From aff950aa97c05e2c53fb765ea77c4f95b6391758 Mon Sep 17 00:00:00 2001
From: olegphenomenon <oleg.hasjanov@eestiinternet.ee>
Date: Sat, 8 Jan 2022 09:22:34 +0200
Subject: [PATCH] refactored job

---
 app/jobs/validate_dnssec_job.rb      |  9 ++-
 app/services/soa_nameserver_query.rb | 49 --------------
 app/services/validate_dnssec.rb      | 97 ----------------------------
 3 files changed, 4 insertions(+), 151 deletions(-)
 delete mode 100644 app/services/soa_nameserver_query.rb
 delete mode 100644 app/services/validate_dnssec.rb

diff --git a/app/jobs/validate_dnssec_job.rb b/app/jobs/validate_dnssec_job.rb
index 9a8a049d3..ad6b4b768 100644
--- a/app/jobs/validate_dnssec_job.rb
+++ b/app/jobs/validate_dnssec_job.rb
@@ -32,9 +32,7 @@ class ValidateDnssecJob < ApplicationJob
 
   def iterate_nameservers(domain)
     domain.nameservers.each do |n|
-      result_nameserver_validation = SoaNameserverQuery.validate(domain_name: domain.name, hostname: n.hostname)
-
-      return unless result_nameserver_validation
+      next unless n.validated?
 
       validate(hostname: n.hostname, domain: domain)
 
@@ -124,11 +122,12 @@ class ValidateDnssecJob < ApplicationJob
 
   def prepare_validator(nameserver)
     inner_resolver = Dnsruby::Resolver.new
+    timeouts = ENV['nameserver_validation_timeout'] || 4
     inner_resolver.do_validation = true
     inner_resolver.dnssec = true
     inner_resolver.nameserver = nameserver
-    inner_resolver.packet_timeout = ENV['a_and_aaaa_validation_timeout'].to_i
-    inner_resolver.query_timeout = ENV['a_and_aaaa_validation_timeout'].to_i
+    inner_resolver.packet_timeout = timeouts.to_i
+    inner_resolver.query_timeout = timeouts.to_i
     resolver = Dnsruby::Recursor.new(inner_resolver)
     resolver.dnssec = true
 
diff --git a/app/services/soa_nameserver_query.rb b/app/services/soa_nameserver_query.rb
deleted file mode 100644
index 01d6db77b..000000000
--- a/app/services/soa_nameserver_query.rb
+++ /dev/null
@@ -1,49 +0,0 @@
-module SoaNameserverQuery
-  include Dnsruby
-
-  extend self
-
-  def validate(domain_name:, hostname:)
-
-      resolver = create_resolver(hostname)
-
-      answers = resolver.query(domain_name, 'SOA', 'IN')
-      answers.answer.each do |a|
-
-        if a.serial.nil?
-          logger.info "No serial number of nameserver found"
-
-          return false
-        end
-
-        serial_number = a.serial.to_s
-
-        p "-------------- >>"
-        p "serial number #{serial_number} of #{hostname} - domain name: #{domain_name}"
-        p "<< --------------"
-        true
-      end
-
-  rescue StandardError => e
-    logger.error e.message
-    logger.error "failed #{hostname} validation of #{domain_name} domain name"
-
-    false
-  end
-
-  private
-
-  def create_resolver(nameserver)
-    resolver = Dnsruby::Resolver.new
-    resolver.retry_times = 3
-    resolver.recurse = 0  # Send out non-recursive queries
-    # disable caching otherwise SOA is cached from first nameserver queried
-    resolver.do_caching = false
-    resolver.nameserver = nameserver
-    resolver
-  end
-
-  def logger
-    @logger ||= Rails.logger
-  end
-end
diff --git a/app/services/validate_dnssec.rb b/app/services/validate_dnssec.rb
deleted file mode 100644
index 1cc2a9422..000000000
--- a/app/services/validate_dnssec.rb
+++ /dev/null
@@ -1,97 +0,0 @@
-module ValidateDnssec
-  include Dnsruby
-
-  extend self
-
-  def prepare_resolver
-    dns_servers = ENV['dnssec_resolver_ips'].to_s.split(',').map(&:strip)
-    dns = Dnsruby::Resolver.new({ nameserver: dns_servers })
-    dns.do_validation = false
-    dns.do_caching = false
-    dns.dnssec = true
-
-    dns
-  end
-
-  def validate_dnssec(params:, domain:)
-    return if params[:action] == 'rem'
-
-    dns = prepare_resolver
-    subzone_records = get_dnskey_records_from_subzone(resolver: dns, hostname: params[:domain], domain: domain)
-    form_extension_records = extensional_dnskeys_data(params)
-
-    return true if form_extension_records.empty?
-
-    validate_data(subzone_records: subzone_records, form_extension_records: form_extension_records, domain: domain)
-  end
-
-  def make_magic(subzone_records:, form_data:)
-    subzone_records.any? do |subzone_data|
-      subzone_data[:basic] == form_data[:basic] &&
-        subzone_data[:public_key].include?(form_data[:public_key])
-    end
-  end
-
-  def validate_data(subzone_records:, form_extension_records:, domain:)
-    flag = false
-    form_extension_records.each do |form_data|
-      flag = make_magic(subzone_records: subzone_records, form_data: form_data)
-
-      break if flag
-    end
-
-    return validation_dns_key_error(domain) unless flag
-
-    flag
-  end
-
-  def get_dnskey_records_from_subzone(resolver:, hostname:, domain:)
-    ds_records_answers = resolver.query(hostname, 'DNSKEY').answer
-
-    result_container = []
-
-    ds_records_answers.each do |ds|
-      next unless ds.type == Dnsruby::Types.DNSKEY
-
-      result_container << {
-        basic: {
-          flags: ds.flags.to_s,
-          algorithm: ds.algorithm.code.to_s,
-          protocol: ds.protocol.to_s,
-        },
-        public_key: ds.public_key.export.gsub!(/\s+/, ''),
-      }
-    end
-
-    result_container
-  rescue Dnsruby::NXDomain
-    domain.add_epp_error('2308', nil, nil, I18n.t(:dns_policy_violation))
-  end
-
-  def validation_dns_key_error(domain)
-    domain.add_epp_error('2308', nil, nil, I18n.t(:dns_policy_violation))
-  end
-
-  def extensional_dnskeys_data(params)
-    dnskeys_data = params[:dns_keys]
-
-    return [] if dnskeys_data.nil?
-
-    result_container = []
-
-    dnskeys_data.each do |ds|
-      next if ds[:action] == 'rem'
-
-      result_container << {
-        basic: {
-          flags: ds[:flags].to_s,
-          algorithm: ds[:alg].to_s,
-          protocol: ds[:protocol].to_s,
-        },
-        public_key: ds[:public_key],
-      }
-    end
-
-    result_container
-  end
-end