
+        ],
+        2047 => [
+            "status" => "bad request",
+            "code" => 400,
+            "return" => $id,
+            "message" => "Invalid unbound domain value"
+        ],
 
         // 3000-3999 reserved for /interfaces API calls
         3000 => [

pfSense-pkg-API/files/etc/inc/api/framework/APITools.inc

@@ -690,38 +690,6 @@ function unbound_reload_config() {
     }
 }
 
-// Check if a DNS Resolver (Unbound) host override already exists
-function is_unbound_fqdn($hostname, $domain, $ip=null, $instance_id=null) {
-    # Local variables
-    global $config;
-    $curr_hosts = (array_key_exists("hosts", $config["unbound"])) ? $config["unbound"]["hosts"] : [];
-    $index = 0;
-
-    # Loop through each host override and check if the FQDN already exists
-    foreach ($curr_hosts as $ent) {
-        # Check the FQDN matches this entry
-        if ($ent["host"] === $hostname and $ent["domain"] === $domain) {
-            # Host overrides are allowed an IPv4 and IPv6 address, check if it already has one.
-            if (!$ip or (is_ipaddrv4($ent["ip"]) and is_ipaddrv4($ip)) or (is_ipaddrv6($ent["ip"]) and is_ipaddrv6($ip))){
-                # If we are working with an existing instance, allow existing FQDN if ID matches
-                if ($index !== $instance_id) {
-                    return true;
-                }
-            }
-        }
-
-        # Check FQDN within host override aliases as well
-        if (is_array($ent["aliases"])) {
-            foreach ($ent["aliases"]["item"] as $alias_ent) {
-                if ($alias_ent["host"] === $hostname and $alias_ent["domain"] === $domain) {
-                    return true;
-                }
-            }
-        }
-        $index++;
-    }
-    return false;
-}
 
 // Get a complete config list of ALL interfaces. Based off interfaces_assign.php
 function get_all_avail_interfaces() {

pfSense-pkg-API/files/etc/inc/api/models/APIServicesUnboundHostOverrideAliasCreate.inc

@@ -42,9 +42,14 @@ class APIServicesUnboundHostOverrideAliasCreate extends APIModel {
 
     public function validate_payload() {
         $this->__validate_id();
-        $this->__validate_host();
-        $this->__validate_domain();
-        $this->__validate_description();
+        $this->validate_host();
+        $this->validate_domain();
+        $this->validate_description();
+
+        # Ensure alias host/domain combo isn't already used
+        if (($this->alias_exists($this->validated_data))) {
+            $this->errors[] = APIResponse\get(2009);
+        }
     }
 
     private function __validate_id() {
@@ -61,35 +66,69 @@ class APIServicesUnboundHostOverrideAliasCreate extends APIModel {
         }
     }
 
-    private function __validate_host() {
+    public function validate_host() {
         # Check for our required 'host' payload value
         if (isset($this->initial_data["host"])) {
-            $this->validated_data["host"] = trim($this->initial_data["host"]);
+            # Ensure it is a valid hostname
+            if (is_hostname($this->initial_data["host"])) {
+                $this->validated_data["host"] = $this->initial_data['host'];
+            } else {
+                $this->errors[] = APIResponse\get(2046);
+            }
         } else {
             $this->errors[] = APIResponse\get(2007);
         }
     }
 
-    private function __validate_domain() {
+    public function validate_domain() {
         # Check for our required 'domain' payload value
         if (isset($this->initial_data["domain"])) {
-            # Ensure this host/domain combo doesn't already exist
-            if (APITools\is_unbound_fqdn($this->validated_data["host"], $this->validated_data["domain"])) {
-                $this->errors[] = APIResponse\get(2009);
+            # Ensure it is a validate hostname
+            if (is_hostname($this->initial_data["domain"])) {
+                $this->validated_data["domain"] = $this->initial_data['domain'];
             } else {
-                $this->validated_data["domain"] = trim($this->initial_data["domain"]);
+                $this->errors[] = APIResponse\get(2047);
             }
         } else {
             $this->errors[] = APIResponse\get(2008);
         }
     }
 
-    private function __validate_description() {
+    public function validate_description() {
         # Check for our required 'domain' payload value
         if (isset($this->initial_data["domain"])) {
             $this->validated_data["domain"] = trim($this->initial_data["domain"]);
         } else {
             $this->errors[] = APIResponse\get(2008);
         }
     }
+
+    public function alias_exists($parent, $id=null) {
+        # Local variables
+        $host = $this->validated_data["host"];
+        $domain = $this->validated_data["domain"];
+
+        # Loop through each host override and check if the FQDN already exists
+        foreach ($this->config["unbound"]["hosts"] as $index=>$ent) {
+            # Check the FQDN matches this entry
+            if ($ent["host"] === $host and $ent["domain"] === $domain) {
+                $this->errors[] = APIResponse\get(2009);
+            }
+
+            # Check FQDN within host override aliases as well
+            if (is_array($ent["aliases"])) {
+                foreach ($ent["aliases"]["item"] as $alias_ent) {
+                    if ($alias_ent["host"] === $host and $alias_ent["domain"] === $domain) {
+                        $ip = $parent["ip"];
+                        # Aliases are allowed for an IPv4 and IPv6 alias, check if it already has one.
+                        if ((is_ipaddrv4($ent["ip"]) and is_ipaddrv4($ip)) or (is_ipaddrv6($ent["ip"]) and is_ipaddrv6($ip))){
+                            if ($index !== $id) {
+                                $this->errors[] = APIResponse\get(2009);
+                            }
+                        }
+                    }
+                }
+            }
+        }
+    }
 }

