zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-07-25 20:18:22 +02:00
Code Issues Projects Releases Packages Wiki Activity

Go back to original dnskey

Browse source
This commit is contained in:
Martin Lensment 2014-10-10 17:08:07 +03:00
parent c19168c2ea
commit eaa553dc9d
12 changed files with 189 additions and 125 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/helpers/epp/domains_helper.rb
View file

@ -4,6 +4,7 @@ module Epp::DomainsHelper
@domain = Epp::EppDomain.new(domain_create_params)
@domain.parse_and_attach_domain_dependencies(parsed_frame)
@domain.parse_and_attach_ds_data(parsed_frame.css('extension create'))
if @domain.errors.any?
handle_errors(@domain)
@ -50,6 +51,7 @@ module Epp::DomainsHelper
handle_errors(@domain) and return unless @domain
@domain.parse_and_attach_domain_dependencies(parsed_frame.css('add'))
@domain.parse_and_attach_ds_data(parsed_frame.css('extension add'))
@domain.parse_and_detach_domain_dependencies(parsed_frame.css('rem'))
@domain.parse_and_update_domain_dependencies(parsed_frame.css('chg'))

7
app/models/concerns/epp_errors.rb
View file

@ -5,7 +5,12 @@ module EppErrors
epp_errors = []
errors.messages.each do |key, values|
key = key.to_s.split('.')[0].to_sym
if self.class.reflect_on_association(key)
macro = self.class.reflect_on_association(key).try(:macro)
multi = [:has_and_belongs_to_many, :has_many]
single = [:belongs_to, :has_one]
if macro && multi.include?(macro)
send(key).each do |x|
epp_errors << x.generate_epp_errors
end

2
app/models/delegation_signer.rb
View file

@ -1,6 +1,6 @@
class DelegationSigner < ActiveRecord::Base
include EppErrors
has_many :dnskeys
has_one :dnskeys
validate :validate_dnskeys_uniqueness
validate :validate_dnskeys_count

1
app/models/dnskey.rb
View file

@ -2,7 +2,6 @@ class Dnskey < ActiveRecord::Base
include EppErrors
belongs_to :domain
belongs_to :delegation_signer
validates :alg, :protocol, :flags, :public_key, presence: true
validate :validate_algorithm

6
app/models/domain.rb
View file

@ -27,7 +27,7 @@ class Domain < ActiveRecord::Base
has_many :domain_transfers, dependent: :delete_all
has_many :delegation_signers, dependent: :delete_all
has_many :dnskeys, dependent: :delete_all
# accepts_nested_attributes_for :delegation_signers, allow_destroy: true,
# reject_if: proc { |attrs| attrs[:public_key].blank? }
@ -49,12 +49,12 @@ class Domain < ActiveRecord::Base
validate :validate_period
validate :validate_nameservers_count
validate :validate_admin_contacts_count
#validate :validate_dnskeys_count
validate :validate_dnskeys_count
validate :validate_nameservers_uniqueness
validate :validate_tech_contacts_uniqueness
validate :validate_admin_contacts_uniqueness
validate :validate_domain_statuses_uniqueness
# validate :validate_dnskeys_uniqueness
validate :validate_dnskeys_uniqueness
validate :validate_nameserver_ips
attr_accessor :owner_contact_typeahead

