TLSA

diff --git a/Changelog b/Changelog
index 3af325e71e4d161942d345bd8db9faea6439f70d..279ceba5846d4815e66e6b3854c4848a6cc4e5ad 100644 (file)
--- a/Changelog
+++ b/Changelog
@@ -17,6 +17,7 @@
        * bugfix #429: fix doxyparse.pl fails on NetBSD because specified
          path to perl.
        * New ECDSA support (RFC 6605), use --disable-ecdsa for older openssl.
+       * New TLSA support (draft-ietf-dane-protocol).
 
 1.6.12
        * bugfix #413: Fix manpage source for srcdir != builddir

diff --git a/ldns/rr.h b/ldns/rr.h
index 2e1dd76b48f20d42114d0c36d427f70716264f61..11aab392a9d9d6d24ebd907b2fb252f5fe5f76d8 100644 (file)
--- a/ldns/rr.h
+++ b/ldns/rr.h
@@ -37,7 +37,7 @@ extern "C" {
 #define LDNS_RR_OVERHEAD       10
 
 /* The first fields are 'common' and can be referenced instantly */
-#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON 52
+#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON 53
 
 
 
@@ -166,19 +166,21 @@ enum ldns_enum_rr_type
        /**  draft-ietf-dnsext-delegation */
        LDNS_RR_TYPE_DS = 43,
        /**  SSH Key Fingerprint */
-       LDNS_RR_TYPE_SSHFP = 44,
-       /**  draft-richardson-ipseckey-rr-11.txt */
-       LDNS_RR_TYPE_IPSECKEY = 45,
-       /**  draft-ietf-dnsext-dnssec-25 */
-       LDNS_RR_TYPE_RRSIG = 46,
-       LDNS_RR_TYPE_NSEC = 47,
-       LDNS_RR_TYPE_DNSKEY = 48,
-       LDNS_RR_TYPE_DHCID = 49,
-
-       LDNS_RR_TYPE_NSEC3 = 50,
-       LDNS_RR_TYPE_NSEC3PARAM = 51,
+       LDNS_RR_TYPE_SSHFP = 44, /* RFC 4255 */
+       /**  IPsec Key */
+       LDNS_RR_TYPE_IPSECKEY = 45, /* RFC 4025 */
+       /**  DNSSEC */
+       LDNS_RR_TYPE_RRSIG = 46, /* RFC 4034 */
+       LDNS_RR_TYPE_NSEC = 47, /* RFC 4034 */
+       LDNS_RR_TYPE_DNSKEY = 48, /* RFC 4034 */
+
+       LDNS_RR_TYPE_DHCID = 49, /* RFC 4701 */
+       /* NSEC3 */
+       LDNS_RR_TYPE_NSEC3 = 50, /* RFC 5155 */
+       LDNS_RR_TYPE_NSEC3PARAM = 51, /* RFC 5155 */
        LDNS_RR_TYPE_NSEC3PARAMS = 51,
-
+       /* draft-ieft-dane-protocol */
+       LDNS_RR_TYPE_TLSA = 52,
         /** draft-ietf-dnsop-trust-history */
         LDNS_RR_TYPE_TALINK = 58,
 

diff --git a/rr.c b/rr.c
index 09f4ad86d9c29131345d2e1c4cc191222e2fa6d1..230d1891c5f06419cdbeb5850802fee9e6b096a4 100644 (file)
--- a/rr.c
+++ b/rr.c
@@ -1941,6 +1941,10 @@ static const ldns_rdf_type type_tsig_wireformat[] = {
        LDNS_RDF_TYPE_INT16,
        LDNS_RDF_TYPE_INT16_DATA
 };
+
+static const ldns_rdf_type type_tlsa_wireformat[] = {
+       LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_HEX
+};
 /** \endcond */
 
 /** \cond */
@@ -2054,12 +2058,14 @@ static ldns_rr_descriptor rdata_field_descriptors[] = {
        /* 51 */
 {LDNS_RR_TYPE_NSEC3PARAM, "NSEC3PARAM", 4, 4, type_nsec3param_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
        /* 52 */
-{LDNS_RR_TYPE_NULL, "TYPE52", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_TLSA, "TLSA", 4, 4, type_tlsa_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+
 {LDNS_RR_TYPE_NULL, "TYPE53", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
 {LDNS_RR_TYPE_NULL, "TYPE54", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
 {LDNS_RR_TYPE_NULL, "TYPE55", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
 {LDNS_RR_TYPE_NULL, "TYPE56", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
 {LDNS_RR_TYPE_NULL, "TYPE57", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+       /* 58 */
 {LDNS_RR_TYPE_TALINK, "TALINK", 2, 2, type_talink_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 2 },
 {LDNS_RR_TYPE_NULL, "TYPE59", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
 {LDNS_RR_TYPE_NULL, "TYPE60", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },