summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2016-02-01 21:35:44 -0500
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2016-02-12 20:00:42 -0500
commit718af59e9ac1a525b0a73b99a74bc376f1b4d49d (patch)
tree34d521ddcf7fda85003184fc33e889c1bcbf96d3
parent95052df3760523e1f3bb9705c918d85aae7fb431 (diff)
resolve: always align flags to 8th column and print CAA flags
Left-over unknown flags are printed numerically. Otherwise, it wouldn't be known what bits are remaining without knowning what the known bits are. A test case is added to verify the flag printing code: ============== src/resolve/test-data/fake-caa.pkts ============== google.com. IN CAA 0 issue "symantec.com" google.com. IN CAA 128 issue "symantec.com" -- Flags: critical google.com. IN CAA 129 issue "symantec.com" -- Flags: critical 1 google.com. IN CAA 22 issue "symantec.com" -- Flags: 22
-rw-r--r--Makefile.am3
-rw-r--r--src/resolve/dns-type.h3
-rw-r--r--src/resolve/resolved-dns-rr.c31
-rw-r--r--src/resolve/test-data/fake-caa.pktsbin0 -> 196 bytes
4 files changed, 21 insertions, 16 deletions
diff --git a/Makefile.am b/Makefile.am
index 8ab04e74ba..5d39967f2c 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -5326,7 +5326,8 @@ EXTRA_DIST += \
src/resolve/test-data/teamits.com.pkts \
src/resolve/test-data/zbyszek@fedoraproject.org.pkts \
src/resolve/test-data/_443._tcp.fedoraproject.org.pkts \
- src/resolve/test-data/kyhwana.org.pkts
+ src/resolve/test-data/kyhwana.org.pkts \
+ src/resolve/test-data/fake-caa.pkts
test_dnssec_SOURCES = \
src/resolve/test-dnssec.c \
diff --git a/src/resolve/dns-type.h b/src/resolve/dns-type.h
index d025544bab..ea51dfdb65 100644
--- a/src/resolve/dns-type.h
+++ b/src/resolve/dns-type.h
@@ -154,3 +154,6 @@ const char *tlsa_selector_to_string(uint8_t selector);
/* https://tools.ietf.org/html/draft-ietf-dane-protocol-23#section-7.4 */
const char *tlsa_matching_type_to_string(uint8_t selector);
+
+/* https://tools.ietf.org/html/rfc6844#section-5.1 */
+#define CAA_FLAG_CRITICAL (1u << 7)
diff --git a/src/resolve/resolved-dns-rr.c b/src/resolve/resolved-dns-rr.c
index 35c0de1a6d..d54645fc7a 100644
--- a/src/resolve/resolved-dns-rr.c
+++ b/src/resolve/resolved-dns-rr.c
@@ -980,7 +980,7 @@ const char *dns_resource_record_to_string(DnsResourceRecord *rr) {
case DNS_TYPE_DNSKEY: {
_cleanup_free_ char *alg = NULL;
char *ss;
- int n, n1;
+ int n;
uint16_t key_tag;
key_tag = dnssec_keytag(rr, true);
@@ -989,9 +989,8 @@ const char *dns_resource_record_to_string(DnsResourceRecord *rr) {
if (r < 0)
return NULL;
- r = asprintf(&s, "%s %n%u %u %s %n",
+ r = asprintf(&s, "%s %u %u %s %n",
k,
- &n1,
rr->dnskey.flags,
rr->dnskey.protocol,
alg,
@@ -1006,14 +1005,12 @@ const char *dns_resource_record_to_string(DnsResourceRecord *rr) {
return NULL;
r = asprintf(&ss, "%s\n"
- "%*s-- Flags:%s%s%s\n"
- "%*s-- Key tag: %u",
+ " -- Flags:%s%s%s\n"
+ " -- Key tag: %u",
s,
- n1, "",
rr->dnskey.flags & DNSKEY_FLAG_SEP ? " SEP" : "",
rr->dnskey.flags & DNSKEY_FLAG_REVOKE ? " REVOKE" : "",
rr->dnskey.flags & DNSKEY_FLAG_ZONE_KEY ? " ZONE_KEY" : "",
- n1, "",
key_tag);
if (r < 0)
return NULL;
@@ -1139,13 +1136,13 @@ const char *dns_resource_record_to_string(DnsResourceRecord *rr) {
return NULL;
r = asprintf(&ss, "%s\n"
- "%*s-- Cert. usage: %s\n"
- "%*s-- Selector: %s\n"
- "%*s-- Matching type: %s",
+ " -- Cert. usage: %s\n"
+ " -- Selector: %s\n"
+ " -- Matching type: %s",
s,
- n - 6, "", cert_usage,
- n - 6, "", selector,
- n - 6, "", matching_type);
+ cert_usage,
+ selector,
+ matching_type);
if (r < 0)
return NULL;
free(s);
@@ -1161,11 +1158,15 @@ const char *dns_resource_record_to_string(DnsResourceRecord *rr) {
if (!value)
return NULL;
- r = asprintf(&s, "%s %u %s \"%s\"",
+ r = asprintf(&s, "%s %u %s \"%s\"%s%s%s%.0u",
k,
rr->caa.flags,
rr->caa.tag,
- value);
+ value,
+ rr->caa.flags ? "\n -- Flags:" : "",
+ rr->caa.flags & CAA_FLAG_CRITICAL ? " critical" : "",
+ rr->caa.flags & ~CAA_FLAG_CRITICAL ? " " : "",
+ rr->caa.flags & ~CAA_FLAG_CRITICAL);
if (r < 0)
return NULL;
diff --git a/src/resolve/test-data/fake-caa.pkts b/src/resolve/test-data/fake-caa.pkts
new file mode 100644
index 0000000000..1c3ecc5491
--- /dev/null
+++ b/src/resolve/test-data/fake-caa.pkts
Binary files differ