fixes #28: wildcard names in dnssec signing and validation
This commit is contained in:
parent
9acbd9b676
commit
57488aee1f
@ -2,6 +2,14 @@
|
||||
All notable changes to this project will be documented in this file.
|
||||
This project adheres to [Semantic Versioning](http://semver.org/).
|
||||
|
||||
## 0.7.2 2016-08-10
|
||||
### Fixed
|
||||
- Issue #28: RRSIG validation of wildcards, label length > wildcard length
|
||||
|
||||
## 0.7.1 2016-08-09
|
||||
### Fixed
|
||||
- Issue #27: remove implicit case conversion of labels (fixes NSEC validation)
|
||||
|
||||
## 0.7.0 2016-06-20
|
||||
### Added
|
||||
- Added recovery from journal to named startup
|
||||
|
@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "trust-dns"
|
||||
version = "0.7.1"
|
||||
version = "0.7.2"
|
||||
authors = ["Benjamin Fry <benjaminfry@me.com>"]
|
||||
|
||||
# A short blurb about the package. This is not rendered in any format when
|
||||
|
@ -526,7 +526,7 @@ impl Signer {
|
||||
// fqdn
|
||||
if num_labels < fqdn_labels {
|
||||
let mut star_name: Name = Name::new().label("*");
|
||||
let rightmost = name.base_name();
|
||||
let rightmost = name.trim_to(num_labels as usize);
|
||||
if !rightmost.is_root() {
|
||||
star_name.append(&rightmost);
|
||||
return Some(star_name);
|
||||
|
@ -96,9 +96,36 @@ impl Name {
|
||||
}
|
||||
|
||||
/// Trims off the first part of the name, to help with searching for the domain piece
|
||||
/// ```
|
||||
/// use trust_dns::rr::domain::Name;
|
||||
///
|
||||
/// let example_com = Name::new().label("example").label("com");
|
||||
/// assert_eq!(example_com.base_name(), Name::new().label("com"));
|
||||
/// assert_eq!(Name::new().label("com").base_name(), Name::root());
|
||||
/// assert_eq!(Name::root().base_name(), Name::root());
|
||||
/// ```
|
||||
pub fn base_name(&self) -> Name {
|
||||
if self.labels.len() >= 1 {
|
||||
Name { labels: Rc::new(self.labels[1..].to_vec()) }
|
||||
let length = self.labels.len();
|
||||
if length > 0 {
|
||||
self.trim_to(length - 1)
|
||||
} else {
|
||||
Self::root()
|
||||
}
|
||||
}
|
||||
|
||||
/// Trims to the number of labels specified
|
||||
/// ```
|
||||
/// use trust_dns::rr::domain::Name;
|
||||
///
|
||||
/// let example_com = Name::new().label("example").label("com");
|
||||
/// assert_eq!(example_com.trim_to(2), Name::new().label("example").label("com"));
|
||||
/// assert_eq!(example_com.trim_to(1), Name::new().label("com"));
|
||||
/// assert_eq!(example_com.trim_to(0), Name::root());
|
||||
/// ```
|
||||
pub fn trim_to(&self, num_labels: usize) -> Name {
|
||||
if self.labels.len() >= num_labels {
|
||||
let trim = self.labels.len() - num_labels;
|
||||
Name { labels: Rc::new(self.labels[trim..].to_vec()) }
|
||||
} else {
|
||||
Self::root()
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user