diff options
Diffstat (limited to 'web/config.go')
-rw-r--r-- | web/config.go | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/web/config.go b/web/config.go index 2479e38..acdc4bf 100644 --- a/web/config.go +++ b/web/config.go | |||
@@ -1,6 +1,7 @@ | |||
1 | package web | 1 | package web |
2 | 2 | ||
3 | import ( | 3 | import ( |
4 | "crypto/subtle" | ||
4 | "encoding/json" | 5 | "encoding/json" |
5 | "io/ioutil" | 6 | "io/ioutil" |
6 | "strings" | 7 | "strings" |
@@ -10,12 +11,13 @@ import ( | |||
10 | ) | 11 | ) |
11 | 12 | ||
12 | type ServerConfig struct { | 13 | type ServerConfig struct { |
13 | BindConfig *bind.BINDConfig | 14 | BindConfig *bind.BINDConfig |
14 | DNSClient *dns.DNSClient | 15 | DNSClient *dns.DNSClient |
15 | AcmeView string | 16 | AcmeView string |
16 | DynamicDnsView string | 17 | DynamicDnsView string |
17 | DDNSSecrets map[string]string `json:"DDNS"` | 18 | DDNSSecrets map[string]string `json:"DDNS"` |
18 | AcmeSecrets map[string]map[string]int `json:"ACME"` | 19 | AcmeSecrets map[string]map[string]int `json:"ACME"` |
20 | DNSManageSecrets map[string]string `json:"DNS_MANAGE"` | ||
19 | } | 21 | } |
20 | 22 | ||
21 | func LoadServerConfig(zonesFile, secretsFile, server, view string) (*ServerConfig, error) { | 23 | func LoadServerConfig(zonesFile, secretsFile, server, view string) (*ServerConfig, error) { |
@@ -53,6 +55,14 @@ func (s *ServerConfig) AcmeSecretExists(k string) bool { | |||
53 | return ok | 55 | return ok |
54 | } | 56 | } |
55 | 57 | ||
58 | func (s *ServerConfig) DNSUserAuth(u, p string) bool { | ||
59 | cp, ok := s.DNSManageSecrets[u] | ||
60 | if !ok { | ||
61 | return false | ||
62 | } | ||
63 | return subtle.ConstantTimeCompare([]byte(p), []byte(cp)) == 1 | ||
64 | } | ||
65 | |||
56 | func (s *ServerConfig) IsAcmeClientAllowed(key, zone string) bool { | 66 | func (s *ServerConfig) IsAcmeClientAllowed(key, zone string) bool { |
57 | u, ok := s.AcmeSecrets[key] | 67 | u, ok := s.AcmeSecrets[key] |
58 | if !ok { | 68 | if !ok { |