colin/hickory-dns
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixes #28: wildcard names in dnssec signing and validation

Browse Source
This commit is contained in:
Benjamin Fry 2016-08-10 22:02:33 -07:00
parent 9acbd9b676
commit 57488aee1f
4 changed files with 39 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CHANGELOG.md
View File

@ -2,6 +2,14 @@
All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](http://semver.org/).
## 0.7.2 2016-08-10
### Fixed
- Issue #28: RRSIG validation of wildcards, label length > wildcard length
## 0.7.1 2016-08-09
### Fixed
- Issue #27: remove implicit case conversion of labels (fixes NSEC validation)
## 0.7.0 2016-06-20
### Added
- Added recovery from journal to named startup

2
Cargo.toml
View File

@ -1,6 +1,6 @@
[package]
name = "trust-dns"
version = "0.7.1"
version = "0.7.2"
authors = ["Benjamin Fry <benjaminfry@me.com>"]
# A short blurb about the package. This is not rendered in any format when

2
src/rr/dnssec/signer.rs
View File

@ -526,7 +526,7 @@ impl Signer {
// fqdn
if num_labels < fqdn_labels {
let mut star_name: Name = Name::new().label("*");
let rightmost = name.base_name();
let rightmost = name.trim_to(num_labels as usize);
if !rightmost.is_root() {
star_name.append(&rightmost);
return Some(star_name);

31
src/rr/domain.rs
View File

@ -96,9 +96,36 @@ impl Name {
}
/// Trims off the first part of the name, to help with searching for the domain piece
/// ```
/// use trust_dns::rr::domain::Name;
///
/// let example_com = Name::new().label("example").label("com");
/// assert_eq!(example_com.base_name(), Name::new().label("com"));
/// assert_eq!(Name::new().label("com").base_name(), Name::root());
/// assert_eq!(Name::root().base_name(), Name::root());
/// ```
pub fn base_name(&self) -> Name {
if self.labels.len() >= 1 {
Name { labels: Rc::new(self.labels[1..].to_vec()) }
let length = self.labels.len();
if length > 0 {
self.trim_to(length - 1)
} else {
Self::root()
}
}
/// Trims to the number of labels specified
/// ```
/// use trust_dns::rr::domain::Name;
///
/// let example_com = Name::new().label("example").label("com");
/// assert_eq!(example_com.trim_to(2), Name::new().label("example").label("com"));
/// assert_eq!(example_com.trim_to(1), Name::new().label("com"));
/// assert_eq!(example_com.trim_to(0), Name::root());
/// ```
pub fn trim_to(&self, num_labels: usize) -> Name {
if self.labels.len() >= num_labels {
let trim = self.labels.len() - num_labels;
Name { labels: Rc::new(self.labels[trim..].to_vec()) }
} else {
Self::root()
}