Declare global const DNSName variables for frequently-used names

(such as the TSIG key algorithms)

Signed-off-by: Miod Vallat <miod.vallat@powerdns.com>

diff --git a/modules/ldapbackend/native.cc b/modules/ldapbackend/native.cc
index 4ac7ea33c4dd8247989447892e605884db7b4374..2038f8e3a84e5d05a251a19adf82ed0cb26dc88c 100644 (file)
--- a/modules/ldapbackend/native.cc
+++ b/modules/ldapbackend/native.cc
@@ -154,7 +154,9 @@ bool LdapBackend::list_simple(const ZoneName& target, domainid_t /* domain_id */
 
 bool LdapBackend::list_strict(const ZoneName& target, domainid_t domain_id)
 {
-  if (target.isPartOf(DNSName("in-addr.arpa")) || target.isPartOf(DNSName("ip6.arpa"))) {
+  static const DNSName inaddrarpa("in-addr.arpa");
+  static const DNSName ip6arpa("ip6.arpa");
+  if (target.isPartOf(inaddrarpa) || target.isPartOf(ip6arpa)) {
     g_log << Logger::Warning << d_myname << " Request for reverse zone AXFR, but this is not supported in strict mode" << endl;
     return false; // AXFR isn't supported in strict mode. Use simple mode and additional PTR records
   }

diff --git a/pdns/auth-catalogzone.cc b/pdns/auth-catalogzone.cc
index bfc3f8fdb337e5d54ad2c462b14758b677fe52d3..ab6e5e62741a61c5da04ce8bb43b9fa6ea1ec208 100644 (file)
--- a/pdns/auth-catalogzone.cc
+++ b/pdns/auth-catalogzone.cc
@@ -116,7 +116,7 @@ void CatalogInfo::updateHash(CatalogHashMap& hashes, const DomainInfo& di) const
 DNSZoneRecord CatalogInfo::getCatalogVersionRecord(const ZoneName& zone)
 {
   DNSZoneRecord dzr;
-  dzr.dr.d_name = DNSName("version") + zone.operator const DNSName&();
+  dzr.dr.d_name = g_versiondnsname + zone.operator const DNSName&();
   dzr.dr.d_ttl = 0;
   dzr.dr.d_type = QType::TXT;
   dzr.dr.setContent(std::make_shared<TXTRecordContent>("2"));
@@ -132,7 +132,7 @@ void CatalogInfo::toDNSZoneRecords(const ZoneName& zone, vector<DNSZoneRecord>&
   else {
     prefix = d_unique;
   }
-  prefix += DNSName("zones") + zone.operator const DNSName&();
+  prefix += g_zonesdnsname + zone.operator const DNSName&();
 
   DNSZoneRecord dzr;
   dzr.dr.d_name = prefix;
@@ -142,7 +142,7 @@ void CatalogInfo::toDNSZoneRecords(const ZoneName& zone, vector<DNSZoneRecord>&
   dzrs.emplace_back(dzr);
 
   if (!d_coo.empty()) {
-    dzr.dr.d_name = DNSName("coo") + prefix;
+    dzr.dr.d_name = g_coodnsname + prefix;
     dzr.dr.d_ttl = 0;
     dzr.dr.d_type = QType::PTR;
     dzr.dr.setContent(std::make_shared<PTRRecordContent>(d_coo));
@@ -150,7 +150,7 @@ void CatalogInfo::toDNSZoneRecords(const ZoneName& zone, vector<DNSZoneRecord>&
   }
 
   for (const auto& group : d_group) {
-    dzr.dr.d_name = DNSName("group") + prefix;
+    dzr.dr.d_name = g_groupdnsname + prefix;
     dzr.dr.d_ttl = 0;
     dzr.dr.d_type = QType::TXT;
     dzr.dr.setContent(std::make_shared<TXTRecordContent>("\"" + group + "\""));

