Get submitting and storing working.

Add README.dnssec. Do start the dnssecport server. Add config option 'trust_anchors_file'. Pass correct data to validation server. Change URL for submitting to match draft (add-rr-chain). Make add-rr-chain take a base64-encoded string of RR's instead of JSON list with one RR per entry. TODO: Make the python tools know enough DNS to be able to verify SCT's and such (i.e. 'make tests').
author: Linus Nordberg <linus@nordu.net> 2016-04-08 17:33:08 +0200
committer: Linus Nordberg <linus@nordu.net> 2016-04-08 17:33:08 +0200
commit: e173e2a050caa21725b588757becb84b3c56460a (patch)
tree: 558c8537fc85aeede3102b8c59a4f45ae9ca0add /src/v1.erl
parent: ed60e7e384560e8581d16c218ca629a7555beb1e (diff)
1 files changed, 21 insertions, 31 deletions
diff --git a/src/v1.erl b/src/v1.erl
index ef9aadd..72d0112 100644
--- a/src/v1.erl
+++ b/src/v1.erl
@@ -30,9 +30,9 @@ check_valid_sth() ->
     end.
 
 %% Public functions, i.e. part of URL.
-request(post, ?APPURL_CT_V1, "add-ds-rr", Input) ->
+request(post, ?APPURL_CT_V1, "add-rr-chain", Input) ->
     check_valid_sth(),
-    add_ds(Input);
+    add_rr_chain(Input);
 
 request(get, ?APPURL_CT_V1, "get-sth", _Query) ->
     check_valid_sth(),
@@ -147,37 +147,27 @@ internalerror(Text) ->
            "~s~n" ++
            "</body></html>~n", [Text])}.
 
--spec add_ds(any()) -> any().
-add_ds(Input) ->
+-spec add_rr_chain(any()) -> any().
+add_rr_chain(Input) ->
     case (catch mochijson2:decode(Input)) of
         {error, E} ->
-            err400("add-ds-rr: bad input:", E);
-        {struct, [{<<"chain">>, List}]} ->
-            case decode_chain(List) of
-                {invalid, ErrText} ->
-                    err400(io:format("add-ds-rr: ~p", [ErrText]), List);
-                Data when is_list(Data) ->
-                    add_ds_helper(Data);
-                _ ->
-                    err400("add-ds-rr: missing one or more entries", List)
+            err400("add-rr-chain: bad input:", E);
+        {struct, [{<<"chain">>, B64}]} ->
+            case (catch base64:decode(B64)) of
+                {'EXIT', _} ->
+                    err400("add-rr-chain: invalid base64-encoding:", B64);
+                Data ->
+                    case dnssecport:validate(Data) of
+                        {ok, [DS | Chain]} ->
+                            lager:debug("succesful DNSSEC validation"),
+                            success(catlfish:add_chain(DS, Chain, normal));
+                        {error, ErrorCode} ->
+                            err400(io_lib:format(
+                                     "add-rr-chain: invalid DS record: ~p",
+                                     [ErrorCode]),
+                                   Data)
+                    end
             end;
         _ ->
-            err400("add-ds-rr: missing input: chain", Input)
-    end.
-
-decode_chain(List) ->
-    case (catch [base64:decode(X) || X <- List]) of
-        {'EXIT', _} ->
-            {invalid, "invalid base64-encoding"};
-        L ->
-            L
-    end.
-
-add_ds_helper(Data) ->
-    case dnssecport:validate(Data) of
-        {ok, [DS | Chain]} ->
-            success(catlfish:add_chain(DS, Chain, normal));
-        {error, ErrorCode} ->
-            err400(io:format("add-ds-rr: invalid DS record: ~p", [ErrorCode]),
-                  Data)
+            err400("add-rr-chain: missing input: chain", Input)
     end.
author	Linus Nordberg <linus@nordu.net>	2016-04-08 17:33:08 +0200
committer	Linus Nordberg <linus@nordu.net>	2016-04-08 17:33:08 +0200
commit	e173e2a050caa21725b588757becb84b3c56460a (patch)
tree	558c8537fc85aeede3102b8c59a4f45ae9ca0add /src/v1.erl
parent	ed60e7e384560e8581d16c218ca629a7555beb1e (diff)