Order will be adjusted later to remove holes.
const char *name;
int r;
- /* Checks whether the specified RRSIG RR is somewhat valid, and initializes the .n_skip_labels_source and
- * .n_skip_labels_signer fields so that we can use them later on. */
+ /* Checks whether the specified RRSIG RR is somewhat valid, and initializes the .n_skip_labels_source
+ * and .n_skip_labels_signer fields so that we can use them later on. */
assert(rrsig);
assert(rrsig->key->type == DNS_TYPE_RRSIG);
/* Check if this RRSIG RR is already prepared */
- if (rrsig->n_skip_labels_source != UINT_MAX)
+ if (rrsig->n_skip_labels_source != UINT8_MAX)
return 0;
if (rrsig->rrsig.inception > rrsig->rrsig.expiration)
if (r == 0)
return -EINVAL;
+ assert(n_key_labels < UINT8_MAX); /* UINT8_MAX/-1 means unsigned. */
rrsig->n_skip_labels_source = n_key_labels - rrsig->rrsig.labels;
rrsig->n_skip_labels_signer = n_key_labels - n_signer_labels;
/* Ignore NSEC3 RRs generated from wildcards. If these NSEC3 RRs weren't correctly signed we can't make this
* check (since rr->n_skip_labels_source is -1), but that's OK, as we won't trust them anyway in that case. */
- if (!IN_SET(rr->n_skip_labels_source, 0, UINT_MAX))
+ if (!IN_SET(rr->n_skip_labels_source, 0, UINT8_MAX))
return 0;
/* Ignore NSEC3 RRs that are located anywhere else than one label below the zone */
- if (!IN_SET(rr->n_skip_labels_signer, 1, UINT_MAX))
+ if (!IN_SET(rr->n_skip_labels_signer, 1, UINT8_MAX))
return 0;
if (!nsec3)
.n_ref = 1,
.key = dns_resource_key_ref(key),
.expiry = USEC_INFINITY,
- .n_skip_labels_signer = UINT_MAX,
- .n_skip_labels_source = UINT_MAX,
+ .n_skip_labels_signer = UINT8_MAX,
+ .n_skip_labels_source = UINT8_MAX,
};
return rr;
/* Returns the RRset's signer, if it is known. */
- if (rr->n_skip_labels_signer == UINT_MAX)
+ if (rr->n_skip_labels_signer == UINT8_MAX)
return -ENODATA;
n = dns_resource_key_name(rr->key);
/* Returns the RRset's synthesizing source, if it is known. */
- if (rr->n_skip_labels_source == UINT_MAX)
+ if (rr->n_skip_labels_source == UINT8_MAX)
return -ENODATA;
n = dns_resource_key_name(rr->key);
/* Returns > 0 if the RR is generated from a wildcard, and is not the asterisk name itself */
- if (rr->n_skip_labels_source == UINT_MAX)
+ if (rr->n_skip_labels_source == UINT8_MAX)
return -ENODATA;
if (rr->n_skip_labels_source == 0)
#include <netinet/in.h>
#include "bitmap.h"
+#include "dns-def.h"
#include "dns-type.h"
#include "hashmap.h"
#include "in-addr-util.h"
usec_t expiry; /* RRSIG signature expiry */
/* How many labels to strip to determine "signer" of the RRSIG (aka, the zone). -1 if not signed. */
- unsigned n_skip_labels_signer;
+ uint8_t n_skip_labels_signer;
/* How many labels to strip to determine "synthesizing source" of this RR, i.e. the wildcard's immediate parent. -1 if not signed. */
- unsigned n_skip_labels_source;
+ uint8_t n_skip_labels_source;
bool unparsable:1;
};
};
+/* We use uint8_t for label counts above, and UINT8_MAX/-1 has special meaning. */
+assert_cc(DNS_N_LABELS_MAX < UINT8_MAX);
+
static inline const void* DNS_RESOURCE_RECORD_RDATA(const DnsResourceRecord *rr) {
if (!rr)
return NULL;
projects / thirdparty / systemd.git / commitdiff
