mirrors/dns
1
0
Fork 0
mirror of https://github.com/miekg/dns.git synced 2025-08-13 21:16:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
4,157 Commits 2 Branches 85 Tags 23 MiB
50fbccd204
Commit Graph

245 Commits

Author SHA1 Message Date
Miek Gieben
71466895f7 Remove ECC which was set as alg 4 
There is no alg 4 and ECC is not an algorithm identifier.
 2014-10-23 08:12:02 +00:00
Alex A Skinner
c417e9729d DNSSEC algorithm and digest types now uint8 2014-10-22 20:41:03 -04:00
Miek Gieben
0aa3021a83 Remove all copyright notices 
Use the central COPYRIGHT file.
 2014-09-11 20:57:37 +01:00
Miek Gieben
643720d10d Fix ECDSA algorithms 
Current code was completely wrong, so validation of ECDSA didn't work.
The new tests now works, the old one now doesn't
 2014-09-09 07:45:47 +01:00
Filippo Valsorda
3a7db158f5 Correct the DNSKEY flag values 
See https://www.iana.org/assignments/dnskey-flags/dnskey-flags.xhtml

Elsewhere in the code 256 (1 << 8) is used numerically for ZONE, so nothing breaks for now.
 2014-09-04 15:31:23 -07:00
Alex A. Skinner
a156d1ec2f must lowercase ownername when computing hash for DS 2014-04-10 19:40:52 -04:00
Miek Gieben
fb787f0d96 Update the documentation 2014-02-02 20:30:52 +00:00
Miek Gieben
9c75b3cdc2 Fi the tests too 2014-01-27 14:45:34 +00:00
Miek Gieben
39a8e2b8af Small api change to check RRSIG validity 2014-01-27 14:42:17 +00:00
Miek Gieben
c97bb6d79d The right way around 2014-01-26 20:22:19 +00:00
Miek Gieben
2a659fce45 dnssec: don't override OrigTtl in sig 
When creating a signature and the OrigTtl is already set
don't override it.
 2014-01-26 19:53:49 +00:00
Miek Gieben
6b32a711e9 Allocate just enough space 
Remove the len()*2, and replace it with len()+1. The current
len() impl. of the types is good enough to be more precise.
 2013-12-06 11:30:33 +00:00
Miek Gieben
70ee966106 Fix the unknown record sign test 
Don't make up new error in msg.Pack when there are perfectly fine
errors to return.
 2013-12-06 09:43:26 +00:00
Skinner, Alex
edd235088a Added TYPE65534 record type so that zone scanning doesn't die upon encountering one. Fixed DNSSEC signature verification. 2013-12-04 12:58:20 -05:00
Miek Gieben
ee8ace0477 Merge branch 'master' of github.com:miekg/dns 2013-09-11 08:22:23 +01:00
Miek Gieben
9c1ee5d5ca Update IsDomainName 
This new functions just compiles the domain to wire format, if that
works, the name is deemed OK. It is also much less strict than the
older code. Almost everything is allowed in the name, except two
dots back to back (there is an explicit test for that).
 2013-09-10 18:09:22 +00:00
Miek Gieben
47cc5b052d Work on making IsDomainName better 2013-09-10 13:13:10 +00:00
Miek Gieben
cb70138d9e Remove comment 2013-09-01 21:37:14 +01:00
Miek Gieben
38ea608d79 Rename the Label* functions 
SplitLabels -> SplitDomainName
CompareLabels -> CompareDomainName
LenLabels -> CountLabel
          -> NextLabel was added as a simple iterator-like function
 2013-06-22 07:21:15 +00:00
Miek Gieben
c66494c6c5 Resolv merge conflicts 2013-05-12 19:08:37 +02:00
Miek Gieben
81941d4422 Update all copyright notices 2013-05-12 16:15:52 +02:00
Miek Gieben
320d981509 Add Algo-signal-draft impl. for EDNS0 2013-05-11 21:02:17 +02:00
Miek Gieben
d53d9eab81 gofmt 2013-05-05 20:30:44 +02:00
Miek Gieben
cd10853288 Make Len() and Copy() private 
I don't think anybody will needs these, msg.Len() is still
available. Severly cuts back on the amount of exported functions.
 2013-02-09 08:35:17 +01:00
Miek Gieben
235e892dfc Rename the RR types drop the RR_ prefix 
This is also done in the official Go library. It also make the
code shorter.
 2012-12-09 19:23:25 +01:00
Miek Gieben
2a3b818b95 Use much more descriptive names for the maps 
Alg_str -> AlgorithmToString
 Rr_str  -> TypeToString

And for the reverse maps also.
 2012-12-02 09:29:54 +01:00
Miek Gieben
ffe42637c5 Documentation 2012-12-01 12:44:57 +01:00
Miek Gieben
aaa65c0ae0 documentation 2012-11-20 10:10:09 +01:00
Miek Gieben
dce8b2e71a gofmt 2012-10-10 22:17:50 +02:00
Miek Gieben
570bf8dc69 Use proper error in packing and unpacking 
All the relevant functions now return an error instead of
a simple boolean. This greatly approves the feedback to coders.

