summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--host2str.c15
-rw-r--r--ldns/rdata.h8
-rw-r--r--ldns/str2host.h26
-rw-r--r--rdata.c9
-rw-r--r--rr.c6
-rw-r--r--str2host.c69
-rw-r--r--wire2host.c3
7 files changed, 108 insertions, 28 deletions
diff --git a/host2str.c b/host2str.c
index 445aa46b..3445254a 100644
--- a/host2str.c
+++ b/host2str.c
@@ -567,11 +567,7 @@ ldns_rdf2buffer_str_cert_alg(ldns_buffer *output, const ldns_rdf *rdf)
ldns_status
ldns_rdf2buffer_str_alg(ldns_buffer *output, const ldns_rdf *rdf)
{
- /* don't use algorithm mnemonics in the presentation format
- this kind of got sneaked into the rfc's */
- uint8_t data = ldns_rdf_data(rdf)[0];
- ldns_buffer_printf(output, "%d", data);
- return ldns_buffer_status(output);
+ return ldns_rdf2buffer_str_int8(output, rdf);
}
static void
@@ -1293,7 +1289,11 @@ ldns_rdf2buffer_str_fmt(ldns_buffer *buffer,
case LDNS_RDF_TYPE_DNAME:
res = ldns_rdf2buffer_str_dname(buffer, rdf);
break;
- case LDNS_RDF_TYPE_INT8:
+ case LDNS_RDF_TYPE_INT8: /* Don't output mnemonics for these */
+ case LDNS_RDF_TYPE_ALG:
+ case LDNS_RDF_TYPE_CERTIFICATE_USAGE:
+ case LDNS_RDF_TYPE_SELECTOR:
+ case LDNS_RDF_TYPE_MATCHING_TYPE:
res = ldns_rdf2buffer_str_int8(buffer, rdf);
break;
case LDNS_RDF_TYPE_INT16:
@@ -1344,9 +1344,6 @@ ldns_rdf2buffer_str_fmt(ldns_buffer *buffer,
case LDNS_RDF_TYPE_CERT_ALG:
res = ldns_rdf2buffer_str_cert_alg(buffer, rdf);
break;
- case LDNS_RDF_TYPE_ALG:
- res = ldns_rdf2buffer_str_alg(buffer, rdf);
- break;
case LDNS_RDF_TYPE_UNKNOWN:
res = ldns_rdf2buffer_str_unknown(buffer, rdf);
break;
diff --git a/ldns/rdata.h b/ldns/rdata.h
index 1866e8fc..22665b19 100644
--- a/ldns/rdata.h
+++ b/ldns/rdata.h
@@ -131,6 +131,14 @@ enum ldns_enum_rdf_type
*/
LDNS_RDF_TYPE_LONG_STR,
+ /** Since RFC7218 TLSA records can be given with mnemonics,
+ * hence these rdata field types. But as with DNSKEYs, the output
+ * is always numeric.
+ */
+ LDNS_RDF_TYPE_CERTIFICATE_USAGE,
+ LDNS_RDF_TYPE_SELECTOR,
+ LDNS_RDF_TYPE_MATCHING_TYPE,
+
/* Aliases */
LDNS_RDF_TYPE_BITMAP = LDNS_RDF_TYPE_NSEC
};
diff --git a/ldns/str2host.h b/ldns/str2host.h
index 341aa248..d6399705 100644
--- a/ldns/str2host.h
+++ b/ldns/str2host.h
@@ -165,7 +165,7 @@ ldns_status ldns_str2rdf_class(ldns_rdf **rd, const char *str);
ldns_status ldns_str2rdf_cert_alg(ldns_rdf **rd, const char *str);
/**
- * convert and algorithm value into wireformat
+ * convert an algorithm value into wireformat
* \param[in] rd the rdf where to put the data
* \param[in] str the string to be converted
* \return ldns_status
@@ -173,6 +173,30 @@ ldns_status ldns_str2rdf_cert_alg(ldns_rdf **rd, const char *str);
ldns_status ldns_str2rdf_alg(ldns_rdf **rd, const char *str);
/**
+ * convert a tlsa certificate usage value into wireformat
+ * \param[in] rd the rdf where to put the data
+ * \param[in] str the string to be converted
+ * \return ldns_status
+ */
+ldns_status ldns_str2rdf_certificate_usage(ldns_rdf **rd, const char *str);
+
+/**
+ * convert a tlsa selector value into wireformat
+ * \param[in] rd the rdf where to put the data
+ * \param[in] str the string to be converted
+ * \return ldns_status
+ */
+ldns_status ldns_str2rdf_selector(ldns_rdf **rd, const char *str);
+
+/**
+ * convert a tlsa matching type value into wireformat
+ * \param[in] rd the rdf where to put the data
+ * \param[in] str the string to be converted
+ * \return ldns_status
+ */
+ldns_status ldns_str2rdf_matching_type(ldns_rdf **rd, const char *str);
+
+/**
* convert a string with a unknown RR into wireformat
* \param[in] rd the rdf where to put the data
* \param[in] str the string to be converted
diff --git a/rdata.c b/rdata.c
index 6493543f..6eb0096e 100644
--- a/rdata.c
+++ b/rdata.c
