discuss AT lists.opennicproject.org
Subject: Discuss mailing list
List archive
Re: [opennic-discuss] OpenNIC whitelisting API broken, OpenNIC members site has outdated into
Chronological Thread
- From: Stephan Jauernick <info AT stephan-jauernick.de>
- To: discuss AT lists.opennicproject.org
- Subject: Re: [opennic-discuss] OpenNIC whitelisting API broken, OpenNIC members site has outdated into
- Date: Thu, 21 Jan 2021 22:54:36 +0100
Hi,
/me comes briefly out of his hidey hole
Thanks for bringing this to my attention.
members.opennic.org / members.opennicproject.org cert fixed.
Should survive further renewals.
For lists.opennicproject.org I pinged a friend, they fixed it :)
Added monitoring for all the HTTPS/LDAP endpoints.
I appologize for the inconviniences and late fixing.
/me hides again
Kind Regards,
Stephan
Am 16.01.2021 um 22:34 schrieb Rouben:
Thanks! I can see my IPs in the whitelist now.
I prefer acme.sh for cert renewal; works quote well and is
quite light. Also avoids letting nginx have write access to
certs.
Rouben
Rouben
On Fri, Jan 15, 2021 at 7:45
PM Jeff Taylor <shdwdrgn AT sourpuss.net> wrote:
Finally figured out the issue with whitelist and ddns
updates, they appear to be updating smoothly now.
The expired cert on the members site is a known issue (nginx being obnoxious about not allowing access to the cert files), but we're looking into it.
The IP you listed for updating is correct, except it's http, not https. Updates through the domain name use https and work fine
.
The expired cert on the members site is a known issue (nginx being obnoxious about not allowing access to the cert files), but we're looking into it.
The IP you listed for updating is correct, except it's http, not https. Updates through the domain name use https and work fine
.
On 1/15/21 1:41 AM, Rouben wrote:
Hi,
https://161.97.219.82/ip/update/ is a 404. That's the old URL for api.opennic.org, but the problem is it's still being advertised on members.opennic.org (hardcoded?)
Moreover, https://members.opennicproject.org has an expired TLS cert. So does https://lists.opennicproject.org.
Finally, using the proper API URL from an IPv4 endpoint (haven't tested IPv6) adds the IP of api.opennicproject.org to the whitelist, instead of the actual IP of the machine that calls the API... in other words:curl --insecure "https://api.opennicproject.org/ip/update/?user=rouben&auth=<redacted>
always outputs:# 116.203.98.109
which happens to be the IPv4 address for api.opennicproject.org:
host api.opennicproject.org
api.opennicproject.org is an alias for api.opennic.org.
api.opennic.org has address 116.203.98.109
api.opennic.org has IPv6 address 2a01:4f8:1c1c:bd6f::1
Seems like a logic error to me, making it impossible to update dynamic IPs on whitelists, or the API has changed (again, both the wiki and the members.opennicproject.org portal needs to be updated in this case), and I am using it incorrectly.
Is anyone looking into this? Need help?
Rouben
-------- You are a member of the OpenNIC Discuss list. You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org
--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org
-------- You are a member of the OpenNIC Discuss list. You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org
-
[opennic-discuss] OpenNIC whitelisting API broken, OpenNIC members site has outdated into,
Rouben, 01/15/2021
-
Re: [opennic-discuss] OpenNIC whitelisting API broken, OpenNIC members site has outdated into,
Jeff Taylor, 01/16/2021
-
Re: [opennic-discuss] OpenNIC whitelisting API broken, OpenNIC members site has outdated into,
Rouben, 01/16/2021
- Re: [opennic-discuss] OpenNIC whitelisting API broken, OpenNIC members site has outdated into, Stephan Jauernick, 01/21/2021
- Re: [opennic-discuss] OpenNIC whitelisting API broken, OpenNIC members site has outdated into, Stephan Jauernick, 01/21/2021
-
Re: [opennic-discuss] OpenNIC whitelisting API broken, OpenNIC members site has outdated into,
Rouben, 01/16/2021
-
Re: [opennic-discuss] OpenNIC whitelisting API broken, OpenNIC members site has outdated into,
Jeff Taylor, 01/16/2021
Archive powered by MHonArc 2.6.19.