Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 18:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
690 Commits 8 Branches 0 Tags
c3e0b9b6e75001ea2d24a4f67537ed77d0f0210c
Commit Graph

569 Commits

Author SHA1 Message Date
Giovanni Bajo
75ffc9bf15 Implement RSA-MD5. 2013-08-20 15:41:25 +01:00
Giovanni Bajo
3af1ea8cbc Simplify abstraction of verification algorithms (it was too flexible) 2013-08-20 15:41:25 +01:00
Giovanni Bajo
1f0dc5835b Implement DSA-SHA1 verification algorithm. 2013-08-20 15:41:25 +01:00
Giovanni Bajo
ed1fc98595 Untangle digestalg from verifyalg; better separation, less code duplication. 2013-08-20 15:41:25 +01:00
Giovanni Bajo
b58fb39f24 Since extract_name() does not convert to lowercase, do it temporarly within convert_domain_to_wire(). 2013-08-20 15:41:25 +01:00
Giovanni Bajo
0304d28f7e Parse and match DS records. 2013-08-20 15:41:25 +01:00
Giovanni Bajo
f5adbb90a1 Implement digest algorithm support. 2013-08-20 15:41:24 +01:00
Giovanni Bajo
32b826e2a0 Genericize verifyalg_add_data_domain() (rename to convert_domain_to_wire()). 2013-08-20 15:41:24 +01:00
Giovanni Bajo
0937692dc6 Add rdata description for MX. 2013-08-20 15:41:24 +01:00
Giovanni Bajo
785ee80b93 Describe SOA rdata section. 2013-08-20 15:41:24 +01:00
Giovanni Bajo
f119ed382e Simplify verifyalg_add_rdata() with new canonicalization functions. 2013-08-20 15:41:24 +01:00
Giovanni Bajo
da23c4f960 Simplify rrset_canonical_order() with new canonicalization functions. 2013-08-20 15:41:24 +01:00
Giovanni Bajo
4885d57c58 Add rdata canonicalization functions. 2013-08-20 15:41:24 +01:00
Giovanni Bajo
0db0e0c216 Fix a bug in rdlen update while decompressing a name 2013-08-20 15:41:24 +01:00
Giovanni Bajo
ec2962eacb Fix the macro names. 2013-08-20 15:41:23 +01:00
Giovanni Bajo
0ca895f585 Fix rrset_canonical_order() to correct handle canonicalization of domain names in RDATA. 2013-08-20 15:41:23 +01:00
Giovanni Bajo
6299ffbe60 Start refactoring for correct handling of domain wire-format. 
Introduce utility functions and RDATA meta-description.
 2013-08-20 15:41:23 +01:00
Giovanni Bajo
7f0485cf53 verifyalg_add_data_domain: fix for root domain (""). 2013-08-20 15:41:23 +01:00
Giovanni Bajo
02bff4f109 Implement RSASHA256. 2013-08-20 15:41:23 +01:00
Giovanni Bajo
d1ca25ca7e Canonicalize NS records. 2013-08-20 15:41:23 +01:00
Giovanni Bajo
23c2176681 Process RRSIGs also in authority and additional sections. 2013-08-20 15:41:23 +01:00
Giovanni Bajo
e83297d0f6 RSASHA1-NSEC3-SHA1 is equivalent to RSASHA1 for the purpose of RRSIG validation. 2013-08-20 15:41:23 +01:00
Giovanni Bajo
41de7442d2 Reformat some code (no semantic difference). 2013-08-20 15:41:23 +01:00
Giovanni Bajo
0852d76b58 Start implementing canonicalization of RDATA wire formats. 2013-08-20 15:41:22 +01:00
Giovanni Bajo
a55ce08cc0 Silence a few warnings. 2013-08-20 15:41:22 +01:00
Giovanni Bajo
dd090561bf Convert to C-style comments. 2013-08-20 15:41:22 +01:00
Giovanni Bajo
28f04fd647 Remove unused variable. 2013-08-20 15:41:22 +01:00
Giovanni Bajo
50a96b62f1 Fix a validation bug when owner != signer. 
Since owner and signer are both domain names and share the same
buffer in memory (daemon->namebuff), we need to go through a little
hoop to make sure one doesn't step on the other's toes. We don't
really need to extract the signer name until we have finished
calculating the hash of the RRset, so we postpone its extraction.
 2013-08-20 15:41:22 +01:00
Giovanni Bajo
00b963ab72 Improve logging message. 2013-08-20 15:41:22 +01:00
Giovanni Bajo
79333a2498 Fix a bug in extract_name_no_compression. 
When the maxlen was exactly equal to the length of the string,
the function was returning 0 because the end-of-buffer check was
misplaced.
 2013-08-20 15:41:22 +01:00
Giovanni Bajo
32f82c62c8 Export skip_name function. 2013-08-20 15:41:21 +01:00
Giovanni Bajo
4e076d746f Debug function. 2013-08-20 15:41:21 +01:00
Giovanni Bajo
13e435ebca Bugfix: domain names must go through hash function in DNS format (but uncompressed!) 2013-08-20 15:41:21 +01:00
Giovanni Bajo
4b0eecbb44 Bugfix: rdata flags must go through hash function in network byte order. 2013-08-20 15:41:21 +01:00
Giovanni Bajo
0360a524df Implement RSA verification. 2013-08-20 15:41:21 +01:00
Giovanni Bajo
262ac85107 verify() function must take a keydata chained buffer for input key. 2013-08-20 15:41:21 +01:00
Giovanni Bajo
4c70046d93 Move helper functions to common header file. 2013-08-20 15:41:21 +01:00
Giovanni Bajo
458824dcb4 Helper function to walk through keydata chained blocks. 2013-08-20 15:41:21 +01:00
Giovanni Bajo
a7338645d7 Add a FIXME for missing logic. 2013-08-20 15:41:21 +01:00
Giovanni Bajo
776fd04754 Add cast to silence warning. 2013-08-20 15:41:20 +01:00
Giovanni Bajo
20bccd499f Rework the loop a little (no functionality changes) 2013-08-20 15:41:20 +01:00
Giovanni Bajo
708bcd2dd3 Call valg verify functions (unimplemented for now) 2013-08-20 15:41:20 +01:00
Giovanni Bajo
d0edff7d6e Insert all DNSKEY/DS records into cache in one transaction. 2013-08-20 15:41:20 +01:00
Giovanni Bajo
ccca70cb33 Change some logging messages. 2013-08-20 15:41:20 +01:00
Giovanni Bajo
0d829ebc69 Skip non-signing keys 2013-08-20 15:41:20 +01:00
Giovanni Bajo
4137b84e4e Postpone RRSIG processing after all DNSKEY/DS have been parsed. 2013-08-20 15:41:20 +01:00
Giovanni Bajo
e6c2a670fe Before using a key for validation, also verify that algorithm matches. 2013-08-20 15:41:20 +01:00
Giovanni Bajo
47f99dd2b3 Fix argument in dnssec_parsekey() call. 2013-08-20 15:41:20 +01:00
Giovanni Bajo
6759b99e28 Add function to extract algorithm number from context. 2013-08-20 15:41:20 +01:00
Giovanni Bajo
3471f18130 Start parsing DNSKEY records and insert them into cache. 2013-08-20 15:41:20 +01:00