diff --git a/pdns/auth-primarycommunicator.cc b/pdns/auth-primarycommunicator.cc
index 2768b6f2f0bb5720281ff56ed55a273714ae6086..ab6c341d2f4f215833cdc8a3784e0ec53daa4a2e 100644 (file)
--- a/pdns/auth-primarycommunicator.cc
+++ b/pdns/auth-primarycommunicator.cc
@@ -305,8 +305,8 @@ void CommunicatorClass::sendNotification(int sock, const ZoneName& domain, const
       return;
     }
     TSIGRecordContent trc;
-    if (tsigalgorithm.toStringNoDot() == "hmac-md5") {
-      trc.d_algoName = DNSName(tsigalgorithm.toStringNoDot() + ".sig-alg.reg.int.");
+    if (tsigalgorithm == g_hmacmd5dnsname) {
+      trc.d_algoName = g_hmacmd5dnsname_long;
     }
     else {
       trc.d_algoName = std::move(tsigalgorithm);

diff --git a/pdns/auth-secondarycommunicator.cc b/pdns/auth-secondarycommunicator.cc
index 52890f51812725b4319a5986c81dc2dcd22beef7..1e1815f495b4867d146ec7c5618d5a7f45768e64 100644 (file)
--- a/pdns/auth-secondarycommunicator.cc
+++ b/pdns/auth-secondarycommunicator.cc
@@ -337,7 +337,7 @@ static bool catalogProcess(const DomainInfo& di, vector<DNSResourceRecord>& rrs,
       }
     }
 
-    else if (rr.qname == DNSName("version") + di.zone.operator const DNSName&() && rr.qtype == QType::TXT) {
+    else if (rr.qname == g_versiondnsname + di.zone.operator const DNSName&() && rr.qtype == QType::TXT) {
       if (hasVersion) {
         g_log << Logger::Warning << logPrefix << "zone '" << di.zone << "', multiple version records found, aborting" << endl;
         return false;
@@ -355,13 +355,13 @@ static bool catalogProcess(const DomainInfo& di, vector<DNSResourceRecord>& rrs,
       }
     }
 
-    else if (rr.qname.isPartOf(DNSName("zones") + di.zone.operator const DNSName&())) {
+    else if (rr.qname.isPartOf(g_zonesdnsname + di.zone.operator const DNSName&())) {
       if (rel.empty() && !hasVersion) {
         g_log << Logger::Warning << logPrefix << "zone '" << di.zone << "', catalog zone schema version missing, aborting" << endl;
         return false;
       }
 
-      rel = rr.qname.makeRelative(DNSName("zones") + di.zone.operator const DNSName&());
+      rel = rr.qname.makeRelative(g_zonesdnsname + di.zone.operator const DNSName&());
 
       if (rel.countLabels() == 1 && rr.qtype == QType::PTR) {
         if (!unique.empty()) {
@@ -388,7 +388,7 @@ static bool catalogProcess(const DomainInfo& di, vector<DNSResourceRecord>& rrs,
       }
 
       else if (hasVersion == 2) {
-        if (rel == (DNSName("coo") + unique) && rr.qtype == QType::PTR) {
+        if (rel == (g_coodnsname + unique) && rr.qtype == QType::PTR) {
           if (!ci.d_coo.empty()) {
             g_log << Logger::Warning << logPrefix << "zone '" << di.zone << "', duplicate COO for unique '" << unique << "'" << endl;
             zoneInvalid = true;
@@ -397,7 +397,7 @@ static bool catalogProcess(const DomainInfo& di, vector<DNSResourceRecord>& rrs,
             ci.d_coo = DNSName(rr.content);
           }
         }
-        else if (rel == (DNSName("group") + unique) && rr.qtype == QType::TXT) {
+        else if (rel == (g_groupdnsname + unique) && rr.qtype == QType::TXT) {
           std::string content = rr.content;
           if (content.length() >= 2 && content.at(0) == '\"' && content.at(content.length() - 1) == '\"') { // TXT pain
             content = content.substr(1, content.length() - 2);

