zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-05-17 09:57:23 +02:00
Code Issues Projects Releases Packages Wiki Activity

Allow specifying multiple ips for webclients #2744

Browse source
This commit is contained in:
Martin Lensment 2015-07-20 16:57:12 +03:00
parent dcf39d1017
commit 4adaac6f47
6 changed files with 15 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

8
app/controllers/epp/sessions_controller.rb
View file

@ -13,7 +13,8 @@ class Epp::SessionsController < EppController
success = true
@api_user = ApiUser.find_by(login_params)
if request.ip == ENV['webclient_ip'] && !Rails.env.test? && !Rails.env.development?
webclient_request = ENV['webclient_ips'].split(',').map(&:strip).include?(request.ip)
if webclient_request && !Rails.env.test? && !Rails.env.development?
client_md5 = Certificate.parse_md_from_string(request.env['HTTP_SSL_CLIENT_CERT'])
server_md5 = Certificate.parse_md_from_string(File.read(ENV['cert_path']))
if client_md5 != server_md5
@ -26,7 +27,7 @@ class Epp::SessionsController < EppController
end
end
if request.ip != ENV['webclient_ip'] && @api_user
if !webclient_request && @api_user
unless @api_user.api_pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], request.env['HTTP_SSL_CLIENT_S_DN_CN'])
epp_errors << {
msg: 'Authentication error; server closing connection (certificate is not valid)',
@ -95,7 +96,8 @@ class Epp::SessionsController < EppController
# rubocop: enable Metrics/CyclomaticComplexity
def ip_white?
return true if request.ip == ENV['webclient_ip']
webclient_request = ENV['webclient_ips'].split(',').map(&:strip).include?(request.ip)
return true if webclient_request
if @api_user
return false unless @api_user.registrar.api_ip_white?(request.ip)
end