Commit 51774590 authored by noplanman's avatar noplanman

Merge branch 'delvtodig' into 'develop'

use dig vs delv as delv can not deal with ecdsa keys properly

See merge request !233
parents 7732b4e0 038a35bb
Pipeline #1427 passed with stage
in 2 minutes and 39 seconds
......@@ -13,6 +13,7 @@ The format is based on [Keep a Changelog] and this project adheres to [Semantic
- missing table on tables.sql
- link to osada repo updated
- uptime and growth charts per pod to be unlimited timespan
- use dig command vs delv as ecdsa keys are not being detected properly by delv
### Security
## [2.5.2] - 2019-01-29
......
......@@ -304,12 +304,13 @@ foreach ($pods as $pod) {
debug('Signup Open', $signup);
$dnsserver = c('dnsserver') ?: '1.1.1.1';
$delv = new NPM\Xec\Command("delv @{$dnsserver} {$domain}");
$delv->throwExceptionOnError(false);
$dig = new NPM\Xec\Command("dig @{$dnsserver} {$domain} +dnssec");
$dig->throwExceptionOnError(false);
$ip = '';
$iplookupv4 = explode(PHP_EOL, trim($delv->execute([], null, 15)->stdout));
$dnssec = in_array('; fully validated', $iplookupv4, true) ?? false;
$iplookupv4 = explode(PHP_EOL, trim($dig->execute(['A'], null, 15)->stdout));
$flags = preg_grep('/;; flags:(.*?);/', $iplookupv4);
$dnssec = (bool) preg_grep('/ad/', $flags);
$getaonly = array_values(preg_grep('/\s+IN\s+A\s+.*/', $iplookupv4));
if ($getaonly) {
......@@ -318,11 +319,12 @@ foreach ($pods as $pod) {
}
$ip || $score -= 2;
$iplookupv6 = explode(PHP_EOL, trim($delv->execute(['AAAA'], null, 15)->stdout));
$iplookupv6 = explode(PHP_EOL, trim($dig->execute(['AAAA'], null, 15)->stdout));
$ipv6 = (bool) preg_grep('/\s+IN\s+AAAA\s+.*/', $iplookupv6);
debug('IPv4', $ip);
debug('IPv6', $ipv6);
debug('DNSSEC', $dnssec);
// todo: Temporary workaround (see https://github.com/akalongman/php-ip-tools/issues/8)
if (Ip::isValid($ip) && Ip::isRemote($ip)) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment