diff options
Diffstat (limited to 'lib/dns/rdata/generic/ds_43.c')
| -rw-r--r-- | lib/dns/rdata/generic/ds_43.c | 40 |
1 files changed, 34 insertions, 6 deletions
diff --git a/lib/dns/rdata/generic/ds_43.c b/lib/dns/rdata/generic/ds_43.c index 0206b6f06c226..879cf5bd0e7b4 100644 --- a/lib/dns/rdata/generic/ds_43.c +++ b/lib/dns/rdata/generic/ds_43.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ds_43.c,v 1.6.2.4 2005/09/06 07:29:31 marka Exp $ */ +/* $Id: ds_43.c,v 1.6.2.7 2007/08/28 07:19:14 tbox Exp $ */ /* draft-ietf-dnsext-delegation-signer-05.txt */ @@ -25,10 +25,15 @@ #define RRTYPE_DS_ATTRIBUTES \ (DNS_RDATATYPEATTR_DNSSEC|DNS_RDATATYPEATTR_ATPARENT) +#include <isc/sha1.h> + +#include <dns/ds.h> + static inline isc_result_t fromtext_ds(ARGS_FROMTEXT) { isc_token_t token; unsigned char c; + int length; REQUIRE(type == 43); @@ -63,12 +68,16 @@ fromtext_ds(ARGS_FROMTEXT) { if (token.value.as_ulong > 0xffU) RETTOK(ISC_R_RANGE); RETERR(uint8_tobuffer(token.value.as_ulong, target)); - type = (isc_uint16_t) token.value.as_ulong; + c = (unsigned char) token.value.as_ulong; /* * Digest. */ - return (isc_hex_tobuffer(lexer, target, -1)); + if (c == DNS_DSDIGEST_SHA1) + length = ISC_SHA1_DIGESTLENGTH; + else + length = -1; + return (isc_hex_tobuffer(lexer, target, length)); } static inline isc_result_t @@ -132,9 +141,23 @@ fromwire_ds(ARGS_FROMWIRE) { UNUSED(options); isc_buffer_activeregion(source, &sr); - if (sr.length < 4) + + /* + * Check digest lengths if we know them. + */ + if (sr.length < 4 || + (sr.base[3] == DNS_DSDIGEST_SHA1 && + sr.length < 4 + ISC_SHA1_DIGESTLENGTH)) return (ISC_R_UNEXPECTEDEND); + /* + * Only copy digest lengths if we know them. + * If there is extra data dns_rdata_fromwire() will + * detect that. + */ + if (sr.base[3] == DNS_DSDIGEST_SHA1) + sr.length = 4 + ISC_SHA1_DIGESTLENGTH; + isc_buffer_forward(source, sr.length); return (mem_tobuffer(target, sr.base, sr.length)); } @@ -176,6 +199,11 @@ fromstruct_ds(ARGS_FROMSTRUCT) { REQUIRE(source != NULL); REQUIRE(ds->common.rdtype == type); REQUIRE(ds->common.rdclass == rdclass); + switch (ds->digest_type) { + case DNS_DSDIGEST_SHA1: + REQUIRE(ds->length == ISC_SHA1_DIGESTLENGTH); + break; + } UNUSED(type); UNUSED(rdclass); |