From 6f717d0817573a76c3e586eae02793d8b23a0581 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 29 Dec 2015 19:09:14 +0100
Subject: resolved: include GOST in list of DNSSEC algorithms

We don't implement it, and we have no intention to, but at least mention
that it exists.

(This also adds a couple of other algorithms to the algorithm string
list, where these strings were missing previously.)
---
 src/resolve/resolved-dns-rr.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'src/resolve/resolved-dns-rr.c')

diff --git a/src/resolve/resolved-dns-rr.c b/src/resolve/resolved-dns-rr.c
index d479de7125..89645b064c 100644
--- a/src/resolve/resolved-dns-rr.c
+++ b/src/resolve/resolved-dns-rr.c
@@ -1109,6 +1109,7 @@ bool dns_txt_item_equal(DnsTxtItem *a, DnsTxtItem *b) {
 }
 
 static const char* const dnssec_algorithm_table[_DNSSEC_ALGORITHM_MAX_DEFINED] = {
+        /* Mnemonics as listed on https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
         [DNSSEC_ALGORITHM_RSAMD5]             = "RSAMD5",
         [DNSSEC_ALGORITHM_DH]                 = "DH",
         [DNSSEC_ALGORITHM_DSA]                = "DSA",
@@ -1118,6 +1119,9 @@ static const char* const dnssec_algorithm_table[_DNSSEC_ALGORITHM_MAX_DEFINED] =
         [DNSSEC_ALGORITHM_RSASHA1_NSEC3_SHA1] = "RSASHA1-NSEC3-SHA1",
         [DNSSEC_ALGORITHM_RSASHA256]          = "RSASHA256",
         [DNSSEC_ALGORITHM_RSASHA512]          = "RSASHA512",
+        [DNSSEC_ALGORITHM_ECC_GOST]           = "ECC-GOST",
+        [DNSSEC_ALGORITHM_ECDSAP256SHA256]    = "ECDSAP256SHA256",
+        [DNSSEC_ALGORITHM_ECDSAP384SHA384]    = "ECDSAP384SHA384",
         [DNSSEC_ALGORITHM_INDIRECT]           = "INDIRECT",
         [DNSSEC_ALGORITHM_PRIVATEDNS]         = "PRIVATEDNS",
         [DNSSEC_ALGORITHM_PRIVATEOID]         = "PRIVATEOID",
@@ -1125,7 +1129,10 @@ static const char* const dnssec_algorithm_table[_DNSSEC_ALGORITHM_MAX_DEFINED] =
 DEFINE_STRING_TABLE_LOOKUP(dnssec_algorithm, int);
 
 static const char* const dnssec_digest_table[_DNSSEC_DIGEST_MAX_DEFINED] = {
-        [DNSSEC_DIGEST_SHA1] = "SHA1",
-        [DNSSEC_DIGEST_SHA256] = "SHA256",
+        /* Names as listed on https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
+        [DNSSEC_DIGEST_SHA1] = "SHA-1",
+        [DNSSEC_DIGEST_SHA256] = "SHA-256",
+        [DNSSEC_DIGEST_GOST_R_34_11_94] = "GOST_R_34.11-94",
+        [DNSSEC_DIGEST_SHA384] = "SHA-384",
 };
 DEFINE_STRING_TABLE_LOOKUP(dnssec_digest, int);
-- 
cgit v1.2.3-54-g00ecf