From b4ada44f45bf33bfef3bb2923bdd1e5249c1bbc4 Mon Sep 17 00:00:00 2001
From: Jamie Cameron <jcameron@webmin.com>
Date: Wed, 6 Sep 2017 16:41:54 -0700
Subject: [PATCH] Factor out DNS zone finding code, and deal with multiple
 levels of subdomains https://www.virtualmin.com/node/53438

---
 webmin/letsencrypt-cleanup.pl |  9 ++-------
 webmin/letsencrypt-dns.pl     |  9 ++-------
 webmin/letsencrypt-lib.pl     | 26 +++++++++++++++++++++-----
 3 files changed, 25 insertions(+), 19 deletions(-)

diff --git a/webmin/letsencrypt-cleanup.pl b/webmin/letsencrypt-cleanup.pl
index 613ff2d69..d8a40aabb 100755
--- a/webmin/letsencrypt-cleanup.pl
+++ b/webmin/letsencrypt-cleanup.pl
@@ -15,13 +15,8 @@ my $dname = $ENV{'CERTBOT_DOMAIN'};
 $dname || die "Missing CERTBOT_DOMAIN environment variable";
 
 # Find the DNS domain and records
-my $zname = $dname;
-my $zone = &bind8::get_zone_name($zname, "any");
-if (!$zone) {
-	# Maybe in the parent?
-	$zname =~ s/^[^\.]+\.//;
-	$zone = &bind8::get_zone_name($zname, "any");
-	}
+my $zone;
+($zone, $zname) = &get_bind_zone_for_domain($zname);
 $zone || die "No zone named $dname found";
 &lock_file(&bind8::make_chroot(&bind8::absolute_path($zone->{'file'})));
 my @recs = &bind8::read_zone_file($zone->{'file'}, $zname);
diff --git a/webmin/letsencrypt-dns.pl b/webmin/letsencrypt-dns.pl
index bfddeac73..a38cb4a4d 100755
--- a/webmin/letsencrypt-dns.pl
+++ b/webmin/letsencrypt-dns.pl
@@ -17,13 +17,8 @@ $dname || die "Missing CERTBOT_DOMAIN environment variable";
 $val || die "Missing CERTBOT_VALIDATION environment variable";
 
 # Find the DNS domain and records
-my $zname = $dname;
-my $zone = &bind8::get_zone_name($zname, "any");
-if (!$zone) {
-	# Maybe in the parent?
-	$zname =~ s/^[^\.]+\.//;
-	$zone = &bind8::get_zone_name($zname, "any");
-	}
+my $zone;
+($zone, $zname) = &get_bind_zone_for_domain($zname);
 $zone || die "No zone named $dname found";
 &lock_file(&bind8::make_chroot(&bind8::absolute_path($zone->{'file'})));
 my @recs = &bind8::read_zone_file($zone->{'file'}, $zname);
diff --git a/webmin/letsencrypt-lib.pl b/webmin/letsencrypt-lib.pl
index 2d569cfb6..9961756b0 100755
--- a/webmin/letsencrypt-lib.pl
+++ b/webmin/letsencrypt-lib.pl
@@ -90,11 +90,9 @@ elsif ($mode eq "dns") {
 	# Make sure all the DNS zones exist
 	&foreign_require("bind8");
 	foreach my $d (@doms) {
-		my $bd = $d;
-		$bd =~ s/^[^\.]+\.//;
-		my $z = &bind8::get_zone_name($bd, "any") ||
-			&bind8::get_zone_name($d, "any");
-		$z || return (0, "DNS zone $d or $bd do not exist on this system");
+		my $z = &get_bind_zone_for_domain($d);
+		$z || return (0, "Neither DNS zone $d or any of its ".
+				 "sub-domains exist on this system");
 		}
 	}
 
@@ -279,4 +277,22 @@ else {
 	}
 }
 
+# get_bind_zone_for_domain(domain)
+# Given a hostname like www.foo.com, return the local BIND zone that contains
+# it like foo.com
+sub get_bind_zone_for_domain
+{
+my ($d) = @_;
+&foreign_require("bind8");
+my $bd = $d;
+while ($bd) {
+	my $z = &bind8::get_zone_name($bd, "any");
+	if ($z) {
+		return ($z, $bd);
+		}
+	$bd =~ s/^[^\.]+\.//;
+	}
+return ( );
+}
+
 1;