Initial commit

.gitignore

@@ -0,0 +1,3 @@
+
+/target
+**/*.rs.bk

.travis.yml

@@ -0,0 +1,17 @@
+sudo: required
+services:
+  - docker
+script:
+  - docker run --rm -it -v "$(pwd)":/home/rust/src ekidd/rust-musl-builder cargo build --release
+
+before_deploy:
+  - ./ci/before_deploy.sh
+
+deploy:
+  provider: releases
+  file_glob: true
+  file:
+    - deploy/*
+  skip_cleanup: true
+  on:
+    tags: true

Cargo.toml

@@ -0,0 +1,3 @@
+[workspace]
+
+members = [ "server", "client", "data", "crypto" ]

README.md

@@ -0,0 +1,109 @@
+# BIND9 API
+
+This is an attempt to implement an API to create, update or delete DNS records
+on a BIND9 DNS server.
+
+## Server
+
+The server will wait for incoming requests and uses the `nsupdate` command to
+perform operations on the BIND9 nameserver. For the server to work, a DNS key is
+needed to perform the updates.
+
+```
+$ dnssec-keygen -r /dev/urandom -a HMAC-SHA256 -b 256 -n HOST dnskey
+```
+
+Copy the `Key` section of the resulting `Kdnskey*.private` file into a file that
+looks like this:
+
+```
+key "dns-key" {
+    algorithm hmac-sha256;
+    secret "<your secret>";
+}
+```
+
+And extend the zone section of the zones you'd like to modify in your
+`named.conf.local`
+
+```
+zone "example.com" {
+    type master;
+    file "/var/lib/bind/db.example.com";
+    ...
+    allow-update { key "dns-key"; };
+    ...
+}
+```
+
+Now you can start the server:
+
+```
+$ ./bind9-api -k <path to dnskey> -t <your api token>
+```
+
+By default, the server will bind to `0.0.0.0:8000`. The host and port to bind
+to, can be changed using the `-h` and `-p` flags respectively. For production
+use, you should bind to a private IP address (LAN or VLAN) or to `127.0.0.1` and
+put the server behind a reverse proxy that offers TLS.
+
+## Client
+
+The client is used to perform changes to the DNS zone from any server. My use
+case is to perform LetsEncrypt DNS challenges. The client will look for a
+configuration file in `/etc/bind9apiclient.toml` which looks like this:
+
+```
+# API server host
+host = "http://127.0.0.1:8080"
+# API secret
+secret = "topsecret"
+```
+
+The client can perform two operations: Creating/updating and deleting DNS
+records. The client is invoked like this
+
+```
+$ ./bind9-api-client -d foo.example.com -r TXT update -v foobar
+$ ./bind9-api-client -d foo.example.com -r TXT delete
+```
+
+## API Description
+
+```
+POST /record
+X-Api-Token: <api-token>
+
+{
+    "name": "foo.example.com",
+    "value": "127.0.0.1",
+    "record": "A",
+    "ttl": 1337
+}
+```
+
+```
+DELETE /record
+X-Api-Token: <api-token>
+
+{
+    "name": "foo.example.com",
+    "record": "A"
+}
+```
+
+The API token is a SHA256 HMAC over the request body using a pre-shared secret.
+
+### Security Considerations
+
+The current API design does not migrate replay attacks. An attacker that is able
+to intercept a request to the API can resend the same request again to execute
+the same operation.  To prevent these kinds of attacks, you should use a reverse
+proxy and encrypt the connections using TLS. Future versions of the server might
+provide TLS functionality by itself.
+
+## Usage with LetsEncrypt
+
+In `letsencrypt/`, two example scripts can be found to use the client as a
+certbot hook for DNS challenges. It assumes that the client is located somewhere
+in `$PATH` and that the configurations file exists.

ci/before_deploy.sh

@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+set -ex
+
+main() {
+    local src=$(pwd) \
+            stage=$src/deploy
+
+    mkdir -p $deploy
+
+    test -f Cargo.lock || cargo generate-lockfile
+
+    cp target/x86_64-unknown-linux-musl/release/bind9-api $stage/bind9-api-${TRAVIS-TAG:1}-x86_64-musl
+    cp target/x86_64-unknown-linux-musl/release/bind9-api-client $stage/bind9-api-client-${TRAVIS-TAG:1}-x86_64-musl
+}

client/Cargo.lock

@@ -0,0 +1,194 @@
+[[package]]
+name = "ansi_term"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "winapi 0.3.5 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "atty"
+version = "0.2.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "libc 0.2.42 (registry+https://github.com/rust-lang/crates.io-index)",
+ "termion 1.5.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "winapi 0.3.5 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "bind9-api-client"
+version = "0.1.0"
+dependencies = [
+ "clap 2.32.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde 1.0.69 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde_derive 1.0.69 (registry+https://github.com/rust-lang/crates.io-index)",
+ "toml 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "bitflags"
+version = "1.0.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "clap"
+version = "2.32.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "ansi_term 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "atty 0.2.10 (registry+https://github.com/rust-lang/crates.io-index)",
+ "bitflags 1.0.3 (registry+https://github.com/rust-lang/crates.io-index)",
+ "strsim 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "textwrap 0.10.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "unicode-width 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)",
+ "vec_map 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "libc"
+version = "0.2.42"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "proc-macro2"
+version = "0.4.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "unicode-xid 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "quote"
+version = "0.6.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "proc-macro2 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "redox_syscall"
+version = "0.1.40"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "redox_termios"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "redox_syscall 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "serde"
+version = "1.0.69"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "serde_derive"
+version = "1.0.69"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "proc-macro2 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "quote 0.6.3 (registry+https://github.com/rust-lang/crates.io-index)",
+ "syn 0.14.4 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "strsim"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "syn"
+version = "0.14.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "proc-macro2 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "quote 0.6.3 (registry+https://github.com/rust-lang/crates.io-index)",
+ "unicode-xid 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "termion"
+version = "1.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "libc 0.2.42 (registry+https://github.com/rust-lang/crates.io-index)",
+ "redox_syscall 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)",
+ "redox_termios 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "textwrap"
+version = "0.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "unicode-width 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "toml"
+version = "0.4.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "serde 1.0.69 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "unicode-width"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "unicode-xid"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "vec_map"
+version = "0.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "winapi"
+version = "0.3.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "winapi-i686-pc-windows-gnu"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "winapi-x86_64-pc-windows-gnu"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[metadata]
+"checksum ansi_term 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ee49baf6cb617b853aa8d93bf420db2383fab46d314482ca2803b40d5fde979b"
+"checksum atty 0.2.10 (registry+https://github.com/rust-lang/crates.io-index)" = "2fc4a1aa4c24c0718a250f0681885c1af91419d242f29eb8f2ab28502d80dbd1"
+"checksum bitflags 1.0.3 (registry+https://github.com/rust-lang/crates.io-index)" = "d0c54bb8f454c567f21197eefcdbf5679d0bd99f2ddbe52e84c77061952e6789"
+"checksum clap 2.32.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b957d88f4b6a63b9d70d5f454ac8011819c6efa7727858f458ab71c756ce2d3e"
+"checksum libc 0.2.42 (registry+https://github.com/rust-lang/crates.io-index)" = "b685088df2b950fccadf07a7187c8ef846a959c142338a48f9dc0b94517eb5f1"
+"checksum proc-macro2 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)" = "effdb53b25cdad54f8f48843d67398f7ef2e14f12c1b4cb4effc549a6462a4d6"
+"checksum quote 0.6.3 (registry+https://github.com/rust-lang/crates.io-index)" = "e44651a0dc4cdd99f71c83b561e221f714912d11af1a4dff0631f923d53af035"
+"checksum redox_syscall 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)" = "c214e91d3ecf43e9a4e41e578973adeb14b474f2bee858742d127af75a0112b1"
+"checksum redox_termios 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "7e891cfe48e9100a70a3b6eb652fef28920c117d366339687bd5576160db0f76"
+"checksum serde 1.0.69 (registry+https://github.com/rust-lang/crates.io-index)" = "210e5a3b159c566d7527e9b22e44be73f2e0fcc330bb78fef4dbccb56d2e74c8"
+"checksum serde_derive 1.0.69 (registry+https://github.com/rust-lang/crates.io-index)" = "dd724d68017ae3a7e63600ee4b2fdb3cad2158ffd1821d44aff4580f63e2b593"
+"checksum strsim 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "bb4f380125926a99e52bc279241539c018323fab05ad6368b56f93d9369ff550"
+"checksum syn 0.14.4 (registry+https://github.com/rust-lang/crates.io-index)" = "2beff8ebc3658f07512a413866875adddd20f4fd47b2a4e6c9da65cd281baaea"
+"checksum termion 1.5.1 (registry+https://github.com/rust-lang/crates.io-index)" = "689a3bdfaab439fd92bc87df5c4c78417d3cbe537487274e9b0b2dce76e92096"
+"checksum textwrap 0.10.0 (registry+https://github.com/rust-lang/crates.io-index)" = "307686869c93e71f94da64286f9a9524c0f308a9e1c87a583de8e9c9039ad3f6"
+"checksum toml 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)" = "a0263c6c02c4db6c8f7681f9fd35e90de799ebd4cfdeab77a38f4ff6b3d8c0d9"
+"checksum unicode-width 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "882386231c45df4700b275c7ff55b6f3698780a650026380e72dabe76fa46526"
+"checksum unicode-xid 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "fc72304796d0818e357ead4e000d19c9c174ab23dc11093ac919054d20a6a7fc"
+"checksum vec_map 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)" = "05c78687fb1a80548ae3250346c3db86a80a7cdd77bda190189f2d0a0987c81a"
+"checksum winapi 0.3.5 (registry+https://github.com/rust-lang/crates.io-index)" = "773ef9dcc5f24b7d850d0ff101e542ff24c3b090a9768e03ff889fdef41f00fd"
+"checksum winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
+"checksum winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"

client/Cargo.toml

@@ -0,0 +1,18 @@
+[package]
+name = "bind9-api-client"
+version = "0.1.0"
+authors = ["Valentin Brandl <vbrandl@riseup.net>"]
+
+[dependencies]
+clap = "2.32.0"
+crypto = { path = "../crypto" }
+data = { path = "../data" }
+failure = "0.1.1"
+log = "0.4.3"
+openssl-probe = "0.1.2"
+pretty_env_logger = "0.2.3"
+reqwest = "0.8.6"
+serde = "1.0.69"
+serde_derive = "1.0.69"
+serde_json = "1.0.22"
+toml = "0.4.6"

client/src/cli.rs

@@ -0,0 +1,18 @@
+pub fn parse_cli() -> ::clap::ArgMatches<'static> {
+    clap_app!(bind9_api_client =>
+        (version: crate_version!())
+        (author: crate_authors!())
+        (about: crate_description!())
+        (@arg CONFIG: -c --config +takes_value "Path to config file (Defaults to /etc/bind9apiclient.toml)")
+        (@arg DOMAIN: -d --domain +takes_value +required "Domain to create")
+        (@arg RECORD: -r --record +takes_value "The record type (Defaults to TXT)")
+        (@subcommand update =>
+            (about: "Creates a new record")
+            (@arg VALUE: -v --value +takes_value +required "Value to write in the record")
+            (@arg TTL: -t --ttl + takes_value "TTL of the record (Defaults to 8640)")
+        )
+        (@subcommand delete =>
+            (about: "Deletes a record")
+        )
+    ).get_matches()
+}

