upd: move external keywords to own class

author Felix Dörre <felix@dogcraft.de>

Mon, 6 Feb 2017 22:46:29 +0000 (23:46 +0100)

committer Felix Dörre <felix@dogcraft.de>

Tue, 7 Feb 2017 08:59:55 +0000 (09:59 +0100)
author Felix Dörre <felix@dogcraft.de>
Mon, 6 Feb 2017 22:46:29 +0000 (23:46 +0100)
committer Felix Dörre <felix@dogcraft.de>
Tue, 7 Feb 2017 08:59:55 +0000 (09:59 +0100)
diff --git a/src/org/cacert/gigi/email/EmailProvider.java b/src/org/cacert/gigi/email/EmailProvider.java

index f0e5f95e87ce5c3f9770ba6c48e9a1679c73b83d..c053caf8151cc7278c61adc092812c8bfa47ac78 100644 (file)
--- a/src/org/cacert/gigi/email/EmailProvider.java
+++ b/src/org/cacert/gigi/email/EmailProvider.java
@@ -23,6 +23,7 @@ import org.cacert.gigi.crypto.SMIME;
  import org.cacert.gigi.database.GigiPreparedStatement;
  import org.cacert.gigi.util.DNSUtil;
  import org.cacert.gigi.util.DomainAssessment;
+import org.cacert.gigi.util.SystemKeywords;
  
  public abstract class EmailProvider {
  
@@ -112,7 +113,7 @@ public abstract class EmailProvider {
                          continue;
                      }
  
-                    pw.print("EHLO www.cacert.org\r\n");
+                    pw.print("EHLO " + SystemKeywords.SMTP_NAME + "\r\n");
                      pw.flush();
                      boolean starttls = false;
                      do {
@@ -135,14 +136,14 @@ public abstract class EmailProvider {
                          Socket s1 = ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(s, host, 25, true);
                          br = new BufferedReader(new InputStreamReader(s1.getInputStream(), "UTF-8"));
                          pw = new PrintWriter(new OutputStreamWriter(s1.getOutputStream(), "UTF-8"));
-                        pw.print("EHLO www.cacert.org\r\n");
+                        pw.print("EHLO " + SystemKeywords.SMTP_NAME + "\r\n");
                          pw.flush();
                          if ( !SendMail.readSMTPResponse(br, 250)) {
                              continue;
                          }
                      }
  
-                    pw.print("MAIL FROM: <returns@cacert.org>\r\n");
+                    pw.print("MAIL FROM: <" + SystemKeywords.SMTP_PSEUDO_FROM + ">\r\n");
                      pw.flush();
  
                      if ( !SendMail.readSMTPResponse(br, 250)) {
diff --git a/src/org/cacert/gigi/email/SendMail.java b/src/org/cacert/gigi/email/SendMail.java

index c288e5497d3d0b0b16843f50cdac5707e86b95b9..81d26ca5a41d17d3816a41fb19ac1861ff51afac 100644 (file)
--- a/src/org/cacert/gigi/email/SendMail.java
+++ b/src/org/cacert/gigi/email/SendMail.java
@@ -16,6 +16,7 @@ import java.util.regex.Pattern;
  
  import org.cacert.gigi.util.PEM;
  import org.cacert.gigi.util.ServerConstants;
+import org.cacert.gigi.util.SystemKeywords;
  
  public class SendMail extends EmailProvider {
  
@@ -35,7 +36,7 @@ public class SendMail extends EmailProvider {
          String from = ServerConstants.getSupportMailAddress();
          try (Socket smtp = new Socket(targetHost, targetPort); PrintWriter out = new PrintWriter(new OutputStreamWriter(smtp.getOutputStream(), "UTF-8")); BufferedReader in = new BufferedReader(new InputStreamReader(smtp.getInputStream(), "UTF-8"));) {
              readSMTPResponse(in, 220);
-            out.print("HELO www.cacert.org\r\n");
+            out.print("HELO " + SystemKeywords.SMTP_NAME + "\r\n");
              out.flush();
              readSMTPResponse(in, 250);
              out.print("MAIL FROM: <" + from + ">\r\n");
diff --git a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java

