summaryrefslogtreecommitdiff
path: root/src/dnssecport.erl
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordu.net>2016-04-08 17:33:08 +0200
committerLinus Nordberg <linus@nordu.net>2016-04-08 17:33:08 +0200
commite173e2a050caa21725b588757becb84b3c56460a (patch)
tree558c8537fc85aeede3102b8c59a4f45ae9ca0add /src/dnssecport.erl
parented60e7e384560e8581d16c218ca629a7555beb1e (diff)
Get submitting and storing working.
Add README.dnssec. Do start the dnssecport server. Add config option 'trust_anchors_file'. Pass correct data to validation server. Change URL for submitting to match draft (add-rr-chain). Make add-rr-chain take a base64-encoded string of RR's instead of JSON list with one RR per entry. TODO: Make the python tools know enough DNS to be able to verify SCT's and such (i.e. 'make tests').
Diffstat (limited to 'src/dnssecport.erl')
-rw-r--r--src/dnssecport.erl15
1 files changed, 12 insertions, 3 deletions
diff --git a/src/dnssecport.erl b/src/dnssecport.erl
index 30c8c9e..acdc5c4 100644
--- a/src/dnssecport.erl
+++ b/src/dnssecport.erl
@@ -23,9 +23,16 @@ validate(Data) ->
-record(state, {port :: port()}).
+-spec trust_anchors() -> string().
+trust_anchors() ->
+ case application:get_env(catlfish, trust_anchors_file) of
+ {ok, Filename} -> Filename;
+ undefined -> []
+ end.
+
init(Program) ->
lager:debug("starting dnssec service"),
- Port = create_port(Program, []), % TODO: Pass path to trust root file.
+ Port = create_port(Program, [trust_anchors()]),
{ok, #state{port = Port}}.
decode_response(Response) ->
@@ -38,9 +45,9 @@ handle_call(stop, _From, State) ->
handle_call({validate, Data}, _From, State) ->
case State#state.port of
undefined ->
- {error, noport};
+ {reply, {error, noport}, State};
Port when is_port(Port) ->
- Port ! {self(), {command, dns:encode_rrset(Data)}},
+ Port ! {self(), {command, Data}},
receive
{Port, {data, Response}} ->
case decode_response(list_to_binary(Response)) of
@@ -50,6 +57,8 @@ handle_call({validate, Data}, _From, State) ->
dns:encode_rrset(Chain)],
{reply, {ok, R}, State};
{ok, Error, _} ->
+ lager:debug("DNSSEC validation failed with ~p",
+ [Error]),
{reply, {error, Error}, State}
end;
{Port, {exit_status, ExitStatus}} ->