csync01 CSYNC 0 0 A NS AAAA
csync02 CSYNC 0 0
-; type 63 -- 98 (unassigned)
+;type 63
+zonemd01 ZONEMD 2019020700 1 0 (
+ C220B8A6ED5728A971902F7E3D4FD93A
+ DEEA88B0453C2E8E8C863D465AB06CF3
+ 4EB95B266398C98B59124FA239CB7EEB
+ )
+
+; type 64 -- 98 (unassigned)
; type 99
spf01 SPF "v=spf1 -all"
CDNSKEY
OPENPGPKEY
CSYNC
+ZONEMD
SPF
UINFO
UID
wks02.example. 3600 IN WKS 10.0.0.1 17 0 1 2 53
wks03.example. 3600 IN WKS 10.0.0.2 6 65535
x2501.example. 3600 IN X25 "123456789"
+zonemd01.example. 3600 IN ZONEMD 2019020700 1 0 C220B8A6ED5728A971902F7E3D4FD93ADEEA88B0453C2E8E8C863D46 5AB06CF34EB95B266398C98B59124FA239CB7EEB
8f1tmio9avcom2k0frp92lgcumak0cad.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C 8FPNS2UCT7FBS643THP2B77PEQ77K6IU A NS SOA MX AAAA RRSIG DNSKEY NSEC3PARAM
kcd3juae64f9c5csl1kif1htaui7un0g.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C KD5MN2M20340DGO0BL7NTSB8JP4BSC7E
mr5ukvsk1l37btu4q7b1dfevft4hkqdk.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C MT38J6VG7S0SN5G17MCUF6IQIKFUAJ05 A AAAA RRSIG
wks02.example. 3600 IN WKS 10.0.0.1 17 0 1 2 53
wks03.example. 3600 IN WKS 10.0.0.2 6 65535
x2501.example. 3600 IN X25 "123456789"
+zonemd01.example. 3600 IN ZONEMD 2019020700 1 0 C220B8A6ED5728A971902F7E3D4FD93ADEEA88B0453C2E8E8C863D46 5AB06CF34EB95B266398C98B59124FA239CB7EEB
8f1tmio9avcom2k0frp92lgcumak0cad.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C 8FPNS2UCT7FBS643THP2B77PEQ77K6IU A NS SOA MX AAAA RRSIG DNSKEY NSEC3PARAM
kcd3juae64f9c5csl1kif1htaui7un0g.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C KD5MN2M20340DGO0BL7NTSB8JP4BSC7E
mr5ukvsk1l37btu4q7b1dfevft4hkqdk.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C MT38J6VG7S0SN5G17MCUF6IQIKFUAJ05 A AAAA RRSIG
--- /dev/null
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+/* draft-wessels-zone-digest-05 */
+
+#ifndef RDATA_GENERIC_ZONEMD_63_C
+#define RDATA_GENERIC_ZONEMD_63_C
+
+#define RRTYPE_ZONEMD_ATTRIBUTES 0
+
+static inline isc_result_t
+fromtext_zonemd(ARGS_FROMTEXT) {
+ isc_token_t token;
+ int digest_type, length;
+
+ UNUSED(type);
+ UNUSED(rdclass);
+ UNUSED(origin);
+ UNUSED(options);
+ UNUSED(callbacks);
+
+ /*
+ * Serial.
+ */
+ RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number,
+ false));
+ RETERR(uint32_tobuffer(token.value.as_ulong, target));
+
+ /*
+ * Digest type.
+ */
+ RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number,
+ false));
+ digest_type = token.value.as_ulong;
+ RETERR(uint8_tobuffer(digest_type, target));
+
+ /*
+ * Reserved.
+ */
+ RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number,
+ false));
+ RETERR(uint8_tobuffer(token.value.as_ulong, target));
+
+ /*
+ * Digest.
