token-validator: implement GLUE test

2020-04-26 17:26:39 +02:00 · 2020-04-26 17:26:39 +02:00 · 3a9623a6af
commit 3a9623a6af
parent e7d9b1c89f
3 changed files with 96 additions and 2 deletions
--- a/token-validator/check.go
+++ b/token-validator/check.go
@ -0,0 +1,72 @@
+package main
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/julienschmidt/httprouter"
+	"github.com/miekg/dns"
+
+	"git.nemunai.re/lectures/adlin/libadlin"
+)
+
+type checkGLUE struct {
+	Domain string `json:"domain"`
+	IP     string `json:"ip"`
+}
+
+func init() {
+	router.POST("/api/check/GLUE", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
+		var uc checkGLUE
+		if err := json.Unmarshal(body, &uc); err != nil {
+			return nil, err
+		}
+		return true, check_GLUE_respond(student, uc.Domain, uc.IP)
+	}))
+}
+func check_GLUE_respond(student adlin.Student, domain string, ip string) (err error) {
+	if !strings.HasPrefix(ip, adlin.StudentIP(student.Id).String()) {
+		return fmt.Errorf("%q is not your IP range")
+	}
+
+	client := dns.Client{Net: "tcp", Timeout: time.Second * 5}
+
+	m := new(dns.Msg)
+	m.SetQuestion(domain, dns.TypeAAAA)
+	m.RecursionDesired = false
+	m.SetEdns0(4096, true)
+
+	var r *dns.Msg
+	r, _, err = client.Exchange(m, fmt.Sprintf("[%s]:53", ip))
+	if err != nil {
+		return
+	}
+
+	if r == nil {
+		return errors.New("Response from name server is nil")
+	}
+	if r.Rcode != dns.RcodeSuccess {
+		return errors.New("Failed to get a valid answer")
+	}
+
+	if len(r.Answer) == 0 {
+		return errors.New("Empty response for this NS record")
+	}
+
+	found := false
+
+	for _, answer := range r.Answer {
+		if t, ok := answer.(*dns.AAAA); ok {
+			found = found || t.AAAA.String() == ip
+		}
+	}
+
+	if !found {
+		return fmt.Errorf("%q not found in records", ip)
+	}
+
+	return
+}
--- a/token-validator/htdocs/js/adlin-main.js
+++ b/token-validator/htdocs/js/adlin-main.js
@ -422,6 +422,27 @@ angular.module("AdLinApp")
 	$scope.addOnUpdateEvent(updateGLUE);
    })

+    .controller("GLUEController", function($scope, $http) {
+	var updateGLUE = function() {
+	    $scope.GLUEpending = true;
+	    $http({
+	      method: 'POST',
+	      url: "api/check/GLUE",
+	      data: {domain: $scope.rr.domain, ip: $scope.rr.values.join("")}
+	    }).then(function(response) {
+	      $scope.GLUEpending = false;
+	      $scope.GLUEok = response.data;
+              $scope.GLUEerr = "OK";
+	    }, function(response) {
+	      $scope.GLUEpending = false;
+              $scope.GLUEok = false;
+              $scope.GLUEerr = response.data.errmsg;
+            });
+	}
+	updateGLUE();
+	$scope.addOnUpdateEvent(updateGLUE);
+    })
+
    .controller("DSDomainsController", function($scope, $http) {
 	var updateDS = function() {
 	    $http({
--- a/token-validator/htdocs/views/domains.html
+++ b/token-validator/htdocs/views/domains.html
@ -109,8 +109,9 @@
 	  <tr ng-repeat="rr in domainGLUE">
 	    <td>{{ rr.domain }}</td>
 	    <td><span ng-repeat="val in rr.values">{{ val }} </span></td>
-	    <td>
-	      <span class="badge badge-pill badge-secondary">Not implemented yet</span>
+	    <td ng-controller="GLUEController">
+              <span class="spinner-border spinner-border-sm" role="status" aria-hidden="true" ng-show="GLUEpending"></span>
+	      <span class="badge badge-pill" ng-class="{'badge-success': GLUEok, 'badge-danger': !GLUEok}" ng-bind="GLUEerr">Not implemented yet</span>
 	    </td>
 	    <td>
 	      <button class="btn btn-warning" ng-click="updateGLUE(rr.domain, rr)">Modifier</button>