initial commit

2022-02-19 14:15:18 -06:00 · 2022-02-19 14:15:18 -06:00 · 138f7ba4c9
commit 138f7ba4c9
7 changed files with 343 additions and 0 deletions
--- a/21
+++ b/21
@ -0,0 +1,21 @@
 MIT License
 Copyright (c) 2022 Kegan Myers
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
--- a/db.go
+++ b/db.go
@ -0,0 +1,95 @@
 package main
 import (
 	"sync"
 	"time"
 )
 func init() {
 	db = NewDB()
 }
 type DB struct {
 	data    map[string]map[string]time.Time
 	lock    *sync.Mutex
 	timeout time.Duration
 }
 func (db *DB) Lookup(name string) []string {
 	now := time.Now()
 	db.lock.Lock()
 	defer db.lock.Unlock()
 	if domain, ok := db.data[name]; ok {
 		if len(domain) > 0 {
 			rv := make([]string, 0, len(domain))
 			for value, expiresAt := range domain {
 				if expiresAt.After(now) {
 					rv = append(rv, value)
 				} else {
 					delete(domain, value)
 				}
 			}
 			return rv
 		} else {
 			delete(db.data, name)
 		}
 	}
 	return []string{}
 }
 func (db *DB) Add(name, value string) {
 	expiresAt := time.Now().Add(db.timeout)
 	db.lock.Lock()
 	defer db.lock.Unlock()
 	if _, ok := db.data[name]; ok {
 		db.data[name][value] = expiresAt
 	} else {
 		db.data[name] = map[string]time.Time{value: expiresAt}
 	}
 }
 func (db *DB) Remove(name, value string) {
 	db.lock.Lock()
 	defer db.lock.Unlock()
 	if domain, ok := db.data[name]; ok {
 		if _, ok := domain[value]; ok && len(domain) == 1 {
 			delete(db.data, name)
 		} else {
 			delete(domain, value)
 		}
 	}
 }
 func (db *DB) GC() {
 	now := time.Now()
 	db.lock.Lock()
 	defer db.lock.Unlock()
 	for name, domain := range db.data {
 		for value, expiresAt := range domain {
 			if expiresAt.Before(now) {
 				delete(domain, value)
 			}
 		}
 		if len(domain) == 0 {
 			delete(db.data, name)
 		}
 	}
 }
 func NewDB() *DB {
 	db := &DB{
 		data:    map[string]map[string]time.Time{},
 		lock:    &sync.Mutex{},
 		timeout: 2 * time.Minute,
 	}
 	go func() {
 		for {
 			time.Sleep(5 * db.timeout)
 			db.GC()
 		}
 	}()
 	return db
 }
--- a/dns.go
+++ b/dns.go
@ -0,0 +1,67 @@
 package main
 import (
 	"fmt"
 	"strings"
 	"time"
 	"github.com/miekg/dns"
 )
 func init() {
 	dns.HandleFunc(BASE_DOMAIN, serve)
 }
 func q_String(q dns.Question) string {
 	return "" + dns.ClassToString[q.Qclass] + " " + dns.TypeToString[q.Qtype] + " " + q.Name
 }
 func serve(w dns.ResponseWriter, r *dns.Msg) {
 	qStr := ""
 	for _, q := range r.Question {
 		qStr += "\n" + q_String(q)
 	}
 	fmt.Printf("got question from %s:%s\n", w.RemoteAddr().String(), qStr)
 	m := new(dns.Msg)
 	defer w.WriteMsg(m)
 	if r.Opcode != dns.OpcodeQuery && len(r.Question) != 1 {
 		m.SetRcode(r, dns.RcodeRefused)
 		return
 	}
 	q := r.Question[0]
 	qName := strings.ToLower(q.Name)
 	qKey := qName[0 : len(q.Name)-len(BASE_DOMAIN)]
 	m.SetReply(r)
 	m.Authoritative = true
 	m.Compress = false
 	soa := fmt.Sprintf("%s IN SOA %s hostmaster.%s %d 5 1 1 5", qName, DNS_SERVER, DNS_SERVER, (time.Now().Unix() % 4294967295))
 	if soaRR, err := dns.NewRR(soa); err == nil {
 		m.Ns = append(m.Answer, soaRR)
 	}
 	if q.Qtype == dns.TypeTXT {
 		for _, rData := range db.Lookup(qKey) {
 			if rr, err := dns.NewRR(fmt.Sprintf("$TTL 5\n%s TXT %s", qName, rData)); err == nil {
 				m.Answer = append(m.Answer, rr)
 			} else {
 				fmt.Printf("error building rr: %s\n", err)
 			}
 		}
 		rrStr := ""
 		for _, rr := range m.Answer {
 			rrStr += "\n" + rr.String()
 		}
 		fmt.Printf("sending response for %s:%s\n", qName, rrStr)
 		return
 	} else {
