Add formatAbsoluteDomain, remove regGetUpperDomain
This commit is contained in:
parent
40cb0729ad
commit
9bcf3a57a2
14 changed files with 66 additions and 84 deletions
|
@ -66,11 +66,11 @@ define('DESCRIPTIONS', [
|
|||
'ip' => 'Indiquer l\'adresse IP d\'un domaine',
|
||||
'ns' => 'Indiquer le serveur de noms d\'une zone',
|
||||
'txt' => 'Associer du texte à un domaine',
|
||||
'caa' => 'Enregistrement <abbr title="Certificate Authority Authorization">CAA</abbr>',
|
||||
'srv' => 'Indiquer l\'adresse pour un service spécifique',
|
||||
'mx' => 'Indiquer le serveur mail pour un domaine',
|
||||
'sshfp' => 'Indiquer les empreintes de clés <abbr title="Secure SHell">SSH</abbr> d\'un domaine',
|
||||
'tlsa' => 'Indiquer les seules autorités de certifications autorisée à signer les domaines',
|
||||
'caa' => 'Limiter les autorités de certification autorisées à émettre des certificats',
|
||||
'srv' => 'Indiquer l\'adresse d\'un service spécifique',
|
||||
'mx' => 'Indiquer l\'adresse du serveur recevant les courriels',
|
||||
'sshfp' => 'Indiquer les empreintes des clés <abbr title="Secure SHell">SSH</abbr>',
|
||||
'tlsa' => 'Mettre en place <abbr title="DNS-based Authentication of Named Entities">DANE</abbr> en indiquant l\'empreinte d\'un certificat <abbr title="Transport Layer Security">TLS</abbr>',
|
||||
],
|
||||
'ht' => [
|
||||
'index' => 'Mettre en ligne son site statique sur un espace <abbr title="SSH File Transfert Protocol">SFTP</abbr>, et le faire répondre en <abbr title="HyperText Transfert Protocol">HTTP</abbr> par DNS ou Tor',
|
||||
|
|
12
fn/dns.php
12
fn/dns.php
|
@ -38,6 +38,18 @@ function checkAbsoluteDomainFormat($domain) {
|
|||
userError("Domain malformed.");
|
||||
}
|
||||
|
||||
function formatEndWithDot($str) {
|
||||
if (!str_ends_with($str, '.'))
|
||||
$str .= '.';
|
||||
return $str;
|
||||
}
|
||||
|
||||
function formatAbsoluteDomain($domain) {
|
||||
$domain = formatEndWithDot(strtolower($domain));
|
||||
checkAbsoluteDomainFormat($domain);
|
||||
return $domain;
|
||||
}
|
||||
|
||||
function checkAction($action) {
|
||||
return match ($action) {
|
||||
'add' => '',
|
||||
|
|
|
@ -15,8 +15,7 @@ function nsParseCommonRequirements() {
|
|||
if (($_POST['subdomain'] === "") OR ($_POST['subdomain'] === "@"))
|
||||
$values['domain'] = $_POST['zone'];
|
||||
else
|
||||
$values['domain'] = $_POST['subdomain'] . "." . $_POST['zone'];
|
||||
checkAbsoluteDomainFormat($values['domain']);
|
||||
$values['domain'] = formatAbsoluteDomain(formatEndWithDot($_POST['subdomain']) . $_POST['zone']);
|
||||
|
||||
$values['ttl'] = $_POST['ttl-value'] * $_POST['ttl-multiplier'];
|
||||
|
||||
|
@ -30,9 +29,9 @@ function nsListUserZones($username) {
|
|||
return query('select', 'zones', ['username' => $username], 'zone');
|
||||
}
|
||||
|
||||
function nsCheckZonePossession($submittedZone) {
|
||||
checkAbsoluteDomainFormat($submittedZone);
|
||||
function nsCheckZonePossession($zone) {
|
||||
checkAbsoluteDomainFormat($zone);
|
||||
|
||||
if (!in_array($submittedZone, query('select', 'zones', ['username' => $_SESSION['username']], 'zone'), true))
|
||||
if (!in_array($zone, query('select', 'zones', ['username' => $_SESSION['username']], 'zone'), true))
|
||||
userError("You don't own this zone on the nameserver.");
|
||||
}
|
||||
|
|
11
fn/reg.php
11
fn/reg.php
|
@ -1,20 +1,11 @@
|
|||
<?php
|
||||
|
||||
function regGetUpperDomain($domain) {
|
||||
