teach/adlin
Archived
0
0
Fork 0
Code Issues 1 Pull requests 4 Releases Activity

maatma: Can specify a dedicated IPv6 for NS association

Browse source
This commit is contained in:
nemunaire 2021-02-04 09:37:24 +01:00
commit dea2436c88
3 changed files with 120 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

61
token-validator/domain.go
View file

@ -26,7 +26,22 @@ func init() {
return student.GetAssociatedDomains(), nil return student.GetAssociatedDomains(), nil
})) }))
router.POST("/api/adomains/", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) { router.POST("/api/adomains/", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
return true, AddAssociatedDomains(student) ue := &struct {
Domain string `json:"domain"`
A string `json:"a"`
AAAA string `json:"aaaa"`
}{}
if err := json.Unmarshal(body, &ue); err != nil {
return nil, err
}
var aaaa net.IP
if ue != nil && len(ue.AAAA) > 0 {
aaaa = net.ParseIP(ue.AAAA)
}
return true, AddAssociatedDomains(student, aaaa)
})) }))
router.GET("/api/adomains/:dn", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) { router.GET("/api/adomains/:dn", apiAuthHandler(func(student adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {
return GetAssociatedDomain(student, ps.ByName("dn")) return GetAssociatedDomain(student, ps.ByName("dn"))
@ -186,20 +201,30 @@ func GetAssociatedDomain(student adlin.Student, dn string) (rrs []Entry, err err
return return
} }
func AddAssociatedDomains(student adlin.Student) (err error) { func delAssociatedDomains(student adlin.Student, dn string) (err error) {
var adomains []Entry
adomains, err = GetAssociatedDomain(student, dn)
if err != nil {
return
}
m1 := new(dns.Msg) m1 := new(dns.Msg)
m1.Id = dns.Id() m1.Id = dns.Id()
m1.Opcode = dns.OpcodeUpdate m1.Opcode = dns.OpcodeUpdate
m1.Question = make([]dns.Question, 1) m1.Question = make([]dns.Question, 1)
m1.Question[0] = dns.Question{adlin.AssociatedDomainSuffix, dns.TypeSOA, dns.ClassINET} m1.Question[0] = dns.Question{adlin.AssociatedDomainSuffix, dns.TypeSOA, dns.ClassINET}
rrAd := new(dns.A) var rrs []dns.RR
rrAd.Hdr = dns.RR_Header{Name: student.MyAssociatedDomain(), Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: 0} for _, domain := range adomains {
m1.Remove([]dns.RR{rrAd}) rr, errr := dns.NewRR(fmt.Sprintf("%s %s %s", domain.Domain, domain.RR, strings.Join(domain.Values, " ")))
if errr != nil {
return errr
}
rrAAAAd := new(dns.AAAA) rrs = append(rrs, rr)
rrAAAAd.Hdr = dns.RR_Header{Name: student.MyAssociatedDomain(), Rrtype: dns.TypeAAAA, Class: dns.ClassINET, Ttl: 0} }
m1.Remove([]dns.RR{rrAAAAd})
m1.Remove(rrs)
c := new(dns.Client) c := new(dns.Client)
c.TsigSecret = tsigSecret c.TsigSecret = tsigSecret
@ -210,6 +235,21 @@ func AddAssociatedDomains(student adlin.Student) (err error) {
return return
} }
return
}
func AddAssociatedDomains(student adlin.Student, aaaa net.IP) (err error) {
err = delAssociatedDomains(student, student.MyAssociatedDomain())
if err != nil {
return
}
if aaaa == nil {
aaaa = net.ParseIP(adlin.StudentIP(student.Id).String() + "1")
} else if !strings.HasPrefix(aaaa.String(), adlin.StudentIP(student.Id).String()) {
return errors.New("The associated IP has to be in your IP range.")
}
m2 := new(dns.Msg) m2 := new(dns.Msg)
m2.Id = dns.Id() m2.Id = dns.Id()
m2.Opcode = dns.OpcodeUpdate m2.Opcode = dns.OpcodeUpdate
@ -223,11 +263,10 @@ func AddAssociatedDomains(student adlin.Student) (err error) {
rrAAAA := new(dns.AAAA) rrAAAA := new(dns.AAAA)
rrAAAA.Hdr = dns.RR_Header{Name: student.MyAssociatedDomain(), Rrtype: dns.TypeAAAA, Class: dns.ClassINET, Ttl: 3600} rrAAAA.Hdr = dns.RR_Header{Name: student.MyAssociatedDomain(), Rrtype: dns.TypeAAAA, Class: dns.ClassINET, Ttl: 3600}
rrAAAA.AAAA = adlin.StudentIP(student.Id) rrAAAA.AAAA = aaaa
rrAAAA.AAAA[15] = 1
m2.Insert([]dns.RR{rrAAAA}) m2.Insert([]dns.RR{rrAAAA})
c = new(dns.Client) c := new(dns.Client)
c.TsigSecret = tsigSecret c.TsigSecret = tsigSecret
m2.SetTsig("rndc-key.", dns.HmacSHA256, 300, time.Now().Unix()) m2.SetTsig("rndc-key.", dns.HmacSHA256, 300, time.Now().Unix())

