10
0
Fork 0
mirror of https://github.com/ZeusWPI/ZNS.git synced 2024-11-27 22:51:12 +01:00

authoritative zone config

This commit is contained in:
Xander Bil 2024-07-14 22:00:26 +02:00
parent 32f36e895d
commit d8f88dcac5
No known key found for this signature in database
GPG key ID: EC9706B54A278598
3 changed files with 14 additions and 4 deletions

View file

@ -7,6 +7,7 @@ static CONFIG: OnceLock<Config> = OnceLock::new();
pub struct Config { pub struct Config {
pub zauth_url: String, pub zauth_url: String,
pub db_uri: String, pub db_uri: String,
pub authoritative_zone: Vec<String>,
} }
impl Config { impl Config {
@ -22,6 +23,11 @@ impl Config {
Config { Config {
db_uri: env::var("DATABASE_URL").expect("DATABASE_URL must be set"), db_uri: env::var("DATABASE_URL").expect("DATABASE_URL must be set"),
zauth_url: env::var("ZAUTH_URL").expect("ZAUTH_URL must be set"), zauth_url: env::var("ZAUTH_URL").expect("ZAUTH_URL must be set"),
authoritative_zone: env::var("ZONE")
.expect("ZONE must be set")
.split(".")
.map(str::to_string)
.collect(),
} }
}) })
} }

View file

@ -17,10 +17,11 @@ pub async fn authenticate(
zone: &Vec<String>, zone: &Vec<String>,
connection: &mut PgConnection, connection: &mut PgConnection,
) -> Result<bool, ZNSError> { ) -> Result<bool, ZNSError> {
if zone.len() >= 4 { if zone.len() >= Config::get().authoritative_zone.len() {
let username = &zone[zone.len() - 4]; // Should match: username.users.zeus.gent let username = &zone[zone.len() - Config::get().authoritative_zone.len() - 1];
let ssh_verified = validate_ssh(username, sig).await.is_ok_and(|b| b);
let ssh_verified = validate_ssh(username, sig).await?;
if ssh_verified { if ssh_verified {
Ok(true) Ok(true)

View file

@ -1,6 +1,7 @@
use diesel::PgConnection; use diesel::PgConnection;
use crate::{ use crate::{
config::Config,
db::models::{delete_from_database, insert_into_database}, db::models::{delete_from_database, insert_into_database},
errors::ZNSError, errors::ZNSError,
structs::{Class, Message, RRClass, RRType, Type}, structs::{Class, Message, RRClass, RRType, Type},
@ -37,7 +38,9 @@ impl ResponseHandler for UpdateHandler {
// Check Zone authority // Check Zone authority
let zone = &message.question[0]; let zone = &message.question[0];
let zlen = zone.qname.len(); let zlen = zone.qname.len();
if !(zlen >= 2 && zone.qname[zlen - 1] == "gent" && zone.qname[zlen - 2] == "zeus") { let auth_zone = &Config::get().authoritative_zone;
if !(zlen >= auth_zone.len() && vec_equal(&zone.qname[zlen - auth_zone.len()..], auth_zone))
{
return Err(ZNSError::Formerr { return Err(ZNSError::Formerr {
message: "Invalid zone".to_string(), message: "Invalid zone".to_string(),
}); });