diff options
author | Lennart Poettering <lennart@poettering.net> | 2016-01-14 18:03:03 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2016-01-17 20:47:45 +0100 |
commit | 97c67192eadaffe67b803ec5b991a92bb1137d0b (patch) | |
tree | fe221f5cc846004d462e8b4e2694041f0d840ba2 /src/shared | |
parent | 1827a1582cbd9dcd1ce337b2404ec4425cb0dfd0 (diff) |
resolved: when validating an RRset, store information about the synthesizing source and zone in each RR
Having this information available is useful when we need to check whether various RRs are suitable for proofs. This
information is stored in the RRs as number of labels to skip from the beginning of the owner name to reach the
synthesizing source/signer. Simple accessor calls are then added to retrieve the signer/source from the RR using this
information.
This also moves validation of a a number of RRSIG parameters into a new call dnssec_rrsig_prepare() that as side-effect
initializes the two numeric values.
Diffstat (limited to 'src/shared')
-rw-r--r-- | src/shared/dns-domain.c | 31 | ||||
-rw-r--r-- | src/shared/dns-domain.h | 1 |
2 files changed, 24 insertions, 8 deletions
diff --git a/src/shared/dns-domain.c b/src/shared/dns-domain.c index d1fb97fe92..ee0108715d 100644 --- a/src/shared/dns-domain.c +++ b/src/shared/dns-domain.c @@ -1189,6 +1189,26 @@ int dns_name_suffix(const char *name, unsigned n_labels, const char **ret) { return (int) (n - n_labels); } +int dns_name_skip(const char *a, unsigned n_labels, const char **ret) { + int r; + + assert(a); + assert(ret); + + for (; n_labels > 0; n_labels --) { + r = dns_name_parent(&a); + if (r < 0) + return r; + if (r == 0) { + *ret = ""; + return 0; + } + } + + *ret = a; + return 1; +} + int dns_name_count_labels(const char *name) { unsigned n = 0; const char *p; @@ -1219,14 +1239,9 @@ int dns_name_equal_skip(const char *a, unsigned n_labels, const char *b) { assert(a); assert(b); - while (n_labels > 0) { - - r = dns_name_parent(&a); - if (r <= 0) - return r; - - n_labels --; - } + r = dns_name_skip(a, n_labels, &a); + if (r <= 0) + return r; return dns_name_equal(a, b); } diff --git a/src/shared/dns-domain.h b/src/shared/dns-domain.h index 4fbe0a618f..a679d40958 100644 --- a/src/shared/dns-domain.h +++ b/src/shared/dns-domain.h @@ -104,4 +104,5 @@ int dns_service_split(const char *joined, char **name, char **type, char **domai int dns_name_suffix(const char *name, unsigned n_labels, const char **ret); int dns_name_count_labels(const char *name); +int dns_name_skip(const char *a, unsigned n_labels, const char **ret); int dns_name_equal_skip(const char *a, unsigned n_labels, const char *b); |