// Remove anything before the first dot and the first dot itself
|
||||
return preg_replace("/^[^.]+\./", "", $domain);
|
||||
}
|
||||
|
||||
function regListUserDomains($username) {
|
||||
return query('select', 'registry', ['username' => $username], 'domain');
|
||||
}
|
||||
|
||||
function regCheckDomainPossession($domain) {
|
||||
checkAbsoluteDomainFormat($domain);
|
||||
|
||||
$ownedDomains = regListUserDomains($_SESSION['username']);
|
||||
|
||||
if (in_array($domain, $ownedDomains, true) !== true)
|
||||
if (in_array($domain, regListUserDomains($_SESSION['username']), true) !== true)
|
||||
userError("You don't own this domain.");
|
||||
}
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
body {
|
||||
margin: 0;
|
||||
margin: 1rem;
|
||||
padding: 0;
|
||||
background-color: var(--background-color);
|
||||
color: var(--foreground-color);
|
||||
|
|
|
@ -17,52 +17,42 @@ if (isset($_SESSION['username']))
|
|||
|
||||
<?php
|
||||
|
||||
if (isset($_POST['zone']) AND isset($_SESSION['username'])) {
|
||||
switchToFormProcess();
|
||||
|
||||
nsCheckZonePossession($_POST['zone']);
|
||||
nsCheckZonePossession($_POST['zone']);
|
||||
|
||||
$zoneContent = file_get_contents(CONF['ns']['knot_zones_path'] . "/" . $_POST['zone'] . "zone");
|
||||
$zoneContent = file_get_contents(CONF['ns']['knot_zones_path'] . "/" . $_POST['zone'] . "zone");
|
||||
|
||||
$found = preg_match("#\n" . preg_quote($_POST['zone']) . "\s+0\s+CDS\s+([0-9]{1,5})\s+([0-9]{1,2})\s+([0-9])\s+([0-9A-F]{64})\n#", $zoneContent, $matches);
|
||||
if ($found !== 1)
|
||||
serverError("Unable to get public key record from zone file.");
|
||||
$found = preg_match("#\n" . preg_quote($_POST['zone']) . "\s+0\s+CDS\s+([0-9]{1,5})\s+([0-9]{1,2})\s+([0-9])\s+([0-9A-F]{64})\n#", $zoneContent, $matches);
|
||||
if ($found !== 1)
|
||||
serverError("Unable to get public key record from zone file.");
|
||||
|
||||
$tag = $matches[1];
|
||||
$algo = $matches[2];
|
||||
$digestType = $matches[3];
|
||||
$digest = $matches[4];
|
||||
$tag = $matches[1];
|
||||
$algo = $matches[2];
|
||||
$digestType = $matches[3];
|
||||
$digest = $matches[4];
|
||||
|
||||
?>
|
||||
?>
|
||||
|
||||
<dl>
|
||||
|
||||
<dt>Zone</dt>
|
||||
<dd>
|
||||
<code><?= $_POST['zone'] ?></code>
|
||||
</dd>
|
||||
|
||||
<dt>Tag</dt>
|
||||
<dd>
|
||||
<code><?= $tag ?></code>
|
||||
</dd>
|
||||
|
||||
<dt>Algorithme</dt>
|
||||
<dd>
|
||||
<code><?= $algo ?></code><?php if ($algo === "15") echo " (Ed25519)"; ?>
|
||||
</dd>
|
||||
|
||||
<dt>Type de condensat</dt>
|
||||
<dd>
|
||||
<code><?= $digestType ?></code><?php if ($digestType === "2") echo " (SHA-256)"; ?>
|
||||
</dd>
|
||||
|
||||
<dt>Condensat</dt>
|
||||
<dd>
|
||||
<code><?= $digest ?></code>
|
||||
</dd>
|
||||
|
||||
</dl>
|
||||
|
||||
<?php } ?>
|
||||
|
||||
<?php closeHTML(); ?>
|
||||
<dl>
|
||||
<dt>Zone</dt>
|
||||
<dd>
|
||||
<code><?= $_POST['zone'] ?></code>
|
||||
</dd>
|
||||
<dt>Tag</dt>
|
||||
<dd>
|
||||
<code><?= $tag ?></code>
|
||||
</dd>
|
||||
<dt>Algorithme</dt>
|
||||
<dd>
|
||||
<code><?= $algo ?></code><?php if ($algo === "15") echo " (Ed25519)"; ?>
|
||||
</dd>
|
||||
<dt>Type de condensat</dt>
|
||||
<dd>
|
||||
<code><?= $digestType ?></code><?php if ($digestType === "2") echo " (SHA-256)"; ?>
|
||||
</dd>
|
||||
<dt>Condensat</dt>
|
||||
<dd>
|
||||
<code><?= $digest ?></code>
|
||||
</dd>
|
||||
</dl>
|
||||
|
|
|
@ -29,7 +29,7 @@ $values = nsParseCommonRequirements();
|
|||
