summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--TODO2
-rw-r--r--src/resolve/resolved-dns-packet.c12
-rw-r--r--src/resolve/resolved-dns-packet.h16
-rw-r--r--src/resolve/resolved-dns-rr.c12
4 files changed, 39 insertions, 3 deletions
diff --git a/TODO b/TODO
index 1dbb9ff9ef..3f13b913d2 100644
--- a/TODO
+++ b/TODO
@@ -30,6 +30,8 @@ Features:
* resolved:
- DNSSEC
+ - use base64 for key presentation?
+ - add display of private key types (http://tools.ietf.org/html/rfc4034#appendix-A.1.1)?
- LLMNR:
- do not fail daemon startup if socket is already busy (container)
- process incoming notification of conflict
diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c
index 951c798087..626b904d98 100644
--- a/src/resolve/resolved-dns-packet.c
+++ b/src/resolve/resolved-dns-packet.c
@@ -1361,3 +1361,15 @@ static const char* const dns_protocol_table[_DNS_PROTOCOL_MAX] = {
[DNS_PROTOCOL_LLMNR] = "llmnr",
};
DEFINE_STRING_TABLE_LOOKUP(dns_protocol, DnsProtocol);
+
+static const char* const dnssec_algorithm_table[_DNSSEC_ALGORITHM_MAX_DEFINED] = {
+ [DNSSEC_ALGORITHM_RSAMD5] = "RSAMD5",
+ [DNSSEC_ALGORITHM_DH] = "DH",
+ [DNSSEC_ALGORITHM_DSA] = "DSA",
+ [DNSSEC_ALGORITHM_ECC] = "ECC",
+ [DNSSEC_ALGORITHM_RSASHA1] = "RSASHA1",
+ [DNSSEC_ALGORITHM_INDIRECT] = "INDIRECT",
+ [DNSSEC_ALGORITHM_PRIVATEDNS] = "PRIVATEDNS",
+ [DNSSEC_ALGORITHM_PRIVATEOID] = "PRIVATEOID",
+};
+DEFINE_STRING_TABLE_LOOKUP(dnssec_algorithm, int);
diff --git a/src/resolve/resolved-dns-packet.h b/src/resolve/resolved-dns-packet.h
index 4e3001911e..f3b0f0c9eb 100644
--- a/src/resolve/resolved-dns-packet.h
+++ b/src/resolve/resolved-dns-packet.h
@@ -200,3 +200,19 @@ static inline uint16_t dnskey_to_flags(const DnsResourceRecord *rr) {
return (rr->dnskey.zone_key_flag * DNSKEY_FLAG_ZONE_KEY |
rr->dnskey.sep_flag * DNSKEY_FLAG_SEP);
}
+
+/* http://tools.ietf.org/html/rfc4034#appendix-A.1 */
+enum {
+ DNSSEC_ALGORITHM_RSAMD5 = 1,
+ DNSSEC_ALGORITHM_DH,
+ DNSSEC_ALGORITHM_DSA,
+ DNSSEC_ALGORITHM_ECC,
+ DNSSEC_ALGORITHM_RSASHA1,
+ DNSSEC_ALGORITHM_INDIRECT = 252,
+ DNSSEC_ALGORITHM_PRIVATEDNS,
+ DNSSEC_ALGORITHM_PRIVATEOID,
+ _DNSSEC_ALGORITHM_MAX_DEFINED
+};
+
+const char* dnssec_algorithm_to_string(int i) _const_;
+int dnssec_algorithm_from_string(const char *s) _pure_;
diff --git a/src/resolve/resolved-dns-rr.c b/src/resolve/resolved-dns-rr.c
index ada7333a69..bc0cbef92e 100644
--- a/src/resolve/resolved-dns-rr.c
+++ b/src/resolve/resolved-dns-rr.c
@@ -584,19 +584,25 @@ int dns_resource_record_to_string(const DnsResourceRecord *rr, char **ret) {
return -ENOMEM;
break;
- case DNS_TYPE_DNSKEY:
+ case DNS_TYPE_DNSKEY: {
+ const char *alg;
+
+ alg = dnssec_algorithm_to_string(rr->dnskey.algorithm);
+
t = hexmem(rr->dnskey.key, rr->dnskey.key_size);
if (!t)
return -ENOMEM;
- r = asprintf(&s, "%s %u 3 %u %s",
+ r = asprintf(&s, "%s %u 3 %.*s%.*u %s",
k,
dnskey_to_flags(rr),
- rr->dnskey.algorithm,
+ alg ? -1 : 0, alg,
+ alg ? 0 : 1, alg ? 0u : (unsigned) rr->dnskey.algorithm,
t);
if (r < 0)
return -ENOMEM;
break;
+ }
default:
t = hexmem(rr->generic.data, rr->generic.size);