index b4c5ac8a10c5e3abbdf886e7740211d829caf00e..e212bb00e629af911bd8445d46e0dc76012b1de1 100644 (file)
--- a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java
+++ b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java
@@ -18,6 +18,7 @@ import org.cacert.gigi.output.template.IterableDataset;
  import org.cacert.gigi.output.template.Template;
  import org.cacert.gigi.ping.SSLPinger;
  import org.cacert.gigi.util.RandomToken;
+import org.cacert.gigi.util.SystemKeywords;
  
  public class PingConfigForm extends Form {
  
@@ -151,6 +152,8 @@ public class PingConfigForm extends Form {
      }
  
      protected void outputEmbeddableContent(PrintWriter out, Language l, Map<String, Object> vars) {
+        vars.put("httpPrefix", SystemKeywords.HTTP_CHALLENGE_PREFIX);
+        vars.put("dnsPrefix", SystemKeywords.DNS_PREFIX);
          vars.put("tokenName", tokenName);
          vars.put("tokenValue", tokenValue);
          vars.put("authEmails", new IterableDataset() {
diff --git a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.templ b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.templ

index ff7c824b08459af219f4c050cc13f7924a39c431..f8f700f369b427041888d03802be5b9671e4e935 100644 (file)
--- a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.templ
+++ b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.templ
@@ -14,13 +14,13 @@
    <div class="panel-heading"><input type="checkbox" name="DNSType" value="y"<?=$!dns?>> <?=_Verify by reading DNS-TXT entries?></div>
    <div class="panel-body">
      <?=_Please insert the following DNS TXT entry into the Zone-file of your domain:?><br/>
-    <pre><?=$tokenName?>._cacert._auth IN TXT <?=$tokenValue?></pre>
+    <pre><?=$tokenName?>.<?=$dnsPrefix?>._auth IN TXT <?=$tokenValue?></pre>
    </div>
  </div>
  <div class="panel panel-info panel-activatable">
    <div class="panel-heading"><input type="checkbox" name="HTTPType" value="y"<?=$!http?>> <?=_Verify by reading HTTP-content?></div>
    <div class="panel-body">
-    <?=_Please make the following content available under ?><pre class='string'>http://<span class='exampleDomain'>example.org</span>/cacert-<?=$tokenName?>.txt</pre><br/>
+    <?=_Please make the following content available under ?><pre class='string'>http://<span class='exampleDomain'>example.org</span>/<?=$httpPrefix?><?=$tokenName?>.txt</pre><br/>
      <pre><?=$tokenValue?></pre>
    </div>
  </div>
diff --git a/src/org/cacert/gigi/ping/DNSPinger.java b/src/org/cacert/gigi/ping/DNSPinger.java

index eb6327b3f9a2968cd98332091b01bdbdf3a49d56..f9a4e7103ad0248cd33c4ed712ae7a15ca5e0962 100644 (file)
--- a/src/org/cacert/gigi/ping/DNSPinger.java
+++ b/src/org/cacert/gigi/ping/DNSPinger.java
@@ -8,6 +8,7 @@ import javax.naming.NamingException;
  import org.cacert.gigi.dbObjects.CertificateOwner;
  import org.cacert.gigi.dbObjects.Domain;
  import org.cacert.gigi.util.DNSUtil;
+import org.cacert.gigi.util.SystemKeywords;
  
  public class DNSPinger extends DomainPinger {
  
@@ -28,7 +29,7 @@ public class DNSPinger extends DomainPinger {
          for (String NS : nameservers) {
              boolean found = false;
              try {
-                for (String token : DNSUtil.getTXTEntries(tokenParts[0] + "._cacert._auth." + domain.getSuffix(), NS)) {
+                for (String token : DNSUtil.getTXTEntries(tokenParts[0] + "." + SystemKeywords.DNS_PREFIX + "._auth." + domain.getSuffix(), NS)) {
                      if (token.isEmpty()) {
                          continue;
                      }
diff --git a/src/org/cacert/gigi/ping/HTTPFetch.java b/src/org/cacert/gigi/ping/HTTPFetch.java

index f6b5c3e56f279cc9d1d1300fe93fdea6cfe551fe..1f31ccd633d19f0e00b91140852448b4e024230e 100644 (file)
--- a/src/org/cacert/gigi/ping/HTTPFetch.java
+++ b/src/org/cacert/gigi/ping/HTTPFetch.java
@@ -8,6 +8,7 @@ import java.net.URL;
  
