1 package org.cacert.gigi.dbObjects;
3 import java.io.IOException;
4 import java.io.InputStream;
6 import java.util.Arrays;
7 import java.util.Collections;
8 import java.util.HashSet;
9 import java.util.LinkedList;
10 import java.util.List;
11 import java.util.Properties;
14 import org.cacert.gigi.GigiApiException;
15 import org.cacert.gigi.database.DatabaseConnection;
16 import org.cacert.gigi.database.GigiPreparedStatement;
17 import org.cacert.gigi.database.GigiResultSet;
18 import org.cacert.gigi.dbObjects.DomainPingConfiguration.PingType;
19 import org.cacert.gigi.util.PublicSuffixes;
21 public class Domain implements IdCachable, Verifyable {
23 public class DomainPingExecution {
31 private String result;
33 private DomainPingConfiguration config;
35 public DomainPingExecution(GigiResultSet rs) {
36 state = rs.getString(1);
37 type = rs.getString(2);
38 info = rs.getString(3);
39 result = rs.getString(4);
40 config = DomainPingConfiguration.getById(rs.getInt(5));
43 public String getState() {
47 public String getType() {
51 public String getInfo() {
55 public String getResult() {
59 public DomainPingConfiguration getConfig() {
67 private String suffix;
71 private static final Set<String> IDNEnabledTLDs;
74 Properties CPS = new Properties();
75 try (InputStream resourceAsStream = Domain.class.getResourceAsStream("CPS.properties")) {
76 CPS.load(resourceAsStream);
77 IDNEnabledTLDs = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(CPS.getProperty("IDN-enabled").split(","))));
78 } catch (IOException e) {
83 private Domain(int id) {
84 GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT memid, domain FROM `domains` WHERE id=? AND deleted IS NULL");
87 GigiResultSet rs = ps.executeQuery();
89 throw new IllegalArgumentException("Invalid domain id " + id);
92 owner = User.getById(rs.getInt(1));
93 suffix = rs.getString(2);
97 public Domain(User owner, String suffix) throws GigiApiException {
98 checkCertifyableDomain(suffix, owner.isInGroup(Group.CODESIGNING));
100 this.suffix = suffix;
104 public static void checkCertifyableDomain(String s, boolean hasPunycodeRight) throws GigiApiException {
105 String[] parts = s.split("\\.", -1);
106 if (parts.length < 2) {
107 throw new GigiApiException("Domain does not contain '.'.");
109 for (int i = parts.length - 1; i >= 0; i--) {
110 if ( !isVaildDomainPart(parts[i], hasPunycodeRight)) {
111 throw new GigiApiException("Syntax error in Domain");
114 String publicSuffix = PublicSuffixes.getInstance().getRegistrablePart(s);
115 if ( !s.equals(publicSuffix)) {
116 throw new GigiApiException("You may only register a domain with exactly one lable before the public suffix.");
118 checkPunycode(parts[0], s.substring(parts[0].length() + 1));
121 private static void checkPunycode(String label, String domainContext) throws GigiApiException {
122 if (label.charAt(2) != '-' || label.charAt(3) != '-') {
123 return; // is no punycode
125 if ( !IDNEnabledTLDs.contains(domainContext)) {
126 throw new GigiApiException("Punycode label could not be positively verified.");
128 if ( !label.startsWith("xn--")) {
129 throw new GigiApiException("Unknown ACE prefix.");
132 String unicode = IDN.toUnicode(label);
133 if (unicode.startsWith("xn--")) {
134 throw new GigiApiException("Punycode label could not be positively verified.");
136 } catch (IllegalArgumentException e) {
137 throw new GigiApiException("Punycode label could not be positively verified.");
141 public static boolean isVaildDomainPart(String s, boolean allowPunycode) {
142 if ( !s.matches("[a-z0-9-]+")) {
145 if (s.charAt(0) == '-' || s.charAt(s.length() - 1) == '-') {
148 if (s.length() > 63) {
151 boolean canBePunycode = s.length() >= 4 && s.charAt(2) == '-' && s.charAt(3) == '-';
152 if (canBePunycode && !allowPunycode) {
158 private static void checkInsert(String suffix) throws GigiApiException {
159 GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT 1 FROM `domains` WHERE (domain=? OR (CONCAT('.', domain)=RIGHT(?,LENGTH(domain)+1) OR RIGHT(domain,LENGTH(?)+1)=CONCAT('.',?))) AND deleted IS NULL");
160 ps.setString(1, suffix);
161 ps.setString(2, suffix);
162 ps.setString(3, suffix);
163 ps.setString(4, suffix);
164 GigiResultSet rs = ps.executeQuery();
165 boolean existed = rs.next();
168 throw new GigiApiException("Domain could not be inserted. Domain is already valid.");
172 public void insert() throws GigiApiException {
173 synchronized (Domain.class) {
175 throw new GigiApiException("already inserted.");
178 GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("INSERT INTO `domains` SET memid=?, domain=?");
179 ps.setInt(1, owner.getId());
180 ps.setString(2, suffix);
182 id = ps.lastInsertId();
187 public void delete() throws GigiApiException {
189 throw new GigiApiException("not inserted.");
191 GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("UPDATE `domains` SET deleted=CURRENT_TIMESTAMP WHERE id=?");
196 public User getOwner() {
205 public String getSuffix() {
209 private LinkedList<DomainPingConfiguration> configs = null;
211 public List<DomainPingConfiguration> getConfiguredPings() throws GigiApiException {
212 LinkedList<DomainPingConfiguration> configs = this.configs;
213 if (configs == null) {
214 configs = new LinkedList<>();
215 GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT id FROM pingconfig WHERE domainid=?");
217 GigiResultSet rs = ps.executeQuery();
219 configs.add(DomainPingConfiguration.getById(rs.getInt(1)));
222 this.configs = configs;
225 return Collections.unmodifiableList(configs);
228 public void addPing(PingType type, String config) throws GigiApiException {
229 GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("INSERT INTO pingconfig SET domainid=?, type=?, info=?");
231 ps.setString(2, type.toString().toLowerCase());
232 ps.setString(3, config);
237 public synchronized void verify(String hash) throws GigiApiException {
238 GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("UPDATE domainPinglog SET state='success' WHERE challenge=? AND configId IN (SELECT id FROM pingconfig WHERE domainId=?)");
239 ps.setString(1, hash);
244 public boolean isVerified() {
245 GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT 1 FROM domainPinglog INNER JOIN pingconfig ON pingconfig.id=domainPinglog.configId WHERE domainid=? AND state='success'");
247 GigiResultSet rs = ps.executeQuery();
251 public DomainPingExecution[] getPings() throws GigiApiException {
252 GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT state, type, info, result, configId FROM domainPinglog INNER JOIN pingconfig ON pingconfig.id=domainPinglog.configid WHERE pingconfig.domainid=? ORDER BY `when` DESC;");
254 GigiResultSet rs = ps.executeQuery();
256 DomainPingExecution[] contents = new DomainPingExecution[rs.getRow()];
258 for (int i = 0; i < contents.length && rs.next(); i++) {
259 contents[i] = new DomainPingExecution(rs);
265 private static final ObjectCache<Domain> myCache = new ObjectCache<>();
267 public static synchronized Domain getById(int id) throws IllegalArgumentException {
268 Domain em = myCache.get(id);
270 myCache.put(em = new Domain(id));
275 public static int searchUserIdByDomain(String domain) {
276 GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT memid FROM domains WHERE domain = ?");
277 ps.setString(1, domain);
278 GigiResultSet res = ps.executeQuery();
281 return res.getInt(1);