fix: Better DNS check to prevent errors

2022-05-06 11:41:39 +02:00
parent b0eae8cfe9
commit 7ceb8f1537
7 changed files with 229 additions and 148 deletions
--- a/src/lib/common.ts
+++ b/src/lib/common.ts
@@ -4,6 +4,8 @@ import { dev } from '$app/env';
 import * as Sentry from '@sentry/node';
 import { uniqueNamesGenerator, adjectives, colors, animals } from 'unique-names-generator';
 import type { Config } from 'unique-names-generator';
+import { promises as dns } from 'dns';
+import { isIP } from 'is-ip';

 import * as db from '$lib/database';
 import { buildLogQueue } from './queues';
@@ -14,6 +16,7 @@ import Cookie from 'cookie';
 import os from 'os';
 import type { RequestEvent } from '@sveltejs/kit/types/internal';
 import type { Job } from 'bullmq';
+import { t } from './translations';

 try {
 	if (!dev) {
@@ -179,3 +182,98 @@ export function getDomain(domain: string): string {
 export function getOsArch() {
 	return os.arch();
 }
+
+export async function isDNSValid(event: any, domain: string): Promise<any> {
+	let resolves = [];
+	try {
+		if (isIP(event.url.hostname)) {
+			resolves = [event.url.hostname];
+		} else {
+			resolves = await dns.resolve4(event.url.hostname);
+		}
+	} catch (error) {
+		throw {
+			message:
+				"Could not resolve domain or it's not pointing to the server IP address. <br><br>Please check your domain name and try again."
+		};
+	}
+
+	try {
+		let ipDomainFound = false;
+		dns.setServers(['1.1.1.1', '8.8.8.8']);
+		const dnsResolve = await dns.resolve4(domain);
+		if (dnsResolve.length > 0) {
+			for (const ip of dnsResolve) {
+				if (resolves.includes(ip)) {
+					ipDomainFound = true;
+				}
+			}
+		}
+		if (!ipDomainFound) throw false;
+	} catch (error) {
+		throw {
+			message: t.get('application.domain_not_valid')
+		};
+	}
+}
+
+export async function checkDomainsIsValidInDNS({ event, fqdn, dualCerts }): Promise<any> {
+	const domain = getDomain(fqdn);
+	const domainDualCert = domain.includes('www.') ? domain.replace('www.', '') : `www.${domain}`;
+	dns.setServers(['1.1.1.1', '8.8.8.8']);
+	let resolves = [];
+	try {
+		if (isIP(event.url.hostname)) {
+			resolves = [event.url.hostname];
+		} else {
+			resolves = await dns.resolve4(event.url.hostname);
+		}
+	} catch (error) {
+		throw {
+			message: t.get('application.dns_not_set_error', { domain: domain })
+		};
+	}
+
+	if (dualCerts) {
+		try {
+			const ipDomain = await dns.resolve4(domain);
+			const ipDomainDualCert = await dns.resolve4(domainDualCert);
+
+			let ipDomainFound = false;
+			let ipDomainDualCertFound = false;
+
+			for (const ip of ipDomain) {
+				if (resolves.includes(ip)) {
+					ipDomainFound = true;
+				}
+			}
+			for (const ip of ipDomainDualCert) {
+				if (resolves.includes(ip)) {
+					ipDomainDualCertFound = true;
+				}
+			}
+			if (ipDomainFound && ipDomainDualCertFound) return { status: 200 };
+			throw false;
+		} catch (error) {
+			throw {
+				message: t.get('application.dns_not_set_error', { domain })
+			};
+		}
+	} else {
+		try {
+			const ipDomain = await dns.resolve4(domain);
+			let ipDomainFound = false;
+			for (const ip of ipDomain) {
+				if (resolves.includes(ip)) {
+					ipDomainFound = true;
+				}
+			}
+			if (ipDomainFound) return { status: 200 };
+			throw false;
+		} catch (error) {
+			throw {
+				message: t.get('application.dns_not_set_error', { domain })
+			};
+		}
+	}
+}