+ */
+ switch (digest_type) {
+ case DNS_ZONEMD_DIGEST_SHA384:
+ length = ISC_SHA384_DIGESTLENGTH;
+ break;
+ default:
+ length = -2;
+ break;
+ }
+
+ return (isc_hex_tobuffer(lexer, target, length));
+}
+
+static inline isc_result_t
+totext_zonemd(ARGS_TOTEXT) {
+ isc_region_t sr;
+ char buf[sizeof("0123456789")];
+ unsigned long num;
+
+ REQUIRE(rdata->length != 0);
+
+ UNUSED(tctx);
+
+ dns_rdata_toregion(rdata, &sr);
+
+ /*
+ * Serial.
+ */
+ num = uint32_fromregion(&sr);
+ isc_region_consume(&sr, 4);
+ snprintf(buf, sizeof(buf), "%lu", num);
+ RETERR(str_totext(buf, target));
+
+ RETERR(str_totext(" ", target));
+
+ /*
+ * Digest type.
+ */
+ num = uint8_fromregion(&sr);
+ isc_region_consume(&sr, 1);
+ snprintf(buf, sizeof(buf), "%lu", num);
+ RETERR(str_totext(buf, target));
+
+ RETERR(str_totext(" ", target));
+ /*
+ * Reserved.
+ */
+ num = uint8_fromregion(&sr);
+ isc_region_consume(&sr, 1);
+ snprintf(buf, sizeof(buf), "%lu", num);
+ RETERR(str_totext(buf, target));
+
+ /*
+ * Digest.
+ */
+ if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0)
+ RETERR(str_totext(" (", target));
+ RETERR(str_totext(tctx->linebreak, target));
+ if ((tctx->flags & DNS_STYLEFLAG_NOCRYPTO) == 0) {
+ if (tctx->width == 0) /* No splitting */
+ RETERR(isc_hex_totext(&sr, 0, "", target));
+ else
+ RETERR(isc_hex_totext(&sr, tctx->width - 2,
+ tctx->linebreak, target));
+ } else {
+ RETERR(str_totext("[omitted]", target));
+ }
+ if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) {
+ RETERR(str_totext(" )", target));
+ }
+ return (ISC_R_SUCCESS);
+}
+
+static inline isc_result_t
+fromwire_zonemd(ARGS_FROMWIRE) {
+ isc_region_t sr;
+
+ UNUSED(type);
+ UNUSED(rdclass);
+ UNUSED(dctx);
+ UNUSED(options);
+
+ isc_buffer_activeregion(source, &sr);
+
+ /*
+ * Check digest lengths if we know them.
+ */
+ if (sr.length < 6 ||
+ (sr.base[4] == DNS_ZONEMD_DIGEST_SHA384 &&
+ sr.length < 6 + ISC_SHA384_DIGESTLENGTH))
+ {
+ return (ISC_R_UNEXPECTEDEND);
+ }
+
+ /*
+ * Only copy digest lengths if we know them.
+ * If there is extra data dns_rdata_fromwire() will
+ * detect that.