 		fmt.Printf("no records for name %s\n", qName)
 	}
 	m.SetRcode(r, dns.RcodeNameError)
 	fmt.Printf("%s\n", m.String())
 }
--- a/go.mod
+++ b/go.mod
@ -0,0 +1,12 @@
 module git.keganmyers.com/terribleplan/acme-dns-httpreq
 go 1.17
 require (
 	github.com/miekg/dns v1.1.46 // indirect
 	golang.org/x/mod v0.4.2 // indirect
 	golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985 // indirect
 	golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c // indirect
 	golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2 // indirect
 	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -0,0 +1,34 @@
 github.com/miekg/dns v1.1.46 h1:uzwpxRtSVxtcIZmz/4Uz6/Rn7G11DvsaslXoy5LxQio=
 github.com/miekg/dns v1.1.46/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
 github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985 h1:4CSI6oo7cOjJKajidEljs9h+uP0rRZBPPPhcCbj5mw8=
 golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c h1:F1jZWGFhYfh0Ci55sIpILtKKK8p3i2/krTr0H1rg74I=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2 h1:BonxutuHCTL0rBDnZlKjpGIQFTjyUVTexFOdWkB6Fg0=
 golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
--- a/http.go
+++ b/http.go
@ -0,0 +1,66 @@
 package main
 import (
 	"encoding/json"
 	"fmt"
 	"net/http"
 )
 func init() {
 	http.HandleFunc("/present", present)
 	http.HandleFunc("/cleanup", cleanup)
 }
 type request struct {
 	FQDN  string `json:"fqdn"`
 	Value string `json:"value"`
 }
 func httpCommon(res http.ResponseWriter, req *http.Request, fn func(request)) {
 	if req.Method != http.MethodPost {
 		res.WriteHeader(http.StatusBadRequest)
 		return
 	}
 	user, _, basicAuthOk := req.BasicAuth()
 	if !basicAuthOk {
 		fmt.Printf("basic auth failed\n")
 		res.WriteHeader(http.StatusForbidden)
 		return
 	}
 	body := request{}
 	d := json.NewDecoder(req.Body)
 	d.DisallowUnknownFields()
 	if err := d.Decode(&body); err != nil {
 		res.WriteHeader(http.StatusBadRequest)
 		return
 	}
 	if d.More() {
 		res.WriteHeader(http.StatusBadRequest)
 		return
 	}
 	if user != body.FQDN {
 		fmt.Printf("expected %s == %s\n", user, body.FQDN)
 		res.WriteHeader(http.StatusForbidden)
 		return
 	}
 	fn(body)
 }
 func present(res http.ResponseWriter, req *http.Request) {
 	httpCommon(res, req, func(body request) {
 		fmt.Printf("add %s to %s\n", body.Value, body.FQDN)
 		db.Add(body.FQDN, body.Value)
 	})
 }
 func cleanup(res http.ResponseWriter, req *http.Request) {
 	httpCommon(res, req, func(body request) {
 		fmt.Printf("remove %s from %s\n", body.Value, body.FQDN)
 		db.Remove(body.FQDN, body.Value)
 	})
 }
--- a/main.go
+++ b/main.go
@ -0,0 +1,48 @@
 package main
 import (
 	"fmt"
 	"net/http"
 	"os"
 	"os/signal"
 	"syscall"
 	"github.com/miekg/dns"
 )
 var BASE_DOMAIN string
 var DNS_SERVER string
 var db *DB
 func init() {
 	if BASE_DOMAIN == "" {
 		BASE_DOMAIN = "misconfigured.acme-dns.example.com."
 	}
 	if DNS_SERVER == "" {
 		DNS_SERVER = "misconfigured.acme-dns.example.com."
 	}
 }
 func runServer(server interface {
 	ListenAndServe() error
 }, name string) {
 	fmt.Printf("starting %s listener\n", name)
 	if err := server.ListenAndServe(); err != nil {
 		fmt.Printf("got error in %s listener: %s\n", name, err)
 		os.Exit(1)
 	}
 	fmt.Printf("%s listener stopped\n", name)
 	os.Exit(1)
 }
 func main() {
 	go runServer(&http.Server{}, "http")
 	go runServer(&dns.Server{Net: "tcp"}, "dns-tcp")
 	go runServer(&dns.Server{Net: "udp"}, "dns-udp")
 	sig := make(chan os.Signal)
 	signal.Notify(sig, syscall.SIGINT, syscall.SIGTERM)
 	<-sig
 	os.Exit(0)
 }