EPP server update; ability to turn-off 60-day transfer lock

2025-07-12 22:08:12 +02:00 · 2025-06-27 17:46:22 +03:00 · 2025-06-27 17:46:22 +03:00 · 2093023791
commit 2093023791
parent 98ae5dc19c
4 changed files with 52 additions and 52 deletions
--- a/docs/configuration.md
+++ b/docs/configuration.md
@ -26,15 +26,7 @@ systemctl status das

 ### 1.2. Launching EPP Server

-Before launching the EPP server, edit `/opt/registry/epp/config.php` to set the paths to your certificates and configure other options as needed.
-
-To create test certificates (`cert.pem` and `key.pem`), execute the following commands:
-
-```bash
-cd /opt/registry/epp/
-openssl genrsa -out key.pem 2048
-openssl req -new -x509 -key key.pem -out cert.pem -days 365
-```
+Before launching the EPP server, edit `/opt/registry/epp/config.php` to set the paths to your certificates and configure other options as needed. Add `'disable_60days' => true,` if you wish to disable the 60-day transfer lock.

 Once configured, you can launch the EPP server in the same way as the others:

@ -1103,6 +1095,7 @@ return [
    'limit' => 1000, // Request limit per period below
    'period' => 60, // 60 Seconds
    'minimum_data' => false, // Set to true to enable minimum data set support
+    // 'disable_60days' => true, // Disable 60-day transfer lock for domains and contacts
 ];
 ```

--- a/epp/config.php.dist
+++ b/epp/config.php.dist
@ -19,4 +19,5 @@ return [
    'limit' => 1000,
    'period' => 60,
    'minimum_data' => false,
+    // 'disable_60days' => true, // Disable 60-day transfer lock for domains and contacts
 ];
--- a/epp/src/epp-transfer.php
+++ b/epp/src/epp-transfer.php
@ -1,6 +1,7 @@
 <?php

-function processContactTransfer($conn, $db, $xml, $clid, $database_type, $trans) {
+function processContactTransfer($conn, $db, $xml, $clid, $config, $trans) {
+    // $config['db_type'] for future
    $contactID = (string) $xml->command->transfer->children('urn:ietf:params:xml:ns:contact-1.0')->transfer->{'id'};
    $clTRID = (string) $xml->command->clTRID;
    $op = (string) $xml->xpath('//@op')[0] ?? null;
@ -298,28 +299,30 @@ function processContactTransfer($conn, $db, $xml, $clid, $database_type, $trans)
            return;
        }
    } elseif ($op == 'request') {
-        // Check if contact is within 60 days of its initial registration
-        $stmt = $db->prepare("SELECT DATEDIFF(CURRENT_TIMESTAMP(3),crdate) FROM contact WHERE id = :contact_id LIMIT 1");
-        $stmt->execute([':contact_id' => $contact_id]);
-        $days_from_registration = $stmt->fetchColumn();
-        $stmt->closeCursor();
+        if (!($config['disable_60days'] ?? false)) {
+            // Check if contact is within 60 days of its initial registration
+            $stmt = $db->prepare("SELECT DATEDIFF(CURRENT_TIMESTAMP(3),crdate) FROM contact WHERE id = :contact_id LIMIT 1");
+            $stmt->execute([':contact_id' => $contact_id]);
+            $days_from_registration = $stmt->fetchColumn();
+            $stmt->closeCursor();

-        if ($days_from_registration < 60) {
-            sendEppError($conn, $db, 2201, 'The contact name must not be within 60 days of its initial registration', $clTRID, $trans);
-            return;
-        }
+            if ($days_from_registration < 60) {
+                sendEppError($conn, $db, 2201, 'The contact name must not be within 60 days of its initial registration', $clTRID, $trans);
+                return;
+            }

-        // Check if contact is within 60 days of its last transfer
-        $stmt = $db->prepare("SELECT trdate, DATEDIFF(CURRENT_TIMESTAMP(3),trdate) AS intval FROM contact WHERE id = :contact_id LIMIT 1");
-        $stmt->execute([':contact_id' => $contact_id]);
-        $result = $stmt->fetch(PDO::FETCH_ASSOC);
-        $stmt->closeCursor();
-        $last_trdate = $result['trdate'];
-        $days_from_last_transfer = $result['intval'];
+            // Check if contact is within 60 days of its last transfer
+            $stmt = $db->prepare("SELECT trdate, DATEDIFF(CURRENT_TIMESTAMP(3),trdate) AS intval FROM contact WHERE id = :contact_id LIMIT 1");
+            $stmt->execute([':contact_id' => $contact_id]);
+            $result = $stmt->fetch(PDO::FETCH_ASSOC);
+            $stmt->closeCursor();
+            $last_trdate = $result['trdate'];
+            $days_from_last_transfer = $result['intval'];

-        if ($last_trdate && $days_from_last_transfer < 60) {
-            sendEppError($conn, $db, 2201, 'The contact name must not be within 60 days of its last transfer from another registrar', $clTRID, $trans);
-            return;
+            if ($last_trdate && $days_from_last_transfer < 60) {
+                sendEppError($conn, $db, 2201, 'The contact name must not be within 60 days of its last transfer from another registrar', $clTRID, $trans);
+                return;
+            }
        }

