summaryrefslogtreecommitdiff
path: root/src/shared
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2016-01-14 18:03:03 +0100
committerLennart Poettering <lennart@poettering.net>2016-01-17 20:47:45 +0100
commit97c67192eadaffe67b803ec5b991a92bb1137d0b (patch)
treefe221f5cc846004d462e8b4e2694041f0d840ba2 /src/shared
parent1827a1582cbd9dcd1ce337b2404ec4425cb0dfd0 (diff)
resolved: when validating an RRset, store information about the synthesizing source and zone in each RR
Having this information available is useful when we need to check whether various RRs are suitable for proofs. This information is stored in the RRs as number of labels to skip from the beginning of the owner name to reach the synthesizing source/signer. Simple accessor calls are then added to retrieve the signer/source from the RR using this information. This also moves validation of a a number of RRSIG parameters into a new call dnssec_rrsig_prepare() that as side-effect initializes the two numeric values.
Diffstat (limited to 'src/shared')
-rw-r--r--src/shared/dns-domain.c31
-rw-r--r--src/shared/dns-domain.h1
2 files changed, 24 insertions, 8 deletions
diff --git a/src/shared/dns-domain.c b/src/shared/dns-domain.c
index d1fb97fe92..ee0108715d 100644
--- a/src/shared/dns-domain.c
+++ b/src/shared/dns-domain.c
@@ -1189,6 +1189,26 @@ int dns_name_suffix(const char *name, unsigned n_labels, const char **ret) {
return (int) (n - n_labels);
}
+int dns_name_skip(const char *a, unsigned n_labels, const char **ret) {
+ int r;
+
+ assert(a);
+ assert(ret);
+
+ for (; n_labels > 0; n_labels --) {
+ r = dns_name_parent(&a);
+ if (r < 0)
+ return r;
+ if (r == 0) {
+ *ret = "";
+ return 0;
+ }
+ }
+
+ *ret = a;
+ return 1;
+}
+
int dns_name_count_labels(const char *name) {
unsigned n = 0;
const char *p;
@@ -1219,14 +1239,9 @@ int dns_name_equal_skip(const char *a, unsigned n_labels, const char *b) {
assert(a);
assert(b);
- while (n_labels > 0) {
-
- r = dns_name_parent(&a);
- if (r <= 0)
- return r;
-
- n_labels --;
- }
+ r = dns_name_skip(a, n_labels, &a);
+ if (r <= 0)
+ return r;
return dns_name_equal(a, b);
}
diff --git a/src/shared/dns-domain.h b/src/shared/dns-domain.h
index 4fbe0a618f..a679d40958 100644
--- a/src/shared/dns-domain.h
+++ b/src/shared/dns-domain.h
@@ -104,4 +104,5 @@ int dns_service_split(const char *joined, char **name, char **type, char **domai
int dns_name_suffix(const char *name, unsigned n_labels, const char **ret);
int dns_name_count_labels(const char *name);
+int dns_name_skip(const char *a, unsigned n_labels, const char **ret);
int dns_name_equal_skip(const char *a, unsigned n_labels, const char *b);