diff options
author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2016-02-01 21:35:44 -0500 |
---|---|---|
committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2016-02-12 20:00:42 -0500 |
commit | 718af59e9ac1a525b0a73b99a74bc376f1b4d49d (patch) | |
tree | 34d521ddcf7fda85003184fc33e889c1bcbf96d3 | |
parent | 95052df3760523e1f3bb9705c918d85aae7fb431 (diff) |
resolve: always align flags to 8th column and print CAA flags
Left-over unknown flags are printed numerically. Otherwise,
it wouldn't be known what bits are remaining without knowning
what the known bits are.
A test case is added to verify the flag printing code:
============== src/resolve/test-data/fake-caa.pkts ==============
google.com. IN CAA 0 issue "symantec.com"
google.com. IN CAA 128 issue "symantec.com"
-- Flags: critical
google.com. IN CAA 129 issue "symantec.com"
-- Flags: critical 1
google.com. IN CAA 22 issue "symantec.com"
-- Flags: 22
-rw-r--r-- | Makefile.am | 3 | ||||
-rw-r--r-- | src/resolve/dns-type.h | 3 | ||||
-rw-r--r-- | src/resolve/resolved-dns-rr.c | 31 | ||||
-rw-r--r-- | src/resolve/test-data/fake-caa.pkts | bin | 0 -> 196 bytes |
4 files changed, 21 insertions, 16 deletions
diff --git a/Makefile.am b/Makefile.am index 8ab04e74ba..5d39967f2c 100644 --- a/Makefile.am +++ b/Makefile.am @@ -5326,7 +5326,8 @@ EXTRA_DIST += \ src/resolve/test-data/teamits.com.pkts \ src/resolve/test-data/zbyszek@fedoraproject.org.pkts \ src/resolve/test-data/_443._tcp.fedoraproject.org.pkts \ - src/resolve/test-data/kyhwana.org.pkts + src/resolve/test-data/kyhwana.org.pkts \ + src/resolve/test-data/fake-caa.pkts test_dnssec_SOURCES = \ src/resolve/test-dnssec.c \ diff --git a/src/resolve/dns-type.h b/src/resolve/dns-type.h index d025544bab..ea51dfdb65 100644 --- a/src/resolve/dns-type.h +++ b/src/resolve/dns-type.h @@ -154,3 +154,6 @@ const char *tlsa_selector_to_string(uint8_t selector); /* https://tools.ietf.org/html/draft-ietf-dane-protocol-23#section-7.4 */ const char *tlsa_matching_type_to_string(uint8_t selector); + +/* https://tools.ietf.org/html/rfc6844#section-5.1 */ +#define CAA_FLAG_CRITICAL (1u << 7) diff --git a/src/resolve/resolved-dns-rr.c b/src/resolve/resolved-dns-rr.c index 35c0de1a6d..d54645fc7a 100644 --- a/src/resolve/resolved-dns-rr.c +++ b/src/resolve/resolved-dns-rr.c @@ -980,7 +980,7 @@ const char *dns_resource_record_to_string(DnsResourceRecord *rr) { case DNS_TYPE_DNSKEY: { _cleanup_free_ char *alg = NULL; char *ss; - int n, n1; + int n; uint16_t key_tag; key_tag = dnssec_keytag(rr, true); @@ -989,9 +989,8 @@ const char *dns_resource_record_to_string(DnsResourceRecord *rr) { if (r < 0) return NULL; - r = asprintf(&s, "%s %n%u %u %s %n", + r = asprintf(&s, "%s %u %u %s %n", k, - &n1, rr->dnskey.flags, rr->dnskey.protocol, alg, @@ -1006,14 +1005,12 @@ const char *dns_resource_record_to_string(DnsResourceRecord *rr) { return NULL; r = asprintf(&ss, "%s\n" - "%*s-- Flags:%s%s%s\n" - "%*s-- Key tag: %u", + " -- Flags:%s%s%s\n" + " -- Key tag: %u", s, - n1, "", rr->dnskey.flags & DNSKEY_FLAG_SEP ? " SEP" : "", rr->dnskey.flags & DNSKEY_FLAG_REVOKE ? " REVOKE" : "", rr->dnskey.flags & DNSKEY_FLAG_ZONE_KEY ? " ZONE_KEY" : "", - n1, "", key_tag); if (r < 0) return NULL; @@ -1139,13 +1136,13 @@ const char *dns_resource_record_to_string(DnsResourceRecord *rr) { return NULL; r = asprintf(&ss, "%s\n" - "%*s-- Cert. usage: %s\n" - "%*s-- Selector: %s\n" - "%*s-- Matching type: %s", + " -- Cert. usage: %s\n" + " -- Selector: %s\n" + " -- Matching type: %s", s, - n - 6, "", cert_usage, - n - 6, "", selector, - n - 6, "", matching_type); + cert_usage, + selector, + matching_type); if (r < 0) return NULL; free(s); @@ -1161,11 +1158,15 @@ const char *dns_resource_record_to_string(DnsResourceRecord *rr) { if (!value) return NULL; - r = asprintf(&s, "%s %u %s \"%s\"", + r = asprintf(&s, "%s %u %s \"%s\"%s%s%s%.0u", k, rr->caa.flags, rr->caa.tag, - value); + value, + rr->caa.flags ? "\n -- Flags:" : "", + rr->caa.flags & CAA_FLAG_CRITICAL ? " critical" : "", + rr->caa.flags & ~CAA_FLAG_CRITICAL ? " " : "", + rr->caa.flags & ~CAA_FLAG_CRITICAL); if (r < 0) return NULL; diff --git a/src/resolve/test-data/fake-caa.pkts b/src/resolve/test-data/fake-caa.pkts Binary files differnew file mode 100644 index 0000000000..1c3ecc5491 --- /dev/null +++ b/src/resolve/test-data/fake-caa.pkts |