if (!($_POST['priority'] >= 0 AND $_POST['priority'] <= 255))
|
||||
userError("Wrong value for <code>priority</code>.");
|
||||
|
||||
checkAbsoluteDomainFormat($_POST['host']);
|
||||
$_POST['host'] = formatAbsoluteDomain($_POST['host']);
|
||||
|
||||
knotcExec($_POST['zone'], array(
|
||||
$values['domain'],
|
||||
|
|
|
@ -16,7 +16,7 @@ switchToFormProcess();
|
|||
|
||||
$values = nsParseCommonRequirements();
|
||||
|
||||
checkAbsoluteDomainFormat($_POST['ns']);
|
||||
$_POST['ns'] = formatAbsoluteDomain($_POST['ns']);
|
||||
|
||||
knotcExec($_POST['zone'], array(
|
||||
$values['domain'],
|
||||
|
|
|
@ -47,7 +47,7 @@ if (!($_POST['weight'] >= 0 AND $_POST['weight'] <= 65535))
|
|||
if (!($_POST['port'] >= 0 AND $_POST['port'] <= 65535))
|
||||
userError("Wrong value for <code>port</code>.");
|
||||
|
||||
checkAbsoluteDomainFormat($_POST['target']);
|
||||
$_POST['target'] = formatAbsoluteDomain($_POST['target']);
|
||||
|
||||
knotcExec($_POST['zone'], array(
|
||||
$values['domain'],
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
|
||||
switchToFormProcess();
|
||||
|
||||
checkAbsoluteDomainFormat($_POST['domain']);
|
||||
$_POST['domain'] = formatAbsoluteDomain($_POST['domain']);
|
||||
|
||||
$db = new PDO('sqlite:' . DB_PATH);
|
||||
$stmt = $db->prepare("INSERT INTO zones(zone, username) VALUES(:zone, :username)");
|
||||
|
|
|
@ -86,9 +86,7 @@ regCheckDomainPossession($_POST['zone']);
|
|||
|
||||
$action = checkAction($_POST['action']);
|
||||
|
||||
$suffix = regGetUpperDomain($_POST['zone']);
|
||||
|
||||
knotcExec($suffix, array(
|
||||
knotcExec(CONF['reg']['registry'], array(
|
||||
$_POST['zone'],
|
||||
CONF['reg']['ttl'],
|
||||
"DS",
|
||||
|
|
|
@ -41,15 +41,11 @@ switchToFormProcess();
|
|||
|
||||
regCheckDomainPossession($_POST['suffix']);
|
||||
|
||||
$domain = $_POST['subdomain'] . "." . $_POST['suffix'];
|
||||
|
||||
checkAbsoluteDomainFormat($domain);
|
||||
$domain = formatAbsoluteDomain(formatEndWithDot($_POST['subdomain']) . CONF['reg']['registry']);
|
||||
|
||||
$record = checkIpFormat($_POST['ip']);
|
||||
|
||||
$publicSuffix = regGetUpperDomain($_POST['suffix']);
|
||||
|
||||
knotcExec($publicSuffix, array(
|
||||
knotcExec(CONF['reg']['registry'], array(
|
||||
$domain,
|
||||
CONF['reg']['ttl'],
|
||||
$record,
|
||||
|
|
|
@ -31,11 +31,9 @@ if (isset($_SESSION['username']))
|
|||
switchToFormProcess();
|
||||
|
||||
regCheckDomainPossession($_POST['domain']);
|
||||
checkAbsoluteDomainFormat($_POST['ns']);
|
||||
$_POST['ns'] = formatAbsoluteDomain($_POST['ns']);
|
||||
|
||||
$suffix = regGetUpperDomain($_POST['domain']);
|
||||
|
||||
knotcExec($suffix, array(
|
||||
knotcExec(CONF['reg']['registry'], array(
|
||||
$_POST['domain'],
|
||||
CONF['reg']['ttl'],
|
||||
"NS",
|
||||
|
|
|
@ -20,9 +20,7 @@ switchToFormProcess();
|
|||
if (preg_match("/" . CONF['reg']['subdomain_regex'] . "/", $_POST['subdomain']) !== 1)
|
||||
userError("Erreur : Le nom de domaine doit être composé uniquement d'entre 4 et 63 lettres minuscules (a-z)");
|
||||
|
||||
$domain = $_POST['subdomain'] . "." . CONF['reg']['registry'];
|
||||
|
||||
checkAbsoluteDomainFormat($domain);
|
||||
$domain = formatAbsoluteDomain(formatEndWithDot($_POST['subdomain']) . CONF['reg']['registry']);
|
||||
|
||||
if (regIsFree($domain) !== true)
|
||||
userError("Ce domaine n'est pas disponible à l'enregistrement. Il est réservé ou déjà enregistré.");
|
||||
|
|
Loading…
Reference in a new issue