diff --git a/pdns/axfr-retriever.cc b/pdns/axfr-retriever.cc
index adac75b4825421ac858c42bfb016fb06bdd03610..cf06af5331bbe86e4b64b8f3f647166d3f97039e 100644 (file)
--- a/pdns/axfr-retriever.cc
+++ b/pdns/axfr-retriever.cc
@@ -61,8 +61,8 @@ AXFRRetriever::AXFRRetriever(const ComboAddress& remote,
     pwriter.getHeader()->id = dns_random_uint16();
 
     if (!tsigConf.name.empty()) {
-      if (tsigConf.algo == DNSName("hmac-md5")) {
-        d_trc.d_algoName = tsigConf.algo + DNSName("sig-alg.reg.int");
+      if (tsigConf.algo == g_hmacmd5dnsname) {
+        d_trc.d_algoName = g_hmacmd5dnsname_long;
       }
       else {
         d_trc.d_algoName = tsigConf.algo;

diff --git a/pdns/dnsname.cc b/pdns/dnsname.cc
index fa4d20807b4cbd8a1a11fb491d2c87bba45d89d2..4316b393999e43db6debf6a40d96e8dd20dbd7ec 100644 (file)
--- a/pdns/dnsname.cc
+++ b/pdns/dnsname.cc
@@ -29,7 +29,22 @@
 
 #include <boost/functional/hash.hpp>
 
-const DNSName g_rootdnsname("."), g_wildcarddnsname("*");
+const DNSName g_rootdnsname(".");
+const DNSName g_wildcarddnsname("*");
+const DNSName g_coodnsname("coo");
+const DNSName g_groupdnsname("group");
+const DNSName g_versiondnsname("version");
+const DNSName g_zonesdnsname("zones");
+
+const DNSName g_gsstsigdnsname("gss-tsig");
+const DNSName g_hmacmd5dnsname("hmac-md5");
+const DNSName g_hmacmd5dnsname_long("hmac-md5.sig-alg.reg.int");
+const DNSName g_hmacsha1dnsname("hmac-sha1");
+const DNSName g_hmacsha224dnsname("hmac-sha224");
+const DNSName g_hmacsha256dnsname("hmac-sha256");
+const DNSName g_hmacsha384dnsname("hmac-sha384");
+const DNSName g_hmacsha512dnsname("hmac-sha512");
+
 const ZoneName g_rootzonename(".");
 
 /* raw storage

diff --git a/pdns/dnsname.hh b/pdns/dnsname.hh
index b498b5e8a3a724c486ea1de24eedd7a7bcf574b2..4949d04650e0a04db910f1a12acf52514890841b 100644 (file)
--- a/pdns/dnsname.hh
+++ b/pdns/dnsname.hh
@@ -268,7 +268,22 @@ inline DNSName operator+(const DNSName& lhs, const DNSName& rhs)
   return ret;
 }
 
-extern const DNSName g_rootdnsname, g_wildcarddnsname;
+extern const DNSName g_rootdnsname;          // .
+extern const DNSName g_wildcarddnsname;      // *
+
+extern const DNSName g_coodnsname;           // coo
+extern const DNSName g_groupdnsname;         // group
+extern const DNSName g_versiondnsname;       // version
+extern const DNSName g_zonesdnsname;         // zones
+
+extern const DNSName g_gsstsigdnsname;       // gss-tsig
+extern const DNSName g_hmacmd5dnsname;       // hmac-md5
+extern const DNSName g_hmacmd5dnsname_long;  // hmac-md5.sig-alg.reg.int
+extern const DNSName g_hmacsha1dnsname;      // hmac-sha1
+extern const DNSName g_hmacsha224dnsname;    // hmac-sha224
+extern const DNSName g_hmacsha256dnsname;    // hmac-sha256
+extern const DNSName g_hmacsha384dnsname;    // hmac-sha384
+extern const DNSName g_hmacsha512dnsname;    // hmac-sha512
 
