internetee · maciej-szlosarczyk · Jul 30, 2019 · Jul 18, 2019 · Jul 19, 2019 · Jul 19, 2019
diff --git a/apps/epp_proxy/include/epp_proxy.hrl b/apps/epp_proxy/include/epp_proxy.hrl
@@ -8,8 +8,13 @@
          epp_verb      % Epp verb that is targeted, plus 'error'
         }).
 
--type epp_request() :: #epp_request{}.
+-record(valid_frame, {command, cl_trid, raw_frame}).
+
+-record(invalid_frame, {code, cl_trid, message}).
 
+-record(state, {socket, session_id, headers}).
+
+-type epp_request() :: #epp_request{}.
 
 -define(XMLErrorCode, <<"2001">>).
 

diff --git a/apps/epp_proxy/priv/test_backend_app/epp_server.rb b/apps/epp_proxy/priv/test_backend_app/epp_server.rb
@@ -8,7 +8,9 @@ class EppServer < Roda
 
     r.on "session" do
       r.get "hello" do
-        render("session/hello")
+        if r.cookies['session']
+          render("session/hello")
+        end
       end
 
       r.post "login" do

diff --git a/apps/epp_proxy/src/epp_http_client.erl b/apps/epp_proxy/src/epp_http_client.erl
@@ -12,8 +12,11 @@
 
 %% Callback API
 request(#epp_request{} = Request) ->
-    HackneyArgs = handle_args(Request),
-    case apply(hackney, request, HackneyArgs) of
+    [Method, URL, Headers, Payload, Options] =
+	handle_args(Request),
+    case hackney:request(Method, URL, Headers, Payload,
+			 Options)
+	of
       {error, Error} -> log_and_return_canned(Error, Request);
       {Status, _StatusCode, _Headers, ClientRef} ->
 	  {ok, Body} = hackney:body(ClientRef), {Status, Body}
@@ -28,7 +31,7 @@ request_builder(Map) -> request_from_map(Map).
 handle_args(#epp_request{method = get, url = URL,
 			 headers = Headers, cookies = Cookies,
 			 epp_verb = ?helloCommand}) ->
-    [get, URL, Headers, "", [{cookie, Cookies}, insecure]];
+    [get, URL, Headers, "", hackney_options(Cookies)];
 %% For error command, we convert the message and code into query parameters,
 %% and append them to the original URL.
 handle_args(#epp_request{method = get, url = URL,
@@ -37,13 +40,12 @@ handle_args(#epp_request{method = get, url = URL,
     QueryString = hackney_url:qs(Payload),
     CompleteURL = [URL, <<"?">>, QueryString],
     [get, CompleteURL, Headers, "",
-     [{cookie, Cookies}, insecure]];
+     hackney_options(Cookies)];
 %% For valid commands, we set the multipart body earlier, now we just pass it on.
 handle_args(#epp_request{method = post, url = URL,
 			 payload = Payload, headers = Headers,
 			 cookies = Cookies}) ->
-    [post, URL, Headers, Payload,
-     [{cookie, Cookies}, insecure]].
+    [post, URL, Headers, Payload, hackney_options(Cookies)].
 
 %% Map request and return values.
 request_from_map(#{command := ?errorCommand,
@@ -79,6 +81,13 @@ request_from_map(#{command := Command,
     lager:info("Request from map: [~p]~n", [Request]),
     Request.
 
+%% Get hackney options
+hackney_options(Cookies) ->
+    case application:get_env(epp_proxy, insecure) of
+      false -> [{cookie, Cookies}, insecure];
+      _ -> [{cookie, Cookies}]
+    end.
+
 %% Return form data or an empty list.
 request_body(?helloCommand, _, _) -> "";
 request_body(_Command, RawFrame, nomatch) ->

diff --git a/apps/epp_proxy/src/epp_tcp_worker.erl b/apps/epp_proxy/src/epp_tcp_worker.erl
@@ -12,12 +12,6 @@
 
 -export([code_change/3]).
 
--record(valid_frame, {command, cl_trid, raw_frame}).
-
--record(invalid_frame, {code, cl_trid, message}).
-
--record(state, {socket, session_id, headers}).
-
 %% Initialize process
 %% Assign an unique session id that will be passed on to http server as a cookie
 init(Socket) ->

diff --git a/apps/epp_proxy/src/epp_tls_worker.erl b/apps/epp_proxy/src/epp_tls_worker.erl
@@ -12,12 +12,6 @@
 
 -export([code_change/3]).
 
--record(valid_frame, {command, cl_trid, raw_frame}).
-
--record(invalid_frame, {code, cl_trid, message}).
-
--record(state, {socket, session_id, headers}).
-
 %% Initialize process
 %% Assign an unique session id that will be passed on to http server as a cookie
 init(Socket) ->
@@ -171,7 +165,8 @@ log_on_invalid_handshake(Ip, Error) ->
 
 log_opened_connection(Ip) ->
     ReadableIp = epp_util:readable_ip(Ip),
-    lager:info("New client connection. IP: ~s, Process: ~p.~n",
+    lager:info("New client connection. IP: ~s, Process: "
+	       "~p.~n",
 	       [ReadableIp, self()]).
 
 %% Extract state info from socket. Fail if you must.

diff --git a/config/docker.config b/config/docker.config
@@ -3,6 +3,7 @@
                {dev_mode, true},
                {tcp_port, 3333},
                {tls_port, 700},
+	       {insecure, false},
                {epp_session_url, "http://epp:3000/epp/session/"},
                {epp_command_url, "http://epp:3000/epp/command/"},
                {epp_error_url, "http://epp:3000/epp/error/"},

diff --git a/config/sys.config b/config/sys.config
@@ -7,6 +7,9 @@
                %% TLS port, specified in RFC to 700, but can be set to anything else
                %% in case that is needed.
                {tls_port, 700},
+	       %% When set to true, you can connect to EPP over HTTPS endpoints without
+	       %% verifying their TLS certificates.
+	       {insecure, false}
                %% URL of EPP endpoints. Can be pointed at a web server (Apache/NGINX)
                %% Can contain port (https://some-host:3000/epp/session)
                %% Honors the prepended protocol (http / https).

diff --git a/config/test.config b/config/test.config
@@ -2,6 +2,7 @@
   {epp_proxy, [{dev_mode, true},
                {tcp_port, 1180},
                {tls_port, 1443},
+	       {insecure, false},
 
                {epp_session_url, "http://localhost:9292/session/"},
                {epp_command_url, "http://localhost:9292/command/"},