Commit 51774590 authored by noplanman's avatar noplanman

Merge branch 'delvtodig' into 'develop'

use dig vs delv as delv can not deal with ecdsa keys properly

See merge request diasporg/Poduptime!233
parents 7732b4e0 038a35bb
Pipeline #1427 passed with stage
in 2 minutes and 39 seconds
......@@ -13,6 +13,7 @@ The format is based on [Keep a Changelog] and this project adheres to [Semantic
- missing table on tables.sql
- link to osada repo updated
- uptime and growth charts per pod to be unlimited timespan
- use dig command vs delv as ecdsa keys are not being detected properly by delv
### Security
## [2.5.2] - 2019-01-29
......
......@@ -304,12 +304,13 @@ foreach ($pods as $pod) {
debug('Signup Open', $signup);
$dnsserver = c('dnsserver') ?: '1.1.1.1';
$delv = new NPM\Xec\Command("delv @{$dnsserver} {$domain}");
$delv->throwExceptionOnError(false);
$dig = new NPM\Xec\Command("dig @{$dnsserver} {$domain} +dnssec");
$dig->throwExceptionOnError(false);
$ip = '';
$iplookupv4 = explode(PHP_EOL, trim($delv->execute([], null, 15)->stdout));
$dnssec = in_array('; fully validated', $iplookupv4, true) ?? false;
$iplookupv4 = explode(PHP_EOL, trim($dig->execute(['A'], null, 15)->stdout));
$flags = preg_grep('/;; flags:(.*?);/', $iplookupv4);
$dnssec = (bool) preg_grep('/ad/', $flags);
$getaonly = array_values(preg_grep('/\s+IN\s+A\s+.*/', $iplookupv4));
if ($getaonly) {
......@@ -318,11 +319,12 @@ foreach ($pods as $pod) {
}
$ip || $score -= 2;
$iplookupv6 = explode(PHP_EOL, trim($delv->execute(['AAAA'], null, 15)->stdout));
$iplookupv6 = explode(PHP_EOL, trim($dig->execute(['AAAA'], null, 15)->stdout));
$ipv6 = (bool) preg_grep('/\s+IN\s+AAAA\s+.*/', $iplookupv6);
debug('IPv4', $ip);
debug('IPv6', $ipv6);
debug('DNSSEC', $dnssec);
// todo: Temporary workaround (see https://github.com/akalongman/php-ip-tools/issues/8)
if (Ip::isValid($ip) && Ip::isRemote($ip)) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment