27 Dub
2020
27 Dub
'20
17:21
On 27 Apr 2020 at 17:48, Jon 'Boli' Copeland wrote:
--
This email has been checked for viruses by AVG.
https://www.avg.com
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
if you dont auth every request then it is possible to
connect 1 day
before a cert expires, and leave it connected for the next year
without having to renew, i think?
Interesting, I see this happening for some registrars already, they connect once and just
issue XML connections all day may be for days. When the connection drops then they issue
a complaint.
So, my question is, from your experience what is the longest time that you have seen a
registrar hold such a connection?
Is there no XML EPP command that requires a new login ?
Regards,
Paulos
======================
Dr Paulos B Nyirenda
NIC.MW & .mw ccTLD
http://www.registrar.mw
Tel: +265-(0)-882 089 166
Cell: +265-(0)-888-824787
WhatsApp: +265-(0)-887386433
On 27 Apr
2020, at 17:45, Piotr Przybyl <piotr(a)przybyl.org> wrote:
Hello
Please let me add my two cents... ;-)
1. EPP is not REST-ish.
2. For better performance it's worth to keep established connection & session, so
there's no need to
authenticate for every request.
If something custom is needed, then one should first establish TLS connection (not HTTPs,
as it's
using certificates on both ends), then it's "only" a matter of sending XML
requests and responses
back and forth.
Hope that helps
Piotr
On 27.04.2020 09:24, Jaromir Talir wrote:
_______________________________________________
fred-users mailing list
fred-users(a)lists.nic.cz
https://lists.nic.cz/mailman/listinfo/fred-users
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Hi Lem,
unfortunatelly, it is not possible to use curl as EPP client. EPP over
TLS protocol (see RFC5734) is different from HTTPS. You need to use
some EPP client, the best is FRED's internal fred-client.
Regards,
Jaromir
On Sun, 2020-04-26 at 16:02 +0600, Lem wrote:
_______________________________________________
fred-users mailing list
fred-users(a)lists.nic.cz
https://lists.nic.cz/mailman/listinfo/fred-users Hi,
My name is Lem.
I tried to use curl to check EPP and got in log:
[26/Apr/2020:15:25:36 +0600] 192.168.0.1 (process:16846) [sessionID
61959] Client connected
[26/Apr/2020:15:25:36 +0600] 192.168.0.1 (process:16846) [sessionID
61959] Corba call (epp-cmd hello)
[26/Apr/2020:15:25:36 +0600] 192.168.0.1 (process:16846) [sessionID
61959] Corba call ok
[26/Apr/2020:15:25:36 +0600] 192.168.0.1 (process:16846) [sessionID
61959] Invalid epp frame length (1347375952 bytes)
[26/Apr/2020:15:25:36 +0600] 192.168.0.1 (process:16846) [sessionID
61959] Session ended
Please help me. What do I wrong?
Output for curl:
root# curl -k --cert /usr/share/fred-client/ssl/test-cert.pem --
cacert /usr/share/fred-client/ssl/test-cert.pem --key
/usr/share/fred-client/ssl/test-key.pem -vvvv -d '<?xml version="1.0"
encoding="utf-8" standalone="no"?><epp
xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-
1.0.xsd"><command><login><clID>REG-
CZ</clID><pw>qazQAZ123</pw><options><version>1.0</version><lang>en</l
ang></options><svcs><objURI>
http://www.nic.cz/xml/epp/contact-1.6</objURI><objURI>http://ww…
https://192.168.0.7:700
* Rebuilt URL to: https://192.168.0.7:700/
* Trying 192.168.0.7...
* Connected to 192.168.0.7 (192.168.0.7) port 700 (#0)
* found 1 certificates in /usr/share/fred-client/ssl/test-cert.pem
* found 594 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* server certificate verification SKIPPED
* server certificate status verification SKIPPED
* common name: 192.168.0.7 (matched)
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #1
* subject: C...CN=192.168.0.7
* start date: Fri, 24 Apr 2020 07:19:19 GMT
* expire date: Mon, 22 Apr 2030 07:19:19 GMT
* issuer: C...CN=192.168.0.7
* compression: NULL
* ALPN, server accepted to use http/1.1
> POST / HTTP/1.1
> Host: 192.168.0.7:700
> User-Agent: curl/7.47.0
> Accept: */*
> Content-Length: 700
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 700 out of 700 bytes
t<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-
1.0.xsd"><greeting><svID>EPP server
(DSDng)</svID><svDate>2020-04-
26T15:31:16+06:00</svDate><svcMenu><version>1.0</version><lang>en</la
ng><lang>cs</lang><objURI>
http://www.nic.cz/xml/epp/contact-1.6</objURI><objURI>http://ww…
>
* Connection #0 to host 192.168.0.7 left intact
Sincerely, Lem.
_______________________________________________
fred-users mailing list
fred-users(a)lists.nic.cz
https://lists.nic.cz/mailman/listinfo/fred-users
_______________________________________________
fred-users mailing list
fred-users(a)lists.nic.cz
https://lists.nic.cz/mailman/listinfo/fred-users