zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-07 13:15:40 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'master' into registry-790

Browse source
This commit is contained in:
Artur Beljajev 2018-08-27 21:31:31 +03:00
commit fdc77fdd30
12 changed files with 29 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.ruby-version
View file

@ -1 +1 @@
2.3.7 2.4.4

2
Dockerfile
View file

@ -1,4 +1,4 @@
FROM internetee/ruby:2.3 FROM internetee/ruby:2.4
MAINTAINER maciej.szlosarczyk@internet.ee MAINTAINER maciej.szlosarczyk@internet.ee
RUN mkdir -p /opt/webapps/app/tmp/pids RUN mkdir -p /opt/webapps/app/tmp/pids

2
app/api/repp/domain_v1.rb
View file

@ -29,7 +29,7 @@ module Repp
# example: curl -u registrar1:password localhost:3000/repp/v1/domains/1/transfer_info -H "Auth-Code: authinfopw1" # example: curl -u registrar1:password localhost:3000/repp/v1/domains/1/transfer_info -H "Auth-Code: authinfopw1"
get '/:id/transfer_info', requirements: { id: /.*/ } do get '/:id/transfer_info', requirements: { id: /.*/ } do
ident = params[:id] ident = params[:id]
domain = ident =~ /\A[0-9]+\z/ ? Domain.find_by(id: ident) : Domain.find_by_idn(ident) domain = ident.match?(/\A[0-9]+\z/) ? Domain.find_by(id: ident) : Domain.find_by_idn(ident)
error! I18n.t('errors.messages.epp_domain_not_found'), 404 unless domain error! I18n.t('errors.messages.epp_domain_not_found'), 404 unless domain
error! I18n.t('errors.messages.epp_authorization_error'), 401 unless domain.transfer_code.eql? request.headers['Auth-Code'] error! I18n.t('errors.messages.epp_authorization_error'), 401 unless domain.transfer_code.eql? request.headers['Auth-Code']

4
app/controllers/epp_controller.rb
View file

@ -145,7 +145,9 @@ class EppController < ApplicationController
# VALIDATION # VALIDATION
def latin_only def latin_only
return true if params['frame'].blank? return true if params['frame'].blank?
return true if params['frame'].match(/\A[\p{Latin}\p{Z}\p{P}\p{S}\p{Cc}\p{Cf}\w_\'\+\-\.\(\)\/]*\Z/i) if params['frame'].match?(/\A[\p{Latin}\p{Z}\p{P}\p{S}\p{Cc}\p{Cf}\w_\'\+\-\.\(\)\/]*\Z/i)
return true
end
epp_errors << { epp_errors << {
msg: 'Parameter value policy error. Allowed only Latin characters.', msg: 'Parameter value policy error. Allowed only Latin characters.',

4
app/models/certificate.rb
View file

@ -87,14 +87,14 @@ class Certificate < ActiveRecord::Base
-extensions usr_cert -notext -md sha256 \ -extensions usr_cert -notext -md sha256 \
-in #{csr_file.path} -out #{crt_file.path} -key '#{ENV['ca_key_password']}' -batch") -in #{csr_file.path} -out #{crt_file.path} -key '#{ENV['ca_key_password']}' -batch")
if err.match(/Data Base Updated/) if err.match?(/Data Base Updated/)
crt_file.rewind crt_file.rewind
self.crt = crt_file.read self.crt = crt_file.read
self.md5 = OpenSSL::Digest::MD5.new(parsed_crt.to_der).to_s self.md5 = OpenSSL::Digest::MD5.new(parsed_crt.to_der).to_s
save! save!
else else
logger.error('FAILED TO CREATE CLIENT CERTIFICATE') logger.error('FAILED TO CREATE CLIENT CERTIFICATE')
if err.match(/TXT_DB error number 2/) if err.match?(/TXT_DB error number 2/)
errors.add(:base, I18n.t('failed_to_create_crt_csr_already_signed')) errors.add(:base, I18n.t('failed_to_create_crt_csr_already_signed'))
logger.error('CSR ALREADY SIGNED') logger.error('CSR ALREADY SIGNED')
else else

12
app/models/concerns/versions.rb
View file

@ -34,16 +34,12 @@ module Versions
end end
def user_from_id_role_username(str) def user_from_id_role_username(str)
user = ApiUser.find_by(id: $1) if str =~ /^(\d+)-(ApiUser:|api-)/
unless user.present?
user = AdminUser.find_by(id: $1) if str =~ /^(\d+)-AdminUser:/
unless user.present?
# on import we copied Registrar name, which may eql code
registrar = Registrar.find_by(name: str) registrar = Registrar.find_by(name: str)
# assume each registrar has only one user
user = registrar.api_users.first if registrar user = registrar.api_users.first if registrar
end
end str_match = str.match(/^(\d+)-(ApiUser:|api-|AdminUser:)/)
user ||= User.find_by(id: str_match[1]) if str_match
user user
end end