87
app/models/epp/epp_domain.rb
View file

@ -29,7 +29,13 @@ class Epp::EppDomain < Domain
max: domain_validation_sg.setting(:ns_max_count).value
}
],
[:period, :out_of_range, { value: { obj: 'period', val: period } }]
[:period, :out_of_range, { value: { obj: 'period', val: period } }],
[:dnskeys, :out_of_range,
{
min: domain_validation_sg.setting(Setting::DNSKEYS_MIN_COUNT).value,
max: domain_validation_sg.setting(Setting::DNSKEYS_MAX_COUNT).value
}
]
],
'2200' => [
[:auth_info, :wrong_pw]
@ -42,7 +48,6 @@ class Epp::EppDomain < Domain
attach_contacts(self.class.parse_contacts_from_frame(parsed_frame))
attach_nameservers(self.class.parse_nameservers_from_frame(parsed_frame))
attach_statuses(self.class.parse_statuses_from_frame(parsed_frame))
attach_dnskeys(self.class.parse_dnskeys_from_frame(parsed_frame))
errors.empty?
end
@ -51,7 +56,12 @@ class Epp::EppDomain < Domain
detach_contacts(self.class.parse_contacts_from_frame(parsed_frame))
detach_nameservers(self.class.parse_nameservers_from_frame(parsed_frame))
detach_statuses(self.class.parse_statuses_from_frame(parsed_frame))
detach_dnskeys(self.class.parse_dnskeys_from_frame(parsed_frame))
errors.empty?
end
def parse_and_attach_ds_data(parsed_frame)
attach_dnskeys(self.class.parse_dnskeys_from_frame(parsed_frame))
errors.empty?
end
@ -184,7 +194,7 @@ class Epp::EppDomain < Domain
errors.add(:base, :ds_data_with_keys_not_allowed)
next
else
attach_ds(ds_data)
dnskeys.build(ds_data)
end
end
@ -193,30 +203,35 @@ class Epp::EppDomain < Domain
return
end
attach_ds({
key_tag: SecureRandom.hex(5),
alg: 3,
digest_type: sg.setting(Setting::DS_ALGORITHM).value,
key_data: dnssec_data[:key_data]
})
end
def attach_ds(ds_data)
key_data = ds_data.delete(:key_data)
ds = delegation_signers.build(ds_data)
key_data.each do |x|
ds.dnskeys.build(x)
dnssec_data[:key_data].each do |x|
dnskeys.build({
ds_key_tag: SecureRandom.hex(5),
ds_alg: 3,
ds_digest_type: sg.setting(Setting::DS_ALGORITHM).value
}.merge(x))
end
errors.any?
end
def detach_dnskeys(dnskey_list)
def detach_dnskeys(dnssec_data)
sg = SettingGroup.dnskeys
ds_data_allowed = sg.setting(Setting::ALLOW_DS_DATA).value == '0' ? false : true
key_data_allowed = sg.setting(Setting::ALLOW_KEY_DATA).value == '0' ? false : true
if dnssec_data[:ds_data].any? && !ds_data_allowed
errors.add(:base, :ds_data_not_allowed)
return
end
to_delete = []
dnskey_list.each do |x|
dnskey = dnskeys.where(public_key: x[:public_key])
if dnskey.blank?
add_epp_error('2303', 'pubKey', x[:public_key], [:dnskeys, :not_found])
dnssec_data[:ds_data].each do |x|
ds = dnskeys.where(ds_key_tag: x[:ds_key_tag])
if ds.blank?
add_epp_error('2303', 'keyTag', x[:key_tag], [:dnskeys, :not_found])
else
to_delete << dnskey
to_delete << ds
end
end
@ -392,26 +407,20 @@ class Epp::EppDomain < Domain
res[:max_sig_life] = parsed_frame.css('maxSigLife').first.try(:text)
parsed_frame.css('dsData').each do |x|
keys = []
x.css('keyData').each do |kd|
keys << {
flags: kd.css('flags').first.try(:text),
protocol: kd.css('protocol').first.try(:text),
alg: kd.css('alg').first.try(:text),
public_key: kd.css('pubKey').first.try(:text)
}
end
kd = x.css('keyData').first
res[:ds_data] << {
key_tag: x.css('keyTag').first.try(:text),
alg: x.css('alg').first.try(:text),
digest_type: x.css('digestType').first.try(:text),
digest: x.css('digest').first.try(:text),
key_data: keys
ds_key_tag: x.css('keyTag').first.try(:text),
ds_alg: x.css('alg').first.try(:text),
ds_digest_type: x.css('digestType').first.try(:text),
ds_digest: x.css('digest').first.try(:text),
flags: kd.css('flags').first.try(:text),
protocol: kd.css('protocol').first.try(:text),
alg: kd.css('alg').first.try(:text),
public_key: kd.css('pubKey').first.try(:text)
}
end
parsed_frame.css('create > keyData').each do |x|
parsed_frame.css('* > keyData').each do |x|
res[:key_data] << {
flags: x.css('flags').first.try(:text),
protocol: x.css('protocol').first.try(:text),

26
app/views/epp/domains/info.xml.builder
View file

@ -63,24 +63,22 @@ xml.epp_head do
xml.extension do
xml.tag!('secDNS:infData', 'xmlns:secDNS' => 'urn:ietf:params:xml:ns:secDNS-1.1') do
@domain.delegation_signers.each do |x|
@domain.dnskeys.each do |x|
xml.tag!('secDNS:dsData') do
xml.tag!('secDNS:keyTag', x.key_tag)
xml.tag!('secDNS:alg', x.alg)
xml.tag!('secDNS:digestType', x.digest_type)
xml.tag!('secDNS:digest', x.digest)
x.dnskeys.each do |key|
xml.tag!('secDNS:keyData') do
xml.tag!('secDNS:flags', key.flags)
xml.tag!('secDNS:protocol', key.protocol)
xml.tag!('secDNS:alg', key.alg)
xml.tag!('secDNS:pubKey', key.public_key)
end
end if x.dnskeys.any?
xml.tag!('secDNS:keyTag', x.ds_key_tag)
xml.tag!('secDNS:alg', x.ds_alg)
xml.tag!('secDNS:digestType', x.ds_digest_type)
xml.tag!('secDNS:digest', x.ds_digest)
xml.tag!('secDNS:keyData') do
xml.tag!('secDNS:flags', x.flags)
xml.tag!('secDNS:protocol', x.protocol)
xml.tag!('secDNS:alg', x.alg)
xml.tag!('secDNS:pubKey', x.public_key)
end
end
end
end
end if @domain.delegation_signers.any?
end if @domain.dnskeys.any?
xml << render('/epp/shared/trID')
end