Merging upstream version 20220609.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

6 files changed, 184 insertions, 4 deletions

diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 2f1a084..8289f87 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,3 +1,11 @@
+2022-06-09	Daniel Baumann <daniel.baumann@open-infrastructure.net>
+
+	* Releasing version 20220609.
+
+	[ Daniel Baumann ]
+	* Handling ipv4-only/ipv6-only nameservers on ipv4-only/ipv6-only systems.
+	* Adding dnsdist tools.
+
 2022-05-25	Daniel Baumann <daniel.baumann@open-infrastructure.net>
 
 	* Releasing version 20220525.
diff --git a/VERSION.txt b/VERSION.txt
index a0acbbd..2b282de 100644
--- a/VERSION.txt
+++ b/VERSION.txt
@@ -1 +1 @@
-20220525
+20220609
diff --git a/dehydrated/bin/dehydrated-nsupdate b/dehydrated/bin/dehydrated-nsupdate
index fa421ea..96c95eb 100755
--- a/dehydrated/bin/dehydrated-nsupdate
+++ b/dehydrated/bin/dehydrated-nsupdate
@@ -88,9 +88,9 @@ else
 	TXT_RECORD="_acme-challenge.${DOMAIN}"
 fi
 
-# find nameservers to update
 ZONE="${TXT_RECORD}"
 
+# find all nameservers to update
 while true
 do
 	NAMESERVERS="$(${DIG} +nocomments +noquestion NS "${ZONE}" 2>&1 | grep -v '^;' | awk '/NS/ { print $5 }')"
@@ -104,12 +104,43 @@ do
 	fi
 done
 
+NAMESERVERS_IPV6=""
+NAMESERVERS_IPV4=""
+
+for NAMESERVER in ${NAMESERVERS}
+do
+	if [ -n "$(${DIG} +nocomments +noquestion +short AAAA ${NAMESERVER})" ]
+	then
+		NAMESERVERS_IPV6="${NAMESERVERS_IPV6} ${NAMESERVER}"
+	fi
+
+	if [ -n "$(${DIG} +nocomments +noquestion +short A ${NAMESERVER})" ]
+	then
+		NAMESERVERS_IPV4="${NAMESERVERS_IPV4} ${NAMESERVER}"
+	fi
+done
+
+# filter nameservers by available IP protocol
+NAMESERVERS=""
+
+if hostname -I | grep -qs ':'
+then
+	NAMESERVERS="${NAMESERVERS} ${NAMESERVERS_IPV6}"
+fi
+
+if hostname -I | grep -qs '\.'
+then
+	NAMESERVERS="${NAMESERVERS} ${NAMESERVERS_IPV4}"
+fi
+
+NAMESERVERS="$(echo ${NAMESERVERS} | sed -e 's| |\n|g' | sort -u -V)"
+
+# update nameservers
 if [ -n "${TSIG_KEYFILE}" ] && [ -e "${TSIG_KEYFILE}" ]
 then
 	NSUPDATE_OPTIONS="-k ${TSIG_KEYFILE}"
 fi
 
-# update nameservers
 for NAMESERVER in ${NAMESERVERS}
 do
 	echo -n "   + sending '${HOOK_ACTION}' for ${TXT_RECORD} to ${NAMESERVER}..."
diff --git a/dehydrated/share/man/dehydrated-nsupdate.1.rst b/dehydrated/share/man/dehydrated-nsupdate.1.rst
index 058785f..db58d5c 100644
--- a/dehydrated/share/man/dehydrated-nsupdate.1.rst
+++ b/dehydrated/share/man/dehydrated-nsupdate.1.rst
@@ -54,7 +54,8 @@ Features
 
 | **automatic nameserver detection**
 | **dehydrated-nsupdate** automatically finds and updates all authoritative
-| nameservers for a given record by looking up the records in the DNS by itself.
+| nameservers for a given record by looking up the records in the DNS by itself,
+| supporting IPv6-only, IPv4-only, and dual-stacked environments.
 