  import org.cacert.gigi.dbObjects.CertificateOwner;
  import org.cacert.gigi.dbObjects.Domain;
+import org.cacert.gigi.util.SystemKeywords;
  
  public class HTTPFetch extends DomainPinger {
  
@@ -15,7 +16,7 @@ public class HTTPFetch extends DomainPinger {
      public void ping(Domain domain, String expToken, CertificateOwner user, int confId) {
          try {
              String[] tokenParts = expToken.split(":", 2);
-            URL u = new URL("http://" + domain.getSuffix() + "/cacert-" + tokenParts[0] + ".txt");
+            URL u = new URL("http://" + domain.getSuffix() + "/" + SystemKeywords.HTTP_CHALLENGE_PREFIX + tokenParts[0] + ".txt");
              HttpURLConnection huc = (HttpURLConnection) u.openConnection();
              if (huc.getResponseCode() != 200) {
                  enterPingResult(confId, "error", "Invalid status code " + huc.getResponseCode() + ".", null);
diff --git a/src/org/cacert/gigi/util/CAA.java b/src/org/cacert/gigi/util/CAA.java

index 33e78e89627f74df25da8b9ac0cb80a8c9d7900c..58350539cf41166c78af8f110320aab2d5590548 100644 (file)
--- a/src/org/cacert/gigi/util/CAA.java
+++ b/src/org/cacert/gigi/util/CAA.java
@@ -101,7 +101,7 @@ public class CAA {
      private static boolean authorized(CertificateOwner owner, CertificateProfile p, String data) {
          String[] parts = data.split(";");
          String ca = parts[0].trim();
-        if ( !ca.equals("cacert.org")) {
+        if ( !ca.equals(SystemKeywords.CAA_NAME)) {
              return false;
          }
          for (int i = 1; i < parts.length; i++) {
diff --git a/src/org/cacert/gigi/util/SystemKeywords.java b/src/org/cacert/gigi/util/SystemKeywords.java

new file mode 100644 (file)

index 0000000..8060e89
--- /dev/null
+++ b/src/org/cacert/gigi/util/SystemKeywords.java
@@ -0,0 +1,14 @@
+package org.cacert.gigi.util;
+
+public class SystemKeywords {
+
+    public static final String CAA_NAME = "someca.org";
+
+    public static final String SMTP_NAME = "www.someca.org";
+
+    public static final String SMTP_PSEUDO_FROM = "returns@someca.org";
+
+    public static final String HTTP_CHALLENGE_PREFIX = "cacert-";
+
+    public static final String DNS_PREFIX = "_cacert";
+}
diff --git a/tests/org/cacert/gigi/ping/TestDNS.java b/tests/org/cacert/gigi/ping/TestDNS.java

index 274fec0af15fc89f145f483671a1b8597d1fed5f..96d9f438310d4854e1e9aeb6686ff2f8b4fb46b7 100644 (file)
--- a/tests/org/cacert/gigi/ping/TestDNS.java
+++ b/tests/org/cacert/gigi/ping/TestDNS.java
@@ -16,6 +16,7 @@ import org.cacert.gigi.testUtils.PingTest;
  import org.cacert.gigi.testUtils.TestEmailReceiver.TestMail;
  import org.cacert.gigi.util.DNSUtil;
  import org.cacert.gigi.util.RandomToken;
+import org.cacert.gigi.util.SystemKeywords;
  import org.junit.Test;
  
  public class TestDNS extends PingTest {
@@ -90,7 +91,7 @@ public class TestDNS extends PingTest {
      private String readDNS(String token) throws NamingException {
          String test = getTestProps().getProperty("domain.dnstest");
          assumeNotNull(test);
-        String targetDomain = token + "._cacert._auth." + test;
+        String targetDomain = token + "." + SystemKeywords.DNS_PREFIX + "._auth." + test;
          String testns = getTestProps().getProperty("domain.testns");
          assumeNotNull(testns);
          String[] data = DNSUtil.getTXTEntries(targetDomain, testns);
diff --git a/tests/org/cacert/gigi/ping/TestHTTP.java b/tests/org/cacert/gigi/ping/TestHTTP.java