        // Check the <contact:authInfo> element
@ -418,7 +421,8 @@ function processContactTransfer($conn, $db, $xml, $clid, $database_type, $trans)
    }
 }

-function processDomainTransfer($conn, $db, $xml, $clid, $database_type, $trans) {
+function processDomainTransfer($conn, $db, $xml, $clid, $config, $trans) {
+    // $config['db_type'] for future
    $domainName = (string) $xml->command->transfer->children('urn:ietf:params:xml:ns:domain-1.0')->transfer->name;
    $clTRID = (string) $xml->command->clTRID;
    $op = (string) $xml->xpath('//@op')[0] ?? null;
@ -428,7 +432,7 @@ function processDomainTransfer($conn, $db, $xml, $clid, $database_type, $trans)
        $allocation_token = $xml->xpath('//allocationToken:allocationToken')[0] ?? null;
    }

-    // -  An OPTIONAL <domain:authInfo> for op="query" and mandatory for other op values "approve|cancel|reject|request"
+    // An OPTIONAL <domain:authInfo> for op="query" and mandatory for other op values "approve|cancel|reject|request"
    $result = $xml->xpath('//domain:authInfo/domain:pw[1]');
    $authInfo_pw = $result ? (string)$result[0] : null;

@ -1017,28 +1021,30 @@ function processDomainTransfer($conn, $db, $xml, $clid, $database_type, $trans)
            }
        }
        
-        // Check days from registration
-        $stmt = $db->prepare("SELECT DATEDIFF(CURRENT_TIMESTAMP(3), crdate) FROM domain WHERE id = :domain_id LIMIT 1");
-        $stmt->execute(['domain_id' => $domain_id]);
-        $days_from_registration = $stmt->fetchColumn();
-        $stmt->closeCursor();
+        if (!($config['disable_60days'] ?? false)) {
+            // Check days from registration
+            $stmt = $db->prepare("SELECT DATEDIFF(CURRENT_TIMESTAMP(3), crdate) FROM domain WHERE id = :domain_id LIMIT 1");
+            $stmt->execute(['domain_id' => $domain_id]);
+            $days_from_registration = $stmt->fetchColumn();
+            $stmt->closeCursor();

-        if ($days_from_registration < 60) {
-            sendEppError($conn, $db, 2201, 'The domain name must not be within 60 days of its initial registration', $clTRID, $trans);
-            return;
-        }
+            if ($days_from_registration < 60) {
+                sendEppError($conn, $db, 2201, 'The domain name must not be within 60 days of its initial registration', $clTRID, $trans);
+                return;
+            }

-        // Check days from last transfer
-        $stmt = $db->prepare("SELECT trdate, DATEDIFF(CURRENT_TIMESTAMP(3),trdate) AS intval FROM domain WHERE id = :domain_id LIMIT 1");
-        $stmt->execute(['domain_id' => $domain_id]);
-        $result = $stmt->fetch();
-        $stmt->closeCursor();
-        $last_trdate = $result["trdate"];
-        $days_from_last_transfer = $result["intval"];
+            // Check days from last transfer
+            $stmt = $db->prepare("SELECT trdate, DATEDIFF(CURRENT_TIMESTAMP(3),trdate) AS intval FROM domain WHERE id = :domain_id LIMIT 1");
+            $stmt->execute(['domain_id' => $domain_id]);
+            $result = $stmt->fetch();
+            $stmt->closeCursor();
+            $last_trdate = $result["trdate"];
+            $days_from_last_transfer = $result["intval"];

-        if ($last_trdate && $days_from_last_transfer < 60) {
-            sendEppError($conn, $db, 2201, 'The domain name must not be within 60 days of its last transfer from another registrar', $clTRID, $trans);
-            return;
+            if ($last_trdate && $days_from_last_transfer < 60) {
+                sendEppError($conn, $db, 2201, 'The domain name must not be within 60 days of its last transfer from another registrar', $clTRID, $trans);
+                return;
+            }
        }

        // Check days from expiry date
--- a/epp/start_epp.php
+++ b/epp/start_epp.php
@ -433,7 +433,7 @@ $server->handle(function (Connection $conn) use ($table, $eppExtensionsTable, $p
                            sendEppError($conn, $pdo, 2101, 'Contact commands are not supported in minimum data mode', $clTRID);
                            $conn->close();
                        }
-                        processContactTransfer($conn, $pdo, $xml, $data['clid'], $c['db_type'], $trans);
+                        processContactTransfer($conn, $pdo, $xml, $data['clid'], $c, $trans);
                        break;
                    }
                
@ -523,7 +523,7 @@ $server->handle(function (Connection $conn) use ($table, $eppExtensionsTable, $p
                            sendEppError($conn, $pdo, 2202, 'Authorization error', $clTRID);
                            $conn->close();
                        }
-                        processDomainTransfer($conn, $pdo, $xml, $data['clid'], $c['db_type'], $trans);
+                        processDomainTransfer($conn, $pdo, $xml, $data['clid'], $c, $trans);
                        break;
                    }