10
0
Fork 0
mirror of https://github.com/ZeusWPI/ZNS.git synced 2024-10-29 21:14:27 +01:00

authoritative zone config

This commit is contained in:
Xander Bil 2024-07-14 22:00:26 +02:00
parent 32f36e895d
commit d8f88dcac5
No known key found for this signature in database
GPG key ID: EC9706B54A278598
3 changed files with 14 additions and 4 deletions

View file

@ -7,6 +7,7 @@ static CONFIG: OnceLock<Config> = OnceLock::new();
pub struct Config {
pub zauth_url: String,
pub db_uri: String,
pub authoritative_zone: Vec<String>,
}
impl Config {
@ -22,6 +23,11 @@ impl Config {
Config {
db_uri: env::var("DATABASE_URL").expect("DATABASE_URL must be set"),
zauth_url: env::var("ZAUTH_URL").expect("ZAUTH_URL must be set"),
authoritative_zone: env::var("ZONE")
.expect("ZONE must be set")
.split(".")
.map(str::to_string)
.collect(),
}
})
}

View file

@ -17,10 +17,11 @@ pub async fn authenticate(
zone: &Vec<String>,
connection: &mut PgConnection,
) -> Result<bool, ZNSError> {
if zone.len() >= 4 {
let username = &zone[zone.len() - 4]; // Should match: username.users.zeus.gent
if zone.len() >= Config::get().authoritative_zone.len() {
let username = &zone[zone.len() - Config::get().authoritative_zone.len() - 1];
let ssh_verified = validate_ssh(username, sig).await.is_ok_and(|b| b);
let ssh_verified = validate_ssh(username, sig).await?;
if ssh_verified {
Ok(true)

View file

@ -1,6 +1,7 @@
use diesel::PgConnection;
use crate::{
config::Config,
db::models::{delete_from_database, insert_into_database},
errors::ZNSError,
structs::{Class, Message, RRClass, RRType, Type},
@ -37,7 +38,9 @@ impl ResponseHandler for UpdateHandler {
// Check Zone authority
let zone = &message.question[0];
let zlen = zone.qname.len();
if !(zlen >= 2 && zone.qname[zlen - 1] == "gent" && zone.qname[zlen - 2] == "zeus") {
let auth_zone = &Config::get().authoritative_zone;
if !(zlen >= auth_zone.len() && vec_equal(&zone.qname[zlen - auth_zone.len()..], auth_zone))
{
return Err(ZNSError::Formerr {
message: "Invalid zone".to_string(),
});