teach/adlin
Archived
0
0
Fork 0
Code Issues 1 Pull requests 4 Releases Activity

token-validator: Don't use hardcoded tsig anymore

Browse source
This commit is contained in:
nemunaire 2021-02-13 18:31:52 +01:00
commit 331192ccbe
2 changed files with 34 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

42
token-validator/domain.go
View file

@ -15,12 +15,12 @@ import (
"git.nemunai.re/lectures/adlin/libadlin"
)
const (
var (
ControlSocket = "[2a01:e0a:2b:2250::b]:53"
tsigName = "ddns."
tsigSecret = ""
)
var tsigSecret = map[string]string{"ddns.": "so6ZGir4GPAqINNh9U5c3A=="}
func init() {
router.GET("/api/adomains/", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
return student.GetAssociatedDomains(), nil
@ -139,9 +139,9 @@ func parseZoneRead(globalDomain string, domain string) (rr []Entry, err error) {
t := new(dns.Transfer)
m := new(dns.Msg)
t.TsigSecret = tsigSecret
t.TsigSecret = map[string]string{tsigName: tsigSecret}
m.SetAxfr(globalDomain)
m.SetTsig("rndc-key.", dns.HmacSHA256, 300, time.Now().Unix())
m.SetTsig(tsigName, dns.HmacSHA256, 300, time.Now().Unix())
c, err := t.In(m, ControlSocket)
if err != nil {
@ -227,8 +227,8 @@ func delAssociatedDomains(student adlin.Student, dn string) (err error) {
m1.Remove(rrs)
c := new(dns.Client)
c.TsigSecret = tsigSecret
m1.SetTsig("rndc-key.", dns.HmacSHA256, 300, time.Now().Unix())
c.TsigSecret = map[string]string{tsigName: tsigSecret}
m1.SetTsig(tsigName, dns.HmacSHA256, 300, time.Now().Unix())
_, _, err = c.Exchange(m1, ControlSocket)
if err != nil {
@ -267,8 +267,8 @@ func AddAssociatedDomains(student adlin.Student, aaaa net.IP) (err error) {
m2.Insert([]dns.RR{rrAAAA})
c := new(dns.Client)
c.TsigSecret = tsigSecret
m2.SetTsig("rndc-key.", dns.HmacSHA256, 300, time.Now().Unix())
c.TsigSecret = map[string]string{tsigName: tsigSecret}
m2.SetTsig(tsigName, dns.HmacSHA256, 300, time.Now().Unix())
_, _, err = c.Exchange(m2, ControlSocket)
return
@ -314,8 +314,8 @@ func AddNSDelegatedDomain(student adlin.Student, dn string, ttl uint32, ns strin
m1.Insert([]dns.RR{rrNS})
c := new(dns.Client)
c.TsigSecret = tsigSecret
m1.SetTsig("rndc-key.", dns.HmacSHA256, 300, time.Now().Unix())
c.TsigSecret = map[string]string{tsigName: tsigSecret}
m1.SetTsig(tsigName, dns.HmacSHA256, 300, time.Now().Unix())
_, _, err = c.Exchange(m1, ControlSocket)
}
@ -342,8 +342,8 @@ func UpdateNSDelegatedDomain(student adlin.Student, dn string, ttl uint32, oldns
m1.Insert([]dns.RR{rrNS})
c := new(dns.Client)
c.TsigSecret = tsigSecret
m1.SetTsig("rndc-key.", dns.HmacSHA256, 300, time.Now().Unix())
c.TsigSecret = map[string]string{tsigName: tsigSecret}
m1.SetTsig(tsigName, dns.HmacSHA256, 300, time.Now().Unix())
_, _, err = c.Exchange(m1, ControlSocket)
}
@ -379,8 +379,8 @@ func AddGLUEDelegatedDomain(student adlin.Student, dn string, ttl uint32, aaaa s
m1.Insert([]dns.RR{rr})
c := new(dns.Client)
c.TsigSecret = tsigSecret
m1.SetTsig("rndc-key.", dns.HmacSHA256, 300, time.Now().Unix())
c.TsigSecret = map[string]string{tsigName: tsigSecret}
m1.SetTsig(tsigName, dns.HmacSHA256, 300, time.Now().Unix())
_, _, err = c.Exchange(m1, ControlSocket)
@ -422,8 +422,8 @@ func UpdateGLUEDelegatedDomain(student adlin.Student, dn string, ttl uint32, old
m1.Insert([]dns.RR{rr})
c := new(dns.Client)
c.TsigSecret = tsigSecret
m1.SetTsig("rndc-key.", dns.HmacSHA256, 300, time.Now().Unix())
c.TsigSecret = map[string]string{tsigName: tsigSecret}
m1.SetTsig(tsigName, dns.HmacSHA256, 300, time.Now().Unix())
_, _, err = c.Exchange(m1, ControlSocket)
return
@ -472,8 +472,8 @@ func AddDSDelegatedDomain(student adlin.Student, dn string, ttl uint32, rdata st
m1.Insert([]dns.RR{ds})
c := new(dns.Client)
c.TsigSecret = tsigSecret
m1.SetTsig("rndc-key.", dns.HmacSHA256, 300, time.Now().Unix())
c.TsigSecret = map[string]string{tsigName: tsigSecret}
m1.SetTsig(tsigName, dns.HmacSHA256, 300, time.Now().Unix())
_, _, err = c.Exchange(m1, ControlSocket)
return
@ -506,8 +506,8 @@ func DeleteRRDelegatedDomain(student adlin.Student, dn string, rr string, values
m1.Remove([]dns.RR{rrr})
c := new(dns.Client)
c.TsigSecret = tsigSecret
m1.SetTsig("rndc-key.", dns.HmacSHA256, 300, time.Now().Unix())
c.TsigSecret = map[string]string{tsigName: tsigSecret}
m1.SetTsig(tsigName, dns.HmacSHA256, 300, time.Now().Unix())
_, _, err = c.Exchange(m1, ControlSocket)