This file is part of systemd.
Copyright 2015 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include "sd-messages.h"
}
if (strcaseeq(type, "DS")) {
- _cleanup_free_ char *key_tag = NULL, *algorithm = NULL, *digest_type = NULL, *digest = NULL;
+ _cleanup_free_ char *key_tag = NULL, *algorithm = NULL, *digest_type = NULL;
_cleanup_free_ void *dd = NULL;
uint16_t kt;
int a, dt;
size_t l;
- r = extract_many_words(&p, NULL, 0, &key_tag, &algorithm, &digest_type, &digest, NULL);
+ r = extract_many_words(&p, NULL, 0, &key_tag, &algorithm, &digest_type, NULL);
if (r < 0) {
log_warning_errno(r, "Failed to parse DS parameters on line %s:%u: %m", path, line);
return -EINVAL;
}
- if (r != 4) {
+ if (r != 3) {
log_warning("Missing DS parameters on line %s:%u", path, line);
return -EINVAL;
}
return -EINVAL;
}
- r = unhexmem(digest, strlen(digest), &dd, &l);
+ if (isempty(p)) {
+ log_warning("Missing DS digest on line %s:%u", path, line);
+ return -EINVAL;
+ }
+
+ r = unhexmem(p, strlen(p), &dd, &l);
if (r < 0) {
- log_warning("Failed to parse DS digest %s on line %s:%u", digest, path, line);
+ log_warning("Failed to parse DS digest %s on line %s:%u", p, path, line);
return -EINVAL;
}
rr->ds.digest = TAKE_PTR(dd);
} else if (strcaseeq(type, "DNSKEY")) {
- _cleanup_free_ char *flags = NULL, *protocol = NULL, *algorithm = NULL, *key = NULL;
+ _cleanup_free_ char *flags = NULL, *protocol = NULL, *algorithm = NULL;
_cleanup_free_ void *k = NULL;
uint16_t f;
size_t l;
int a;
- r = extract_many_words(&p, NULL, 0, &flags, &protocol, &algorithm, &key, NULL);
+ r = extract_many_words(&p, NULL, 0, &flags, &protocol, &algorithm, NULL);
if (r < 0)
return log_warning_errno(r, "Failed to parse DNSKEY parameters on line %s:%u: %m", path, line);
- if (r != 4) {
+ if (r != 3) {
log_warning("Missing DNSKEY parameters on line %s:%u", path, line);
return -EINVAL;
}
return -EINVAL;
}
- r = unbase64mem(key, strlen(key), &k, &l);
+ if (isempty(p)) {
+ log_warning("Missing DNSKEY key on line %s:%u", path, line);
+ return -EINVAL;
+ }
+
+ r = unbase64mem(p, strlen(p), &k, &l);
if (r < 0)
- return log_warning_errno(r, "Failed to parse DNSKEY key data %s on line %s:%u", key, path, line);
+ return log_warning_errno(r, "Failed to parse DNSKEY key data %s on line %s:%u", p, path, line);
rr = dns_resource_record_new_full(DNS_CLASS_IN, DNS_TYPE_DNSKEY, domain);
if (!rr)
return -EINVAL;
}
- if (!isempty(p)) {
- log_warning("Trailing garbage on line %s:%u, ignoring line.", path, line);
- return -EINVAL;
- }
-
r = hashmap_ensure_allocated(&d->positive_by_key, &dns_resource_key_hash_ops);
if (r < 0)
return log_oom();
/* We found the key! Warn the user */
log_struct(LOG_WARNING,
"MESSAGE_ID=" SD_MESSAGE_DNSSEC_TRUST_ANCHOR_REVOKED_STR,
- LOG_MESSAGE("DNSSEC Trust anchor %s has been revoked. Please update the trust anchor, or upgrade your operating system."), strna(dns_resource_record_to_string(rr)),
- "TRUST_ANCHOR=%s", dns_resource_record_to_string(rr),
- NULL);
+ LOG_MESSAGE("DNSSEC Trust anchor %s has been revoked. Please update the trust anchor, or upgrade your operating system."),
+ strna(dns_resource_record_to_string(rr)),
+ "TRUST_ANCHOR=%s", dns_resource_record_to_string(rr));
if (dns_answer_size(new_answer) <= 0) {
assert_se(hashmap_remove(d->positive_by_key, rr->key) == old_answer);