29
token-validator/htdocs/js/adlin-main.js
View file

@ -282,13 +282,36 @@ angular.module("AdLinApp")
}); });
}); });
}; };
$scope.updateDelegatedD(); $scope.updateDelegatedD();
$scope.newAssociationD = function() { $scope.askAssociationD = function() {
if ($scope.adomains.length == 0) {
return $scope.newAssociationD({})
}
var aaaa = ""
if ($scope.adomains.length >= 1) {
$scope.adomains.forEach(function (adomain) {
if (adomain.values.join("").slice(0, 5) == "2a01:")
aaaa = adomain.values.join("")
})
}
$scope.assoc = {
"domain": $scope.adomains[0].domain,
"a": "82.64.31.248",
"aaaa": aaaa,
}
$('#AssocModal').modal('show');
}
$scope.newAssociationD = function(assoc) {
$('#AssocModal').modal('hide');
$scope.pleaseWaitNewAssociation = true; $scope.pleaseWaitNewAssociation = true;
$http({ $http({
method: 'POST', method: 'POST',
url: "api/adomains/", url: "api/adomains/",
data: assoc,
}).then(function(response) { }).then(function(response) {
$scope.updateAssociationD(); $scope.updateAssociationD();
$scope.pleaseWaitNewAssociation = false; $scope.pleaseWaitNewAssociation = false;

46
token-validator/htdocs/views/domains.html
View file

@ -24,9 +24,9 @@
<tfoot> <tfoot>
<tr> <tr>
<td colspan="4"> <td colspan="4">
<button class="btn btn-primary" ng-click="newAssociationD()"> <button class="btn btn-primary" ng-click="askAssociationD()">
<span class="spinner-border spinner-border-sm" role="status" aria-hidden="true" ng-show="pleaseWaitNewAssociation"></span> <span class="spinner-border spinner-border-sm" role="status" aria-hidden="true" ng-show="pleaseWaitNewAssociation"></span>
Demander un nouveau nom de domaine Demander une nouvelle association
</button> </button>
</td> </td>
</tr> </tr>
@ -182,6 +182,48 @@
</div> </div>
<div class="modal" id="AssocModal" tabindex="-1" role="dialog">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title">Nouvelle association</h5>
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">&times;</span>
</button>
</div>
<div class="modal-body">
<p>
Attention : la nouvelle association écrasera toute association précédente&nbsp;!
</p>
<form class="ml-2 mr-2">
<div class="form-group row">
<label class="col-sm-2 col-form-label">Domaine</label>
<div class="col-sm-10">
<input class="form-control-plaintext" ng-model="assoc.domain" readonly>
</div>
</div>
<div class="form-group row">
<label class="col-sm-2 col-form-label">IPv4</label>
<div class="col-sm-10">
<input class="form-control-plaintext" ng-model="assoc.a" readonly>
</div>
</div>
<div class="form-group row">
<label for="value" class="col-sm-2 col-form-label">IPv6</label>
<div class="col-sm-10">
<input class="form-control" id="value" ng-model="assoc.aaaa">
</div>
</div>
</form>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Annuler</button>
<button type="button" class="btn btn-primary" ng-click="newAssociationD(assoc)">Envoyer</button>
</div>
</div>
</div>
</div>
<div class="modal" id="NSModal" tabindex="-1" role="dialog"> <div class="modal" id="NSModal" tabindex="-1" role="dialog">
<div class="modal-dialog" role="document"> <div class="modal-dialog" role="document">
<div class="modal-content"> <div class="modal-content">