From: Felix Dörre Date: Mon, 6 Feb 2017 22:46:29 +0000 (+0100) Subject: upd: move external keywords to own class X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=67bdb3b1fd3ff821d00715bf2a7ed90ca7a7a664 upd: move external keywords to own class Change-Id: Iad887cf134103ed6d26aa32d1358c23de0eeebae --- diff --git a/src/org/cacert/gigi/email/EmailProvider.java b/src/org/cacert/gigi/email/EmailProvider.java index f0e5f95e..c053caf8 100644 --- a/src/org/cacert/gigi/email/EmailProvider.java +++ b/src/org/cacert/gigi/email/EmailProvider.java @@ -23,6 +23,7 @@ import org.cacert.gigi.crypto.SMIME; import org.cacert.gigi.database.GigiPreparedStatement; import org.cacert.gigi.util.DNSUtil; import org.cacert.gigi.util.DomainAssessment; +import org.cacert.gigi.util.SystemKeywords; public abstract class EmailProvider { @@ -112,7 +113,7 @@ public abstract class EmailProvider { continue; } - pw.print("EHLO www.cacert.org\r\n"); + pw.print("EHLO " + SystemKeywords.SMTP_NAME + "\r\n"); pw.flush(); boolean starttls = false; do { @@ -135,14 +136,14 @@ public abstract class EmailProvider { Socket s1 = ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(s, host, 25, true); br = new BufferedReader(new InputStreamReader(s1.getInputStream(), "UTF-8")); pw = new PrintWriter(new OutputStreamWriter(s1.getOutputStream(), "UTF-8")); - pw.print("EHLO www.cacert.org\r\n"); + pw.print("EHLO " + SystemKeywords.SMTP_NAME + "\r\n"); pw.flush(); if ( !SendMail.readSMTPResponse(br, 250)) { continue; } } - pw.print("MAIL FROM: \r\n"); + pw.print("MAIL FROM: <" + SystemKeywords.SMTP_PSEUDO_FROM + ">\r\n"); pw.flush(); if ( !SendMail.readSMTPResponse(br, 250)) { diff --git a/src/org/cacert/gigi/email/SendMail.java b/src/org/cacert/gigi/email/SendMail.java index c288e549..81d26ca5 100644 --- a/src/org/cacert/gigi/email/SendMail.java +++ b/src/org/cacert/gigi/email/SendMail.java @@ -16,6 +16,7 @@ import java.util.regex.Pattern; import org.cacert.gigi.util.PEM; import org.cacert.gigi.util.ServerConstants; +import org.cacert.gigi.util.SystemKeywords; public class SendMail extends EmailProvider { @@ -35,7 +36,7 @@ public class SendMail extends EmailProvider { String from = ServerConstants.getSupportMailAddress(); try (Socket smtp = new Socket(targetHost, targetPort); PrintWriter out = new PrintWriter(new OutputStreamWriter(smtp.getOutputStream(), "UTF-8")); BufferedReader in = new BufferedReader(new InputStreamReader(smtp.getInputStream(), "UTF-8"));) { readSMTPResponse(in, 220); - out.print("HELO www.cacert.org\r\n"); + out.print("HELO " + SystemKeywords.SMTP_NAME + "\r\n"); out.flush(); readSMTPResponse(in, 250); out.print("MAIL FROM: <" + from + ">\r\n"); diff --git a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java index b4c5ac8a..e212bb00 100644 --- a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java +++ b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java @@ -18,6 +18,7 @@ import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.output.template.Template; import org.cacert.gigi.ping.SSLPinger; import org.cacert.gigi.util.RandomToken; +import org.cacert.gigi.util.SystemKeywords; public class PingConfigForm extends Form { @@ -151,6 +152,8 @@ public class PingConfigForm extends Form { } protected void outputEmbeddableContent(PrintWriter out, Language l, Map vars) { + vars.put("httpPrefix", SystemKeywords.HTTP_CHALLENGE_PREFIX); + vars.put("dnsPrefix", SystemKeywords.DNS_PREFIX); vars.put("tokenName", tokenName); vars.put("tokenValue", tokenValue); vars.put("authEmails", new IterableDataset() { diff --git a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.templ b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.templ index ff7c824b..f8f700f3 100644 --- a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.templ +++ b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.templ @@ -14,13 +14,13 @@