+ */
+ if (sr.base[4] == DNS_ZONEMD_DIGEST_SHA384) {
+ sr.length = 6 + ISC_SHA384_DIGESTLENGTH;
+ }
+
+ isc_buffer_forward(source, sr.length);
+ return (mem_tobuffer(target, sr.base, sr.length));
+}
+
+static inline isc_result_t
+towire_zonemd(ARGS_TOWIRE) {
+ isc_region_t sr;
+
+ REQUIRE(rdata->type == dns_rdatatype_zonemd);
+ REQUIRE(rdata->length != 0);
+
+ UNUSED(cctx);
+
+ dns_rdata_toregion(rdata, &sr);
+ return (mem_tobuffer(target, sr.base, sr.length));
+}
+
+static inline int
+compare_zonemd(ARGS_COMPARE) {
+ isc_region_t r1;
+ isc_region_t r2;
+
+ REQUIRE(rdata1->type == rdata2->type);
+ REQUIRE(rdata1->rdclass == rdata2->rdclass);
+ REQUIRE(rdata1->type == dns_rdatatype_zonemd);
+ REQUIRE(rdata1->length != 0);
+ REQUIRE(rdata2->length != 0);
+
+ dns_rdata_toregion(rdata1, &r1);
+ dns_rdata_toregion(rdata2, &r2);
+ return (isc_region_compare(&r1, &r2));
+}
+
+static inline isc_result_t
+fromstruct_zonemd(ARGS_FROMSTRUCT) {
+ dns_rdata_zonemd_t *zonemd = source;
+
+ REQUIRE(source != NULL);
+ REQUIRE(zonemd->common.rdtype == type);
+ REQUIRE(zonemd->common.rdclass == rdclass);
+
+ UNUSED(type);
+ UNUSED(rdclass);
+
+ switch (zonemd->digest_type) {
+ case DNS_ZONEMD_DIGEST_SHA384:
+ REQUIRE(zonemd->length == ISC_SHA384_DIGESTLENGTH);
+ break;
+ }
+
+ RETERR(uint32_tobuffer(zonemd->serial, target));
+ RETERR(uint8_tobuffer(zonemd->digest_type, target));
+ RETERR(uint8_tobuffer(zonemd->reserved, target));
+
+ return (mem_tobuffer(target, zonemd->digest, zonemd->length));
+}
+
+static inline isc_result_t
+tostruct_zonemd(ARGS_TOSTRUCT) {
+ dns_rdata_zonemd_t *zonemd = target;
+ isc_region_t region;
+
+ REQUIRE(rdata->type == dns_rdatatype_zonemd);
+ REQUIRE(target != NULL);
+ REQUIRE(rdata->length != 0);
+
+ zonemd->common.rdclass = rdata->rdclass;
+ zonemd->common.rdtype = rdata->type;
+ ISC_LINK_INIT(&zonemd->common, link);
+
+ dns_rdata_toregion(rdata, ®ion);
+
+ zonemd->serial = uint32_fromregion(®ion);
+ isc_region_consume(®ion, 4);
+ zonemd->digest_type = uint8_fromregion(®ion);
+ isc_region_consume(®ion, 1);
+ zonemd->reserved = uint8_fromregion(®ion);
+ isc_region_consume(®ion, 1);
+ zonemd->length = region.length;
+
+ zonemd->digest = mem_maybedup(mctx, region.base, region.length);
+ if (zonemd->digest == NULL) {
+ return (ISC_R_NOMEMORY);
+ }
+
+ zonemd->mctx = mctx;
+ return (ISC_R_SUCCESS);
+}
+
+static inline void
+freestruct_zonemd(ARGS_FREESTRUCT) {
+ dns_rdata_zonemd_t *zonemd = source;
+
+ REQUIRE(zonemd != NULL);
+ REQUIRE(zonemd->common.rdtype == dns_rdatatype_zonemd);
+
+ if (zonemd->mctx == NULL) {
+ return;
+ }
+
+ if (zonemd->digest != NULL) {
+ isc_mem_free(zonemd->mctx, zonemd->digest);
+ }
+ zonemd->mctx = NULL;
+}
+
+static inline isc_result_t
+additionaldata_zonemd(ARGS_ADDLDATA) {
+ REQUIRE(rdata->type == dns_rdatatype_zonemd);
+
+ UNUSED(rdata);
+ UNUSED(add);
+ UNUSED(arg);
+
+ return (ISC_R_SUCCESS);
+}
+
+static inline isc_result_t
+digest_zonemd(ARGS_DIGEST) {
+ isc_region_t r;
+
