diff --git a/src/apps.js b/src/apps.js index e0a58dfd8..01f38a0b8 100644 --- a/src/apps.js +++ b/src/apps.js @@ -554,7 +554,7 @@ function getDuplicateErrorDetails(errorMessage, locations, domainObjectMap, port const { subdomain, domain, type } = locations[i]; if (match[1] !== `${subdomain}-${domain}`) continue; - return new BoxError(BoxError.ALREADY_EXISTS, `${type} location '${dns.fqdn(subdomain, domainObjectMap[domain])}' is in use`); + return new BoxError(BoxError.ALREADY_EXISTS, `${type} location '${dns.fqdn(subdomain, domain)}' is in use`); } } @@ -770,10 +770,10 @@ function attachProperties(app, domainObjectMap) { } app.portBindings = result; app.iconUrl = app.hasIcon || app.hasAppStoreIcon ? `/api/v1/apps/${app.id}/icon` : null; - app.fqdn = dns.fqdn(app.subdomain, domainObjectMap[app.domain]); - app.secondaryDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, domainObjectMap[ad.domain]); }); - app.redirectDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, domainObjectMap[ad.domain]); }); - app.aliasDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, domainObjectMap[ad.domain]); }); + app.fqdn = dns.fqdn(app.subdomain, app.domain); + app.secondaryDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, ad.domain); }); + app.redirectDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, ad.domain); }); + app.aliasDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, ad.domain); }); } function isAdmin(user) { @@ -1295,7 +1295,7 @@ async function validateLocations(locations, domainObjectMap) { subdomain = subdomain.replace(/^\*\./, ''); // remove *. } - const error = dns.validateHostname(subdomain, domainObjectMap[location.domain]); + const error = dns.validateHostname(subdomain, location.domain); if (error) throw new BoxError(BoxError.BAD_FIELD, `Bad ${location.type} location: ${error.message}`); } } @@ -1432,10 +1432,10 @@ async function install(data, auditSource) { const taskId = await addTask(appId, app.installationState, task, auditSource); const newApp = _.extend({}, _.omit(app, 'icon'), { appStoreId, manifest, subdomain, domain, portBindings }); - newApp.fqdn = dns.fqdn(newApp.subdomain, domainObjectMap[newApp.domain]); - newApp.secondaryDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, domainObjectMap[ad.domain]); }); - newApp.redirectDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, domainObjectMap[ad.domain]); }); - newApp.aliasDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, domainObjectMap[ad.domain]); }); + newApp.fqdn = dns.fqdn(newApp.subdomain, newApp.domain); + newApp.secondaryDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, ad.domain); }); + newApp.redirectDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, ad.domain); }); + newApp.aliasDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, ad.domain); }); await eventlog.add(eventlog.ACTION_APP_INSTALL, auditSource, { appId, app: newApp, taskId }); @@ -1787,7 +1787,7 @@ async function setCertificate(app, data, auditSource) { if (domainObject === null) throw new BoxError(BoxError.NOT_FOUND, 'Domain not found'); if (cert && key) { - const error = reverseProxy.validateCertificate(subdomain, domainObject, { cert, key }); + const error = reverseProxy.validateCertificate(subdomain, domain, { cert, key }); if (error) throw error; } @@ -1796,7 +1796,7 @@ async function setCertificate(app, data, auditSource) { if (result.affectedRows === 0) throw new BoxError(BoxError.NOT_FOUND, 'Location not found'); app = await get(app.id); // refresh app object - await reverseProxy.setUserCertificate(app, dns.fqdn(subdomain, domainObject), certificate); + await reverseProxy.setUserCertificate(app, dns.fqdn(subdomain, domain), certificate); await eventlog.add(eventlog.ACTION_APP_CONFIGURE, auditSource, { appId: app.id, app, subdomain, domain, cert }); } @@ -1864,10 +1864,10 @@ async function setLocation(app, data, auditSource) { if (taskError && taskError.reason === BoxError.ALREADY_EXISTS) taskError = getDuplicateErrorDetails(taskError.message, locations, domainObjectMap, data.portBindings); if (taskError) throw taskError; - values.fqdn = dns.fqdn(values.subdomain, domainObjectMap[values.domain]); - values.secondaryDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, domainObjectMap[ad.domain]); }); - values.redirectDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, domainObjectMap[ad.domain]); }); - values.aliasDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, domainObjectMap[ad.domain]); }); + values.fqdn = dns.fqdn(values.subdomain, values.domain); + values.secondaryDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, ad.domain); }); + values.redirectDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, ad.domain); }); + values.aliasDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, ad.domain); }); await eventlog.add(eventlog.ACTION_APP_CONFIGURE, auditSource, _.extend({ appId, app, taskId }, values)); @@ -2338,10 +2338,10 @@ async function clone(app, data, user, auditSource) { const taskId = await addTask(newAppId, exports.ISTATE_PENDING_CLONE, task, auditSource); const newApp = _.extend({}, _.omit(obj, 'icon'), { appStoreId, manifest, subdomain, domain, portBindings }); - newApp.fqdn = dns.fqdn(newApp.subdomain, domainObjectMap[newApp.domain]); - newApp.secondaryDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, domainObjectMap[ad.domain]); }); - newApp.redirectDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, domainObjectMap[ad.domain]); }); - newApp.aliasDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, domainObjectMap[ad.domain]); }); + newApp.fqdn = dns.fqdn(newApp.subdomain, newApp.domain); + newApp.secondaryDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, ad.domain); }); + newApp.redirectDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, ad.domain); }); + newApp.aliasDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, ad.domain); }); await eventlog.add(eventlog.ACTION_APP_CLONE, auditSource, { appId: newAppId, oldAppId: appId, backupId, remotePath: backupInfo.remotePath, oldApp: app, newApp, taskId }); diff --git a/src/cloudron.js b/src/cloudron.js index 3578a619e..0b5346756 100644 --- a/src/cloudron.js +++ b/src/cloudron.js @@ -248,10 +248,7 @@ async function prepareDashboardDomain(domain, auditSource) { if (settings.isDemo()) throw new BoxError(BoxError.CONFLICT, 'Not allowed in demo mode'); - const domainObject = await domains.get(domain); - if (!domain) throw new BoxError(BoxError.NOT_FOUND, 'No such domain'); - - const fqdn = dns.fqdn(constants.DASHBOARD_SUBDOMAIN, domainObject); + const fqdn = dns.fqdn(constants.DASHBOARD_SUBDOMAIN, domain); const result = await apps.list(); if (result.some(app => app.fqdn === fqdn)) throw new BoxError(BoxError.BAD_STATE, 'Dashboard location conflicts with an existing app'); @@ -274,7 +271,7 @@ async function setDashboardDomain(domain, auditSource) { if (!domain) throw new BoxError(BoxError.NOT_FOUND, 'No such domain'); await reverseProxy.writeDashboardConfig(domainObject); - const fqdn = dns.fqdn(constants.DASHBOARD_SUBDOMAIN, domainObject); + const fqdn = dns.fqdn(constants.DASHBOARD_SUBDOMAIN, domain); await settings.setDashboardLocation(domain, fqdn); @@ -312,7 +309,7 @@ async function setupDnsAndCert(subdomain, domain, auditSource, progressCallback) assert.strictEqual(typeof progressCallback, 'function'); const domainObject = await domains.get(domain); - const dashboardFqdn = dns.fqdn(subdomain, domainObject); + const dashboardFqdn = dns.fqdn(subdomain, domain); const ipv4 = await sysinfo.getServerIPv4(); const ipv6 = await sysinfo.getServerIPv6(); @@ -324,7 +321,7 @@ async function setupDnsAndCert(subdomain, domain, auditSource, progressCallback) await dns.waitForDnsRecord(subdomain, domain, 'A', ipv4, { interval: 30000, times: 50000 }); if (ipv6) await dns.waitForDnsRecord(subdomain, domain, 'AAAA', ipv6, { interval: 30000, times: 50000 }); progressCallback({ percent: 60, message: `Getting certificate of ${dashboardFqdn}` }); - await reverseProxy.ensureCertificate(dns.fqdn(subdomain, domainObject), domainObject, {}, auditSource); + await reverseProxy.ensureCertificate(dns.fqdn(subdomain, domain), domainObject, {}, auditSource); } async function syncDnsRecords(options) { diff --git a/src/directoryserver.js b/src/directoryserver.js index 07bc89a73..bcac36c26 100644 --- a/src/directoryserver.js +++ b/src/directoryserver.js @@ -312,7 +312,7 @@ async function start() { }; const domainObject = await domains.get(settings.dashboardDomain()); - const dashboardFqdn = dns.fqdn(constants.DASHBOARD_SUBDOMAIN, domainObject); + const dashboardFqdn = dns.fqdn(constants.DASHBOARD_SUBDOMAIN, settings.dashboardDomain()); const certificatePath = await reverseProxy.getCertificatePath(dashboardFqdn, domainObject.domain); gServer = ldap.createServer({ diff --git a/src/dns.js b/src/dns.js index c2f1408e1..38ffe769e 100644 --- a/src/dns.js +++ b/src/dns.js @@ -59,22 +59,22 @@ function api(provider) { } } -function fqdn(subdomain, domainObject) { +function fqdn(subdomain, domain) { assert.strictEqual(typeof subdomain, 'string'); - assert.strictEqual(typeof domainObject, 'object'); + assert.strictEqual(typeof domain, 'string'); - return subdomain + (subdomain ? '.' : '') + domainObject.domain; + return subdomain + (subdomain ? '.' : '') + domain; } // Hostname validation comes from RFC 1123 (section 2.1) // Domain name validation comes from RFC 2181 (Name syntax) // https://en.wikipedia.org/wiki/Hostname#Restrictions_on_valid_host_names // We are validating the validity of the location-fqdn as host name (and not dns name) -function validateHostname(subdomain, domainObject) { +function validateHostname(subdomain, domain) { assert.strictEqual(typeof subdomain, 'string'); - assert.strictEqual(typeof domainObject, 'object'); + assert.strictEqual(typeof domain, 'string'); - const hostname = fqdn(subdomain, domainObject); + const hostname = fqdn(subdomain, domain); const RESERVED_SUBDOMAINS = [ constants.SMTP_SUBDOMAIN, diff --git a/src/dns/cloudflare.js b/src/dns/cloudflare.js index 6453a4dff..043f059d6 100644 --- a/src/dns/cloudflare.js +++ b/src/dns/cloudflare.js @@ -105,7 +105,7 @@ async function upsert(domainObject, location, type, values) { const domainConfig = domainObject.config, zoneName = domainObject.zoneName, - fqdn = dns.fqdn(location, domainObject); + fqdn = dns.fqdn(location, domainObject.domain); debug('upsert: %s for zone %s of type %s with values %j', fqdn, zoneName, type, values); @@ -166,7 +166,7 @@ async function get(domainObject, location, type) { const domainConfig = domainObject.config, zoneName = domainObject.zoneName, - fqdn = dns.fqdn(location, domainObject); + fqdn = dns.fqdn(location, domainObject.domain); const zone = await getZoneByName(domainConfig, zoneName); const result = await getDnsRecords(domainConfig, zone.id, fqdn, type); @@ -182,7 +182,7 @@ async function del(domainObject, location, type, values) { const domainConfig = domainObject.config, zoneName = domainObject.zoneName, - fqdn = dns.fqdn(location, domainObject); + fqdn = dns.fqdn(location, domainObject.domain); const zone = await getZoneByName(domainConfig, zoneName); @@ -212,7 +212,7 @@ async function wait(domainObject, subdomain, type, value, options) { const domainConfig = domainObject.config, zoneName = domainObject.zoneName, - fqdn = dns.fqdn(subdomain, domainObject); + fqdn = dns.fqdn(subdomain, domainObject.domain); debug('wait: %s for zone %s of type %s', fqdn, zoneName, type); diff --git a/src/dns/digitalocean.js b/src/dns/digitalocean.js index 5f45f76ef..2324f870f 100644 --- a/src/dns/digitalocean.js +++ b/src/dns/digitalocean.js @@ -200,13 +200,14 @@ async function wait(domainObject, subdomain, type, value, options) { assert.strictEqual(typeof value, 'string'); assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 } - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domainObject.domain); await waitForDns(fqdn, domainObject.zoneName, type, value, options); } // https://stackoverflow.com/questions/14313183/javascript-regex-how-do-i-check-if-the-string-is-ascii-only function isASCII(str) { + // eslint-disable-next-line no-control-regex return /^[\x00-\x7F]*$/.test(str); } diff --git a/src/dns/gandi.js b/src/dns/gandi.js index 7735ef26c..196d8384c 100644 --- a/src/dns/gandi.js +++ b/src/dns/gandi.js @@ -119,7 +119,7 @@ async function wait(domainObject, subdomain, type, value, options) { assert.strictEqual(typeof value, 'string'); assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 } - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domainObject.domain); await waitForDns(fqdn, domainObject.zoneName, type, value, options); } diff --git a/src/dns/gcdns.js b/src/dns/gcdns.js index 658adf8e3..9b45bb1dc 100644 --- a/src/dns/gcdns.js +++ b/src/dns/gcdns.js @@ -76,7 +76,7 @@ async function upsert(domainObject, location, type, values) { const domainConfig = domainObject.config, zoneName = domainObject.zoneName, - fqdn = dns.fqdn(location, domainObject); + fqdn = dns.fqdn(location, domainObject.domain); debug('add: %s for zone %s of type %s with values %j', fqdn, zoneName, type, values); @@ -105,7 +105,7 @@ async function get(domainObject, location, type) { const domainConfig = domainObject.config, zoneName = domainObject.zoneName, - fqdn = dns.fqdn(location, domainObject); + fqdn = dns.fqdn(location, domainObject.domain); const zone = await getZoneByName(getDnsCredentials(domainConfig), zoneName); @@ -130,7 +130,7 @@ async function del(domainObject, location, type, values) { const domainConfig = domainObject.config, zoneName = domainObject.zoneName, - fqdn = dns.fqdn(location, domainObject); + fqdn = dns.fqdn(location, domainObject.domain); const zone = await getZoneByName(getDnsCredentials(domainConfig), zoneName); @@ -151,7 +151,7 @@ async function wait(domainObject, subdomain, type, value, options) { assert.strictEqual(typeof value, 'string'); assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 } - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domainObject.domain); await waitForDns(fqdn, domainObject.zoneName, type, value, options); } diff --git a/src/dns/godaddy.js b/src/dns/godaddy.js index a6adbf58c..0fb39a835 100644 --- a/src/dns/godaddy.js +++ b/src/dns/godaddy.js @@ -151,7 +151,7 @@ async function wait(domainObject, subdomain, type, value, options) { assert.strictEqual(typeof value, 'string'); assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 } - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domainObject.domain); await waitForDns(fqdn, domainObject.zoneName, type, value, options); } diff --git a/src/dns/hetzner.js b/src/dns/hetzner.js index 0114b6684..da3b2de3a 100644 --- a/src/dns/hetzner.js +++ b/src/dns/hetzner.js @@ -216,7 +216,7 @@ async function wait(domainObject, subdomain, type, value, options) { assert.strictEqual(typeof value, 'string'); assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 } - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domainObject.domain); await waitForDns(fqdn, domainObject.zoneName, type, value, options); } diff --git a/src/dns/linode.js b/src/dns/linode.js index e9793dc85..79bc6ee1c 100644 --- a/src/dns/linode.js +++ b/src/dns/linode.js @@ -225,7 +225,7 @@ async function wait(domainObject, subdomain, type, value, options) { assert.strictEqual(typeof value, 'string'); assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 } - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domainObject.domain); await waitForDns(fqdn, domainObject.zoneName, type, value, options); } diff --git a/src/dns/manual.js b/src/dns/manual.js index 99a3427c9..5ed04d82e 100644 --- a/src/dns/manual.js +++ b/src/dns/manual.js @@ -62,7 +62,7 @@ async function wait(domainObject, subdomain, type, value, options) { assert.strictEqual(typeof value, 'string'); assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 } - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domainObject.domain); await waitForDns(fqdn, domainObject.zoneName, type, value, options); } diff --git a/src/dns/namecheap.js b/src/dns/namecheap.js index 0388bad11..55bb77334 100644 --- a/src/dns/namecheap.js +++ b/src/dns/namecheap.js @@ -237,7 +237,7 @@ async function wait(domainObject, subdomain, type, value, options) { assert.strictEqual(typeof value, 'string'); assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 } - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domainObject.domain); await waitForDns(fqdn, domainObject.zoneName, type, value, options); } diff --git a/src/dns/namecom.js b/src/dns/namecom.js index 9f8f50353..a98ae556b 100644 --- a/src/dns/namecom.js +++ b/src/dns/namecom.js @@ -206,7 +206,7 @@ async function wait(domainObject, subdomain, type, value, options) { assert.strictEqual(typeof value, 'string'); assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 } - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domainObject.domain); await waitForDns(fqdn, domainObject.zoneName, type, value, options); } diff --git a/src/dns/netcup.js b/src/dns/netcup.js index 3f7f8178f..196a0cfb8 100644 --- a/src/dns/netcup.js +++ b/src/dns/netcup.js @@ -217,7 +217,7 @@ async function wait(domainObject, subdomain, type, value, options) { assert.strictEqual(typeof value, 'string'); assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 } - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domainObject.domain); await waitForDns(fqdn, domainObject.zoneName, type, value, options); } diff --git a/src/dns/route53.js b/src/dns/route53.js index 471487b69..7cb0cb8f5 100644 --- a/src/dns/route53.js +++ b/src/dns/route53.js @@ -95,7 +95,7 @@ async function upsert(domainObject, location, type, values) { const domainConfig = domainObject.config, zoneName = domainObject.zoneName, - fqdn = dns.fqdn(location, domainObject); + fqdn = dns.fqdn(location, domainObject.domain); debug('add: %s for zone %s of type %s with values %j', fqdn, zoneName, type, values); @@ -134,7 +134,7 @@ async function get(domainObject, location, type) { const domainConfig = domainObject.config, zoneName = domainObject.zoneName, - fqdn = dns.fqdn(location, domainObject); + fqdn = dns.fqdn(location, domainObject.domain); const zone = await getZoneByName(domainConfig, zoneName); @@ -165,7 +165,7 @@ async function del(domainObject, location, type, values) { const domainConfig = domainObject.config, zoneName = domainObject.zoneName, - fqdn = dns.fqdn(location, domainObject); + fqdn = dns.fqdn(location, domainObject.domain); const zone = await getZoneByName(domainConfig, zoneName); @@ -212,7 +212,7 @@ async function wait(domainObject, subdomain, type, value, options) { assert.strictEqual(typeof value, 'string'); assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 } - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domainObject.domain); await waitForDns(fqdn, domainObject.zoneName, type, value, options); } diff --git a/src/dns/vultr.js b/src/dns/vultr.js index 2cb6c01df..47eede19c 100644 --- a/src/dns/vultr.js +++ b/src/dns/vultr.js @@ -195,7 +195,7 @@ async function