TrueCloudLab/certificates
17
0
Fork 2
Code Issues 1 Pull requests 1 Releases Activity Actions

Verify IP identifier contains valid IP

Browse source
This commit is contained in:
Herman Slatman 2021-06-03 22:02:13 +02:00
parent 6486e6016b
commit a0e92f8e99
No known key found for this signature in database
GPG key ID: F4D8A44EA0A75A4F
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
acme/api/order.go
View file

@ -5,6 +5,7 @@ import (
"crypto/x509" "crypto/x509"
"encoding/base64" "encoding/base64"
"encoding/json" "encoding/json"
"net"
"net/http" "net/http"
"strings" "strings"
"time" "time"
@ -31,6 +32,9 @@ func (n *NewOrderRequest) Validate() error {
if !(id.Type == "dns" || id.Type == "ip") { if !(id.Type == "dns" || id.Type == "ip") {
return acme.NewError(acme.ErrorMalformedType, "identifier type unsupported: %s", id.Type) return acme.NewError(acme.ErrorMalformedType, "identifier type unsupported: %s", id.Type)
} }
if id.Type == "ip" && net.ParseIP(id.Value) == nil {
return acme.NewError(acme.ErrorMalformedType, "%s is not a valid IP address", id.Value)
}
} }
return nil return nil
} }
@ -85,6 +89,7 @@ func (h *Handler) NewOrder(w http.ResponseWriter, r *http.Request) {
"failed to unmarshal new-order request payload")) "failed to unmarshal new-order request payload"))
return return
} }
if err := nor.Validate(); err != nil { if err := nor.Validate(); err != nil {
api.WriteError(w, err) api.WriteError(w, err)
return return