>

- 
._cacert._auth IN TXT
+ 
.._auth IN TXT
>
- 
http://example.org/cacert-.txt

+ 
http://example.org/.txt

diff --git a/src/org/cacert/gigi/ping/DNSPinger.java b/src/org/cacert/gigi/ping/DNSPinger.java index eb6327b3..f9a4e710 100644 --- a/src/org/cacert/gigi/ping/DNSPinger.java +++ b/src/org/cacert/gigi/ping/DNSPinger.java @@ -8,6 +8,7 @@ import javax.naming.NamingException; import org.cacert.gigi.dbObjects.CertificateOwner; import org.cacert.gigi.dbObjects.Domain; import org.cacert.gigi.util.DNSUtil; +import org.cacert.gigi.util.SystemKeywords; public class DNSPinger extends DomainPinger { @@ -28,7 +29,7 @@ public class DNSPinger extends DomainPinger { for (String NS : nameservers) { boolean found = false; try { - for (String token : DNSUtil.getTXTEntries(tokenParts[0] + "._cacert._auth." + domain.getSuffix(), NS)) { + for (String token : DNSUtil.getTXTEntries(tokenParts[0] + "." + SystemKeywords.DNS_PREFIX + "._auth." + domain.getSuffix(), NS)) { if (token.isEmpty()) { continue; } diff --git a/src/org/cacert/gigi/ping/HTTPFetch.java b/src/org/cacert/gigi/ping/HTTPFetch.java index f6b5c3e5..1f31ccd6 100644 --- a/src/org/cacert/gigi/ping/HTTPFetch.java +++ b/src/org/cacert/gigi/ping/HTTPFetch.java @@ -8,6 +8,7 @@ import java.net.URL; import org.cacert.gigi.dbObjects.CertificateOwner; import org.cacert.gigi.dbObjects.Domain; +import org.cacert.gigi.util.SystemKeywords; public class HTTPFetch extends DomainPinger { @@ -15,7 +16,7 @@ public class HTTPFetch extends DomainPinger { public void ping(Domain domain, String expToken, CertificateOwner user, int confId) { try { String[] tokenParts = expToken.split(":", 2); - URL u = new URL("http://" + domain.getSuffix() + "/cacert-" + tokenParts[0] + ".txt"); + URL u = new URL("http://" + domain.getSuffix() + "/" + SystemKeywords.HTTP_CHALLENGE_PREFIX + tokenParts[0] + ".txt"); HttpURLConnection huc = (HttpURLConnection) u.openConnection(); if (huc.getResponseCode() != 200) { enterPingResult(confId, "error", "Invalid status code " + huc.getResponseCode() + ".", null); diff --git a/src/org/cacert/gigi/util/CAA.java b/src/org/cacert/gigi/util/CAA.java index 33e78e89..58350539 100644 --- a/src/org/cacert/gigi/util/CAA.java +++ b/src/org/cacert/gigi/util/CAA.java @@ -101,7 +101,7 @@ public class CAA { private static boolean authorized(CertificateOwner owner, CertificateProfile p, String data) { String[] parts = data.split(";"); String ca = parts[0].trim(); - if ( !ca.equals("cacert.org")) { + if ( !ca.equals(SystemKeywords.CAA_NAME)) { return false; } for (int i = 1; i < parts.length; i++) { diff --git a/src/org/cacert/gigi/util/SystemKeywords.java b/src/org/cacert/gigi/util/SystemKeywords.java new file mode 100644 index 00000000..8060e890 --- /dev/null +++ b/src/org/cacert/gigi/util/SystemKeywords.java @@ -0,0 +1,14 @@ +package org.cacert.gigi.util; + +public class SystemKeywords { + + public static final String CAA_NAME = "someca.org"; + + public static final String SMTP_NAME = "www.someca.org"; + + public static final String SMTP_PSEUDO_FROM = "returns@someca.org"; + + public static final String