client/src/main.rs

@@ -0,0 +1,114 @@
+#[macro_use]
+extern crate clap;
+extern crate crypto;
+extern crate data;
+extern crate failure;
+#[macro_use]
+extern crate log;
+extern crate openssl_probe;
+extern crate pretty_env_logger;
+extern crate reqwest;
+extern crate serde;
+extern crate toml;
+#[macro_use]
+extern crate serde_derive;
+extern crate serde_json;
+
+mod cli;
+
+use failure::Error;
+
+use data::{ApiError, Delete, Record, Update};
+
+use std::borrow::Cow;
+
+type Result<T> = std::result::Result<T, Error>;
+
+#[derive(Eq, PartialEq, Clone, Copy)]
+enum Method {
+    POST,
+    DELETE,
+}
+
+#[derive(Deserialize)]
+struct Config<'a> {
+    #[serde(borrow)]
+    host: Cow<'a, str>,
+    #[serde(borrow)]
+    secret: Cow<'a, str>,
+}
+
+fn delete(config: &Config, record: Record, domain: &str) -> Result<()> {
+    let delete = Delete::new(domain.to_owned(), record);
+    let res = call_api(config, delete, Method::DELETE)?;
+    if res.status().is_success() {
+        Ok(())
+    } else {
+        Err(ApiError::RequestError.into())
+    }
+}
+
+fn update(config: &Config, record: Record, domain: &str, value: &str, ttl: u32) -> Result<()> {
+    let update = Update::new(domain.to_owned(), value.to_owned(), record, ttl);
+    let res = call_api(config, update, Method::POST)?;
+    if res.status().is_success() {
+        Ok(())
+    } else {
+        Err(ApiError::RequestError.into())
+    }
+}
+
+fn call_api<D: serde::Serialize>(
+    config: &Config,
+    data: D,
+    method: Method,
+) -> Result<reqwest::Response> {
+    let data_s = serde_json::to_string(&data)?;
+    info!("body: {}", data_s);
+    let signature = crypto::sign(config.secret.as_bytes(), data_s.as_bytes());
+    let signature = crypto::bytes_to_hex_str(&signature)?;
+    let client = reqwest::Client::new();
+    let url = format!("{}/record", config.host);
+    Ok(if method == Method::POST {
+        client.post(&url)
+    } else {
+        client.delete(&url)
+    }.header(data::XApiToken(signature))
+        .json(&data)
+        .send()?)
+}
+
+fn main() -> Result<()> {
+    openssl_probe::init_ssl_cert_env_vars();
+    std::env::set_var("RUST_LOG", "info");
+    pretty_env_logger::init();
+    let matches = cli::parse_cli();
+    let record: Record = matches
+        .value_of("RECORD")
+        .unwrap_or("TXT")
+        .parse()
+        .expect("Invalid record type");
+    let domain = matches.value_of("DOMAIN").unwrap();
+    let config_path = matches
+        .value_of("CONFIG")
+        .unwrap_or("/etc/bind9apiclient.toml");
+    let config = std::fs::read_to_string(config_path).expect("Cannot read config file");
+    let config: Config = toml::from_str(&config).expect("Cannot parse config file");
+    if let Some(matches) = matches.subcommand_matches("update") {
+        let ttl = matches
+            .value_of("TTL")
+            .unwrap_or("8640")
+            .parse()
+            .expect("Cannot parse TTL");
+        update(
+            &config,
+            record,
+            domain,
+            matches.value_of("VALUE").unwrap(),
+            ttl,
+        )?;
+    } else if matches.subcommand_matches("delete").is_some() {
+        delete(&config, record, domain)?;
+    }
+    Ok(())
+}

crypto/Cargo.toml

@@ -0,0 +1,12 @@
+[package]
+name = "crypto"
+version = "0.1.0"
+authors = ["Valentin Brandl <vbrandl@riseup.net>"]
+
+[dependencies]
+failure = "0.1.1"
+hex = "0.3.2"
+ring = "0.12.1"
+
+[dev-dependencies]
+proptest = "0.8.1"

crypto/src/lib.rs

@@ -0,0 +1,56 @@
+extern crate failure;
+extern crate hex;
+extern crate ring;
+
+#[cfg(test)]
+#[macro_use]
+extern crate proptest;
+
+use failure::Error;
+use hex::{FromHex, ToHex};
+use ring::{digest, hmac};
+
+type Result<T> = std::result::Result<T, Error>;
+
+pub fn bytes_to_hex_str(bytes: &[u8]) -> Result<String> {
+    let mut output = String::new();
+    bytes.write_hex(&mut output)?;
+    Ok(output)
+}
+
+pub fn hex_str_to_bytes(hex_str: &str) -> Result<Vec<u8>> {
+    Ok(Vec::from_hex(hex_str)?)
+}
+
+pub fn verify_signature(key: &[u8], msg: &[u8], signature: &[u8]) -> bool {
+    let key = hmac::VerificationKey::new(&digest::SHA256, key);
+    hmac::verify(&key, msg, signature)
+        .map(|_| true)
+        .unwrap_or(false)
+}
+
+pub fn sign(key: &[u8], msg: &[u8]) -> Vec<u8> {
+    let key = hmac::SigningKey::new(&digest::SHA256, key);
+    let signature = hmac::sign(&key, msg);
+    signature.as_ref().into_iter().cloned().collect()
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    proptest! {
+        #[test]
+        fn sign_verify(key: Vec<u8>, msg: Vec<u8>) {
+            let sig = sign(&key, &msg);
+            assert!(verify_signature(&key, &msg, &sig));
+        }
+    }
+
+    proptest! {
+        #[test]
+        fn to_from_hex(data: Vec<u8>) {
+            assert_eq!(hex_str_to_bytes(&bytes_to_hex_str(&data).unwrap()).unwrap(), data);
+        }
+    }
+}