Spotted some fishy error handling along the way and fix that too.
 2012-10-09 21:17:54 +02:00
Miek Gieben
c88a47e261 use nil for signing in rsa 2012-09-16 10:28:53 +02:00
Miek Gieben
8a21b263d8 Disallow rsamd5 as per rfc 6725 2012-09-14 09:11:19 +02:00
Miek Gieben
ceea1024c1 use rr as var name 2012-09-03 08:37:16 +02:00
Miek Gieben
25abc3c0fc use rr as var name 2012-09-03 08:35:21 +02:00
Miek Gieben
c0c9a5f3a9 docs 2012-08-27 08:41:14 +02:00
Miek Gieben
b96e6ac78d tweaks to the documentation 2012-08-24 09:35:33 +02:00
Miek Gieben
6f7aad15d8 documenation 2012-08-21 17:36:58 +02:00
Miek Gieben
b0fc5a2f22 re-export these - I use them in unbound 2012-08-20 18:03:15 +02:00
Miek Gieben
7b406f80ce dont export 2012-08-17 08:34:46 +02:00
Miek Gieben
73b6d37885 cleanup api, dont export Year68 2012-08-17 08:29:45 +02:00
Miek Gieben
2d2b4f5e64 tweaks to give more power to unbound package 2012-07-01 20:58:54 +02:00
Miek Gieben
e6fca0be3f Actually copy the RR for DNSSEC validation. 
This is needed because we need to fiddle with the TTL and sometimes
even need to lowercase the rdata. We dont want this to propagate
to the original RRs
 2012-06-20 19:16:54 +02:00
Miek Gieben
f48dba4ad1 Add Copy to all RRs 2012-06-20 11:56:25 +02:00
Miek Gieben
0cfe2d6a43 Make copy private 2012-05-12 20:06:52 +02:00
Miek Gieben
614aa87ab2 Add a copy function for RRHeader - use this when validating 2012-05-11 15:03:49 +02:00
Miek Gieben
3611c4d458 fmt 2012-05-05 17:37:48 +02:00
Miek Gieben
1948cd2a90 Use go vetted struct tags 
They had the form: "domain-name", now they are key value pairs (key is
always dns: `dns:"domain-name"`
 2012-04-29 21:55:29 +02:00
Miek Gieben
70fac2eec3 add the nsec3 alias too 2012-04-19 14:39:50 +02:00
Miek Gieben
3aba338dc5 better docs 2012-04-19 13:32:50 +02:00
Miek Gieben
3ef88ef28d Use uppercase M 2012-04-18 12:57:38 +02:00
Miek Gieben
4810b60cda Make it build 2012-04-18 12:55:48 +02:00
Miek Gieben
ca067eb038 calculate the value of dsas T 2012-04-18 12:55:08 +02:00
Miek Gieben
01258c0d97 Finish DSA support -- completely untested 2012-04-18 12:48:54 +02:00
Miek Gieben
96a9b0d7d1 Signing with dsa 2012-04-18 11:57:32 +02:00
Miek Gieben
7c9a376659 More DSA stuff: generation/signing/verifying 2012-04-17 11:58:06 +02:00
Miek Gieben
4536259037 1/2 support for DSA 2012-04-17 11:39:58 +02:00
Miek Gieben
70efdaabea keytag calc. for RSAMD5 keys 2012-04-17 10:55:02 +02:00
Miek Gieben
daf51db85d add indirect alg type 2012-04-16 09:09:32 +02:00
Miek Gieben
cf627feaa8 remove debugging.Validation code works, but isnt validating 2012-04-15 21:43:52 +02:00
Miek Gieben
e6b2ec8d72 Add ecdsa verification 2012-04-15 21:37:00 +02:00
Miek Gieben
b58c604e17 Add symmetry to the reading of public/private keys 
Add a NewPrivateKey that works on strings and calls ReadPrivateKey
that works on io.Readers.
 2012-04-15 20:50:53 +02:00
Miek Gieben
3e11306260 some debugging 2012-04-12 15:39:54 +02:00
Miek Gieben
134b557647 Start with validating Curve algos 2012-04-11 16:20:29 +02:00
Miek Gieben
1e1559423d Fix EC signing 2012-04-11 16:09:40 +02:00
Miek Gieben