6
app/models/nameserver.rb
View file

@ -100,18 +100,18 @@ class Nameserver < ActiveRecord::Base
def check_puny_symbols def check_puny_symbols
regexp = /(\A|\.)..--/ regexp = /(\A|\.)..--/
errors.add(:hostname, :invalid) if hostname =~ regexp errors.add(:hostname, :invalid) if hostname.match?(regexp)
end end
def validate_ipv4_format def validate_ipv4_format
ipv4.to_a.each do |ip| ipv4.to_a.each do |ip|
errors.add(:ipv4, :invalid) unless ip =~ IPV4_REGEXP errors.add(:ipv4, :invalid) unless ip.match?(IPV4_REGEXP)
end end
end end
def validate_ipv6_format def validate_ipv6_format
ipv6.to_a.each do |ip| ipv6.to_a.each do |ip|
errors.add(:ipv6, :invalid) unless ip =~ IPV6_REGEXP errors.add(:ipv6, :invalid) unless ip.match?(IPV6_REGEXP)
end end
end end
end end

3
app/validators/contact/ident/reg_no_validator.rb
View file

@ -10,7 +10,8 @@ class Contact::Ident::RegNoValidator < ActiveModel::EachValidator
return unless format return unless format
record.errors.add(attribute, :invalid_reg_no, country: record.country) unless value =~ format return if value.match?(format)
record.errors.add(attribute, :invalid_reg_no, country: record.country)
end end
private private

2
app/validators/domain_name_validator.rb
View file

@ -22,7 +22,7 @@ class DomainNameValidator < ActiveModel::EachValidator
# it's punycode # it's punycode
if value[2] == '-' && value[3] == '-' if value[2] == '-' && value[3] == '-'
regexp = /\Axn--[a-zA-Z0-9-]{0,59}\.#{general_domains}\z/ regexp = /\Axn--[a-zA-Z0-9-]{0,59}\.#{general_domains}\z/
return false unless value =~ regexp return false unless value.match?(regexp)
value = SimpleIDN.to_unicode(value).mb_chars.downcase.strip value = SimpleIDN.to_unicode(value).mb_chars.downcase.strip
end end

5
lib/auth_token/auth_token_creator.rb
View file

@ -26,7 +26,10 @@ class AuthTokenCreator
def encrypted_token def encrypted_token
encryptor = OpenSSL::Cipher::AES.new(256, :CBC) encryptor = OpenSSL::Cipher::AES.new(256, :CBC)
encryptor.encrypt encryptor.encrypt
encryptor.key = key
# OpenSSL used to automatically shrink oversized keys, it does not do that any longer.
# See: https://github.com/ruby/openssl/issues/116
encryptor.key = key[0..31]
encrypted_bytes = encryptor.update(hashable) + encryptor.final encrypted_bytes = encryptor.update(hashable) + encryptor.final
Base64.urlsafe_encode64(encrypted_bytes) Base64.urlsafe_encode64(encrypted_bytes)
end end

5
lib/auth_token/auth_token_decryptor.rb
View file

@ -16,7 +16,10 @@ class AuthTokenDecryptor
def decrypt_token def decrypt_token
decipher = OpenSSL::Cipher::AES.new(256, :CBC) decipher = OpenSSL::Cipher::AES.new(256, :CBC)
decipher.decrypt decipher.decrypt
decipher.key = key
# OpenSSL used to automatically shrink oversized keys, it does not do that any longer.
# See: https://github.com/ruby/openssl/issues/116
decipher.key = key[0..31]
base64_decoded = Base64.urlsafe_decode64(token.to_s) base64_decoded = Base64.urlsafe_decode64(token.to_s)
plain = decipher.update(base64_decoded) + decipher.final plain = decipher.update(base64_decoded) + decipher.final

2
test/lib/auth_token/auth_token_creator_test.rb
View file

@ -8,7 +8,7 @@ class AuthTokenCreatorTest < ActiveSupport::TestCase
@user = users(:registrant) @user = users(:registrant)
time = Time.zone.parse('2010-07-05 00:30:00 +0000') time = Time.zone.parse('2010-07-05 00:30:00 +0000')
@random_bytes = SecureRandom.random_bytes(64) @random_bytes = SecureRandom.random_bytes(32)
@token_creator = AuthTokenCreator.new(@user, @random_bytes, time) @token_creator = AuthTokenCreator.new(@user, @random_bytes, time)
end end