github-personal/labca
1
0
Fork 0
mirror of https://github.com/outbackdingo/labca.git synced 2026-01-27 10:19:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
labca/patches/ratelimits_names.patch
Arjan H c23a8762aa Bump boulder version to v0.20250902.0
2025-09-06 12:39:43 +02:00

66 lines
2.2 KiB
Diff
Raw Permalink Blame History

diff --git a/ratelimits/names.go b/ratelimits/names.go
index cc32e49b6..099de902d 100644
--- a/ratelimits/names.go
+++ b/ratelimits/names.go
@@ -120,6 +120,9 @@ var nameToString = map[Name]string{
LimitOverrideRequestsPerIPAddress: "LimitOverrideRequestsPerIPAddress",
}
+// Policy Authority singleton
+var PA *policy.AuthorityImpl
+
// isValid returns true if the Name is a valid rate limit name.
func (n Name) isValid() bool {
return n > Unknown && n < Name(len(nameToString))
@@ -201,7 +204,14 @@ func validateRegIdIdentValue(id string) error {
return fmt.Errorf(
"invalid regId, %q must be formatted 'regId:identValue'", id)
}
- domainErr := policy.ValidDomain(regIdIdentValue[1])
+ pa := PA
+ if pa == nil {
+ pa, err = policy.New(map[identifier.IdentifierType]bool{"dns": true}, nil, nil)
+ if err != nil {
+ return fmt.Errorf("cannot create policy authority implementation")
+ }
+ }
+ domainErr := pa.ValidDomain(regIdIdentValue[1])
if domainErr != nil {
ipErr := policy.ValidIP(regIdIdentValue[1])
if ipErr != nil {
@@ -215,7 +225,15 @@ func validateRegIdIdentValue(id string) error {
// name or an IP address. IPv6 addresses must be the lowest address in their
// /64, i.e. their last 64 bits must be zero.
func validateDomainOrCIDR(limit Name, id string) error {
- domainErr := policy.ValidDomain(id)
+ pa := PA
+ var err error
+ if pa == nil {
+ pa, err = policy.New(map[identifier.IdentifierType]bool{"dns": true}, nil, nil)
+ if err != nil {
+ return fmt.Errorf("cannot create policy authority implementation")
+ }
+ }
+ domainErr := pa.ValidDomain(id)
if domainErr == nil {
// This is a valid domain.
return nil
@@ -270,8 +288,16 @@ func validateFQDNSet(id string) error {
return fmt.Errorf(
"invalid fqdnSet, %q must be formatted 'fqdnSet'", id)
}
+ var err error
+ pa := PA
+ if pa == nil {
+ pa, err = policy.New(map[identifier.IdentifierType]bool{"dns": true}, nil, nil)
+ if err != nil {
+ return fmt.Errorf("cannot create policy authority implementation")
+ }
+ }
for _, value := range values {
- domainErr := policy.ValidDomain(value)
+ domainErr := pa.ValidDomain(value)
if domainErr != nil {
ipErr := policy.ValidIP(value)
if ipErr != nil {
Reference in New Issue View Git Blame Copy Permalink