b1099c10b8 More stuff for ecdsa. Need to find good abstraction 2012-04-11 15:42:33 +02:00
Miek Gieben
edf4b3d11b Test signing with ecdsa 2012-04-11 15:13:17 +02:00
Miek Gieben
35bfb48fac fix the mnemonic for ecdsa* 2012-04-11 14:37:51 +02:00
Miek Gieben
a55014ff8a elliptic curve stuff 2012-04-11 14:32:44 +02:00
Miek Gieben
1083e5542e add comment 2012-04-06 20:12:00 +02:00
Miek Gieben
33a58c8cb7 make it compile 2012-03-19 20:00:40 +01:00
Miek Gieben
f38cd6abe0 better errors 2012-03-18 22:44:42 +01:00
Miek Gieben
9f14f2d5ab Documentation updates 2012-03-08 20:47:45 +01:00
Miek Gieben
1744a80850 add a TsigStatus to the client as well 
Bring server and client side more inline
with each other. For a client we also
use TsigStatus() to retrieve the tsig info.
 2012-03-04 14:47:20 +01:00
Miek Gieben
dc16392734 Newly allocated names 2012-03-02 15:28:22 +01:00
Miek Gieben
104d875a75 Flag large RSA exponents as an error 2012-02-29 21:11:45 +01:00
Miek Gieben
c32c13ba25 dnssec-bis-16 updates fix 2012-02-28 20:09:00 +01:00
Miek Gieben
d7a7e6e112 Lowercase/uppercase mahem in DNSSEC 2012-02-28 19:25:09 +01:00
Miek Gieben
ea57a49d94 Allow mnemonic algorithm numbers in DS (and DS-like) records 2012-02-27 19:17:58 +01:00
Miek Gieben
ef2e12b0dd Validation fixes, still not perfect, but much nicer 2012-02-25 22:04:29 +01:00
Miek Gieben
89c05b4f74 gofmt 2012-02-23 19:37:08 +01:00
Miek Gieben
c6042c4ce8 Work on copy of the header when validating 2012-02-23 12:46:39 +01:00
Miek Gieben
d0a45c667e Downcase these domains 2012-02-23 10:47:50 +01:00
Miek Gieben
99ea36cd42 Check the protocol value of the key 2012-02-16 23:34:09 +01:00
Miek Gieben
2cb265697e Documentation 
Need to think about the non-existing root-label and the label
functions.
 2012-02-12 11:34:28 +01:00
Peter van Dijk
448596bccb fix typo 2012-02-10 09:19:23 +01:00
Peter van Dijk
c05615b783 fix RRSIG wildcard checking 2012-02-10 09:19:00 +01:00
Miek Gieben
ed61734c89 Optimize the RR reading further 
remove len(strings) from the code. 16% increase
in speed. Getting about 35K RR/s
 2012-01-30 21:26:29 +01:00
Miek Gieben
bfc928973f Remove/fix some todo 2012-01-29 00:34:59 +01:00
Miek Gieben
19f8d266b5 Remove the RRset type - only add obvious stuff 2012-01-28 01:14:07 +01:00
Miek Gieben
6d5fd7f975 Some more tweaks into verifying nsec3 messages 2012-01-22 16:12:10 +01:00
Miek Gieben
c051e5eec5 Small tweaks 2012-01-22 12:24:31 +01:00
Miek Gieben
f25584e94e Overflow fixes 2012-01-21 12:35:19 +01:00
Miek Gieben
c9fc2ea493 Enable signature checking in messages 2012-01-21 11:58:26 +01:00
Miek Gieben
5917838cbb gofmt 2012-01-20 12:24:20 +01:00
Miek Gieben
509912d4c4 Fixes for weekly.2012-01-20 2012-01-20 12:24:05 +01:00
Miek Gieben
9f3a1c1f13 Documentation and make ParseKey private (parseKey) 2012-01-16 21:44:49 +01:00
Miek Gieben
50a62b9c68 Dont downcase 2012-01-16 10:50:35 +01:00
Miek Gieben
4bd5d7f3f2 Lowercase rdata of rr to be signed/verified 2012-01-16 09:54:05 +01:00
Miek Gieben
8608def558 Documentation 2012-01-15 16:14:22 +01:00
Miek Gieben
5c74f7285f Save some bytes in the dnssec signature validation 2012-01-15 16:00:40 +01:00