data/Cargo.toml

@@ -0,0 +1,10 @@
+[package]
+name = "data"
+version = "0.1.0"
+authors = ["Valentin Brandl <vbrandl@riseup.net>"]
+
+[dependencies]
+failure = "0.1.1"
+hyper = "0.11"
+serde = "1.0.69"
+serde_derive = "1.0.69"

data/src/lib.rs

@@ -0,0 +1,146 @@
+#[macro_use]
+extern crate failure;
+#[macro_use]
+extern crate hyper;
+#[macro_use]
+extern crate serde_derive;
+
+pub const TOKEN_HEADER: &str = "X-Api-Token";
+
+header! { (XApiToken, TOKEN_HEADER) => [String] }
+
+#[derive(Eq, PartialEq, Deserialize, Serialize, Debug, Clone, Copy)]
+pub enum Record {
+    A,
+    AAAA,
+    PTR,
+    TXT,
+}
+
+#[derive(Debug, Fail)]
+pub enum ApiError {
+    #[fail(display = "Parse record error")]
+    ParseRecord,
+    #[fail(display = "API Error")]
+    RequestError,
+}
+
+impl std::str::FromStr for Record {
+    type Err = ApiError;
+
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        match s {
+            "A" | "a" => Ok(Record::A),
+            "AAAA" | "aaaa" => Ok(Record::AAAA),
+            "TXT" | "txt" => Ok(Record::TXT),
+            "PTR" | "ptr" => Ok(Record::PTR),
+            _ => Err(ApiError::ParseRecord),
+        }
+    }
+}
+
+impl std::fmt::Display for Record {
+    fn fmt(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result {
+        write!(
+            f,
+            "{}",
+            match *self {
+                Record::A => "A",
+                Record::AAAA => "AAAA",
+                Record::PTR => "PTR",
+                Record::TXT => "TXT",
+            }
+        )
+    }
+}
+
+#[derive(Deserialize, Serialize)]
+pub struct Update {
+    name: String,
+    value: String,
+    record: Record,
+    ttl: u32,
+}
+
+impl Update {
+    pub fn new(name: String, value: String, record: Record, ttl: u32) -> Self {
+        Self {
+            name,
+            value,
+            record,
+            ttl: ttl,
+        }
+    }
+
+    #[inline]
+    pub fn name(&self) -> &str {
+        &self.name
+    }
+
+    #[inline]
+    pub fn value(&self) -> &str {
+        &self.value
+    }
+
+    #[inline]
+    pub fn record(&self) -> Record {
+        self.record
+    }
+
+    #[inline]
+    pub fn ttl(&self) -> u32 {
+        self.ttl
+    }
+}
+
+#[derive(Deserialize, Serialize)]
+pub struct Delete {
+    name: String,
+    record: Record,
+}
+
+impl Delete {
+    pub fn new(name: String, record: Record) -> Self {
+        Self { name, record }
+    }
+
+    #[inline]
+    pub fn name(&self) -> &str {
+        &self.name
+    }
+
+    #[inline]
+    pub fn record(&self) -> Record {
+        self.record
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn parse_record() {
+        assert_eq!("a".parse::<Record>().unwrap(), Record::A);
+        assert_eq!("A".parse::<Record>().unwrap(), Record::A);
+        assert_eq!("aaaa".parse::<Record>().unwrap(), Record::AAAA);
+        assert_eq!("AAAA".parse::<Record>().unwrap(), Record::AAAA);
+        assert_eq!("txt".parse::<Record>().unwrap(), Record::TXT);
+        assert_eq!("TXT".parse::<Record>().unwrap(), Record::TXT);
+        assert_eq!("PTR".parse::<Record>().unwrap(), Record::PTR);
+        assert_eq!("ptr".parse::<Record>().unwrap(), Record::PTR);
+        assert!(!"aAaA".parse::<Record>().is_ok());
+    }
+
+    #[test]
+    fn record_to_str_and_parse_equals_input() {
+        assert!(validate_record_parsing(Record::A));
+        assert!(validate_record_parsing(Record::AAAA));
+        assert!(validate_record_parsing(Record::PTR));
+        assert!(validate_record_parsing(Record::TXT));
+    }
+
+    fn validate_record_parsing(record: Record) -> bool {
+        format!("{}", record).parse::<Record>().unwrap() == record
+    }
+}

