teach/adlin
Archived
0
0
Fork 0
Code Issues 1 Pull requests 4 Releases Activity

split checker from token-validator

Browse source
This commit is contained in:
nemunaire 2020-03-27 14:57:14 +01:00
commit 0c661f36f6
20 changed files with 634 additions and 748 deletions
Download patch file Download diff file Expand all files Collapse all files

134
token-validator/domain.go
View file

@ -11,104 +11,104 @@ import (
"github.com/julienschmidt/httprouter"
"github.com/miekg/dns"
"git.nemunai.re/lectures/adlin/libadlin"
)
const (
AssociatedDomainSuffix = "adlin2021.p0m.fr."
DelegatedDomainSuffix = "srs.p0m.fr."
ControlSocket = "[2a01:e0a:2b:2250::b]:53"
ControlSocket = "[2a01:e0a:2b:2250::b]:53"
)
var tsigSecret = map[string]string{"ddns.": "so6ZGir4GPAqINNh9U5c3A=="}
func init() {
router.GET("/api/adomains/", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
router.GET("/api/adomains/", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
return student.GetAssociatedDomains(), nil
}))
router.POST("/api/adomains/", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
return true, student.AddAssociatedDomains()
router.POST("/api/adomains/", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
return true, AddAssociatedDomains(student)
}))
router.GET("/api/adomains/:dn", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
return student.GetAssociatedDomain(ps.ByName("dn"))
router.GET("/api/adomains/:dn", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
return GetAssociatedDomain(student, ps.ByName("dn"))
}))
router.GET("/api/ddomains/", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
router.GET("/api/ddomains/", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
return []string{student.MyDelegatedDomain()}, nil
}))
router.GET("/api/ddomains/:dn/", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
return student.getRRDelegatedDomain(ps.ByName("dn"), "")
router.GET("/api/ddomains/:dn/", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
return getRRDelegatedDomain(student, ps.ByName("dn"), "")
}))
router.GET("/api/ddomains/:dn/NS", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
return student.getRRDelegatedDomain(ps.ByName("dn"), "NS")
router.GET("/api/ddomains/:dn/NS", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
return getRRDelegatedDomain(student, ps.ByName("dn"), "NS")
}))
router.POST("/api/ddomains/:dn/NS", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
router.POST("/api/ddomains/:dn/NS", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
var ue Entry
if err := json.Unmarshal(body, &ue); err != nil {
return nil, err
}
return true, student.AddNSDelegatedDomain(ps.ByName("dn"), ue.TTL, strings.Join(ue.Values, " "))
return true, AddNSDelegatedDomain(student, ps.ByName("dn"), ue.TTL, strings.Join(ue.Values, " "))
}))
router.PATCH("/api/ddomains/:dn/NS", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
router.PATCH("/api/ddomains/:dn/NS", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
var ue Entry
if err := json.Unmarshal(body, &ue); err != nil {
return nil, err
}
return true, student.UpdateNSDelegatedDomain(ps.ByName("dn"), ue.TTL, ue.ValuesFrom, strings.Join(ue.Values, ""))
return true, UpdateNSDelegatedDomain(student, ps.ByName("dn"), ue.TTL, ue.ValuesFrom, strings.Join(ue.Values, ""))
}))
router.DELETE("/api/ddomains/:dn/NS", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
router.DELETE("/api/ddomains/:dn/NS", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
var ue Entry
if err := json.Unmarshal(body, &ue); err != nil {
return nil, err
}
return true, student.DeleteRRDelegatedDomain(ps.ByName("dn"), "NS", strings.Join(ue.Values, " "))
return true, DeleteRRDelegatedDomain(student, ps.ByName("dn"), "NS", strings.Join(ue.Values, " "))
}))
router.GET("/api/ddomains/:dn/GLUE", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
return student.getRRDelegatedDomain(ps.ByName("dn"), "AAAA")
router.GET("/api/ddomains/:dn/GLUE", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
return getRRDelegatedDomain(student, ps.ByName("dn"), "AAAA")
}))