pfSense-pkg-API/files/etc/inc/api/models/APIServicesUnboundHostOverrideCreate.inc

@@ -41,31 +41,28 @@ class APIServicesUnboundHostOverrideCreate extends APIModel {
     }
 
     public function validate_payload() {
-        # Validate the IP first, it is needed to validate the host/domain
-        $this->__validate_ip();
         $this->__validate_host();
         $this->__validate_domain();
-        $this->__validate_descr();
-        $this->__validate_aliases();
-    }
+        $this->__validate_ip();
 
-    private function __validate_ip() {
-        # Check for our required 'ip' payload value
-        if (isset($this->initial_data['ip'])) {
-            if (!is_ipaddrv4($this->initial_data["ip"]) and !is_ipaddrv6($this->initial_data["ip"])) {
-                $this->errors[] = APIResponse\get(2011);
-            } else {
-                $this->validated_data["ip"] = trim($this->initial_data['ip']);
-            }
-        } else {
-            $this->errors[] = APIResponse\get(2006);
+        # Before proceeding, check that a host override matching this host, domain and IP type doesn't already exist
+        if ($this->host_override_exists()) {
+            $this->errors[] = APIResponse\get(2010);
         }
+
+        $this->__validate_descr();
+        $this->__validate_aliases();
     }
 
     private function __validate_host() {
         # Check for our required 'host' payload value
         if (isset($this->initial_data['host'])) {
-            $this->validated_data["host"] = trim($this->initial_data['host']);
+            # Ensure it is a valid hostname
+            if (is_hostname($this->initial_data["host"])) {
+                $this->validated_data["host"] = $this->initial_data['host'];
+            } else {
+                $this->errors[] = APIResponse\get(2046);
+            }
         } else {
             $this->errors[] = APIResponse\get(2004);
         }
@@ -74,16 +71,30 @@ class APIServicesUnboundHostOverrideCreate extends APIModel {
     private function __validate_domain() {
         # Check for our required 'domain' payload value
         if (isset($this->initial_data['domain'])) {
-            if (APITools\is_unbound_fqdn($this->validated_data["host"], $this->initial_data["domain"], $this->validated_data["ip"])) {
-                $this->errors[] = APIResponse\get(2010);
+            # Ensure it is a validate hostname
+            if (is_hostname($this->initial_data["domain"])) {
+                $this->validated_data["domain"] = $this->initial_data['domain'];
             } else {
-                $this->validated_data["domain"] = trim($this->initial_data['domain']);
+                $this->errors[] = APIResponse\get(2047);
             }
         } else {
             $this->errors[] = APIResponse\get(2005);
         }
     }
 
+    private function __validate_ip() {
+        # Check for our required 'ip' payload value
+        if (isset($this->initial_data['ip'])) {
+            if (!is_ipaddrv4($this->initial_data["ip"]) and !is_ipaddrv6($this->initial_data["ip"])) {
+                $this->errors[] = APIResponse\get(2011);
+            } else {
+                $this->validated_data["ip"] = trim($this->initial_data['ip']);
+            }
+        } else {
+            $this->errors[] = APIResponse\get(2006);
+        }
+    }
+
     private function __validate_descr() {
         # Check for our optional 'descr' payload value
         if (isset($this->initial_data['descr'])) {
@@ -103,12 +114,42 @@ class APIServicesUnboundHostOverrideCreate extends APIModel {
             foreach ($this->initial_data['aliases'] as $alias) {
                 $alias_create = new APIServicesUnboundHostOverrideAliasCreate();
                 $alias_create->initial_data = $alias;
-                $alias_create->validate_id = false;
-                $alias_create->validate_payload();
+                $alias_create->validate_host();
+                $alias_create->validate_domain();
+                $alias_create->validate_description();
+                $alias_create->alias_exists($this->validated_data);
                 $this->errors = array_merge($this->errors, $alias_create->errors);
                 $this->validated_data["aliases"]["item"][] = $alias_create->validated_data;
             }
         }
     }
 