wait(domainObject, subdomain, type, value, options) { assert.strictEqual(typeof value, 'string'); assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 } - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domainObject.domain); await waitForDns(fqdn, domainObject.zoneName, type, value, options); } diff --git a/src/dns/wildcard.js b/src/dns/wildcard.js index 3826883a3..16fa21024 100644 --- a/src/dns/wildcard.js +++ b/src/dns/wildcard.js @@ -62,7 +62,7 @@ async function wait(domainObject, subdomain, type, value, options) { assert.strictEqual(typeof value, 'string'); assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 } - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domainObject.domain); await waitForDns(fqdn, domainObject.zoneName, type, value, options); } @@ -77,7 +77,7 @@ async function verifyDomainConfig(domainObject) { if (error || !nameservers) throw new BoxError(BoxError.BAD_FIELD, error ? error.message : 'Unable to get nameservers'); const location = 'cloudrontestdns'; - const fqdn = dns.fqdn(location, domainObject); + const fqdn = dns.fqdn(location, domainObject.domain); const [ipv4Error, ipv4Result] = await safe(dig.resolve(fqdn, 'A', { server: '127.0.0.1', timeout: 5000 })); if (ipv4Error && (ipv4Error.code === 'ENOTFOUND' || ipv4Error.code === 'ENODATA')) throw new BoxError(BoxError.BAD_FIELD, `Unable to resolve IPv4 of ${fqdn}. Please check if you have set up *.${domainObject.domain} to point to this server's IP`); diff --git a/src/domains.js b/src/domains.js index fc45c7aa0..f93d48843 100644 --- a/src/domains.js +++ b/src/domains.js @@ -136,7 +136,7 @@ async function add(domain, data, auditSource) { } if (fallbackCertificate) { - let error = reverseProxy.validateCertificate('test', { domain, config }, fallbackCertificate); + let error = reverseProxy.validateCertificate('test', domain, fallbackCertificate); if (error) throw error; } else { fallbackCertificate = await reverseProxy.generateFallbackCertificate(domain); @@ -207,7 +207,7 @@ async function setConfig(domain, data, auditSource) { } if (fallbackCertificate) { - let error = reverseProxy.validateCertificate('test', domainObject, fallbackCertificate); + let error = reverseProxy.validateCertificate('test', domain, fallbackCertificate); if (error) throw error; } diff --git a/src/mail.js b/src/mail.js index 83ef172b8..ec64f86c7 100644 --- a/src/mail.js +++ b/src/mail.js @@ -985,8 +985,7 @@ async function setLocation(subdomain, domain, auditSource) { assert.strictEqual(typeof domain, 'string'); assert.strictEqual(typeof auditSource, 'object'); - const domainObject = await domains.get(domain); - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domain); await settings.setMailLocation(domain, fqdn); diff --git a/src/reverseproxy.js b/src/reverseproxy.js index 784cb23c8..509fbfe73 100644 --- a/src/reverseproxy.js +++ b/src/reverseproxy.js @@ -119,9 +119,9 @@ function providerMatchesSync(domainObject, cert) { // note: https://tools.ietf.org/html/rfc4346#section-7.4.2 (certificate_list) requires that the // servers certificate appears first (and not the intermediate cert) -function validateCertificate(subdomain, domainObject, certificate) { +function validateCertificate(subdomain, domain, certificate) { assert.strictEqual(typeof subdomain, 'string'); - assert.strictEqual(typeof domainObject, 'object'); + assert.strictEqual(typeof domain, 'string'); assert(certificate && typeof certificate, 'object'); const { cert, key } = certificate; @@ -131,7 +131,7 @@ function validateCertificate(subdomain, domainObject, certificate) { if (cert && !key) return new BoxError(BoxError.BAD_FIELD, 'missing key'); // -checkhost checks for SAN or CN exclusively. SAN takes precedence and if present, ignores the CN. - const fqdn = dns.fqdn(subdomain, domainObject); + const fqdn = dns.fqdn(subdomain, domain); let result = safe.child_process.execSync(`openssl x509 -noout -checkhost "${fqdn}"`, { encoding: 'utf8', input: cert }); if (result === null) return new BoxError(BoxError.BAD_FIELD, 'Unable to get certificate subject:' + safe.error.message); @@ -430,7 +430,7 @@ async function writeDashboardConfig(domainObject) { debug(`writeDashboardConfig: writing admin config for ${domainObject.domain}`); - const dashboardFqdn = dns.fqdn(constants.DASHBOARD_SUBDOMAIN, domainObject); + const dashboardFqdn = dns.fqdn(constants.DASHBOARD_SUBDOMAIN, domainObject.domain); const certificatePath = await getCertificatePath(dashboardFqdn, domainObject.domain); await writeDashboardNginxConfig(dashboardFqdn, certificatePath); diff --git a/src/test/dns-test.js b/src/test/dns-test.js index 7a77b29cc..5f702d762 100644 --- a/src/test/dns-test.js +++ b/src/test/dns-test.js @@ -10,7 +10,9 @@ const common = require('./common.js'), expect = require('expect.js'); describe('DNS', function () { - const { setup, cleanup, app, domain } = common; + const { setup, cleanup, app, domain:domainObject } = common; + + const domain = domainObject.domain; before(setup); after(cleanup); @@ -23,8 +25,7 @@ describe('DNS', function () { it('cannot have >63 length subdomains', function () { const s = Array(64).fill('s').join(''); expect(dns.validateHostname(s, domain)).to.be.an(Error); - const domainCopy = Object.assign({}, domain, { zoneName: `dev.${s}.example.com` }); - expect(dns.validateHostname(`dev.${s}`, domainCopy)).to.be.an(Error); + expect(dns.validateHostname(`dev.${s}`, domain)).to.be.an(Error); }); it('allows only alphanumerics and hypen', function () { diff --git a/src/test/reverseproxy-test.js b/src/test/reverseproxy-test.js index 1b068d206..34b7d44ac 100644 --- a/src/test/reverseproxy-test.js +++ b/src/test/reverseproxy-test.js @@ -13,22 +13,15 @@ const common = require('./common.js'), reverseProxy = require('../reverseproxy.js'); describe('Reverse Proxy', function () { - const { setup, cleanup, domain, auditSource, app, admin } = common; + const { setup, cleanup, domain, auditSource, app } = common; const domainCopy = Object.assign({}, domain); before(setup); after(cleanup); describe('validateCertificate', function () { - let foobarDomain = { - domain: 'foobar.com', - config: {} - }; - - let amazingDomain = { - domain: 'amazing.com', - config: {} - }; + let foobarDomain = 'foobar.com'; + let amazingDomain = 'amazing.com'; /* Generate these with: openssl genrsa -out server.key 512 @@ -82,7 +75,7 @@ describe('Reverse Proxy', function () { }); it('does not allow cert without matching domain', function () { - expect(reverseProxy.validateCertificate('', { domain: 'cloudron.io' }, { cert: validCert0, key: validKey0 })).to.be.an(Error); + expect(reverseProxy.validateCertificate('', 'cloudron.io', { cert: validCert0, key: validKey0 })).to.be.an(Error); expect(reverseProxy.validateCertificate('cloudron.io', foobarDomain, { cert: validCert0, key: validKey0 })).to.be.an(Error); }); @@ -122,20 +115,17 @@ describe('Reverse Proxy', function () { }); describe('generateFallbackCertificate', function () { - let domainObject = { - domain: 'cool.com', - config: {} - }; + const domain = 'cool.com'; let result; it('can generate fallback certs', async function () { - result = await reverseProxy.generateFallbackCertificate(domainObject.domain); + result = await reverseProxy.generateFallbackCertificate(domain); expect(result).to.be.ok(); }); it('can validate the certs', function () { - expect(reverseProxy.validateCertificate('foo', domainObject, result)).to.be(null); - expect(reverseProxy.validateCertificate('', domainObject, result)).to.be(null); + expect(reverseProxy.validateCertificate('foo', domain, result)).to.be(null); + expect(reverseProxy.validateCertificate('', domain, result)).to.be(null); }); });