Upgraded and created dockerfiles

This commit is contained in:
tsoganov 2025-04-14 12:57:40 +03:00
parent 99b714676b
commit 1f40bbf3fb
18 changed files with 343 additions and 94 deletions

View file

@ -6,3 +6,4 @@ gem "puma"
gem "roda"
gem "rack-unreloader"
gem "tilt"
gem "rackup"

View file

@ -1,23 +1,26 @@
GEM
remote: https://rubygems.org/
specs:
nio4r (2.5.2)
puma (4.3.5)
nio4r (2.7.4)
puma (6.6.0)
nio4r (~> 2.0)
rack (2.2.3)
rack-unreloader (1.7.0)
roda (3.21.0)
rack (3.1.12)
rack-unreloader (2.1.0)
rackup (2.2.1)
rack (>= 3)
roda (3.90.0)
rack
tilt (2.0.9)
tilt (2.6.0)
PLATFORMS
ruby
aarch64-linux
DEPENDENCIES
puma
rack-unreloader
rackup
roda
tilt
BUNDLED WITH
1.17.2
2.4.10

View file

@ -33,14 +33,31 @@ start_link(Socket) ->
handle_cast(serve,
State = #state{socket = Socket,
session_id = _SessionId}) ->
{ok, {PeerIp, _PeerPort}} = ssl:peername(Socket),
log_opened_connection(PeerIp),
case ssl:handshake(Socket) of
{ok, SecureSocket} ->
NewState = state_from_socket(SecureSocket, State),
{noreply, NewState};
{error, Error} ->
log_on_invalid_handshake(PeerIp, Error)
try
% Check if we have a valid socket
case ssl:peername(Socket) of
{ok, {PeerIp, _PeerPort}} ->
log_opened_connection(PeerIp),
% Try to perform the handshake
case ssl:handshake(Socket) of
{ok, SecureSocket} ->
NewState = state_from_socket(SecureSocket, State),
{noreply, NewState};
{error, notsup_on_transport_accept_socket} ->
lager:error("Socket not supported for TLS handshake. This may indicate the socket is not an SSL socket or was improperly initialized."),
{stop, normal, State};
{error, HandshakeError} ->
log_on_invalid_handshake(PeerIp, HandshakeError),
{stop, normal, State}
end;
{error, PeerError} ->
lager:error("Invalid socket: cannot get peer information: ~p", [PeerError]),
{stop, normal, State}
end
catch
error:CatchError:Stacktrace ->
lager:error("Exception during TLS handshake: ~p~nStacktrace: ~p", [CatchError, Stacktrace]),
{stop, normal, State}
end;
%% Step two: Using the state of the connection, get the hello route
%% from http server. Send the response from HTTP server back to EPP
@ -171,14 +188,26 @@ log_opened_connection(Ip) ->
%% Extract state info from socket. Fail if you must.
state_from_socket(Socket, State) ->
{ok, PeerCert} = ssl:peercert(Socket),
{ok, {PeerIp, _PeerPort}} = ssl:peername(Socket),
{SSL_CLIENT_S_DN_CN, SSL_CLIENT_CERT} =
epp_certs:headers_from_cert(PeerCert),
Headers = [{"SSL-CLIENT-CERT", SSL_CLIENT_CERT},
{"SSL-CLIENT-S-DN-CN", SSL_CLIENT_S_DN_CN},
{"User-Agent", <<"EPP proxy">>},
{"X-Forwarded-for", epp_util:readable_ip(PeerIp)}],
Headers = case ssl:peercert(Socket) of
{ok, PeerCert} ->
try
{SSL_CLIENT_S_DN_CN, SSL_CLIENT_CERT} = epp_certs:headers_from_cert(PeerCert),
[{"SSL-CLIENT-CERT", SSL_CLIENT_CERT},
{"SSL-CLIENT-S-DN-CN", SSL_CLIENT_S_DN_CN},
{"User-Agent", <<"EPP proxy">>},
{"X-Forwarded-for", epp_util:readable_ip(PeerIp)}]
catch
_:_ ->
lager:warning("Could not extract certificate information from client at IP: ~s", [epp_util:readable_ip(PeerIp)]),
[{"User-Agent", <<"EPP proxy">>},
{"X-Forwarded-for", epp_util:readable_ip(PeerIp)}]
end;
{error, _} ->
lager:info("No client certificate provided from IP: ~s", [epp_util:readable_ip(PeerIp)]),
[{"User-Agent", <<"EPP proxy">>},
{"X-Forwarded-for", epp_util:readable_ip(PeerIp)}]
end,
NewState = State#state{socket = Socket,
headers = Headers},
lager:info("Established connection with: [~p]~n",
@ -204,4 +233,4 @@ parse_frame(Frame) ->
{error, _} ->
#invalid_frame{code = ?XMLErrorCode,
message = ?XMLErrorMessage, cl_trid = ClTRID}
end.
end.

View file

@ -215,15 +215,21 @@ send_data(Message, Socket) ->
receive_data(Socket) ->
case gen_tcp:recv(Socket, 0, 1200) of
{error, Reason} -> {error, Reason};
{ok, Data } ->
{ok, Data} ->
EppEnvelope = binary:part(Data, {0, 4}),
ReportedLength = binary:decode_unsigned(EppEnvelope, big),
binary:part(Data, {byte_size(Data), 4 - ReportedLength})
end.
% Extract the actual data, skipping the 4-byte length header
binary:part(Data, {4, byte_size(Data) - 4})
end.
match_data(Data, Pattern) ->
{ok, MatchPattern} = re:compile(Pattern),
{match, _Captured} = re:run(Data, MatchPattern).
case re:run(Data, MatchPattern) of
{match, _Captured} -> {match, _Captured};
nomatch ->
ct:pal("Expected pattern '~s' not found in data:~n~p", [Pattern, Data]),
nomatch
end.
hello_command() ->
<<"<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"no\"?>",

View file

@ -222,15 +222,21 @@ send_data(Message, Socket) ->
receive_data(Socket) ->
case ssl:recv(Socket, 0, 1200) of
{error, Reason} -> {error, Reason};
{ok, Data } ->
{ok, Data} ->
EppEnvelope = binary:part(Data, {0, 4}),
ReportedLength = binary:decode_unsigned(EppEnvelope, big),
binary:part(Data, {byte_size(Data), 4 - ReportedLength})
end.
% Extract the actual data, skipping the 4-byte length header
binary:part(Data, {4, byte_size(Data) - 4})
end.
match_data(Data, Pattern) ->
{ok, MatchPattern} = re:compile(Pattern),
{match, _Captured} = re:run(Data, MatchPattern).
case re:run(Data, MatchPattern) of
{match, _Captured} -> {match, _Captured};
nomatch ->
ct:pal("Expected pattern '~s' not found in data:~n~p", [Pattern, Data]),
nomatch
end.
hello_command() ->
<<"<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"no\"?>",