+ REQUIRE(rdata->type == dns_rdatatype_zonemd);
+
+ dns_rdata_toregion(rdata, &r);
+
+ return ((digest)(arg, &r));
+}
+
+static inline bool
+checkowner_zonemd(ARGS_CHECKOWNER) {
+ REQUIRE(type == dns_rdatatype_zonemd);
+
+ UNUSED(name);
+ UNUSED(type);
+ UNUSED(rdclass);
+ UNUSED(wildcard);
+
+ return (true);
+}
+
+static inline bool
+checknames_zonemd(ARGS_CHECKNAMES) {
+ REQUIRE(rdata->type == dns_rdatatype_zonemd);
+
+ UNUSED(rdata);
+ UNUSED(owner);
+ UNUSED(bad);
+
+ return (true);
+}
+
+static inline int
+casecompare_zonemd(ARGS_COMPARE) {
+ return (compare_zonemd(rdata1, rdata2));
+}
+
+#endif /* RDATA_GENERIC_ZONEMD_63_C */
--- /dev/null
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+#ifndef GENERIC_ZONEMD_63_H
+#define GENERIC_ZONEMD_63_H 1
+
+/* Digest type(s). Currently only SHA-384 is defined. */
+#define DNS_ZONEMD_DIGEST_SHA384 (1)
+
+/*
+ * \brief per draft-wessels-zone-digest-05
+ */
+typedef struct dns_rdata_zonemd {
+ dns_rdatacommon_t common;
+ isc_mem_t *mctx;
+ uint32_t serial;
+ uint8_t digest_type;
+ uint8_t reserved;
+ unsigned char *digest;
+ uint16_t length;
+} dns_rdata_zonemd_t;
+
+#endif /* GENERIC_ZONEMD_63_H */
dns_rdatatype_wks, sizeof(dns_rdata_in_wks_t));
}
+/*
+ * ZONEMD tests.
+ *
+ * Excerpted from draft-wessels-dns-zone-digest:
+ *
+ * The ZONEMD RDATA wire format is encoded as follows:
+ *
+ * 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Serial |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Digest Type | Reserved | |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ * | Digest |
+ * / /
+ * / /
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *
+ * 2.1.1. The Serial Field
+ *
+ * The Serial field is a 32-bit unsigned integer in network order. It
+ * is equal to the serial number from the zone's SOA record
+ *
+ * 2.1.2. The Digest Type Field
+ *
+ * The Digest Type field is an 8-bit unsigned integer that identifies
+ * the algorithm used to construct the digest.
+ *
+ * At the time of this writing, SHA384, with value 1, is the only Digest
+ * Type defined for ZONEMD records.
+ *
+ * 2.1.3. The Reserved Field
+ *
+ * The Reserved field is an 8-bit unsigned integer, which is always set
+ * to zero.
+ *
+ * 2.1.4. The Digest Field
+ *
+ * The Digest field is a variable-length sequence of octets containing
+ * the message digest.
+ */
+
+static void
+zonemd(void **state) {
+ text_ok_t text_ok[] = {
+ TEXT_INVALID(""),
+ TEXT_INVALID("0"),
+ TEXT_INVALID("0 0"),
+ TEXT_INVALID("0 0 0"),
+ TEXT_INVALID("99999999 0 0"),
+ TEXT_INVALID("2019020700 0 0 "),
+ TEXT_INVALID("2019020700 1 0 DEADBEEF"),
+ TEXT_VALID("2019020700 2 0 DEADBEEF"),
+ TEXT_VALID("2019020700 1 0 7162D2BB75C047A53DE98767C9192BEB"
+ "14DB01E7E2267135DAF0230A 19BA4A31"
+ "6AF6BF64AA5C7BAE24B2992850300509"),
+ TEXT_SENTINEL()
+ };
+ wire_ok_t wire_ok[] = {
+ /*
+ * Short.
+ */
+ WIRE_INVALID(0x00),
+ /*
+ * Short.
+ */
+ WIRE_INVALID(0x00, 0x00),
+ /*
+ * Short.
+ */
+ WIRE_INVALID(0x00, 0x00, 0x00),
+ /*
+ * Short.
