From 7f77e5e6b4ce37d38b92a8c7b57c2550b4c27a30 Mon Sep 17 00:00:00 2001 From: Miek Gieben Date: Sun, 8 Jan 2012 16:49:54 +0100 Subject: [PATCH] Fix key2ds --- _examples/key2ds/key2ds.go | 22 ++++------------------ dnssec.go | 6 +++--- 2 files changed, 7 insertions(+), 21 deletions(-) diff --git a/_examples/key2ds/key2ds.go b/_examples/key2ds/key2ds.go index 4683bfcf..6933d776 100644 --- a/_examples/key2ds/key2ds.go +++ b/_examples/key2ds/key2ds.go @@ -17,7 +17,7 @@ func main() { os.Exit(1) } m := new(dns.Msg) - m.SetQuestion(os.Args[1], dns.TypeDNSKEY) + m.SetQuestion(dns.Fqdn(os.Args[1]), dns.TypeDNSKEY) // Set EDNS0's Do bit e := new(dns.RR_OPT) @@ -38,27 +38,13 @@ func main() { fmt.Printf(" *** invalid answer name %s after DNSKEY query for %s\n", os.Args[1], os.Args[1]) os.Exit(1) } - // Stuff must be in the answer section, check len(r.Answer) for _, k := range r.Answer { - // For each key would need to provide a DS records, both sha1 and sha256 - // Maybe print the key flags? if key, ok := k.(*dns.RR_DNSKEY); ok { key.Hdr.Ttl = 0 - switch key.Flags { - case 256: - fmt.Printf("; ZSK\n") - case 257: - fmt.Printf("; KSK\n") - default: - fmt.Printf("; %d\n", key.Flags) + for _, alg := range []int{dns.SHA1, dns.SHA256, dns.SHA384} { + ds := key.ToDS(alg) + fmt.Printf("%v; %d\n", ds, key.Flags) } - - ds := key.ToDS(dns.SHA1) - fmt.Printf("%v\n", ds) - ds = key.ToDS(dns.SHA256) - fmt.Printf("%v\n", ds) - ds = key.ToDS(dns.SHA384) - fmt.Printf("%v\n", ds) } } } diff --git a/dnssec.go b/dnssec.go index cfab2018..dae4bbfb 100644 --- a/dnssec.go +++ b/dnssec.go @@ -49,9 +49,9 @@ const ( // DNSKEY flag values. const ( - KSK = 1 - ZSK = 1 << 7 - REVOKE = 1 << 6 + SEP = 1 + ZONE = 1 << 7 + REVOKE = 1 << 8 ) // The RRSIG needs to be converted to wireformat with some of