zydronium/getnamingo-registry
1
0
Fork 0
mirror of https://github.com/getnamingo/registry.git synced 2025-05-15 09:07:00 +02:00
Code Issues Projects Releases Packages Wiki Activity

EPP now follows the registrar whitelist

Browse source
This commit is contained in:
Pinga 2023-12-11 23:18:21 +02:00
parent 15618d44d3
commit 8ff945e475
2 changed files with 40 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

15
epp/src/helpers.php
View file

@ -428,4 +428,19 @@ function dnssec_key2ds($owner, $flags, $protocol, $algorithm, $publickey) {
) )
) )
); );
}
// Function to update the permitted IPs from the database
function updatePermittedIPs($pool, $permittedIPsTable) {
$pdo = $pool->get();
$query = "SELECT addr FROM registrar_whitelist";
$stmt = $pdo->query($query);
$permittedIPs = $stmt->fetchAll(PDO::FETCH_COLUMN, 0);
$pool->put($pdo);
// Clear the table and insert new values
$permittedIPsTable->truncate();
foreach ($permittedIPs as $ip) {
$permittedIPsTable->set($ip, ['addr' => $ip]);
}
} }

29
epp/start_epp.php
View file

@ -16,15 +16,20 @@ require_once 'src/epp-delete.php';
$logFilePath = '/var/log/namingo/epp.log'; $logFilePath = '/var/log/namingo/epp.log';
$log = setupLogger($logFilePath, 'EPP'); $log = setupLogger($logFilePath, 'EPP');
use Swoole\Table;
use Swoole\Timer;
use Swoole\Coroutine\Server; use Swoole\Coroutine\Server;
use Swoole\Coroutine\Server\Connection; use Swoole\Coroutine\Server\Connection;
use Swoole\Table;
$table = new Table(1024); $table = new Table(1024);
$table->column('clid', Table::TYPE_STRING, 64); $table->column('clid', Table::TYPE_STRING, 64);
$table->column('logged_in', Table::TYPE_INT, 1); $table->column('logged_in', Table::TYPE_INT, 1);
$table->create(); $table->create();
$permittedIPsTable = new Table(1024);
$permittedIPsTable->column('addr', Table::TYPE_STRING, 64);
$permittedIPsTable->create();
// Initialize the PDO connection pool // Initialize the PDO connection pool
$pool = new Swoole\Database\PDOPool( $pool = new Swoole\Database\PDOPool(
(new Swoole\Database\PDOConfig()) (new Swoole\Database\PDOConfig())
@ -61,8 +66,19 @@ $server->set([
]); ]);
$log->info('Namingo EPP server started'); $log->info('Namingo EPP server started');
$server->handle(function (Connection $conn) use ($table, $pool, $c, $log) { $server->handle(function (Connection $conn) use ($table, $pool, $c, $log, $permittedIPsTable) {
$log->info('new client connected'); // Get the client information
$clientInfo = $conn->exportSocket()->getpeername();
$clientIP = $clientInfo['address'] ?? '';
// Check if the IP is in the permitted list
if (!$permittedIPsTable->exist($clientIP)) {
$log->warning('Access denied. The IP address ' . $clientIP . ' is not authorized for this service.');
$conn->close();
return;
}
$log->info('new client from ' . $clientIP . ' connected');
sendGreeting($conn); sendGreeting($conn);
while (true) { while (true) {
@ -522,10 +538,15 @@ $server->handle(function (Connection $conn) use ($table, $pool, $c, $log) {
} }
sendEppError($conn, $pdo, 2000, 'Unrecognized command'); sendEppError($conn, $pdo, 2000, 'Unrecognized command');
$log->info('client disconnected'); $log->info('client from ' . $clientIP . ' disconnected');
$conn->close(); $conn->close();
}); });
Swoole\Coroutine::create(function () use ($server) { Swoole\Coroutine::create(function () use ($server) {
$server->start(); $server->start();
});
// Set a timer to update permitted IPs every 15 minutes (900000 milliseconds)
Timer::tick(900000, function() use ($pool, $permittedIPsTable) {
updatePermittedIPs($pool, $permittedIPsTable);
}); });