MSDNS Fix pssession; Allow alternative credentials (#1140)

* Add options for PSCredentials * UTF-8 encoded reading * Fix cred comparison for session based PSRemoting * Better conditional * Fix failing test Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
2024-05-11 05:55:12 +00:00 · 2021-05-02 11:25:06 -04:00
parent 88c05d9484
commit a0bbc66983
3 changed files with 28 additions and 14 deletions
--- a/providers/msdns/msdnsProvider.go
+++ b/providers/msdns/msdnsProvider.go
@ -12,9 +12,11 @@ import (

 // This is the struct that matches either (or both) of the Registrar and/or DNSProvider interfaces:
 type msdnsProvider struct {
-	dnsserver string      // Which DNS Server to update
-	pssession string      // Remote machine to PSSession to
-	shell     DNSAccessor // Handle for
+	dnsserver  string      // Which DNS Server to update
+	pssession  string      // Remote machine to PSSession to
+	psusername string      // Remote username for PSSession
+	pspassword string      // Remote password for PSSession
+	shell      DNSAccessor // Handle for
 }

 var features = providers.DocumentationNotes{
@ -34,7 +36,7 @@ var features = providers.DocumentationNotes{
 //   This establishes the name (all caps), and the function to call to initialize it.
 func init() {
 	fns := providers.DspFuncs{
-		Initializer:    newDNS,
+		Initializer:   newDNS,
 		RecordAuditor: AuditRecords,
 	}
 	providers.RegisterDomainServiceProviderType("MSDNS", fns, features)
@ -50,7 +52,10 @@ func newDNS(config map[string]string, metadata json.RawMessage) (providers.DNSSe
 	var err error

 	p := &msdnsProvider{
-		dnsserver: config["dnsserver"],
+		dnsserver:  config["dnsserver"],
+		pssession:  config["pssession"],
+		psusername: config["psusername"],
+		pspassword: config["pspassword"],
 	}
 	p.shell, err = newPowerShell(config)
 	if err != nil {
--- a/providers/msdns/powershell.go
+++ b/providers/msdns/powershell.go
@ -35,6 +35,14 @@ func newPowerShell(config map[string]string) (*psHandle, error) {
 		mconfig := middleware.NewSessionConfig()
 		mconfig.ComputerName = pssession

+		cred := &middleware.UserPasswordCredential{
+			Username: config["psusername"],
+			Password: config["pspassword"],
+		}
+		if cred.Password != "" && cred.Username != "" {
+			mconfig.Credential = cred
+		}
+
 		session, err := middleware.NewSession(sh, mconfig)
 		if err != nil {
 			panic(err)
@ -95,19 +103,20 @@ func (psh *psHandle) GetDNSZoneRecords(dnsserver, domain string) ([]nativeRecord
 	}
 	tmpfile.Close()

-	stdout, stderr, err := psh.shell.Execute(generatePSZoneDump(dnsserver, domain, tmpfile.Name()))
+	stdout, stderr, err := psh.shell.Execute(generatePSZoneDump(dnsserver, domain))
 	if err != nil {
 		return nil, err
 	}
 	if stdout != "" {
-		fmt.Printf("STDOUT = %q\n", stderr)
+		//writing all stdout from powershell to file
+		ioutil.WriteFile(tmpfile.Name(), []byte(stdout), 0)
 	}
 	if stderr != "" {
 		fmt.Printf("STDERROR = %q\n", stderr)
 		return nil, fmt.Errorf("unexpected stderr from PSZoneDump: %q", stderr)
 	}

-	contents, err := utfutil.ReadFile(tmpfile.Name(), utfutil.WINDOWS)
+	contents, err := utfutil.ReadFile(tmpfile.Name(), utfutil.UTF8)
 	if err != nil {
 		return nil, err
 	}
@ -120,7 +129,7 @@ func (psh *psHandle) GetDNSZoneRecords(dnsserver, domain string) ([]nativeRecord
 }

 // powerShellDump runs a PowerShell command to get a dump of all records in a DNS zone.
-func generatePSZoneDump(dnsserver, domainname string, filename string) string {
+func generatePSZoneDump(dnsserver, domainname string) string {
 	var b bytes.Buffer
 	fmt.Fprintf(&b, `Get-DnsServerResourceRecord`)
 	if dnsserver != "" {
@ -129,7 +138,8 @@ func generatePSZoneDump(dnsserver, domainname string, filename string) string {
 	fmt.Fprintf(&b, ` -ZoneName "%v"`, domainname)
 	fmt.Fprintf(&b, ` | `)
 	fmt.Fprintf(&b, `ConvertTo-Json -depth 4`) // Tested with 3 (causes errors).  4 and larger work.
-	fmt.Fprintf(&b, ` > %s`, filename)
+	// All file writing via dnsserver or pssession should be handled outside this function
+	//fmt.Fprintf(&b, ` > %s`, filename)
 	//fmt.Printf("DEBUG PSZoneDump CMD = (\n%s\n)\n", b.String())
 	return b.String()
 }
--- a/providers/msdns/powershell_test.go
+++ b/providers/msdns/powershell_test.go
@ -10,7 +10,6 @@ import (
 func Test_generatePSZoneAll(t *testing.T) {
 	type args struct {
 		dnsserver string
-		domain    string
 	}
 	tests := []struct {
 		name string
@ -50,17 +49,17 @@ func Test_generatePSZoneDump(t *testing.T) {
 		{
 			name: "local",
 			args: args{domainname: "example.com"},
-			want: `Get-DnsServerResourceRecord -ZoneName "example.com" | ConvertTo-Json -depth 4 > mytemp.json`,
+			want: `Get-DnsServerResourceRecord -ZoneName "example.com" | ConvertTo-Json -depth 4`,
 		},
 		{
 			name: "remote",
 			args: args{domainname: "example.com", dnsserver: "mydnsserver"},
-			want: `Get-DnsServerResourceRecord -ComputerName "mydnsserver" -ZoneName "example.com" | ConvertTo-Json -depth 4 > mytemp.json`,
+			want: `Get-DnsServerResourceRecord -ComputerName "mydnsserver" -ZoneName "example.com" | ConvertTo-Json -depth 4`,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if got := generatePSZoneDump(tt.args.dnsserver, tt.args.domainname, "mytemp.json"); got != tt.want {
+			if got := generatePSZoneDump(tt.args.dnsserver, tt.args.domainname); got != tt.want {
 				t.Errorf("generatePSZoneDump() = got=(\n%s\n) want=(\n%s\n)", got, tt.want)
 			}
 		})