mirror of
https://github.com/ZeusWPI/ZNS.git
synced 2024-10-29 21:14:27 +01:00
add more config and check expiration/inception time
This commit is contained in:
parent
fee261d781
commit
7b5fad0306
4 changed files with 35 additions and 4 deletions
|
@ -1,4 +1,4 @@
|
|||
use std::{env, sync::OnceLock};
|
||||
use std::{env, net::IpAddr, sync::OnceLock};
|
||||
|
||||
use dotenvy::dotenv;
|
||||
|
||||
|
@ -8,6 +8,8 @@ pub struct Config {
|
|||
pub zauth_url: String,
|
||||
pub db_uri: String,
|
||||
pub authoritative_zone: Vec<String>,
|
||||
pub port: u16,
|
||||
pub address: IpAddr,
|
||||
}
|
||||
|
||||
impl Config {
|
||||
|
@ -28,6 +30,13 @@ impl Config {
|
|||
.split(".")
|
||||
.map(str::to_string)
|
||||
.collect(),
|
||||
port: env::var("ZNS_PORT")
|
||||
.map(|v| v.parse::<u16>().expect("ZNS_PORT is invalid"))
|
||||
.unwrap_or(5333),
|
||||
address: env::var("ZNS_ADDRESS")
|
||||
.unwrap_or(String::from("127.0.0.1"))
|
||||
.parse()
|
||||
.expect("ZNS_ADDRESS is invalid"),
|
||||
}
|
||||
})
|
||||
}
|
||||
|
|
|
@ -99,7 +99,7 @@ impl ResponseHandler for UpdateHandler {
|
|||
|
||||
for rr in &message.authority {
|
||||
if rr.class == zone.qclass {
|
||||
let _ = insert_into_database(&rr, connection);
|
||||
let _ = insert_into_database(&rr, connection)?;
|
||||
} else if rr.class == Class::Class(RRClass::ANY) {
|
||||
if rr._type == Type::Type(RRType::ANY) {
|
||||
if rr.name == zone.qname {
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
use std::time::{SystemTime, UNIX_EPOCH};
|
||||
|
||||
use base64::prelude::*;
|
||||
use int_enum::IntEnum;
|
||||
|
||||
|
@ -19,6 +21,7 @@ pub struct Sig {
|
|||
}
|
||||
|
||||
#[allow(dead_code)]
|
||||
#[derive(Debug)]
|
||||
struct SigRData {
|
||||
type_covered: u16,
|
||||
algo: Algorithm,
|
||||
|
@ -80,6 +83,25 @@ impl Sig {
|
|||
let mut reader = Reader::new(&rr.rdata);
|
||||
let key_rdata = SigRData::from_bytes(&mut reader)?;
|
||||
|
||||
let now = SystemTime::now()
|
||||
.duration_since(UNIX_EPOCH)
|
||||
.map_err(|e| ZNSError::Servfail {
|
||||
message: e.to_string(),
|
||||
})?
|
||||
.as_secs();
|
||||
|
||||
if (key_rdata.signature_inception as u64) > now {
|
||||
return Err(ZNSError::Refused {
|
||||
message: String::from("invalid signature inception time"),
|
||||
});
|
||||
}
|
||||
|
||||
if (key_rdata.signature_expiration as u64) < now {
|
||||
return Err(ZNSError::Refused {
|
||||
message: String::from("signature has expired"),
|
||||
});
|
||||
}
|
||||
|
||||
let mut raw_data = rr.rdata[0..rr.rdata.len() - key_rdata.signature.len()].to_vec();
|
||||
raw_data.extend(request);
|
||||
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
use std::{error::Error, net::SocketAddr};
|
||||
|
||||
mod config;
|
||||
mod resolver;
|
||||
mod db;
|
||||
mod handlers;
|
||||
mod resolver;
|
||||
mod utils;
|
||||
|
||||
use config::Config;
|
||||
|
@ -13,7 +13,7 @@ use crate::resolver::{tcp_listener_loop, udp_listener_loop};
|
|||
#[tokio::main]
|
||||
async fn main() -> Result<(), Box<dyn Error>> {
|
||||
Config::initialize();
|
||||
let resolver_add = SocketAddr::from(([127, 0, 0, 1], 8080));
|
||||
let resolver_add = SocketAddr::from((Config::get().address, Config::get().port));
|
||||
let _ = tokio::join!(
|
||||
udp_listener_loop(resolver_add),
|
||||
tcp_listener_loop(resolver_add)
|
||||
|
|
Loading…
Reference in a new issue