 #if defined(PDNS_AUTH) // [
 // ZoneName: this is equivalent to DNSName, but intended to only store zone

diff --git a/pdns/misc.cc b/pdns/misc.cc
index 913848fabf7f1163dfe86bfb9055067215395346..5fa254c1c3a94943fe2cfd498bf866757dcfc11f 100644 (file)
--- a/pdns/misc.cc
+++ b/pdns/misc.cc
@@ -1375,19 +1375,19 @@ uint64_t getCPUSteal(const std::string& /* str */)
 
 bool getTSIGHashEnum(const DNSName& algoName, TSIGHashEnum& algoEnum)
 {
-  if (algoName == DNSName("hmac-md5.sig-alg.reg.int") || algoName == DNSName("hmac-md5"))
+  if (algoName == g_hmacmd5dnsname_long || algoName == g_hmacmd5dnsname)
     algoEnum = TSIG_MD5;
-  else if (algoName == DNSName("hmac-sha1"))
+  else if (algoName == g_hmacsha1dnsname)
     algoEnum = TSIG_SHA1;
-  else if (algoName == DNSName("hmac-sha224"))
+  else if (algoName == g_hmacsha224dnsname)
     algoEnum = TSIG_SHA224;
-  else if (algoName == DNSName("hmac-sha256"))
+  else if (algoName == g_hmacsha256dnsname)
     algoEnum = TSIG_SHA256;
-  else if (algoName == DNSName("hmac-sha384"))
+  else if (algoName == g_hmacsha384dnsname)
     algoEnum = TSIG_SHA384;
-  else if (algoName == DNSName("hmac-sha512"))
+  else if (algoName == g_hmacsha512dnsname)
     algoEnum = TSIG_SHA512;
-  else if (algoName == DNSName("gss-tsig"))
+  else if (algoName == g_gsstsigdnsname)
     algoEnum = TSIG_GSS;
   else {
      return false;
@@ -1398,13 +1398,13 @@ bool getTSIGHashEnum(const DNSName& algoName, TSIGHashEnum& algoEnum)
 DNSName getTSIGAlgoName(TSIGHashEnum& algoEnum)
 {
   switch(algoEnum) {
-  case TSIG_MD5: return DNSName("hmac-md5.sig-alg.reg.int.");
-  case TSIG_SHA1: return DNSName("hmac-sha1.");
-  case TSIG_SHA224: return DNSName("hmac-sha224.");
-  case TSIG_SHA256: return DNSName("hmac-sha256.");
-  case TSIG_SHA384: return DNSName("hmac-sha384.");
-  case TSIG_SHA512: return DNSName("hmac-sha512.");
-  case TSIG_GSS: return DNSName("gss-tsig.");
+  case TSIG_MD5: return g_hmacmd5dnsname_long;
+  case TSIG_SHA1: return g_hmacsha1dnsname;
+  case TSIG_SHA224: return g_hmacsha224dnsname;
+  case TSIG_SHA256: return g_hmacsha256dnsname;
+  case TSIG_SHA384: return g_hmacsha384dnsname;
+  case TSIG_SHA512: return g_hmacsha512dnsname;
+  case TSIG_GSS: return g_gsstsigdnsname;
   }
   throw PDNSException("getTSIGAlgoName does not understand given algorithm, please fix!");
 }

diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc
index d4523b550b82928dc251b7e9fca171d4007d06d0..c79b2be1ade8d5a8bbbdfbfb01833635150e6ceb 100644 (file)
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -2096,11 +2096,11 @@ bool PacketHandler::checkForCorrectTSIG(const DNSPacket& packet, DNSName* tsigke
   TSIGTriplet tsigTriplet;
   tsigTriplet.name = *tsigkeyname;
   tsigTriplet.algo = tsigContent->d_algoName;
-  if (tsigTriplet.algo == DNSName("hmac-md5.sig-alg.reg.int")) {
-    tsigTriplet.algo = DNSName("hmac-md5");
+  if (tsigTriplet.algo == g_hmacmd5dnsname_long) {
+    tsigTriplet.algo = g_hmacmd5dnsname;
   }
 