+    public function host_override_exists() {
+        # Local variables
+        $host = $this->validated_data["host"];
+        $domain = $this->validated_data["domain"];
+        $ip = $this->validated_data["ip"];
+
+        # Loop through each host override and check if the FQDN already exists
+        foreach ($this->config["unbound"]["hosts"] as $ent) {
+            # Check the FQDN matches this entry
+            if ($ent["host"] === $host and $ent["domain"] === $domain) {
+                # Host overrides are allowed an IPv4 and IPv6 address, check if it already has one.
+                if ((is_ipaddrv4($ent["ip"]) and is_ipaddrv4($ip)) or (is_ipaddrv6($ent["ip"]) and is_ipaddrv6($ip))){
+                    return true;
+                }
+            }
+
+            # Check FQDN within host override aliases as well
+            if (is_array($ent["aliases"])) {
+                foreach ($ent["aliases"]["item"] as $alias_ent) {
+                    if ($alias_ent["host"] === $host and $alias_ent["domain"] === $domain) {
+                        return true;
+                    }
+                }
+            }
+        }
+        return false;
+    }
+
 }

pfSense-pkg-API/files/etc/inc/api/models/APIServicesUnboundHostOverrideUpdate.inc

@@ -46,7 +46,7 @@ class APIServicesUnboundHostOverrideUpdate extends APIModel {
 
         # If host or domain was updated, ensure this host override doesn't already exist
         if (isset($this->initial_data["host"]) or isset($this->initial_data["domain"])) {
-            if (APITools\is_unbound_fqdn($this->validated_data["host"], $this->validated_data["domain"], $this->validated_data["ip"], $this->id)) {
+            if ($this->host_override_exists()) {
                 $this->errors[] = APIResponse\get(2010);
             }
         }
@@ -80,14 +80,23 @@ class APIServicesUnboundHostOverrideUpdate extends APIModel {
     private function __validate_host() {
         # Check for our optional 'host' payload value
         if (isset($this->initial_data['host'])) {
-            $this->validated_data["host"] = trim($this->initial_data['host']);
-        }
+            # Ensure it is a valid hostname
+            if (is_hostname($this->initial_data["host"])) {
+                $this->validated_data["host"] = $this->initial_data['host'];
+            } else {
+                $this->errors[] = APIResponse\get(2046);
+            }        }
     }
 
     private function __validate_domain() {
         # Check for our optional 'domain' payload value
         if (isset($this->initial_data['domain'])) {
-            $this->validated_data["domain"] = trim($this->initial_data['domain']);
+            # Ensure it is a validate hostname
+            if (is_hostname($this->initial_data["domain"])) {
+                $this->validated_data["domain"] = $this->initial_data['domain'];
+            } else {
+                $this->errors[] = APIResponse\get(2047);
+            }
         }
     }
 
@@ -110,11 +119,45 @@ class APIServicesUnboundHostOverrideUpdate extends APIModel {
             foreach ($this->initial_data['aliases'] as $alias) {
                 $alias_create = new APIServicesUnboundHostOverrideAliasCreate();
                 $alias_create->initial_data = $alias;
-                $alias_create->validate_id = false;
-                $alias_create->validate_payload();
+                $alias_create->validate_host();
+                $alias_create->validate_domain();
+                $alias_create->validate_description();
+                $alias_create->alias_exists($this->validated_data, $this->id);
                 $this->errors = array_merge($this->errors, $alias_create->errors);
                 $this->validated_data["aliases"]["item"][] = $alias_create->validated_data;
             }
         }
     }
+
+    public function host_override_exists() {
+        # Local variables
+        $host = $this->validated_data["host"];
+        $domain = $this->validated_data["domain"];
+        $ip = $this->validated_data["ip"];
+        $id = $this->id;
+
+        # Loop through each host override and check if the FQDN already exists
+        foreach ($this->config["unbound"]["hosts"] as $index=>$ent) {
+            # Check the FQDN matches this entry
+            if ($ent["host"] === $host and $ent["domain"] === $domain) {
+                # Host overrides are allowed an IPv4 and IPv6 address, check if it already has one.
+                if ((is_ipaddrv4($ent["ip"]) and is_ipaddrv4($ip)) or (is_ipaddrv6($ent["ip"]) and is_ipaddrv6($ip))){
+                    # If we are working with an existing instance, allow existing FQDN if ID matches
+                    if ($index !== $id) {
+                        return true;
+                    }
+                }
+            }
+
+            # Check FQDN within host override aliases as well
+            if (is_array($ent["aliases"])) {
+                foreach ($ent["aliases"]["item"] as $alias_ent) {
+                    if ($alias_ent["host"] === $host and $alias_ent["domain"] === $domain) {
+                        return true;
+                    }
+                }
+            }
+        }
+        return false;
+    }
 }

tests/test_api_v1_services_unbound_host_override.py

@@ -36,6 +36,13 @@ class APIUnitTestServicesUnboundHostOverride(unit_test_framework.APIUnitTest):
             "domain": "unit.test",
             "ip": "fd00:abcd::",
             "descr": "Unit Test IPv6",
+            "aliases": [
+                {
+                    "host": "pfsense-api-alias",
+                    "domain": "unit.test",
+                    "description": "Unit Test"
+                }
+            ]
         }
     ]
     put_payloads = [