Status: Archived (read-only). This repository is published for historical and research purposes only. It is not maintained and is not suitable for production use.
This repository contains the legacy source from 2022 for the InternetNZ Shared Registry System, used in New Zealand from 2002 to 2022.
It is a final source snapshot of all SRS software considered able to be safely released. Some InternetNZ production internal repositories have been omitted.
The SRS source release is provided for historical research purposes. It has not been maintained by InternetNZ, or anyone else, since 2022. This final snapshot was released at the request of InternetNZ members.
Non-trivial software archelogy and reconstruction would be required to get it back into a functional state.
InternetNZ is unable to assist with usage of the software in this repository, or answer any questions about this software. The original devleopers have long since moved on to other jobs, and InternetNZ registry staff have been focused on operation of the new registry software since 2022.
As a result this source code repository has been archived (made read only); if you wish to attempt to develop it further you are welcome to fork the repository and develop it elsewhere, consistent with the open source licenses of each module.
Unless otherwise noted, the source code is released under the GPL v2.
The original SRS application was a Perl / PostgreSQL application.
Early versions of the source code were released on SourceForge as the DNRS, up through 2010, under the GPLv2.
Between 2011 and 2022 internal development of the Shared Registry System continued, but not further source code releases were made. Some of this development added Python 3 code, especially for example clients.
In 2022 the SRS was retired from production, and replaced by the InternetNZ Registry System which was based on licensed (from CIRA) registry software from CIRA, supporting the EPP registry protocol. (See the InternetNZ documentation on the changes from the SRS to the IRS for information on the new registry system.)
Historical documentation for the SRS can be found at:
https://docs.internetnz.nz/srs/
or in the Internet Archive crawl of that site:
https://web.archive.org/web/20250220071643/https://docs.internetnz.nz/srs/
Backend implementation of the Shared Registry System, in Perl.
There are several entry points:
-
build-dns-zone-files-- have the registry generate DNS zone files -
dns-push-- trigger a DNS push (out to the primary DNS servers) -
move-reports-- rename reports in/var/lib/srs/reportswith date -
run-scheduled-job-- run background jobs that are scheduled by hand -
set-sunrise-status-- manually set the sunrise status of a domain (this relates to preferential registration at the top level for prior owners of third level domains, as a transition step) -
srs-proc-launcher-- start the SRS background processes -
srs-starman-- start the SRS application managers
Licensed under the GPLv2.
Note that DNSSec signing was done outside the SRS Registry System, by separate operational code which has not been released.
Python helper tooling for making bulk changes, released under the GPL v3 (not GPL v2):
-
btf-- bulk transfers between registrars -
dlu-- domain lock/unlock -
cth-- convert contacts to Registry Handles (to ease conversion to EPP) -
edi-- export domain information as CSV
Perl library code that is common between various modules (including
the SRS frontend and backend). Expected to be mounted on
/usr/local/srs/common, and to find configuration in
/etc/srs/common/config.yml.
PostgreSQL SQL base database schema files, split into multiple files.
The bash script srs/setupdb will set up the SRS database schema
on an empty PostgreSQL database. The test examples contain PGP
public keys (but no prviate keys); if you wish to use the text
example data at minimum you will need to replace the PGP public
keys with new ones, for which the private keys are known.
The bash script srs-stats/setupdb will create a new SRS statistics
database, with test examples.
The database schema patches in srs-db-patches are also required.
PostgreSQL incremental database schema changes, since 2016. These need
to be applied after the initial database schema has been created via
the srs-db-schema directory.
Simple bash scripts to automate some database tasks:
-
restore-db: load PostgreSQL database from a database dump file, with some production window protections -
update-repl-status: command line helper to update the database replication status
Python3 command line program, released under 3 Clause BSD license, providing an example client to interact with the EPP Proxy service to the SRS from the command line.
Primarily intended for testing the EPP Proxy.
Perl application implementing the EPP Proxy service for the SRS.
Expected to be mounted on /usr/local/srs/epp-proxy, and also
uses /usr/local/srs/xml-srs and /usr/local/srs/xml-app.
The srs-epp-proxy executable starts up the EPP Proxy service,
running in the background, or sends it control commands if it
is already running.
Front end (ie, external user facing) SRS application, written in Perl
and made available under the GPLv2. Expected to be mounted at
/usr/local/srs/frontend, and have access to the common library code
at /usr/local/srs/common.
There are three entry points:
-
apache2-require: Apache (mod_perl) initialisation includes, to ensure most modules are pre-loaded -
srs-proc-launcher: Perl startup for the SRS frontend application (run from Apachemod_perlin response to requests) -
maint-mode: Helper utility to manage maintenance mode time windows
The SRS wire protocol XML format, in Relax NG format (as protocol.rng).