letsencrypt/certbot-bind9-auth

@@ -0,0 +1,3 @@
+#!/usr/bin/env sh
+
+bind9-api-client -d "_acme-challenge.$CERTBOT_DOMAIN" -r TXT update -v "$CERTBOT_VALIDATION"

letsencrypt/certbot-bind9-cleanup

@@ -0,0 +1,3 @@
+#!/usr/bin/env sh
+
+bind9-api-client -d "_acme-challenge.$CERTBOT_DOMAIN" -r TXT delete

server/Cargo.toml

@@ -0,0 +1,18 @@
+[package]
+name = "bind9-api"
+version = "0.1.0"
+authors = ["Valentin Brandl <vbrandl@riseup.net>"]
+description = "Web API to create, update and remove DNS entries in bind9"
+
+[dependencies]
+actix-web = "0.6.14"
+# actix-web = { git = "https://github.com/actix/actix-web.git" }
+clap = "2.31.2"
+crypto = { path = "../crypto" }
+data = { path = "../data" }
+failure = "0.1.1"
+futures = "0.1.21"
+log = "0.4.3"
+pretty_env_logger = "0.2.3"
+serde = "1.0.69"
+serde_json = "1.0.22"

server/src/cli.rs

@@ -0,0 +1,14 @@
+pub fn parse_args() -> ::clap::ArgMatches<'static> {
+    clap_app!(api =>
+        (version: crate_version!())
+        (author: crate_authors!())
+        (about: crate_description!())
+        (@arg TOKEN: -t --token +required +takes_value "Token to authenticate against the API")
+        (@arg CMD: -c --command +takes_value "Nsupdate command (Defaults to nsupdate)")
+        (@arg KEYPATH: -k --keypath +required +takes_value "Path to the DNS key")
+        (@arg OKMARK: -m --marker +takes_value "Marker to detect if a operation was successful")
+        (@arg PORT: -p --port +takes_value "Port to listen on (Defaults to 8000)")
+        (@arg HOST: -h --host +takes_value "Host to listen on (Defaults to 0.0.0.0)")
+        (@arg SERVER: -s --server +takes_value "Bind server (Defaults to 127.0.0.1)")
+    ).get_matches()
+}

