From: Otto Date: Wed, 15 Dec 2021 11:12:45 +0000 (+0100) Subject: Reformat X-Git-Tag: auth-4.7.0-alpha1~67^2~6 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2eaaa7c1c2fb6b3b33c2e4bccc0aa63d1bb5d7ed;p=thirdparty%2Fpdns.git Reformat --- diff --git a/pdns/sha.hh b/pdns/sha.hh index 7284dda113..18c445ee28 100644 --- a/pdns/sha.hh +++ b/pdns/sha.hh @@ -55,63 +55,64 @@ inline std::string pdns_sha512sum(const std::string& input) namespace pdns { - class SHADigest +class SHADigest +{ +public: + SHADigest(int bits) { - public: - SHADigest(int bits) - { - mdctx = EVP_MD_CTX_new(); - if (mdctx == nullptr) { - throw std::runtime_error("VSHADigest: P_MD_CTX_new failed"); - } - switch (bits) { - case 256: - md = EVP_sha256(); - break; - case 384: - md = EVP_sha384(); - break; - case 512: - md = EVP_sha512(); - break; - default: - throw std::runtime_error("SHADigest: unsupported size"); - } - if (EVP_DigestInit_ex(mdctx, md, NULL) == 0) { - throw std::runtime_error("SHADigest: init error"); - } + mdctx = EVP_MD_CTX_new(); + if (mdctx == nullptr) { + throw std::runtime_error("VSHADigest: P_MD_CTX_new failed"); + } + switch (bits) { + case 256: + md = EVP_sha256(); + break; + case 384: + md = EVP_sha384(); + break; + case 512: + md = EVP_sha512(); + break; + default: + throw std::runtime_error("SHADigest: unsupported size"); } + if (EVP_DigestInit_ex(mdctx, md, NULL) == 0) { + throw std::runtime_error("SHADigest: init error"); + } + } - ~SHADigest() - { - // No free of md needed afaik - if (mdctx != nullptr) { - EVP_MD_CTX_free(mdctx); - } + ~SHADigest() + { + // No free of md needed afaik + if (mdctx != nullptr) { + EVP_MD_CTX_free(mdctx); } + } - void process(const std::string& msg, size_t sz) - { - if (EVP_DigestUpdate(mdctx, msg.data(), msg.size()) == 0) { - throw std::runtime_error("SHADigest: update error"); - } + void process(const std::string& msg, size_t sz) + { + if (EVP_DigestUpdate(mdctx, msg.data(), msg.size()) == 0) { + throw std::runtime_error("SHADigest: update error"); } + } - std::string digest() - { - std::string md_value; - md_value.resize(EVP_MD_size(md)); - unsigned int md_len; - if (EVP_DigestFinal_ex(mdctx, reinterpret_cast(md_value.data()), &md_len) == 0) { - throw std::runtime_error("SHADigest: finalize error"); - } - if (md_len != md_value.size()) { - throw std::runtime_error("SHADigest: inconsisten size"); - } - return md_value; + std::string digest() + { + std::string md_value; + md_value.resize(EVP_MD_size(md)); + unsigned int md_len; + if (EVP_DigestFinal_ex(mdctx, reinterpret_cast(md_value.data()), &md_len) == 0) { + throw std::runtime_error("SHADigest: finalize error"); } - private: - EVP_MD_CTX *mdctx{nullptr}; - const EVP_MD *md; - }; + if (md_len != md_value.size()) { + throw std::runtime_error("SHADigest: inconsisten size"); + } + return md_value; + } + +private: + EVP_MD_CTX* mdctx{nullptr}; + const EVP_MD* md; +}; } diff --git a/pdns/test-zonemd_cc.cc b/pdns/test-zonemd_cc.cc index f9974d88b5..84130ef62b 100644 --- a/pdns/test-zonemd_cc.cc +++ b/pdns/test-zonemd_cc.cc @@ -8,7 +8,8 @@ BOOST_AUTO_TEST_SUITE(test_zonemd_cc) -static void testZoneMD(const std::string& zone, const std::string& file, bool ex, bool done, bool ok) { +static void testZoneMD(const std::string& zone, const std::string& file, bool ex, bool done, bool ok) +{ const char* p = std::getenv("SRCDIR"); if (!p) { p = "."; @@ -36,56 +37,68 @@ static void testZoneMD(const std::string& zone, const std::string& file, bool ex BOOST_CHECK(validationOK == ok); } - -BOOST_AUTO_TEST_CASE(test_zonemd1) { +BOOST_AUTO_TEST_CASE(test_zonemd1) +{ testZoneMD("example", "zonemd1.zone", false, true, true); } -BOOST_AUTO_TEST_CASE(test_zonemd2) { +BOOST_AUTO_TEST_CASE(test_zonemd2) +{ testZoneMD("example", "zonemd2.zone", false, true, true); } -BOOST_AUTO_TEST_CASE(test_zonemd3) { +BOOST_AUTO_TEST_CASE(test_zonemd3) +{ testZoneMD("example", "zonemd3.zone", false, true, true); } -BOOST_AUTO_TEST_CASE(test_zonemd4) { +BOOST_AUTO_TEST_CASE(test_zonemd4) +{ testZoneMD("uri.arpa", "zonemd4.zone", false, true, true); } -BOOST_AUTO_TEST_CASE(test_zonemd5) { +BOOST_AUTO_TEST_CASE(test_zonemd5) +{ testZoneMD("root-servers.net", "zonemd5.zone", false, true, true); } -BOOST_AUTO_TEST_CASE(test_zonemd6) { +BOOST_AUTO_TEST_CASE(test_zonemd6) +{ testZoneMD("example", "zonemd-invalid.zone", false, true, false); } -BOOST_AUTO_TEST_CASE(test_zonemd7) { +BOOST_AUTO_TEST_CASE(test_zonemd7) +{ testZoneMD("example", "zonemd-nozonemd.zone", false, false, false); } -BOOST_AUTO_TEST_CASE(test_zonemd8) { +BOOST_AUTO_TEST_CASE(test_zonemd8) +{ testZoneMD("example", "zonemd-allunsup.zone", false, false, false); } -BOOST_AUTO_TEST_CASE(test_zonemd9) { +BOOST_AUTO_TEST_CASE(test_zonemd9) +{ testZoneMD("example", "zonemd-sha512.zone", false, true, true); } -BOOST_AUTO_TEST_CASE(test_zonemd10) { +BOOST_AUTO_TEST_CASE(test_zonemd10) +{ testZoneMD("example", "zonemd-serialmismatch.zone", false, false, false); } -BOOST_AUTO_TEST_CASE(test_zonemd11) { +BOOST_AUTO_TEST_CASE(test_zonemd11) +{ testZoneMD("example", "zonemd-duplicate.zone", false, false, false); } -BOOST_AUTO_TEST_CASE(test_zonemd12) { +BOOST_AUTO_TEST_CASE(test_zonemd12) +{ testZoneMD("root-servers.net", "zonemd-syntax.zone", true, false, false); } -BOOST_AUTO_TEST_CASE(test_zonemd13) { +BOOST_AUTO_TEST_CASE(test_zonemd13) +{ testZoneMD("xxx", "zonemd1.zone", false, false, false); } diff --git a/pdns/zonemd.cc b/pdns/zonemd.cc index 77e99dd4d1..afebdfc1dd 100644 --- a/pdns/zonemd.cc +++ b/pdns/zonemd.cc @@ -8,12 +8,12 @@ typedef std::pair rrSetKey_t; typedef std::vector> rrVector_t; -struct CanonrrSetKeyCompare: public std::binary_function +struct CanonrrSetKeyCompare : public std::binary_function { - bool operator()(const rrSetKey_t&a, const rrSetKey_t& b) const + bool operator()(const rrSetKey_t& a, const rrSetKey_t& b) const { // FIXME surely we can be smarter here - if(a.first.canonCompare(b.first)) { + if (a.first.canonCompare(b.first)) { return true; } if (b.first.canonCompare(a.first)) { @@ -25,7 +25,7 @@ struct CanonrrSetKeyCompare: public std::binary_function RRsetMap_t; -void pdns::zonemdVerify(const DNSName& zone, ZoneParserTNG &zpt, bool& validationDone, bool& validationOK) +void pdns::zonemdVerify(const DNSName& zone, ZoneParserTNG& zpt, bool& validationDone, bool& validationOK) { validationDone = false; validationOK = false; @@ -59,7 +59,7 @@ void pdns::zonemdVerify(const DNSName& zone, ZoneParserTNG &zpt, bool& validatio drc = DNSRecordContent::mastermake(dnsrr.qtype, QClass::IN, dnsrr.content); } catch (const PDNSException& pe) { - std::string err = "Bad record content in record for '" + dnsrr.qname.toStringNoDot() + "'|" + dnsrr.qtype.toString() + ": "+ pe.reason; + std::string err = "Bad record content in record for '" + dnsrr.qname.toStringNoDot() + "'|" + dnsrr.qtype.toString() + ": " + pe.reason; throw PDNSException(err); } catch (const std::exception& e) { @@ -85,7 +85,7 @@ void pdns::zonemdVerify(const DNSName& zone, ZoneParserTNG &zpt, bool& validatio // Determine which digests to compute based on accepted zonemd records present unique_ptr sha384digest{nullptr}, sha512digest{nullptr}; - for (auto it = zonemdRecords.begin(); it != zonemdRecords.end(); ) { + for (auto it = zonemdRecords.begin(); it != zonemdRecords.end();) { // The SOA Serial field MUST exactly match the ZONEMD Serial // field. If the fields do not match, digest verification MUST // NOT be considered successful with this ZONEMD RR. @@ -99,9 +99,7 @@ void pdns::zonemdVerify(const DNSName& zone, ZoneParserTNG &zpt, bool& validatio // considered successful with this ZONEMD RR. const auto duplicate = it->second.duplicate; const auto& r = it->second.record; - if (!duplicate && r->d_serial == soarc->d_st.serial && - r->d_scheme == 1 && - (r->d_hashalgo == 1 || r->d_hashalgo == 2)) { + if (!duplicate && r->d_serial == soarc->d_st.serial && r->d_scheme == 1 && (r->d_hashalgo == 1 || r->d_hashalgo == 2)) { // A supported ZONEMD record if (r->d_hashalgo == 1) { sha384digest = make_unique(384); @@ -110,7 +108,8 @@ void pdns::zonemdVerify(const DNSName& zone, ZoneParserTNG &zpt, bool& validatio sha512digest = make_unique(512); } ++it; - } else { + } + else { it = zonemdRecords.erase(it); } } @@ -126,7 +125,7 @@ void pdns::zonemdVerify(const DNSName& zone, ZoneParserTNG &zpt, bool& validatio }; // Compute requested digests - for (auto& rrset: RRsets) { + for (auto& rrset : RRsets) { const auto& qname = rrset.first.first; const auto& qtype = rrset.first.second; if (qtype == QType::ZONEMD && qname == zone) { @@ -134,7 +133,7 @@ void pdns::zonemdVerify(const DNSName& zone, ZoneParserTNG &zpt, bool& validatio } sortedRecords_t sorted; - for (auto& rr: rrset.second) { + for (auto& rr : rrset.second) { if (qtype == QType::RRSIG) { const auto rrsig = std::dynamic_pointer_cast(rr); if (rrsig->d_type == QType::ZONEMD && qname == zone) { @@ -150,7 +149,8 @@ void pdns::zonemdVerify(const DNSName& zone, ZoneParserTNG &zpt, bool& validatio rrc.d_type = qtype; auto msg = getMessageForRRSET(qname, rrc, sorted, false, false); hash(msg); - } else { + } + else { // RRSIG is special, since original TTL depends on qtype covered by RRSIG // which can be different per record for (const auto& rrsig : sorted) { @@ -158,7 +158,7 @@ void pdns::zonemdVerify(const DNSName& zone, ZoneParserTNG &zpt, bool& validatio RRSIGRecordContent rrc; rrc.d_originalttl = RRsetTTLs[pair(rrset.first.first, rrsigc->d_type)]; rrc.d_type = qtype; - auto msg = getMessageForRRSET(qname, rrc, { rrsigc }, false, false); + auto msg = getMessageForRRSET(qname, rrc, {rrsigc}, false, false); hash(msg); } } diff --git a/pdns/zonemd.hh b/pdns/zonemd.hh index f4ef53bc74..3091756688 100644 --- a/pdns/zonemd.hh +++ b/pdns/zonemd.hh @@ -28,6 +28,6 @@ class ZoneParserTNG; namespace pdns { - void zonemdVerify(const DNSName& zone, ZoneParserTNG &zpt, bool& validationDone, bool& validationOK); +void zonemdVerify(const DNSName& zone, ZoneParserTNG& zpt, bool& validationDone, bool& validationOK); }