diff --git a/README.md b/README.md index 774e35331..6cea918aa 100644 --- a/README.md +++ b/README.md @@ -22,11 +22,6 @@ Documentation * [Database diagram](/doc/models_complete.svg) * [Controllers diagram](/doc/controllers_complete.svg) -### Updating documentation - - AUTODOC=true rspec spec/requests - EPP_DOC=true rspec spec/epp --tag epp --require support/epp_doc.rb --format EppDoc > doc/epp_examples.md - Installation ------------ @@ -47,24 +42,10 @@ Manual demo install and database setup: bundle exec rake bootstrap bundle exec rake assets:precompile -### Apache with patched mod_epp (Debian 7/Ubuntu 14.04 LTS) +### Apache (Debian 7/Ubuntu 14.04 LTS) sudo apt-get install apache2 - sudo apt-get install apache2-threaded-dev # needed to compile mod_epp - wget sourceforge.net/projects/aepps/files/mod_epp/1.10/mod_epp-1.10.tar.gz - tar -xzvf mod_epp-1.10.tar.gz - cd mod_epp-1.10 - -Patch mod_epp for Rack. Beacause Rack multipart parser expects specifically -formatted content boundaries, the mod_epp needs to be modified before building: - - wget https://github.com/internetee/registry/raw/master/doc/patches/mod_epp_1.10-rack-friendly.patch - wget https://raw.githubusercontent.com/domify/registry/master/doc/patches/mod_epp_1.10-frame-size.patch - patch < mod_epp_1.10-rack-friendly.patch - patch < mod_epp_1.10-frame-size.patch - sudo apxs2 -a -c -i mod_epp.c - Enable ssl: sudo a2enmod proxy_http @@ -380,37 +361,6 @@ Be sure to update paths to match your system configuration. - - - Listen 700 - - SSLEngine on - SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL - SSLCertificateFile /etc/apache2/ssl/apache.crt - SSLCertificateKeyFile /etc/apache2/ssl/apache.key - - SSLVerifyClient require - SSLVerifyDepth 1 - SSLCACertificateFile /home/registry/registry/shared/ca/certs/ca.crt.pem - SSLCARevocationPath /home/registry/registry/shared/ca/crl - # Uncomment this when upgrading to apache 2.4: - # SSLCARevocationCheck chain - - RequestHeader set SSL_CLIENT_S_DN_CN "%{SSL_CLIENT_S_DN_CN}s" - RequestHeader set SSL_CLIENT_CERT "%{SSL_CLIENT_CERT}s" - - EPPEngine On - EPPCommandRoot /proxy/command - EPPSessionRoot /proxy/session - EPPErrorRoot /proxy/error - EPPRawFrame raw_frame - - ProxyPass /proxy/ http://localhost:8080/epp/ - - EPPAuthURI implicit - EPPReturncodeHeader X-EPP-Returncode - - ``` Enable epp_ssl and restart apache @@ -426,6 +376,8 @@ All registry demo data can be found at: Initially you can use two type of users: admin users and EPP users. +For using EPP we are strongly recommend to install epp_proxy instead of mod_epp. You can get epp_proxy from https://github.com/internetee/epp_proxy + ### Wkhtmltopdf setup ``` diff --git a/app/controllers/epp/base_controller.rb b/app/controllers/epp/base_controller.rb index e3ac81815..99c0ead35 100644 --- a/app/controllers/epp/base_controller.rb +++ b/app/controllers/epp/base_controller.rb @@ -343,7 +343,9 @@ module Epp end def epp_session_id - cookies[:session] # Passed by mod_epp https://github.com/mod-epp/mod-epp#requestscript-interface + # Passed by EPP proxy + # https://github.com/internetee/epp_proxy#translation-of-epp-calls + cookies[:session] end def ensure_session_id_passed diff --git a/doc/patches/mod_epp_1.10-frame-size.patch b/doc/patches/mod_epp_1.10-frame-size.patch deleted file mode 100644 index aa346b5c7..000000000 --- a/doc/patches/mod_epp_1.10-frame-size.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- mod_epp.h 2015-03-27 15:30:20.027130050 +0200 -+++ mod_epp_new.h 2015-03-27 15:30:38.499130269 +0200 -@@ -60,7 +60,7 @@ - #endif - - #define EPP_TCP_HEADER_SIZE 4 /* just one longword */ --#define EPP_MAX_FRAME_SIZE 65536 /* don't accept larger xml data blocks */ -+#define EPP_MAX_FRAME_SIZE 15728640 /* don't accept larger xml data blocks (8MB + 30% base64 + xml + savings)*/ - #define TRIDSIZE 128 /* actually, it should be 3 to 64 chars, - but due to unicode we'll give it more room. */ - diff --git a/doc/patches/mod_epp_1.10-rack-friendly.patch b/doc/patches/mod_epp_1.10-rack-friendly.patch deleted file mode 100644 index 648477da0..000000000 --- a/doc/patches/mod_epp_1.10-rack-friendly.patch +++ /dev/null @@ -1,37 +0,0 @@ - mod_epp.c | 2 +- - mod_epp.h | 8 ++++---- - 2 files changed, 5 insertions(+), 5 deletions(-) - -diff --git a/mod_epp.c b/mod_epp.c -index 8b1ba6f..66e46d8 100644 ---- a/mod_epp.c -+++ b/mod_epp.c -@@ -756,7 +756,7 @@ sprintf(content_length, "%lu", strlen(EPP_CONTENT_FRAME_CGI) - strlen(conf->raw_frame) - + er->orig_xml_size) : 0)); - --apr_table_set(r->headers_in, "Content-Type", "multipart/form-data; boundary=--BOUNDARY--"); -+apr_table_set(r->headers_in, "Content-Type", EPP_CONTENT_TYPE_CGI); - apr_table_set(r->headers_in, "Content-Length", content_length); - apr_table_set(r->headers_in, "Cookie", er->ur->cookie); - -diff --git a/mod_epp.h b/mod_epp.h -index e72d980..5e99bad 100644 ---- a/mod_epp.h -+++ b/mod_epp.h -@@ -96,10 +96,10 @@ module AP_MODULE_DECLARE_DATA epp_module; - #define EPP_DEFAULT_RC_HEADER "X-EPP-Returncode" - - --#define EPP_CONTENT_TYPE_CGI "multipart/form-data; boundary=--BOUNDARY--" --#define EPP_CONTENT_FRAME_CGI "----BOUNDARY--\r\nContent-Disposition: form-data; name=\"frame\"\r\n\r\n" --#define EPP_CONTENT_RAW_CGI "\r\n----BOUNDARY--\r\nContent-Disposition: form-data; name=\"%s\"\r\n\r\n" --#define EPP_CONTENT_CLTRID_CGI "\r\n----BOUNDARY--\r\nContent-Disposition: form-data; name=\"clTRID\"\r\n\r\n" -+#define EPP_CONTENT_TYPE_CGI "multipart/form-data; boundary=--BOUNDARY" -+#define EPP_CONTENT_FRAME_CGI "----BOUNDARY\r\nContent-Disposition: form-data; name=\"frame\"\r\n\r\n" -+#define EPP_CONTENT_RAW_CGI "\r\n----BOUNDARY\r\nContent-Disposition: form-data; name=\"%s\"\r\n\r\n" -+#define EPP_CONTENT_CLTRID_CGI "\r\n----BOUNDARY\r\nContent-Disposition: form-data; name=\"clTRID\"\r\n\r\n" - #define EPP_CONTENT_POSTFIX_CGI "\r\n----BOUNDARY--\r\n" - - /* - diff --git a/test/integration/epp/login/credentials_test.rb b/test/integration/epp/login/credentials_test.rb index a62579766..0f7dac97c 100644 --- a/test/integration/epp/login/credentials_test.rb +++ b/test/integration/epp/login/credentials_test.rb @@ -31,7 +31,7 @@ class EppLoginCredentialsTest < EppTestCase end def test_already_logged_in - assert true # Handled by mod_epp + assert true # Handled by EPP proxy end def test_wrong_credentials