From c63a243f6304c504e83651cb5bc4b4cf11ea6527 Mon Sep 17 00:00:00 2001 From: Maciej Szlosarczyk Date: Thu, 30 May 2019 15:20:27 +0300 Subject: [PATCH] Add table to documentation --- README.md | 37 +++++++++++++++++++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e8a65e5..39018b0 100644 --- a/README.md +++ b/README.md @@ -9,6 +9,40 @@ emulate it's behaviour to the biggest possible extent. Aside from the standard library of Erlang/OTP, it uses hackney for making HTTP requests and lager for logging. +Design +---- + +Translation of EPP calls +----- +The application listens on predefined TCP port for formatted EPP frames and translates them into +HTTP requests according to the following matrix. Application performs regex search for clTRID and an +XPATH search for command name. It does not check against any XSD schema. + +| EPP Command | HTTP request | Parameters | Headers | Payload Type | Cookies | +|-------------|----------------------------------|---------------------|---------------------------------------------------------------------|----------------|---------| +| hello | `GET /epp_session_url/hello` | | SSL_CLIENT_CERT, SSL_CLIENT_S_DN_CN, User-Agent, X-Forwarded-for | | session | +| login | `POST /epp_session_url/login` | `raw_frame, clTRID` | SSL_CLIENT_CERT, SSL_CLIENT_S_DN_CN, User-Agent, X-Forwarded-for | form/multipart | session | +| logout | `POST /epp_session_url/logout` | `raw_frame, clTRID` | SSL_CLIENT_CERT, SSL_CLIENT_S_DN_CN, User-Agent, X-Forwarded-for | form/multipart | session | +| poll | `POST /epp_command_url/poll` | `raw_frame, clTRID` | SSL_CLIENT_CERT, SSL_CLIENT_S_DN_CN, User-Agent, X-Forwarded-for | form/multipart | session | +| check | `POST /epp_command_url/check` | `raw_frame, clTRID` | SSL_CLIENT_CERT, SSL_CLIENT_S_DN_CN, User-Agent, X-Forwarded-for | form/multipart | session | +| info | `POST /epp_command_url/info` | `raw_frame, clTRID` | SSL_CLIENT_CERT, SSL_CLIENT_S_DN_CN, User-Agent, X-Forwarded-for | form/multipart | session | +| create | `POST /epp_command_url/create` | `raw_frame, clTRID` | SSL_CLIENT_CERT, SSL_CLIENT_S_DN_CN, User-Agent, X-Forwarded-for | form/multipart | session | +| delete | `POST /epp_command_url/delete` | `raw_frame, clTRID` | SSL_CLIENT_CERT, SSL_CLIENT_S_DN_CN, User-Agent, X-Forwarded-for | form/multipart | session | +| renew | `POST /epp_command_url/renew` | `raw_frame, clTRID` | SSL_CLIENT_CERT, SSL_CLIENT_S_DN_CN, User-Agent, X-Forwarded-for | form/multipart | session | +| update | `POST /epp_command_url/update` | `raw_frame, clTRID` | SSL_CLIENT_CERT, SSL_CLIENT_S_DN_CN, User-Agent, X-Forwarded-for | form/multipart | session | +| ANY (error) | `GET /epp_error_url` | `msg, code, clTRID` | SSL_CLIENT_CERT, SSL_CLIENT_S_DN_CN, User-Agent, X-Forwarded-for | query params | session | + +Error route is used in case EPP frame is malformed. + +The application performs TLS handshake, checks certficate against provided revocation list and acts as +TLS termination proxy, passing on the certificate information downstream as HTTP headers. It also passes +on the client IP address. + +Supervision Tree +----- +The application leverages OTP to isolate EPP clients from one another, each connection is isolated from others. There are two processes that +accept the connections and spin off workers, those are supervised in "one for one" strategy. + Build ----- You need Erlang/OTP release 21 and Rebar3 to build it. No other versions than 21 were tested. @@ -18,7 +52,7 @@ You need Erlang/OTP release 21 and Rebar3 to build it. No other versions than 21 epp_proxy should be deployed as a self-contained Erlang application (release). You can create one with one of the following commands: -``` +```bash $ rebar3 release # Creates a release locally. $ rebar3 tar # Creates an archive that can be shipped to another machine ``` @@ -28,7 +62,6 @@ Configuration Configuration for the application tries to emulate the mod_epp configuration as close as possible to make migration easier. - Deployment -----