server/src/main.rs

@@ -0,0 +1,177 @@
+extern crate actix_web;
+extern crate crypto;
+extern crate data;
+#[macro_use]
+extern crate clap;
+#[macro_use]
+extern crate failure;
+extern crate futures;
+#[macro_use]
+extern crate log;
+extern crate pretty_env_logger;
+extern crate serde_json;
+
+mod cli;
+
+use actix_web::{
+    error::{self, ErrorInternalServerError, ErrorUnauthorized, JsonPayloadError, ParseError}, http,
+    middleware::Logger, server, App, HttpMessage, HttpRequest, Result,
+};
+use data::{Delete, Update};
+use failure::Error;
+use futures::future::{err as FutErr, Future};
+use std::{
+    io::Write, process::{Command, Stdio}, sync::Arc,
+};
+
+#[derive(Debug, Fail)]
+enum ExecuteError {
+    #[fail(display = "Stdin error")]
+    Stdin,
+}
+
+struct Config {
+    token: String,
+    command: String,
+    key_path: String,
+    ok_marker: String,
+    server: String,
+}
+
+fn execute_nsupdate(input: &str, config: &Config) -> Result<String, Error> {
+    info!("executing update: {}", input);
+    let mut cmd = Command::new(&config.command)
+        .stdin(Stdio::piped())
+        .stdout(Stdio::piped())
+        .args(&["-k", &config.key_path])
+        .spawn()?;
+    {
+        let stdin = cmd.stdin.as_mut().ok_or(ExecuteError::Stdin)?;
+        stdin.write_all(input.as_bytes())?;
+    }
+    let output = cmd.wait_with_output()?.stdout;
+    let output = String::from_utf8(output)?;
+    info!("output: {}", output);
+    Ok(output)
+}
+
+fn delete(req: HttpRequest<Arc<Config>>) -> Box<Future<Item = &'static str, Error = error::Error>> {
+    let state = req.state().clone();
+    let sig = extract_signature(&req);
+    if sig.is_err() {
+        return Box::new(FutErr(sig.unwrap_err()));
+    }
+    let sig = sig.unwrap();
+    let secret = state.token.clone();
+    Box::new(req.body().from_err().and_then(move |body| {
+        if crypto::verify_signature(secret.as_bytes(), &body, &sig) {
+            let delete: Delete = serde_json::from_slice(&body)
+                .map_err(|e| ErrorInternalServerError(JsonPayloadError::Deserialize(e)))?;
+            info!("Deleting {} record for {}", delete.record(), delete.name());
+            let stdin = format!(
+                "server {}\nupdate delete {} {}\nsend\n",
+                state.server,
+                delete.name(),
+                delete.record()
+            );
+            Ok(execute_nsupdate(&stdin, &state)
+                .map_err(|_| ErrorInternalServerError("Error executing nsupdate"))
+                .and_then(|s| {
+                    if s.contains(&state.ok_marker) {
+                        Ok("OK")
+                    } else {
+                        Err(ErrorInternalServerError("Marker not found"))
+                    }
+                })?)
+        } else {
+            Err(ErrorUnauthorized(ParseError::Header))
+        }
+    }))
+}
+
+fn extract_signature<S>(req: &HttpRequest<S>) -> Result<Vec<u8>> {
+    Ok(req.headers()
+        .get(data::TOKEN_HEADER)
+        .as_ref()
+        .ok_or_else(|| ErrorUnauthorized(ParseError::Header))?
+        .to_str()
+        .map_err(ErrorUnauthorized)
+        .and_then(|s| {
+            crypto::hex_str_to_bytes(s).map_err(|_| ErrorUnauthorized(ParseError::Header))
+        })
+        .map_err(ErrorUnauthorized)?)
+}
+
+fn update(req: HttpRequest<Arc<Config>>) -> Box<Future<Item = &'static str, Error = error::Error>> {
+    let state = req.state().clone();
+    let sig = extract_signature(&req);
+    if sig.is_err() {
+        return Box::new(FutErr(sig.unwrap_err()));
+    }
+    let sig = sig.unwrap();
+    let secret = state.token.clone();
+    Box::new(req.body().from_err().and_then(move |body| {
+        if crypto::verify_signature(secret.as_bytes(), &body, &sig) {
+            let update: Update = serde_json::from_slice(&body)
+                .map_err(|e| ErrorInternalServerError(JsonPayloadError::Deserialize(e)))?;
+            info!(
+                "Updating {} record for {} with value \"{}\"",
+                update.record(),
+                update.name(),
+                update.value()
+            );
+            let stdin = format!(
+                "server {}\nupdate add {} {} {} {}\nsend\n",
+                state.server,
+                update.name(),
+                update.ttl(),
+                update.record(),
+                update.value()
+            );
+            Ok(execute_nsupdate(&stdin, &state)
+                .map_err(|_| ErrorInternalServerError("Error executing nsupdate"))
+                .and_then(|s| {
+                    if s.contains(&state.ok_marker) {
+                        Ok("OK")
+                    } else {
+                        Err(ErrorInternalServerError("Marker not found"))
+                    }
+                })?)
+        } else {
+            Err(ErrorUnauthorized(ParseError::Header))
+        }
+    }))
+}
+
+fn main() {
+    std::env::set_var("RUST_LOG", "info");
+    pretty_env_logger::init();
+    let matches = cli::parse_args();
+    let token = matches.value_of("TOKEN").unwrap().to_owned();
+    let command = matches.value_of("CMD").unwrap_or("nsupdate").to_owned();
+    let key_path = matches.value_of("KEYPATH").unwrap().to_owned();
+    let ok_marker = matches.value_of("OKMARK").unwrap_or("").to_owned();
+    let server = matches.value_of("SERVER").unwrap_or("127.0.0.1").to_owned();
+    let config = Arc::new(Config {
+        token,
+        command,
+        key_path,
+        ok_marker,
+        server,
+    });
+    let port: u16 = matches
+        .value_of("PORT")
+        .unwrap_or("8000")
+        .parse()
+        .expect("Cannot parse port");
+    let host = matches.value_of("HOST").unwrap_or("0.0.0.0");
+    let host = format!("{}:{}", host, port);
+    server::new(move || {
+        App::with_state(config.clone())
+            .middleware(Logger::default())
+            .route("/record", http::Method::POST, update)
+            .route("/record", http::Method::DELETE, delete)
+    }).bind(host)
+        .unwrap()
+        .run();
+}