From 97113f7e992f5507f1d593a1a47f0153deb36f23 Mon Sep 17 00:00:00 2001 From: Joe Bryan Date: Fri, 7 Jun 2019 11:36:12 -0700 Subject: [PATCH] adds more validation to input handling in dns apps --- app/dns-collector.hoon | 8 ++++++-- app/dns.hoon | 10 +++++++++- gen/dns/ip.hoon | 13 ++++++++++++- 3 files changed, 27 insertions(+), 4 deletions(-) diff --git a/app/dns-collector.hoon b/app/dns-collector.hoon index ba3ade151d..212ce36df3 100644 --- a/app/dns-collector.hoon +++ b/app/dns-collector.hoon @@ -43,9 +43,11 @@ =* adr address.in-poke-data =/ rac (clan:title who) ?. ?=(?(%king %duke) rac) - ~| [%dns-collector-bind-invalid rac] !! + ~& [%dns-collector-bind-invalid who] + (pure:m state) ?: (reserved:eyre if.adr) - ~| [%reserved-address if.adr] !! + ~& [%dns-collector-reserved-address who if.adr] + (pure:m state) :: =/ req=(unit address:dns) (~(get by requested.state) who) =/ dun=(unit binding:dns) (~(get by completed.state) who) @@ -60,6 +62,8 @@ (pure:m state) :: %dns-complete + :: XX or confirm valid binding? + :: ?. (team:title [our src]:bowl) ~| %complete-yoself !! =* who ship.in-poke-data diff --git a/app/dns.hoon b/app/dns.hoon index e5070f0c44..011bdd038f 100644 --- a/app/dns.hoon +++ b/app/dns.hoon @@ -59,6 +59,8 @@ |= [=host:eyre max=@ud] =/ m (async:stdio ?) ^- form:m + :: XX also scry into eyre + :: q:.^(hart:eyre %e /(scot %p our)/host/real) =/ =hiss:eyre =/ url=purl:eyre [[sec=| por=~ host] [ext=`~.udon path=/static] query=~] @@ -183,7 +185,13 @@ :: manual dns binding -- by explicit ipv4 :: %dns-address - ;< requested=? bind:m (request-by-ip if.address.in-poke-data) + =* adr address.in-poke-data + =/ rac (clan:title our.bowl) + ?. ?=(?(%king %duke) rac) + ~| [%dns-collector-bind-invalid rac] !! + ?: (reserved:eyre if.adr) + ~| [%dns-collector-reserved-address if.adr] !! + ;< requested=? bind:m (request-by-ip if.adr) :: XX save failure? =? requested.state requested (some address.in-poke-data) diff --git a/gen/dns/ip.hoon b/gen/dns/ip.hoon index 064988de15..0d0440d5a8 100644 --- a/gen/dns/ip.hoon +++ b/gen/dns/ip.hoon @@ -11,12 +11,23 @@ == ^- (sole-result [%dns-address address]) =* our p.bec +=/ rac (clan:title our) +?: ?=(%czar rac) + :: XX what process? + =/ msg "galaxy domain requests must be made out-of-band" + (print leaf+msg no-product) +?: ?=(?(%earl %pawn) rac) + =/ msg "DNS for moons and comets is not supported" + (print leaf+msg no-product) +:: invoke parser with arg if present +:: =- ?~ arg - (fun.q.q addr.arg) %+ prompt [%& %dns-address "ipv4 address: "] %+ parse - `$-(nail (like @if))`;~(pfix ;~(pose dot (easy ~)) lip:ag) + ^- $-(nail (like @if)) + ;~(pfix ;~(pose dot (easy ~)) lip:ag) |= addr=@if ?: (reserved:eyre addr) =/ msg "unable to bind reserved ipv4 address {(scow %if addr)}"