The other two files are generated from protocol.rng, using the trang
tool (to provide XML Schema Definition and Document Type Definition
files respectively with equivalent contents).
These are used for automated protocol format validation.
SRS REST API server, in Perl, where the srs-rest directory is
expected to be mounted on /usr/local/srs/rest, with configuration
in /etc/srs/rest. It communicates with the main SRS backend over
the network, and is implemented using the Dancer module (with a custom
override for logging).
The srs-starman script is the top level service. list-acls and
update-acls are helper scripts, for managing Access Control Lists
stored in redis.
Simple example Python3 command line client to query the SRS REST API, for available domains and domains soon to be released.
Licensed under 3-Clause BSD license.
Expects to find the registry CA certificate in registry/srs-root-ca.pem,
within the source directory.
Perl front end (generate-report) and YAML report definitions
for a variety of operational reports on the SRS Registry usage
and funtionality.
Each YAML configuration file consists of a report title, and some some associated SQL to extract the relevant information from the database.
Perl database wrapper interfaces for the SRS database, providing a
web user interface for SRS database administration. Expected to
be mounted on /usr/local/srs/ui. Many of the files are generated
by DBIx::Class::Schema::Loader from the database schema.
Also includes the database setup for the web user interface functionality,
and tools to create (db/setup-schema) and update (db/apply-patches)
the srsui database.
The psgi-app is a mod perl script to invoke the UI web application
backend, and expire-sessions will expire any login sessins not recently
used.
The public subdirectory contains files to server statically, such
as images, CSS, and Bootstrap JavaScript. The views subdirectory
contains templates for the various web UI views.
Simple example Python3 command line client (sxc) to interact with
the SRS registry. It generates the required XML transactions from
command line arguments, using the provided Jinja2 templates.
Perl modules to implement Moose classes wrapping the EPP requests and responses. (Where EPP is documented in RFC3730, and is the protocol used by most modern DNS registries.)
These Perl modules are only partially tested and might require further refinement to ever be used with an EPP speaking DNS registry. They also contain minimal documentation, so reference to RFC3730 and later EPP protocol documentation is recommended.
Licensed under the (Perl) Artistic License.
Originally released at https://github.com/catalyst/XML-EPP, as a perl translation of the XML Schema.
Perl modules to implement the Moose classes wrapping the XML requests and responses of the SRS protocol. Licensed under the Affero GPL (AGPL).
An older version of these modules was released at https://github.com/catalyst/XML-SRS under the (Perl) Artistic License.
Most (but not all) of the modules have POD (Perl style Plain Old Documentation) descriptions of the relevant class's fields; but to understand the overall SRS protocol reference to other documentation is recommended.
Python3 application, where the whoisd directory is expected to be
mounted in /usr/local/srs/whoisd. The main configuration file
(for database access) is expected to be /etc/srs/whoisd/config.yml.
The whoisd service expects to be run behind HAProxy in production
(with HAProxy providing rate limiting and bot protection).
Usage:
whoisd -f CONFIG_FILE
which would typically be:
whoisd -f /etc/srs/whoisd/config.yml
The whoisd service relies on IP location databases from MaxMind,
imported from the helper tools:
-
update-asn-mapexpects a MaxMind GeoLite2 ASN CSV export -
update-country-mapexpects a MaxMind GeoIP2 CSV export archive, which is the paid version of the database; it might be possible to adapt this to consume the GeoLite2 export
There is one additional helper (update-acls) which will update the
HAProxy allow/block list configuration files from the database entries;
it expects the HAProxy configuration to be stored in the /etc/haproxy
directory).
- Public keys only: Example keys are public and included for testing. Replace with your own keys (and manage corresponding private keys) if you attempt any reconstruction.
- Example domains/IPs: Where examples are shown, prefer reserved names
(e.g.,
example.com,example.net,example.org) and documentation IP ranges (e.g.,192.0.2.0/24,198.51.100.0/24,203.0.113.0/24,2001:db8::/32).
This repository is archived. Issues and pull requests are not monitored. Forks are welcome under the terms of the applicable licences.
There is no active security support for this codebase. Do not deploy it to production systems. If you discover a vulnerability while reviewing the code, please do not expect remediation.
We're grateful to the .nz community and the members who requested this historical release, as well as to those who supported the pre-release review—especially Ewen and Michael.
We also acknowledge Catalyst I.T. for their development and initial support of the SRS, alongside NZRS and InternetNZ staff and other contributors to the SRS over the past two decades.