chiark / gitweb /
resolved: add identifiers for dnssec algorithms
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Sun, 3 Aug 2014 20:44:49 +0000 (16:44 -0400)
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Mon, 4 Aug 2014 02:02:32 +0000 (22:02 -0400)
TODO
src/resolve/resolved-dns-packet.c
src/resolve/resolved-dns-packet.h
src/resolve/resolved-dns-rr.c

diff --git a/TODO b/TODO
index 1dbb9ff..3f13b91 100644 (file)
--- a/TODO
+++ b/TODO
@@ -30,6 +30,8 @@ Features:
 
 * resolved:
   - DNSSEC
+        - use base64 for key presentation?
+        - add display of private key types (http://tools.ietf.org/html/rfc4034#appendix-A.1.1)?
   - LLMNR:
         - do not fail daemon startup if socket is already busy (container)
         - process incoming notification of conflict
index 951c798..626b904 100644 (file)
@@ -1361,3 +1361,15 @@ static const char* const dns_protocol_table[_DNS_PROTOCOL_MAX] = {
         [DNS_PROTOCOL_LLMNR] = "llmnr",
 };
 DEFINE_STRING_TABLE_LOOKUP(dns_protocol, DnsProtocol);
+
+static const char* const dnssec_algorithm_table[_DNSSEC_ALGORITHM_MAX_DEFINED] = {
+        [DNSSEC_ALGORITHM_RSAMD5]     = "RSAMD5",
+        [DNSSEC_ALGORITHM_DH]         = "DH",
+        [DNSSEC_ALGORITHM_DSA]        = "DSA",
+        [DNSSEC_ALGORITHM_ECC]        = "ECC",
+        [DNSSEC_ALGORITHM_RSASHA1]    = "RSASHA1",
+        [DNSSEC_ALGORITHM_INDIRECT]   = "INDIRECT",
+        [DNSSEC_ALGORITHM_PRIVATEDNS] = "PRIVATEDNS",
+        [DNSSEC_ALGORITHM_PRIVATEOID] = "PRIVATEOID",
+};
+DEFINE_STRING_TABLE_LOOKUP(dnssec_algorithm, int);
index 4e30019..f3b0f0c 100644 (file)
@@ -200,3 +200,19 @@ static inline uint16_t dnskey_to_flags(const DnsResourceRecord *rr) {
         return (rr->dnskey.zone_key_flag * DNSKEY_FLAG_ZONE_KEY |
                 rr->dnskey.sep_flag * DNSKEY_FLAG_SEP);
 }
+
+/* http://tools.ietf.org/html/rfc4034#appendix-A.1 */
+enum {
+        DNSSEC_ALGORITHM_RSAMD5 = 1,
+        DNSSEC_ALGORITHM_DH,
+        DNSSEC_ALGORITHM_DSA,
+        DNSSEC_ALGORITHM_ECC,
+        DNSSEC_ALGORITHM_RSASHA1,
+        DNSSEC_ALGORITHM_INDIRECT = 252,
+        DNSSEC_ALGORITHM_PRIVATEDNS,
+        DNSSEC_ALGORITHM_PRIVATEOID,
+        _DNSSEC_ALGORITHM_MAX_DEFINED
+};
+
+const char* dnssec_algorithm_to_string(int i) _const_;
+int dnssec_algorithm_from_string(const char *s) _pure_;
index ada7333..bc0cbef 100644 (file)
@@ -584,19 +584,25 @@ int dns_resource_record_to_string(const DnsResourceRecord *rr, char **ret) {
                         return -ENOMEM;
                 break;
 
-        case DNS_TYPE_DNSKEY:
+        case DNS_TYPE_DNSKEY: {
+                const char *alg;
+
+                alg = dnssec_algorithm_to_string(rr->dnskey.algorithm);
+
                 t = hexmem(rr->dnskey.key, rr->dnskey.key_size);
                 if (!t)
                         return -ENOMEM;
 
-                r = asprintf(&s, "%s %u 3 %u %s",
+                r = asprintf(&s, "%s %u 3 %.*s%.*u %s",
                              k,
                              dnskey_to_flags(rr),
-                             rr->dnskey.algorithm,
+                             alg ? -1 : 0, alg,
+                             alg ? 0 : 1, alg ? 0u : (unsigned) rr->dnskey.algorithm,
                              t);
                 if (r < 0)
                         return -ENOMEM;
                 break;
+        }
 
         default:
                 t = hexmem(rr->generic.data, rr->generic.size);