router.POST("/api/ddomains/:dn/AAAA", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
router.POST("/api/ddomains/:dn/AAAA", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
var ue Entry
if err := json.Unmarshal(body, &ue); err != nil {
return nil, err
}
return true, student.AddGLUEDelegatedDomain(ps.ByName("dn"), ue.TTL, strings.Join(ue.Values, " "))
return true, AddGLUEDelegatedDomain(student, ps.ByName("dn"), ue.TTL, strings.Join(ue.Values, " "))
}))
router.PATCH("/api/ddomains/:dn/AAAA", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
router.PATCH("/api/ddomains/:dn/AAAA", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
var ue Entry
if err := json.Unmarshal(body, &ue); err != nil {
return nil, err
}
return true, student.UpdateGLUEDelegatedDomain(ps.ByName("dn"), ue.TTL, ue.ValuesFrom, strings.Join(ue.Values, " "))
return true, UpdateGLUEDelegatedDomain(student, ps.ByName("dn"), ue.TTL, ue.ValuesFrom, strings.Join(ue.Values, " "))
}))
router.POST("/api/ddomains/:dn/GLUE", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
router.POST("/api/ddomains/:dn/GLUE", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
var ue Entry
if err := json.Unmarshal(body, &ue); err != nil {
return nil, err
}
return true, student.UpdateGLUEDelegatedDomain(ps.ByName("dn"), ue.TTL, ue.ValuesFrom, strings.Join(ue.Values, " "))
return true, UpdateGLUEDelegatedDomain(student, ps.ByName("dn"), ue.TTL, ue.ValuesFrom, strings.Join(ue.Values, " "))
}))
router.DELETE("/api/ddomains/:dn/AAAA", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
router.DELETE("/api/ddomains/:dn/AAAA", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
var ue Entry
if err := json.Unmarshal(body, &ue); err != nil {
return nil, err
}
return true, student.DeleteRRDelegatedDomain(ps.ByName("dn"), "AAAA", strings.Join(ue.Values, " "))
return true, DeleteRRDelegatedDomain(student, ps.ByName("dn"), "AAAA", strings.Join(ue.Values, " "))
}))
router.GET("/api/ddomains/:dn/DS", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
return student.getRRDelegatedDomain(ps.ByName("dn"), "DS")
router.GET("/api/ddomains/:dn/DS", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
return getRRDelegatedDomain(student, ps.ByName("dn"), "DS")
}))
router.POST("/api/ddomains/:dn/DS", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
router.POST("/api/ddomains/:dn/DS", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
var ue Entry
if err := json.Unmarshal(body, &ue); err != nil {
return nil, err
}
return true, student.AddDSDelegatedDomain(ps.ByName("dn"), ue.TTL, strings.Join(ue.Values, " "))
return true, AddDSDelegatedDomain(student, ps.ByName("dn"), ue.TTL, strings.Join(ue.Values, " "))
}))
router.DELETE("/api/ddomains/:dn/DS", apiAuthHandler(func(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
router.DELETE("/api/ddomains/:dn/DS", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
var ue Entry
if err := json.Unmarshal(body, &ue); err != nil {
return nil, err
}
return true, student.DeleteRRDelegatedDomain(ps.ByName("dn"), "DS", strings.Join(ue.Values, " "))
return true, DeleteRRDelegatedDomain(student, ps.ByName("dn"), "DS", strings.Join(ue.Values, " "))
}))
}
@ -160,19 +160,7 @@ func parseZoneRead(globalDomain string, domain string) (rr []Entry, err error) {
return
}
func (student Student) myAssociatedDomain() string {
return fmt.Sprintf("%s.%s", strings.Trim(strings.Replace(student.Login, "_", "-", -1), "-_"), AssociatedDomainSuffix)
}
func (student Student) GetAssociatedDomains() (ds []string) {
studentDomain := student.myAssociatedDomain()
ds = append(ds, studentDomain)
return
}
func (student Student) GetAssociatedDomain(dn string) (rrs []Entry, err error) {
func GetAssociatedDomain(student adlin.Student, dn string) (rrs []Entry, err error) {
domains := student.GetAssociatedDomains()
found := false
for _, d := range domains {
@ -185,7 +173,7 @@ func (student Student) GetAssociatedDomain(dn string) (rrs []Entry, err error) {
err = errors.New(fmt.Sprintf("Unable to find domain %q.", dn))
}
if entries, errr := parseZoneRead(AssociatedDomainSuffix, dn); err != nil {
