Skip to content

Commit

Permalink
Validate References (#1486)
Browse files Browse the repository at this point in the history
* Check for too many references

* Added tests

* Disable check if zero

* Move references check

* Set max references for testing

* Added TODO

* Added test

* Added null check

* Added test for too many references and incorrect password
  • Loading branch information
eshryane committed Jun 24, 2024
1 parent 7d72b37 commit ee0d894
Show file tree
Hide file tree
Showing 4 changed files with 62 additions and 1 deletion.
1 change: 1 addition & 0 deletions whois-commons/src/test/resources/whois.properties
Original file line number Diff line number Diff line change
Expand Up @@ -173,3 +173,4 @@ dump.total.size.limit= 15

roa.validator.available=true

max.references=100
Original file line number Diff line number Diff line change
Expand Up @@ -258,4 +258,40 @@ class CommonUpdateIntegrationSpec extends BaseWhoisSourceSpec {
then:
response =~ /Cannot submit filtered whois output for updates/
}

def "too many references"() {
when:
def response = syncUpdate new SyncUpdate(data: """
mntner: OWNER-MNT
descr: used to maintain other MNTNERs
admin-c: TP1-TEST
auth: MD5-PW \$1\$fyALLXZB\$V5Cht4.DAIM3vi64EpC0w/ #owner
""" +
"mnt-by: OWNER-MNT\n".repeat(101) +
"""upd-to: dbtest@ripe.net
source: TEST
password: owner
""")
then:
response =~ /Too many references/
}

def "too many references and incorrect password"() {
when:
def response = syncUpdate new SyncUpdate(data: """
mntner: OWNER-MNT
descr: used to maintain other MNTNERs
admin-c: TP1-TEST
auth: MD5-PW \$1\$fyALLXZB\$V5Cht4.DAIM3vi64EpC0w/ #owner
""" +
"mnt-by: OWNER-MNT\n".repeat(101) +
"""upd-to: dbtest@ripe.net
source: TEST
password: invalid
""")
then:
response =~ /Too many references/
!(response =~ /Authorisation for \[mntner\] OWNER-MNT failed/)
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -729,4 +729,9 @@ public static Message incorrectPrefixForRipeNsServer() {
return new Message(Type.ERROR, "Prefix length must be /16 for IPv4 or /32 for IPv6 if ns.ripe.net is used as " +
"a nameserver.");
}

public static Message tooManyReferences() {
return new Message(Type.ERROR, "Too many references");
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
import net.ripe.db.whois.common.rpsl.ObjectMessages;
import net.ripe.db.whois.common.rpsl.ObjectTemplate;
import net.ripe.db.whois.common.rpsl.ObjectType;
import net.ripe.db.whois.common.rpsl.RpslAttribute;
import net.ripe.db.whois.common.rpsl.RpslObject;
import net.ripe.db.whois.common.rpsl.RpslObjectFilter;
import net.ripe.db.whois.update.authentication.Authenticator;
Expand Down Expand Up @@ -37,7 +38,6 @@
import javax.annotation.Nullable;
import java.util.List;


@Component
public class SingleUpdateHandler {
private final AttributeSanitizer attributeSanitizer;
Expand All @@ -50,12 +50,17 @@ public class SingleUpdateHandler {
private final IpTreeUpdater ipTreeUpdater;
private final SsoTranslator ssoTranslator;

// TODO: [ES] make these fields final and assign in the constructor

@Value("#{T(net.ripe.db.whois.common.domain.CIString).ciString('${whois.source}')}")
private CIString source;

@Value("#{T(net.ripe.db.whois.common.domain.CIString).ciString('${whois.nonauth.source}')}")
private CIString nonAuthSource;

@Value("${max.references:0}")
private int maxReferences;

@Autowired
public SingleUpdateHandler(final List<AttributeGenerator> attributeGenerators,
final Transformer[] transformers,
Expand Down Expand Up @@ -201,6 +206,10 @@ private RpslObject getUpdatedObject(final Update update, final UpdateContext upd
updateContext.addMessage(update, UpdateMessages.filteredNotAllowed());
}

if (maxReferences > 0 && countReferences(updatedObject) > maxReferences) {
updateContext.addMessage(update, UpdateMessages.tooManyReferences());
}

if (Operation.DELETE.equals(update.getOperation())) {
if (Keyword.NEW.equals(keyword)) {
updateContext.addMessage(update, UpdateMessages.operationNotAllowedForKeyword(keyword, update.getOperation()));
Expand All @@ -222,6 +231,16 @@ private RpslObject getUpdatedObject(final Update update, final UpdateContext upd
return updatedObject;
}

private int countReferences(final RpslObject updatedObject) {
int references = 0;
for (RpslAttribute attribute : updatedObject.getAttributes()) {
if ((attribute.getType() != null) && attribute.getType().isReference()) {
references++;
}
}
return references;
}

private Action getAction(@Nullable final RpslObject originalObject,
final RpslObject updatedObject,
final Update update,
Expand Down

0 comments on commit ee0d894

Please sign in to comment.