diff options
author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2016-02-16 20:36:10 -0500 |
---|---|---|
committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2016-02-18 11:41:40 -0500 |
commit | 236d312b8d0392f490aa7f09886942c17a06f12e (patch) | |
tree | 7dc65df6cb319b7923f657d0aeca17b9c3c2309c | |
parent | 82d1d24093e2f17cc6550e8f16be85fa4376c182 (diff) |
resolve: print TLSA packets in hexadecimal
https://tools.ietf.org/html/rfc6698#section-2.2 says:
> The certificate association data field MUST be represented as a string
> of hexadecimal characters. Whitespace is allowed within the string of
> hexadecimal characters
-rw-r--r-- | man/systemd-resolve.xml | 2 | ||||
-rw-r--r-- | src/resolve/resolved-dns-rr.c | 28 |
2 files changed, 10 insertions, 20 deletions
diff --git a/man/systemd-resolve.xml b/man/systemd-resolve.xml index 320663ce69..de3bbce6dd 100644 --- a/man/systemd-resolve.xml +++ b/man/systemd-resolve.xml @@ -357,7 +357,7 @@ d08ee310438ca124a6149ea5cc21b6313b390dce485576eff96f8722._openpgpkey.fedoraproje <literal>:443</literal> could be skipped)</title> <programlisting>$ systemd-resolve --tlsa=tcp fedoraproject.org:443 -_443._tcp.fedoraproject.org IN TLSA 0 0 1 GUAL5bejH7czkXcAeJ0vCiRxwMnVBsDlBMBsFtfLF8A= +_443._tcp.fedoraproject.org IN TLSA 0 0 1 19400be5b7a31fb733917700789d2f0a2471c0c9d506c0e504c06c16d7cb17c0 -- Cert. usage: CA constraint -- Selector: Full Certificate -- Matching type: SHA-256 diff --git a/src/resolve/resolved-dns-rr.c b/src/resolve/resolved-dns-rr.c index d0a86ef206..e83416da07 100644 --- a/src/resolve/resolved-dns-rr.c +++ b/src/resolve/resolved-dns-rr.c @@ -1116,40 +1116,30 @@ const char *dns_resource_record_to_string(DnsResourceRecord *rr) { case DNS_TYPE_TLSA: { const char *cert_usage, *selector, *matching_type; - char *ss; - int n; cert_usage = tlsa_cert_usage_to_string(rr->tlsa.cert_usage); selector = tlsa_selector_to_string(rr->tlsa.selector); matching_type = tlsa_matching_type_to_string(rr->tlsa.matching_type); - r = asprintf(&s, "%s %u %u %u %n", - k, - rr->tlsa.cert_usage, - rr->tlsa.selector, - rr->tlsa.matching_type, - &n); - if (r < 0) - return NULL; - - r = base64_append(&s, n, - rr->tlsa.data, rr->tlsa.data_size, - 8, columns()); - if (r < 0) + t = hexmem(rr->sshfp.fingerprint, rr->sshfp.fingerprint_size); + if (!t) return NULL; - r = asprintf(&ss, "%s\n" + r = asprintf(&s, + "%s %u %u %u %s\n" " -- Cert. usage: %s\n" " -- Selector: %s\n" " -- Matching type: %s", - s, + k, + rr->tlsa.cert_usage, + rr->tlsa.selector, + rr->tlsa.matching_type, + t, cert_usage, selector, matching_type); if (r < 0) return NULL; - free(s); - s = ss; break; } |