From b577e3d589ec00f6d96e90b0d4bf344dbd40cd76 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 7 Jan 2016 19:43:26 +0100 Subject: basic: introduce generic ascii_strlower_n() call and make use of it everywhere --- src/shared/dns-domain.c | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) (limited to 'src/shared/dns-domain.c') diff --git a/src/shared/dns-domain.c b/src/shared/dns-domain.c index 68404ca9e5..3848a0518d 100644 --- a/src/shared/dns-domain.c +++ b/src/shared/dns-domain.c @@ -913,19 +913,11 @@ int dns_name_to_wire_format(const char *domain, uint8_t *buffer, size_t len, boo if (r < 0) return r; - if (canonical) { - size_t i; - - /* Optionally, output the name in DNSSEC - * canonical format, as described in RFC 4034, - * section 6.2. Or in other words: in - * lower-case. */ - - for (i = 0; i < (size_t) r; i++) { - if (out[i] >= 'A' && out[i] <= 'Z') - out[i] = out[i] - 'A' + 'a'; - } - } + /* Optionally, output the name in DNSSEC canonical + * format, as described in RFC 4034, section 6.2. Or + * in other words: in lower-case. */ + if (canonical) + ascii_strlower_n((char*) out, (size_t) r); /* Fill label length, move forward */ *label_length = r; -- cgit v1.2.3-54-g00ecf From 509eddd202f2d0962379defe1c483d5c9bd482c8 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 7 Jan 2016 19:43:56 +0100 Subject: resolved: make sure domain name hash function deals nicely with NUL embedded in labels --- src/shared/dns-domain.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'src/shared/dns-domain.c') diff --git a/src/shared/dns-domain.c b/src/shared/dns-domain.c index 3848a0518d..729508e6a5 100644 --- a/src/shared/dns-domain.c +++ b/src/shared/dns-domain.c @@ -503,10 +503,8 @@ void dns_name_hash_func(const void *s, struct siphash *state) { if (r == 0) break; - label[r] = 0; - ascii_strlower(label); - - string_hash_func(label, state); + ascii_strlower_n(label, r); + siphash24_compress(label, r, state); } /* enforce that all names are terminated by the empty label */ -- cgit v1.2.3-54-g00ecf From d12315a4c883af968ec5ffb36a5aed3dc43b7ce7 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 7 Jan 2016 20:07:44 +0100 Subject: shared: simplify dns_name_hash_func() end of name detection --- src/shared/dns-domain.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'src/shared/dns-domain.c') diff --git a/src/shared/dns-domain.c b/src/shared/dns-domain.c index 729508e6a5..bcfc93608c 100644 --- a/src/shared/dns-domain.c +++ b/src/shared/dns-domain.c @@ -486,13 +486,15 @@ void dns_name_hash_func(const void *s, struct siphash *state) { assert(p); - while (*p) { + for (;;) { char label[DNS_LABEL_MAX+1]; int k; r = dns_label_unescape(&p, label, sizeof(label)); if (r < 0) break; + if (r == 0) + break; k = dns_label_undo_idna(label, r, label, sizeof(label)); if (k < 0) @@ -500,9 +502,6 @@ void dns_name_hash_func(const void *s, struct siphash *state) { if (k > 0) r = k; - if (r == 0) - break; - ascii_strlower_n(label, r); siphash24_compress(label, r, state); } -- cgit v1.2.3-54-g00ecf From d51155663a0a95659bd8a02a6cba51359ff416db Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 8 Jan 2016 01:11:55 +0100 Subject: shared: make sure foo.bar and foobar result in different domain name hashes This also introduces a new macro siphash24_compress_byte() which is useful to add a single byte into the hash stream, and ports one user over to it. --- src/basic/siphash24.h | 2 ++ src/resolve/resolved-dns-rr.c | 5 +++-- src/shared/dns-domain.c | 1 + 3 files changed, 6 insertions(+), 2 deletions(-) (limited to 'src/shared/dns-domain.c') diff --git a/src/basic/siphash24.h b/src/basic/siphash24.h index 3f7e20362b..54e2420cc6 100644 --- a/src/basic/siphash24.h +++ b/src/basic/siphash24.h @@ -16,6 +16,8 @@ struct siphash { void siphash24_init(struct siphash *state, const uint8_t k[16]); void siphash24_compress(const void *in, size_t inlen, struct siphash *state); +#define siphash24_compress_byte(byte, state) siphash24_compress((const uint8_t[]) { (byte) }, 1, (state)) + uint64_t siphash24_finalize(struct siphash *state); uint64_t siphash24(const void *in, size_t inlen, const uint8_t k[16]); diff --git a/src/resolve/resolved-dns-rr.c b/src/resolve/resolved-dns-rr.c index 993f0c4e97..dbf840157f 100644 --- a/src/resolve/resolved-dns-rr.c +++ b/src/resolve/resolved-dns-rr.c @@ -1120,8 +1120,9 @@ static void dns_resource_record_hash_func(const void *i, struct siphash *state) LIST_FOREACH(items, j, rr->txt.items) { siphash24_compress(j->data, j->length, state); - /* Add an extra NUL byte, so that "a" followed by "b" doesn't result in the same hash as "ab" followed by "". */ - siphash24_compress((const uint8_t[]) { 0 }, 1, state); + /* Add an extra NUL byte, so that "a" followed by "b" doesn't result in the same hash as "ab" + * followed by "". */ + siphash24_compress_byte(0, state); } break; } diff --git a/src/shared/dns-domain.c b/src/shared/dns-domain.c index bcfc93608c..59475115ba 100644 --- a/src/shared/dns-domain.c +++ b/src/shared/dns-domain.c @@ -504,6 +504,7 @@ void dns_name_hash_func(const void *s, struct siphash *state) { ascii_strlower_n(label, r); siphash24_compress(label, r, state); + siphash24_compress_byte(0, state); /* make sure foobar and foo.bar result in different hashes */ } /* enforce that all names are terminated by the empty label */ -- cgit v1.2.3-54-g00ecf