zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-06 20:55:44 +02:00
Code Issues Projects Releases Packages Wiki Activity

Remove mod_epp docs

Browse source
This commit is contained in:
Artur Beljajev 2019-09-04 00:08:38 +03:00 committed by Alex Sherman
parent 25eca195c2
commit 57d2a40e23
3 changed files with 1 additions and 94 deletions
Download patch file Download diff file Expand all files Collapse all files

47
README.md
View file

@ -47,24 +47,10 @@ Manual demo install and database setup:
bundle exec rake bootstrap bundle exec rake bootstrap
bundle exec rake assets:precompile bundle exec rake assets:precompile
### Apache with patched mod_epp (Debian 7/Ubuntu 14.04 LTS) ### Apache (Debian 7/Ubuntu 14.04 LTS)
sudo apt-get install apache2 sudo apt-get install apache2
sudo apt-get install apache2-threaded-dev # needed to compile mod_epp
wget sourceforge.net/projects/aepps/files/mod_epp/1.10/mod_epp-1.10.tar.gz
tar -xzvf mod_epp-1.10.tar.gz
cd mod_epp-1.10
Patch mod_epp for Rack. Beacause Rack multipart parser expects specifically
formatted content boundaries, the mod_epp needs to be modified before building:
wget https://github.com/internetee/registry/raw/master/doc/patches/mod_epp_1.10-rack-friendly.patch
wget https://raw.githubusercontent.com/domify/registry/master/doc/patches/mod_epp_1.10-frame-size.patch
patch < mod_epp_1.10-rack-friendly.patch
patch < mod_epp_1.10-frame-size.patch
sudo apxs2 -a -c -i mod_epp.c
Enable ssl: Enable ssl:
sudo a2enmod proxy_http sudo a2enmod proxy_http
@ -380,37 +366,6 @@ Be sure to update paths to match your system configuration.
</Directory> </Directory>
</VirtualHost> </VirtualHost>
</IfModule> </IfModule>
<IfModule mod_epp.c>
Listen 700
<VirtualHost *:700>
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
SSLVerifyClient require
SSLVerifyDepth 1
SSLCACertificateFile /home/registry/registry/shared/ca/certs/ca.crt.pem
SSLCARevocationPath /home/registry/registry/shared/ca/crl
# Uncomment this when upgrading to apache 2.4:
# SSLCARevocationCheck chain
RequestHeader set SSL_CLIENT_S_DN_CN "%{SSL_CLIENT_S_DN_CN}s"
RequestHeader set SSL_CLIENT_CERT "%{SSL_CLIENT_CERT}s"
EPPEngine On
EPPCommandRoot /proxy/command
EPPSessionRoot /proxy/session
EPPErrorRoot /proxy/error
EPPRawFrame raw_frame
ProxyPass /proxy/ http://localhost:8080/epp/
EPPAuthURI implicit
EPPReturncodeHeader X-EPP-Returncode
</VirtualHost>
</IfModule>
``` ```
Enable epp_ssl and restart apache Enable epp_ssl and restart apache

11
doc/patches/mod_epp_1.10-frame-size.patch
View file

@ -1,11 +0,0 @@
--- mod_epp.h 2015-03-27 15:30:20.027130050 +0200
+++ mod_epp_new.h 2015-03-27 15:30:38.499130269 +0200
@@ -60,7 +60,7 @@
#endif
#define EPP_TCP_HEADER_SIZE 4 /* just one longword */
-#define EPP_MAX_FRAME_SIZE 65536 /* don't accept larger xml data blocks */
+#define EPP_MAX_FRAME_SIZE 15728640 /* don't accept larger xml data blocks (8MB + 30% base64 + xml + savings)*/
#define TRIDSIZE 128 /* actually, it should be 3 to 64 chars,
but due to unicode we'll give it more room. */

37
doc/patches/mod_epp_1.10-rack-friendly.patch
View file

@ -1,37 +0,0 @@
mod_epp.c | 2 +-
mod_epp.h | 8 ++++----
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/mod_epp.c b/mod_epp.c
index 8b1ba6f..66e46d8 100644
--- a/mod_epp.c
+++ b/mod_epp.c
@@ -756,7 +756,7 @@ sprintf(content_length, "%lu", strlen(EPP_CONTENT_FRAME_CGI)
strlen(conf->raw_frame)
+ er->orig_xml_size) : 0));
-apr_table_set(r->headers_in, "Content-Type", "multipart/form-data; boundary=--BOUNDARY--");
+apr_table_set(r->headers_in, "Content-Type", EPP_CONTENT_TYPE_CGI);
apr_table_set(r->headers_in, "Content-Length", content_length);
apr_table_set(r->headers_in, "Cookie", er->ur->cookie);
diff --git a/mod_epp.h b/mod_epp.h
index e72d980..5e99bad 100644
--- a/mod_epp.h
+++ b/mod_epp.h
@@ -96,10 +96,10 @@ module AP_MODULE_DECLARE_DATA epp_module;
#define EPP_DEFAULT_RC_HEADER "X-EPP-Returncode"
-#define EPP_CONTENT_TYPE_CGI "multipart/form-data; boundary=--BOUNDARY--"
-#define EPP_CONTENT_FRAME_CGI "----BOUNDARY--\r\nContent-Disposition: form-data; name=\"frame\"\r\n\r\n"
-#define EPP_CONTENT_RAW_CGI "\r\n----BOUNDARY--\r\nContent-Disposition: form-data; name=\"%s\"\r\n\r\n"
-#define EPP_CONTENT_CLTRID_CGI "\r\n----BOUNDARY--\r\nContent-Disposition: form-data; name=\"clTRID\"\r\n\r\n"
+#define EPP_CONTENT_TYPE_CGI "multipart/form-data; boundary=--BOUNDARY"
+#define EPP_CONTENT_FRAME_CGI "----BOUNDARY\r\nContent-Disposition: form-data; name=\"frame\"\r\n\r\n"
+#define EPP_CONTENT_RAW_CGI "\r\n----BOUNDARY\r\nContent-Disposition: form-data; name=\"%s\"\r\n\r\n"
+#define EPP_CONTENT_CLTRID_CGI "\r\n----BOUNDARY\r\nContent-Disposition: form-data; name=\"clTRID\"\r\n\r\n"
#define EPP_CONTENT_POSTFIX_CGI "\r\n----BOUNDARY--\r\n"
/*