-  if (tsigTriplet.algo != DNSName("gss-tsig")) {
+  if (tsigTriplet.algo != g_gsstsigdnsname) {
     string secret64;
     if (!B.getTSIGKey(*tsigkeyname, tsigTriplet.algo, secret64)) {
       g_log << Logger::Error << "Packet for domain '" << packet.qdomain << "' denied: can't find TSIG key with name '" << *tsigkeyname << "' and algorithm '" << tsigTriplet.algo << "'" << endl;

diff --git a/pdns/resolver.cc b/pdns/resolver.cc
index 9d8a27c47eac10fcd57d723e6e3e9c4241504efc..3b51ff09e8e5fbbc2d2f4ff8d659b04737a182d9 100644 (file)
--- a/pdns/resolver.cc
+++ b/pdns/resolver.cc
@@ -144,8 +144,8 @@ uint16_t Resolver::sendResolve(const ComboAddress& remote, const ComboAddress& l
   if(!tsigkeyname.empty()) {
     // cerr<<"Adding TSIG to notification, key name: '"<<tsigkeyname<<"', algo: '"<<tsigalgorithm<<"', secret: "<<Base64Encode(tsigsecret)<<endl;
     TSIGRecordContent trc;
-    if (tsigalgorithm == DNSName("hmac-md5"))
-      trc.d_algoName = tsigalgorithm + DNSName("sig-alg.reg.int");
+    if (tsigalgorithm == g_hmacmd5dnsname)
+      trc.d_algoName = g_hmacmd5dnsname_long;
     else
       trc.d_algoName = tsigalgorithm;
     trc.d_time = time(nullptr);

diff --git a/pdns/saxfr.cc b/pdns/saxfr.cc
index 8e733568e96cbc8afc1ee95ff18497c8ff0c49e3..ac9ed098f678b3508f9b145f57b1232bc29b4ed3 100644 (file)
--- a/pdns/saxfr.cc
+++ b/pdns/saxfr.cc
@@ -105,7 +105,7 @@ try
       input="";
       DNSPacketWriter pwtkey(packet, gssctx.getLabel(), QType::TKEY, QClass::ANY);
       TKEYRecordContent tkrc;
-      tkrc.d_algo = DNSName("gss-tsig.");
+      tkrc.d_algo = g_gsstsigdnsname;
       // coverity[store_truncates_time_t]
       tkrc.d_inception = time((time_t*)NULL);
       tkrc.d_expiration = tkrc.d_inception+15;

diff --git a/pdns/tcpreceiver.cc b/pdns/tcpreceiver.cc
index 22b002bb592239c5ce969f716fd7da6b3576befd..ab18fff12d1cb2f0040421d9877369242c7894b7 100644 (file)
--- a/pdns/tcpreceiver.cc
+++ b/pdns/tcpreceiver.cc
@@ -683,9 +683,9 @@ int TCPNameserver::doAXFR(const ZoneName &targetZone, std::unique_ptr<DNSPacket>
   if(haveTSIGDetails && !tsigkeyname.empty()) {
     string tsig64;
     DNSName algorithm=trc.d_algoName;
-    if (algorithm == DNSName("hmac-md5.sig-alg.reg.int"))
-      algorithm = DNSName("hmac-md5");
-    if (algorithm != DNSName("gss-tsig")) {
+    if (algorithm == g_hmacmd5dnsname_long)
+      algorithm = g_hmacmd5dnsname;
+    if (algorithm != g_gsstsigdnsname) {
       if(!db.getTSIGKey(tsigkeyname, algorithm, tsig64)) {
         g_log<<Logger::Warning<<logPrefix<<"TSIG key not found"<<endl;
         return 0;
@@ -1289,8 +1289,8 @@ int TCPNameserver::doIXFR(std::unique_ptr<DNSPacket>& q, int outsock)
     if(haveTSIGDetails && !tsigkeyname.empty()) {
       string tsig64;
       DNSName algorithm=trc.d_algoName; // FIXME400: was toLowerCanonic, compare output
-      if (algorithm == DNSName("hmac-md5.sig-alg.reg.int"))
-        algorithm = DNSName("hmac-md5");
+      if (algorithm == g_hmacmd5dnsname_long)
+        algorithm = g_hmacmd5dnsname;
       if (!db.getTSIGKey(tsigkeyname, algorithm, tsig64)) {
         g_log << Logger::Error << "TSIG key '" << tsigkeyname << "' for domain '" << target << "' not found" << endl;
         return 0;

