diff --git a/.gitignore b/.gitignore index 3376622..3eb43cd 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ target .env *.sqlite +*.key +*.private diff --git a/README.md b/README.md index c7cdf5b..dafb272 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ Is implementation of an authoritative DNS server. -It gives all users who have a [Zauth](https://zauth.zeus.gent) account an own domain: `username.users.zeus.gent`. +It gives all users who have a [Zauth](https://zauth.zeus.gent) account an own domain: `username.user.zeus.gent`. ## General Information @@ -21,7 +21,7 @@ ZNS has 2 methods of validating the signature: ## User Guide -How to add an `A` record to `.users.zeus.gent`. +How to add an `A` record to `.user.zeus.gent`. ### Step 1 @@ -33,7 +33,7 @@ Add the public key to your Zauth account. The (most) painless way for sending DNS update queries is using the `nsupdate` program. With `nsupdate -k keys`, you can pass it your keys. But `nsupdate` expects your keys to have a certain format, so it won't accept the OPENSSH private key format. That's why there is a CLI (`zns-cli`) available that converts the OPENSSH private key format and creates `.key` and `.private` files corresponding with your public and private keys. -And with some more info like the update ZONE (`username.users.zeus.gent`), the signing algorithm (ED25519 or RSA), ... +And with some more info like the update ZONE (`username.user.zeus.gent`), the signing algorithm (ED25519 or RSA), ... Execute: @@ -44,13 +44,12 @@ zns-cli --key --username Now you can run `nsupdate -k Kdns.private`. ``` -> server flanagan.zeus.gent -> zone username.users.zeus.gent -> update add username.users.zeus.gent 300 A +> zone username.user.zeus.gent +> update add username.user.zeus.gent 300 A > send ``` -This will add an A record to `username.users.zeus.gent`. +This will add an A record to `username.user.zeus.gent`. The message will be signed with the private key, and the server will try to validate by trying to find a valid public SSH key from your Zauth account. Matching the `username` given in the zone. The default expiration time with `nsupdate` is 5 minutes. @@ -74,7 +73,7 @@ The following environment variables should be set (or stored in a `.env` file): ``` DATABASE_URL=postgres://zns@localhost/zns ZAUTH_URL="https://zauth.zeus.gent" -ZONE="users.zeus.gent" +ZONE="user.zeus.gent" ``` Optional: `ZNS_ADDRESS` and `ZNS_PORT`. diff --git a/zns-cli/src/main.rs b/zns-cli/src/main.rs index 90e62a3..46bd8fd 100644 --- a/zns-cli/src/main.rs +++ b/zns-cli/src/main.rs @@ -103,7 +103,7 @@ impl KeyTransformer for Ed25519KeyPair { let private_encoded = format!("{version}\n{algorithm}\n{private_key}"); let public_key = BASE64_STANDARD.encode(self.public_payload); - let public_encoded = format!("{username}.users.zeus.gent. IN KEY 256 3 15 {public_key}"); + let public_encoded = format!("{username}.user.zeus.gent. IN KEY 256 3 15 {public_key}"); (private_encoded, public_encoded) } @@ -178,7 +178,7 @@ Coefficient: {coeff} let encoded_pub = BASE64_STANDARD.encode(&public_key); - let public_encoded = format!("{username}.users.zeus.gent. IN KEY 256 3 10 {encoded_pub}"); + let public_encoded = format!("{username}.user.zeus.gent. IN KEY 256 3 10 {encoded_pub}"); (private_encoded, public_encoded) } diff --git a/zns-daemon/src/handlers/query.rs b/zns-daemon/src/handlers/query.rs index 2a71bfd..79040ce 100644 --- a/zns-daemon/src/handlers/query.rs +++ b/zns-daemon/src/handlers/query.rs @@ -101,7 +101,7 @@ fn get_soa(name: &LabelString) -> Result { } else if name.len() > auth_zone.len() { let zone: LabelString = name.as_slice()[name.len() - auth_zone.len() - 1..].into(); Ok(SoaRData { - mname: zone.clone(), + mname: auth_zone, rname: LabelString::from(&format!("{}.zeus.ugent.be", zone.as_slice()[0])), serial: 1, refresh: 86400,