@@ -351,6 +351,15 @@ ldns_rdf_new_frm_str(ldns_rdf_type type, const char *str)
case LDNS_RDF_TYPE_LONG_STR:
status = ldns_str2rdf_long_str(&rdf, str);
break;
+ case LDNS_RDF_TYPE_CERTIFICATE_USAGE:
+ status = ldns_str2rdf_certificate_usage(&rdf, str);
+ break;
+ case LDNS_RDF_TYPE_SELECTOR:
+ status = ldns_str2rdf_selector(&rdf, str);
+ break;
+ case LDNS_RDF_TYPE_MATCHING_TYPE:
+ status = ldns_str2rdf_matching_type(&rdf, str);
+ break;
case LDNS_RDF_TYPE_NONE:
default:
/* default default ??? */
diff --git a/rr.c b/rr.c
index 5e7476ee..40fdad19 100644
--- a/rr.c
+++ b/rr.c
@@ -1977,9 +1977,9 @@ static const ldns_rdf_type type_tsig_wireformat[] = {
LDNS_RDF_TYPE_INT16_DATA
};
static const ldns_rdf_type type_tlsa_wireformat[] = {
- LDNS_RDF_TYPE_INT8,
- LDNS_RDF_TYPE_INT8,
- LDNS_RDF_TYPE_INT8,
+ LDNS_RDF_TYPE_CERTIFICATE_USAGE,
+ LDNS_RDF_TYPE_SELECTOR,
+ LDNS_RDF_TYPE_MATCHING_TYPE,
LDNS_RDF_TYPE_HEX
};
static const ldns_rdf_type type_hip_wireformat[] = {
diff --git a/str2host.c b/str2host.c
index 6552ea72..cd07c893 100644
--- a/str2host.c
+++ b/str2host.c
@@ -777,29 +777,68 @@ ldns_str2rdf_cert_alg(ldns_rdf **rd, const char *str)
return st;
}
+static ldns_lookup_table ldns_tlsa_certificate_usages[] = {
+ { LDNS_TLSA_USAGE_PKIX_TA , "PKIX-TA" },
+ { LDNS_TLSA_USAGE_PKIX_EE , "PKIX-EE" },
+ { LDNS_TLSA_USAGE_DANE_TA , "DANE-TA" },
+ { LDNS_TLSA_USAGE_DANE_EE , "DANE-EE" },
+ { LDNS_TLSA_USAGE_PRIVCERT , "PrivCert" }
+};
+
+static ldns_lookup_table ldns_tlsa_selectors[] = {
+ { LDNS_TLSA_SELECTOR_CERT , "Cert" },
+ { LDNS_TLSA_SELECTOR_SPKI , "SPKI" },
+ { LDNS_TLSA_SELECTOR_PRIVSEL , "PrivSel" }
+};
+
+static ldns_lookup_table ldns_tlsa_matching_types[] = {
+ { LDNS_TLSA_MATCHING_TYPE_FULL , "Full" },
+ { LDNS_TLSA_MATCHING_TYPE_SHA2_256 , "SHA2-256" },
+ { LDNS_TLSA_MATCHING_TYPE_SHA2_512 , "SHA2-512" },
+ { LDNS_TLSA_MATCHING_TYPE_PRIVMATCH , "PrivMatch" }
+};
+
+static ldns_status
+ldns_str2rdf_mnemonic4int8(ldns_lookup_table *lt,
+ ldns_rdf **rd, const char *str)
+{
+ if ((lt = ldns_lookup_by_name(lt, str))) {
+ /* it was given as a integer */
+ *rd = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, (uint8_t) lt->id);
+ if (!*rd)
+ return LDNS_STATUS_ERR;
+ else
+ return LDNS_STATUS_OK;
+ }
+ return ldns_str2rdf_int8(rd, str);
+}
+
/* An alg field can either be specified as a 8 bits number
* or by its symbolic name. Handle both
*/
ldns_status
ldns_str2rdf_alg(ldns_rdf **rd, const char *str)
{
- ldns_lookup_table *lt;
- ldns_status st;
+ return ldns_str2rdf_mnemonic4int8(ldns_algorithms, rd, str);
+}
- lt = ldns_lookup_by_name(ldns_algorithms, str);
- st = LDNS_STATUS_OK;
+ldns_status
+ldns_str2rdf_certificate_usage(ldns_rdf **rd, const char *str)
+{
+ return ldns_str2rdf_mnemonic4int8(
+ ldns_tlsa_certificate_usages, rd, str);
+}
- if (lt) {
- /* it was given as a integer */
- *rd = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, (uint8_t) lt->id);
- if (!*rd) {
- st = LDNS_STATUS_ERR;
- }
- } else {
- /* try as-is (a number) */
- st = ldns_str2rdf_int8(rd, str);
- }
- return st;
+ldns_status
+ldns_str2rdf_selector(ldns_rdf **rd, const char *str)
+{
+ return ldns_str2rdf_mnemonic4int8(ldns_tlsa_selectors, rd, str);
+}
+
+ldns_status
+ldns_str2rdf_matching_type(ldns_rdf **rd, const char *str)
+{
+ return ldns_str2rdf_mnemonic4int8(ldns_tlsa_matching_types, rd, str);
}
ldns_status
diff --git a/wire2host.c b/wire2host.c
index 386c3507..e4922155 100644
--- a/wire2host.c
+++ b/wire2host.c
@@ -202,6 +202,9 @@ ldns_wire2rdf(ldns_rr *rr, const uint8_t *wire, size_t max, size_t *pos)
break;
case LDNS_RDF_TYPE_CLASS:
case LDNS_RDF_TYPE_ALG:
+ case LDNS_RDF_TYPE_CERTIFICATE_USAGE:
+ case LDNS_RDF_TYPE_SELECTOR:
+ case LDNS_RDF_TYPE_MATCHING_TYPE:
case LDNS_RDF_TYPE_INT8:
cur_rdf_length = LDNS_RDF_SIZE_BYTE;
break;