 | **proper CNAME support**
 | **dehydrated-nsupdate** follows CNAMEs delegating the TXT record creation to
diff --git a/dnsdist/Makefile b/dnsdist/Makefile
new file mode 100644
index 0000000..6b3744b
--- /dev/null
+++ b/dnsdist/Makefile
@@ -0,0 +1,80 @@
+# Open Infrastructure: service-tools
+
+# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net>
+#
+# SPDX-License-Identifier: GPL-3.0+
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+SHELL := sh -e
+
+SCRIPTS = bin/*
+
+all: build
+
+test:
+	@echo -n "Checking for syntax errors with sh... "
+	@for SCRIPT in $(SCRIPTS); \
+	do \
+		sh -n $${SCRIPT}; \
+		echo -n "."; \
+	done
+	@echo " done."
+
+	@echo -n "Checking for bashisms... "
+	@if [ -x /usr/bin/checkbashisms ]; \
+	then \
+		for SCRIPT in $(SCRIPTS); \
+		do \
+			checkbashisms -f -x $${SCRIPT}; \
+			echo -n "."; \
+		done; \
+	else \
+		echo "Note: devscripts not installed, skipping checkbashisms."; \
+	fi
+	@echo " done."
+
+	@echo -n "Checking with shellcheck... "
+	@if [ -x /usr/bin/shellcheck ]; \
+	then \
+		for SCRIPT in $(SCRIPTS); \
+		do \
+			shellcheck -e SC2039 $${SCRIPT}; \
+			echo -n "."; \
+		done; \
+	else \
+		echo "Note: shellcheck not installed, skipping shellcheck."; \
+	fi
+	@echo " done."
+
+build:
+
+install: build
+	mkdir -p $(DESTDIR)/usr/bin
+	cp -r bin/* $(DESTDIR)/usr/bin
+
+uninstall:
+	for FILE in bin/*; \
+	do \
+		rm -f $(DESTDIR)/usr/bin/$$(basename $${FILE}); \
+	done
+	rmdir --ignore-fail-on-non-empty --parents $(DESTDIR)/usr/bin || true
+
+	rmdir --ignore-fail-on-non-empty --parents $(DESTDIR) || true
+
+clean:
+
+distclean:
+
+reinstall: uninstall install
diff --git a/dnsdist/bin/dnsdist-console b/dnsdist/bin/dnsdist-console
new file mode 100755
index 0000000..8667533
--- /dev/null
+++ b/dnsdist/bin/dnsdist-console
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+# Open Infrastructure: service-tools
+
+# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net>
+#
+# SPDX-License-Identifier: GPL-3.0+
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+set -e
+
+PROGRAM="$(basename ${0})"
+
+Usage ()
+{
+	if [ -z "${OPTIONS}" ]
+	then
+		echo "'${PROGRAM}': incomplete or invalid configuration in /etc/default/dnsdist" >&2
+		exit 1
+	fi
+}
+
+if [ ! -r /etc/dnsdist/dnsdist.conf ]
+then
+	Usage
+fi
+
+CONTROL_SOCKET="$(awk -F\' '/^controlSocket\(/ { print $2 }' /etc/dnsdist/dnsdist.conf)"
+KEY="$(awk -F\' '/^setKey\(/ { print $2 }' /etc/dnsdist/dnsdist.conf)"
+
+OPTIONS=""
+
+if [ -n "${CONTROL_SOCKET}" ]
+then
+	OPTIONS="${OPTIONS} -c ${CONTROL_SOCKET}"
+fi
+
+if [ -n "${KEY}" ]
+then
+	OPTIONS="${OPTIONS} -k ${KEY}"
+fi
+
+if [ -z "${OPTIONS}" ]
+then
+	Usage
+fi
+
+dnsdist ${OPTIONS}