if entries, errr := parseZoneRead(adlin.AssociatedDomainSuffix, dn); err != nil {
return nil, errr
} else {
for _, e := range entries {
@ -198,19 +186,19 @@ func (student Student) GetAssociatedDomain(dn string) (rrs []Entry, err error) {
return
}
func (student Student) AddAssociatedDomains() (err error) {
func AddAssociatedDomains(student adlin.Student) (err error) {
m1 := new(dns.Msg)
m1.Id = dns.Id()
m1.Opcode = dns.OpcodeUpdate
m1.Question = make([]dns.Question, 1)
m1.Question[0] = dns.Question{AssociatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
m1.Question[0] = dns.Question{adlin.AssociatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
rrAd := new(dns.A)
rrAd.Hdr = dns.RR_Header{Name: student.myAssociatedDomain(), Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: 0}
rrAd.Hdr = dns.RR_Header{Name: student.MyAssociatedDomain(), Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: 0}
m1.Remove([]dns.RR{rrAd})
rrAAAAd := new(dns.AAAA)
rrAAAAd.Hdr = dns.RR_Header{Name: student.myAssociatedDomain(), Rrtype: dns.TypeAAAA, Class: dns.ClassINET, Ttl: 0}
rrAAAAd.Hdr = dns.RR_Header{Name: student.MyAssociatedDomain(), Rrtype: dns.TypeAAAA, Class: dns.ClassINET, Ttl: 0}
m1.Remove([]dns.RR{rrAAAAd})
c := new(dns.Client)
@ -226,16 +214,16 @@ func (student Student) AddAssociatedDomains() (err error) {
m2.Id = dns.Id()
m2.Opcode = dns.OpcodeUpdate
m2.Question = make([]dns.Question, 1)
m2.Question[0] = dns.Question{AssociatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
m2.Question[0] = dns.Question{adlin.AssociatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
rrA := new(dns.A)
rrA.Hdr = dns.RR_Header{Name: student.myAssociatedDomain(), Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: 3600}
rrA.Hdr = dns.RR_Header{Name: student.MyAssociatedDomain(), Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: 3600}
rrA.A = net.IPv4(82, 64, 31, 248)
m2.Insert([]dns.RR{rrA})
rrAAAA := new(dns.AAAA)
rrAAAA.Hdr = dns.RR_Header{Name: student.myAssociatedDomain(), Rrtype: dns.TypeAAAA, Class: dns.ClassINET, Ttl: 3600}
rrAAAA.AAAA = studentIP(student.Id)
rrAAAA.Hdr = dns.RR_Header{Name: student.MyAssociatedDomain(), Rrtype: dns.TypeAAAA, Class: dns.ClassINET, Ttl: 3600}
rrAAAA.AAAA = adlin.StudentIP(student.Id)
rrAAAA.AAAA[15] = 1
m2.Insert([]dns.RR{rrAAAA})
@ -247,11 +235,7 @@ func (student Student) AddAssociatedDomains() (err error) {
return
}
func (student Student) MyDelegatedDomain() string {
return fmt.Sprintf("%s.%s", strings.Trim(strings.Replace(student.Login, "_", "-", -1), "-_"), DelegatedDomainSuffix)
}
func (student Student) getRRDelegatedDomain(dn string, rr string) (rrs []Entry, err error) {
func getRRDelegatedDomain(student adlin.Student, dn string, rr string) (rrs []Entry, err error) {
domains := []string{student.MyDelegatedDomain()}
found := false
for _, d := range domains {
@ -264,7 +248,7 @@ func (student Student) getRRDelegatedDomain(dn string, rr string) (rrs []Entry,
err = errors.New(fmt.Sprintf("Unable to find domain %q.", dn))
}
if entries, errr := parseZoneRead(DelegatedDomainSuffix, dn); err != nil {
if entries, errr := parseZoneRead(adlin.DelegatedDomainSuffix, dn); err != nil {
return nil, errr
} else {
for _, e := range entries {
@ -277,13 +261,13 @@ func (student Student) getRRDelegatedDomain(dn string, rr string) (rrs []Entry,
return
}
func (student Student) AddNSDelegatedDomain(dn string, ttl uint32, ns string) (err error) {
func AddNSDelegatedDomain(student adlin.Student, dn string, ttl uint32, ns string) (err error) {
for _, d := range []string{student.MyDelegatedDomain()} {
m1 := new(dns.Msg)
m1.Id = dns.Id()
m1.Opcode = dns.OpcodeUpdate
m1.Question = make([]dns.Question, 1)
m1.Question[0] = dns.Question{DelegatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
m1.Question[0] = dns.Question{adlin.DelegatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
rrNS := new(dns.NS)
rrNS.Hdr = dns.RR_Header{Name: d, Rrtype: dns.TypeNS, Class: dns.ClassINET, Ttl: ttl}
@ -300,13 +284,13 @@ func (student Student) AddNSDelegatedDomain(dn string, ttl uint32, ns string) (e