diff --git a/pdns/test-tsig.cc b/pdns/test-tsig.cc
index 38aa7cc7d11c8aa59a2a25d7693fc7aa0e278165..f53060857f463fdb4e9dcfbf66860750b2753efa 100644 (file)
--- a/pdns/test-tsig.cc
+++ b/pdns/test-tsig.cc
@@ -160,7 +160,7 @@ BOOST_AUTO_TEST_CASE(test_TSIG_different_name_same_algo) {
 
   vector<uint8_t> packet = generateTSIGQuery(qname, tsigName, tsigAlgo, tsigSecret);
 
-  checkTSIG(tsigName, DNSName("hmac-md5."), tsigSecret, packet);
+  checkTSIG(tsigName, g_hmacmd5dnsname, tsigSecret, packet);
 }
 
 BOOST_AUTO_TEST_CASE(test_TSIG_bad_key_name) {

diff --git a/pdns/tkey.cc b/pdns/tkey.cc
index 13a0436f2283d7bf487e234cb5f673fe14910553..dc2590772b9d38ce2e7a5387cf5a14327e70cec6 100644 (file)
--- a/pdns/tkey.cc
+++ b/pdns/tkey.cc
@@ -38,7 +38,7 @@ void PacketHandler::tkeyHandler(const DNSPacket& p, std::unique_ptr<DNSPacket>&
   if (tkey_in.d_mode == 3) { // establish context
 #ifdef ENABLE_GSS_TSIG
     if (g_doGssTSIG) {
-      if (tkey_in.d_algo == DNSName("gss-tsig.")) {
+      if (tkey_in.d_algo == g_gsstsigdnsname) {
         std::vector<std::string> meta;
         ZoneName tmpName(name);
         do {
@@ -117,7 +117,7 @@ void PacketHandler::tkeyHandler(const DNSPacket& p, std::unique_ptr<DNSPacket>&
   if (sign)
   {
     TSIGRecordContent trc;
-    trc.d_algoName = DNSName("gss-tsig");
+    trc.d_algoName = g_gsstsigdnsname;
     trc.d_time = inception;
     trc.d_fudge = 300;
     trc.d_mac = "";

diff --git a/pdns/tsig-tests.cc b/pdns/tsig-tests.cc
index 5b1c86965c192c2b8f89317021e97b4a5bfc12cc..7b13f325b3b6029e57e81c6a6bfdb519d9314751 100644 (file)
--- a/pdns/tsig-tests.cc
+++ b/pdns/tsig-tests.cc
@@ -49,7 +49,7 @@ try
   DNSName keyname("pdns-b-aa");
 
   TSIGRecordContent trc;
-  trc.d_algoName=DNSName("hmac-md5.sig-alg.reg.int");
+  trc.d_algoName=g_hmacmd5dnsname_long;
   trc.d_time=time(0);
   trc.d_fudge=300;
   trc.d_origID=ntohs(pw.getHeader()->id);
@@ -62,7 +62,7 @@ try
   cerr<<"Keyname: '"<<keyname<<"', algo: '"<<trc.d_algoName<<"', key: '"<<Base64Encode(key)<<"'\n";
   TSIGTriplet tt;
   tt.name=keyname;
-  tt.algo=DNSName("hmac-md5");
+  tt.algo=g_hmacmd5dnsname;
   tt.secret=key;
   AXFRRetriever axfr(dest, ZoneName("b.aa"), tt);
   vector<DNSResourceRecord> res;