HTTP_CHALLENGE_PREFIX = "cacert-"; + + public static final String DNS_PREFIX = "_cacert"; +} diff --git a/tests/org/cacert/gigi/ping/TestDNS.java b/tests/org/cacert/gigi/ping/TestDNS.java index 274fec0a..96d9f438 100644 --- a/tests/org/cacert/gigi/ping/TestDNS.java +++ b/tests/org/cacert/gigi/ping/TestDNS.java @@ -16,6 +16,7 @@ import org.cacert.gigi.testUtils.PingTest; import org.cacert.gigi.testUtils.TestEmailReceiver.TestMail; import org.cacert.gigi.util.DNSUtil; import org.cacert.gigi.util.RandomToken; +import org.cacert.gigi.util.SystemKeywords; import org.junit.Test; public class TestDNS extends PingTest { @@ -90,7 +91,7 @@ public class TestDNS extends PingTest { private String readDNS(String token) throws NamingException { String test = getTestProps().getProperty("domain.dnstest"); assumeNotNull(test); - String targetDomain = token + "._cacert._auth." + test; + String targetDomain = token + "." + SystemKeywords.DNS_PREFIX + "._auth." + test; String testns = getTestProps().getProperty("domain.testns"); assumeNotNull(testns); String[] data = DNSUtil.getTXTEntries(targetDomain, testns); diff --git a/tests/org/cacert/gigi/ping/TestHTTP.java b/tests/org/cacert/gigi/ping/TestHTTP.java index 03dada67..748305e9 100644 --- a/tests/org/cacert/gigi/ping/TestHTTP.java +++ b/tests/org/cacert/gigi/ping/TestHTTP.java @@ -27,6 +27,7 @@ import org.cacert.gigi.testUtils.IOUtils; import org.cacert.gigi.testUtils.PingTest; import org.cacert.gigi.testUtils.TestEmailReceiver.TestMail; import org.cacert.gigi.util.RandomToken; +import org.cacert.gigi.util.SystemKeywords; import org.junit.Test; public class TestHTTP extends PingTest { @@ -108,7 +109,7 @@ public class TestHTTP extends PingTest { private String readHTTP(String token) throws IOException { String httpDom = getTestProps().getProperty("domain.http"); assumeNotNull(httpDom); - URL u = new URL("http://" + httpDom + "/cacert-" + token + ".txt"); + URL u = new URL("http://" + httpDom + "/" + SystemKeywords.HTTP_CHALLENGE_PREFIX + token + ".txt"); return IOUtils.readURL(new InputStreamReader(u.openStream(), "UTF-8")).trim(); } @@ -154,7 +155,7 @@ public class TestHTTP extends PingTest { try (Socket s0 = s.accept()) { BufferedReader br = new BufferedReader(new InputStreamReader(s0.getInputStream(), "UTF-8")); String fst = br.readLine(); - assertEquals("GET /cacert-" + m.group(1) + ".txt HTTP/1.1", fst); + assertEquals("GET /" + SystemKeywords.HTTP_CHALLENGE_PREFIX + m.group(1) + ".txt HTTP/1.1", fst); while ( !"".equals(br.readLine())) { } String res = m.group(2); diff --git a/tests/org/cacert/gigi/testUtils/PingTest.java b/tests/org/cacert/gigi/testUtils/PingTest.java index 55c5683a..a432cb2a 100644 --- a/tests/org/cacert/gigi/testUtils/PingTest.java +++ b/tests/org/cacert/gigi/testUtils/PingTest.java @@ -15,6 +15,7 @@ import java.util.regex.Pattern; import org.cacert.gigi.database.GigiPreparedStatement; import org.cacert.gigi.database.GigiResultSet; import org.cacert.gigi.pages.account.domain.DomainOverview; +import org.cacert.gigi.util.SystemKeywords; import org.junit.After; /** @@ -69,7 +70,7 @@ public abstract class PingTest extends ClientTest { String content1 = IOUtils.readURL(get(DomainOverview.PATH)); csrf = getCSRF(1, content1); - Pattern p = Pattern.compile("([A-Za-z0-9]+)._cacert._auth IN TXT ([A-Za-z0-9]+)"); + Pattern p = Pattern.compile("([A-Za-z0-9]+)." + SystemKeywords.DNS_PREFIX + "._auth IN TXT ([A-Za-z0-9]+)"); Matcher m = p.matcher(content1); m.find(); return m;