return
}
func (student Student) UpdateNSDelegatedDomain(dn string, ttl uint32, oldns string, ns string) (err error) {
func UpdateNSDelegatedDomain(student adlin.Student, dn string, ttl uint32, oldns string, ns string) (err error) {
for _, d := range []string{student.MyDelegatedDomain()} {
m1 := new(dns.Msg)
m1.Id = dns.Id()
m1.Opcode = dns.OpcodeUpdate
m1.Question = make([]dns.Question, 1)
m1.Question[0] = dns.Question{DelegatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
m1.Question[0] = dns.Question{adlin.DelegatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
rrOldNS := new(dns.NS)
rrOldNS.Hdr = dns.RR_Header{Name: d, Rrtype: dns.TypeNS, Class: dns.ClassINET}
@ -328,7 +312,7 @@ func (student Student) UpdateNSDelegatedDomain(dn string, ttl uint32, oldns stri
return
}
func (student Student) AddGLUEDelegatedDomain(dn string, ttl uint32, aaaa string) (err error) {
func AddGLUEDelegatedDomain(student adlin.Student, dn string, ttl uint32, aaaa string) (err error) {
domains := []string{student.MyDelegatedDomain()}
found := false
for _, d := range domains {
@ -346,7 +330,7 @@ func (student Student) AddGLUEDelegatedDomain(dn string, ttl uint32, aaaa string
m1.Id = dns.Id()
m1.Opcode = dns.OpcodeUpdate
m1.Question = make([]dns.Question, 1)
m1.Question[0] = dns.Question{DelegatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
m1.Question[0] = dns.Question{adlin.DelegatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
var rr dns.RR
rr, err = dns.NewRR(fmt.Sprintf("%s %d IN AAAA %s", dn, ttl, aaaa))
@ -364,7 +348,7 @@ func (student Student) AddGLUEDelegatedDomain(dn string, ttl uint32, aaaa string
return
}
func (student Student) UpdateGLUEDelegatedDomain(dn string, ttl uint32, oldaaaa string, aaaa string) (err error) {
func UpdateGLUEDelegatedDomain(student adlin.Student, dn string, ttl uint32, oldaaaa string, aaaa string) (err error) {
domains := []string{student.MyDelegatedDomain()}
found := false
for _, d := range domains {
@ -382,7 +366,7 @@ func (student Student) UpdateGLUEDelegatedDomain(dn string, ttl uint32, oldaaaa
m1.Id = dns.Id()
m1.Opcode = dns.OpcodeUpdate
m1.Question = make([]dns.Question, 1)
m1.Question[0] = dns.Question{DelegatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
m1.Question[0] = dns.Question{adlin.DelegatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
var rr dns.RR
@ -406,7 +390,7 @@ func (student Student) UpdateGLUEDelegatedDomain(dn string, ttl uint32, oldaaaa
return
}
func (student Student) AddDSDelegatedDomain(dn string, ttl uint32, rdata string) (err error) {
func AddDSDelegatedDomain(student adlin.Student, dn string, ttl uint32, rdata string) (err error) {
domains := []string{student.MyDelegatedDomain()}
found := false
for _, d := range domains {
@ -438,7 +422,7 @@ func (student Student) AddDSDelegatedDomain(dn string, ttl uint32, rdata string)
m1.Id = dns.Id()
m1.Opcode = dns.OpcodeUpdate
m1.Question = make([]dns.Question, 1)
m1.Question[0] = dns.Question{DelegatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
m1.Question[0] = dns.Question{adlin.DelegatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
var ds *dns.DS
ds = dnskey.ToDS(dns.SHA256)
@ -456,7 +440,7 @@ func (student Student) AddDSDelegatedDomain(dn string, ttl uint32, rdata string)
return
}
func (student Student) DeleteRRDelegatedDomain(dn string, rr string, values ...string) (err error) {
func DeleteRRDelegatedDomain(student adlin.Student, dn string, rr string, values ...string) (err error) {
domains := []string{student.MyDelegatedDomain()}
found := false
for _, d := range domains {
@ -474,7 +458,7 @@ func (student Student) DeleteRRDelegatedDomain(dn string, rr string, values ...s
m1.Id = dns.Id()
m1.Opcode = dns.OpcodeUpdate
m1.Question = make([]dns.Question, 1)
m1.Question[0] = dns.Question{DelegatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
m1.Question[0] = dns.Question{adlin.DelegatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
rrr, errr := dns.NewRR(fmt.Sprintf("%s %s %s", dn, rr, strings.Join(values, " ")))
if errr != nil {