summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2016-02-16 20:36:10 -0500
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2016-02-18 11:41:40 -0500
commit236d312b8d0392f490aa7f09886942c17a06f12e (patch)
tree7dc65df6cb319b7923f657d0aeca17b9c3c2309c
parent82d1d24093e2f17cc6550e8f16be85fa4376c182 (diff)
resolve: print TLSA packets in hexadecimal
https://tools.ietf.org/html/rfc6698#section-2.2 says: > The certificate association data field MUST be represented as a string > of hexadecimal characters. Whitespace is allowed within the string of > hexadecimal characters
-rw-r--r--man/systemd-resolve.xml2
-rw-r--r--src/resolve/resolved-dns-rr.c28
2 files changed, 10 insertions, 20 deletions
diff --git a/man/systemd-resolve.xml b/man/systemd-resolve.xml
index 320663ce69..de3bbce6dd 100644
--- a/man/systemd-resolve.xml
+++ b/man/systemd-resolve.xml
@@ -357,7 +357,7 @@ d08ee310438ca124a6149ea5cc21b6313b390dce485576eff96f8722._openpgpkey.fedoraproje
<literal>:443</literal> could be skipped)</title>
<programlisting>$ systemd-resolve --tlsa=tcp fedoraproject.org:443
-_443._tcp.fedoraproject.org IN TLSA 0 0 1 GUAL5bejH7czkXcAeJ0vCiRxwMnVBsDlBMBsFtfLF8A=
+_443._tcp.fedoraproject.org IN TLSA 0 0 1 19400be5b7a31fb733917700789d2f0a2471c0c9d506c0e504c06c16d7cb17c0
-- Cert. usage: CA constraint
-- Selector: Full Certificate
-- Matching type: SHA-256
diff --git a/src/resolve/resolved-dns-rr.c b/src/resolve/resolved-dns-rr.c
index d0a86ef206..e83416da07 100644
--- a/src/resolve/resolved-dns-rr.c
+++ b/src/resolve/resolved-dns-rr.c
@@ -1116,40 +1116,30 @@ const char *dns_resource_record_to_string(DnsResourceRecord *rr) {
case DNS_TYPE_TLSA: {
const char *cert_usage, *selector, *matching_type;
- char *ss;
- int n;
cert_usage = tlsa_cert_usage_to_string(rr->tlsa.cert_usage);
selector = tlsa_selector_to_string(rr->tlsa.selector);
matching_type = tlsa_matching_type_to_string(rr->tlsa.matching_type);
- r = asprintf(&s, "%s %u %u %u %n",
- k,
- rr->tlsa.cert_usage,
- rr->tlsa.selector,
- rr->tlsa.matching_type,
- &n);
- if (r < 0)
- return NULL;
-
- r = base64_append(&s, n,
- rr->tlsa.data, rr->tlsa.data_size,
- 8, columns());
- if (r < 0)
+ t = hexmem(rr->sshfp.fingerprint, rr->sshfp.fingerprint_size);
+ if (!t)
return NULL;
- r = asprintf(&ss, "%s\n"
+ r = asprintf(&s,
+ "%s %u %u %u %s\n"
" -- Cert. usage: %s\n"
" -- Selector: %s\n"
" -- Matching type: %s",
- s,
+ k,
+ rr->tlsa.cert_usage,
+ rr->tlsa.selector,
+ rr->tlsa.matching_type,
+ t,
cert_usage,
selector,
matching_type);
if (r < 0)
return NULL;
- free(s);
- s = ss;
break;
}