Sha256: 223e5128b6b94607c3b4c7fd63c41efd31b07aad18fc9b97cd388ac82865612d
Contents?: true
Size: 1.08 KB
Versions: 7
Compression:
Stored size: 1.08 KB
Contents
require 'resolv'
require 'certmeister/policy/response'
module Certmeister
module Policy
class Fcrdns
def authenticate(request)
begin
if not request[:cn]
Certmeister::Policy::Response.new(false, "missing cn")
elsif not request[:ip]
Certmeister::Policy::Response.new(false, "missing ip")
elsif not fcrdns_names(request[:ip]).include?(request[:cn])
Certmeister::Policy::Response.new(false, "cn in unknown domain")
else
Certmeister::Policy::Response.new(true, nil)
end
rescue Resolv::ResolvError => e
Certmeister::Policy::Response.new(false, "DNS error (#{e.message})")
end
end
private
def fcrdns_names(ip)
resolv = Resolv::DNS.new
names = resolv.getnames(ip)
addresses = names.inject([]) { |m, name| m.concat(resolv.getaddresses(name)) }
reverse_names = addresses.inject([]) { |m, address| m.concat(resolv.getnames(address.to_s)) }
(names & reverse_names).map(&:to_s)
end
end
end
end
Version data entries
7 entries across 7 versions & 1 rubygems