index 03dada67beb1d199fdd8828f74ead4a026d4fea3..748305e934264b69da1286ebd26ed1c5d8f6c9e2 100644 (file)
--- a/tests/org/cacert/gigi/ping/TestHTTP.java
+++ b/tests/org/cacert/gigi/ping/TestHTTP.java
@@ -27,6 +27,7 @@ import org.cacert.gigi.testUtils.IOUtils;
  import org.cacert.gigi.testUtils.PingTest;
  import org.cacert.gigi.testUtils.TestEmailReceiver.TestMail;
  import org.cacert.gigi.util.RandomToken;
+import org.cacert.gigi.util.SystemKeywords;
  import org.junit.Test;
  
  public class TestHTTP extends PingTest {
@@ -108,7 +109,7 @@ public class TestHTTP extends PingTest {
      private String readHTTP(String token) throws IOException {
          String httpDom = getTestProps().getProperty("domain.http");
          assumeNotNull(httpDom);
-        URL u = new URL("http://" + httpDom + "/cacert-" + token + ".txt");
+        URL u = new URL("http://" + httpDom + "/" + SystemKeywords.HTTP_CHALLENGE_PREFIX + token + ".txt");
          return IOUtils.readURL(new InputStreamReader(u.openStream(), "UTF-8")).trim();
  
      }
@@ -154,7 +155,7 @@ public class TestHTTP extends PingTest {
          try (Socket s0 = s.accept()) {
              BufferedReader br = new BufferedReader(new InputStreamReader(s0.getInputStream(), "UTF-8"));
              String fst = br.readLine();
-            assertEquals("GET /cacert-" + m.group(1) + ".txt HTTP/1.1", fst);
+            assertEquals("GET /" + SystemKeywords.HTTP_CHALLENGE_PREFIX + m.group(1) + ".txt HTTP/1.1", fst);
              while ( !"".equals(br.readLine())) {
              }
              String res = m.group(2);
diff --git a/tests/org/cacert/gigi/testUtils/PingTest.java b/tests/org/cacert/gigi/testUtils/PingTest.java

index 55c5683ac46a965ceda4f473586261bfb90e604b..a432cb2af61b91a2dd9b4ce1b63e2dec7765dd03 100644 (file)
--- a/tests/org/cacert/gigi/testUtils/PingTest.java
+++ b/tests/org/cacert/gigi/testUtils/PingTest.java
@@ -15,6 +15,7 @@ import java.util.regex.Pattern;
  import org.cacert.gigi.database.GigiPreparedStatement;
  import org.cacert.gigi.database.GigiResultSet;
  import org.cacert.gigi.pages.account.domain.DomainOverview;
+import org.cacert.gigi.util.SystemKeywords;
  import org.junit.After;
  
  /**
@@ -69,7 +70,7 @@ public abstract class PingTest extends ClientTest {
          String content1 = IOUtils.readURL(get(DomainOverview.PATH));
          csrf = getCSRF(1, content1);
  
-        Pattern p = Pattern.compile("([A-Za-z0-9]+)._cacert._auth IN TXT ([A-Za-z0-9]+)");
+        Pattern p = Pattern.compile("([A-Za-z0-9]+)." + SystemKeywords.DNS_PREFIX + "._auth IN TXT ([A-Za-z0-9]+)");
          Matcher m = p.matcher(content1);
          m.find();
          return m;
author	Felix Dörre <felix@dogcraft.de>
	Mon, 6 Feb 2017 22:46:29 +0000 (23:46 +0100)
committer	Felix Dörre <felix@dogcraft.de>
	Tue, 7 Feb 2017 08:59:55 +0000 (09:59 +0100)
src/org/cacert/gigi/email/EmailProvider.java		patch \| blob \| history
src/org/cacert/gigi/email/SendMail.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/domain/PingConfigForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/domain/PingConfigForm.templ		patch \| blob \| history
src/org/cacert/gigi/ping/DNSPinger.java		patch \| blob \| history
src/org/cacert/gigi/ping/HTTPFetch.java		patch \| blob \| history
src/org/cacert/gigi/util/CAA.java		patch \| blob \| history
src/org/cacert/gigi/util/SystemKeywords.java	[new file with mode: 0644]	patch \| blob
tests/org/cacert/gigi/ping/TestDNS.java		patch \| blob \| history
tests/org/cacert/gigi/ping/TestHTTP.java		patch \| blob \| history
tests/org/cacert/gigi/testUtils/PingTest.java		patch \| blob \| history