resolved: store DNSKEY fields flags+protocol as-is

When verifying signatures we need to be able to verify the original data we got for an RR set, and that means we cannot simply drop flags bits or consider RRs invalid too eagerly. Hence, instead of parsing the DNSKEY flags store them as-is. Similar, accept the protocol field as it is, and don't consider it a parsing error if it is not 3. Of course, this means that the DNSKEY handling code later on needs to check explicit for protocol != 3.
author: Lennart Poettering <lennart@poettering.net> 2015-12-02 20:53:10 +0100
committer: Lennart Poettering <lennart@poettering.net> 2015-12-02 22:50:11 +0100
commit: f91dc2400dc33e9a0745ecaaef7489af116dca38 (patch)
tree: ef3d5aa7d6a623a4360f62cf14b096327f730396 /src/resolve/resolved-dns-rr.h
parent: e30ec345ace45bfdd6e82fff60682ccf2942b238 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/src/resolve/resolved-dns-rr.h b/src/resolve/resolved-dns-rr.h
index a092961823..ac4256b882 100644
--- a/src/resolve/resolved-dns-rr.h
+++ b/src/resolve/resolved-dns-rr.h
@@ -135,8 +135,8 @@ struct DnsResourceRecord {
 
                 /* http://tools.ietf.org/html/rfc4034#section-2.1 */
                 struct {
-                        bool zone_key_flag:1;
-                        bool sep_flag:1;
+                        uint16_t flags;
+                        uint8_t protocol;
                         uint8_t algorithm;
                         void* key;
                         size_t key_size;
author	Lennart Poettering <lennart@poettering.net>	2015-12-02 20:53:10 +0100
committer	Lennart Poettering <lennart@poettering.net>	2015-12-02 22:50:11 +0100
commit	f91dc2400dc33e9a0745ecaaef7489af116dca38 (patch)
tree	ef3d5aa7d6a623a4360f62cf14b096327f730396 /src/resolve/resolved-dns-rr.h
parent	e30ec345ace45bfdd6e82fff60682ccf2942b238 (diff)