+ */
+ WIRE_INVALID(0x00, 0x00, 0x00, 0x00),
+ /*
+ * Short.
+ */
+ WIRE_INVALID(0x00, 0x00, 0x00, 0x00, 0x00),
+ /*
+ * Serial + type + reserved only - digest type
+ * undefined, so we accept the missing digest.
+ */
+ WIRE_VALID(0x00, 0x00, 0x00, 0x00, 0x00, 0x00),
+ /*
+ * SHA-384 is defined, so we insist there be a digest.
+ */
+ WIRE_INVALID(0x00, 0x00, 0x00, 0x00, 0x01, 0x00),
+ /*
+ * Four octets, too short for SHA-384.
+ */
+ WIRE_INVALID(0x00, 0x00, 0x00, 0x00, 0x01, 0x00,
+ 0xde, 0xad, 0xbe, 0xef),
+ /*
+ * Digest type undefined, so accept the short digest.
+ */
+ WIRE_VALID(0x00, 0x00, 0x00, 0x00, 0xff, 0x00,
+ 0xde, 0xad, 0xbe, 0xef),
+ /*
+ * 48 octets, valid for SHA-384.
+ */
+ WIRE_VALID(0x00, 0x00, 0x00, 0x00, 0x01, 0x00,
+ 0xde, 0xad, 0xbe, 0xef, 0xfa, 0xce,
+ 0xde, 0xad, 0xbe, 0xef, 0xfa, 0xce,
+ 0xde, 0xad, 0xbe, 0xef, 0xfa, 0xce,
+ 0xde, 0xad, 0xbe, 0xef, 0xfa, 0xce,
+ 0xde, 0xad, 0xbe, 0xef, 0xfa, 0xce,
+ 0xde, 0xad, 0xbe, 0xef, 0xfa, 0xce,
+ 0xde, 0xad, 0xbe, 0xef, 0xfa, 0xce,
+ 0xde, 0xad, 0xbe, 0xef, 0xfa, 0xce),
+ /*
+ * Sentinel.
+ */
+ WIRE_SENTINEL()
+ };
+
+ UNUSED(state);
+
+ check_rdata(text_ok, wire_ok, NULL, false, dns_rdataclass_in,
+ dns_rdatatype_zonemd, sizeof(dns_rdata_zonemd_t));
+}
+
static void
atcname(void **state) {
unsigned int i;
cmocka_unit_test_setup_teardown(nsec3, _setup, _teardown),
cmocka_unit_test_setup_teardown(nxt, _setup, _teardown),
cmocka_unit_test_setup_teardown(wks, _setup, _teardown),
+ cmocka_unit_test_setup_teardown(zonemd, _setup, _teardown),
cmocka_unit_test_setup_teardown(atcname, NULL, NULL),
cmocka_unit_test_setup_teardown(atparent, NULL, NULL),
cmocka_unit_test_setup_teardown(iszonecutauth, NULL, NULL),
./lib/dns/rdata/generic/uri_256.h C 2011,2012,2016,2018,2019
./lib/dns/rdata/generic/x25_19.c C 1999,2000,2001,2002,2004,2005,2007,2009,2014,2015,2016,2018,2019
./lib/dns/rdata/generic/x25_19.h C 1999,2000,2001,2004,2005,2007,2016,2018,2019
+./lib/dns/rdata/generic/zonemd_63.c C 2019
+./lib/dns/rdata/generic/zonemd_63.h C 2019
./lib/dns/rdata/hs_4/a_1.c C 1999,2000,2001,2002,2004,2007,2009,2014,2015,2016,2018,2019
./lib/dns/rdata/hs_4/a_1.h C 1999,2000,2001,2004,2005,2007,2016,2018,2019
./lib/dns/rdata/in_1/a6_38.c C 1999,2000,2001,2002,2003,2004,2007,2009,2014,2015,2016,2017,2018,2019
projects / thirdparty / bind9.git / commitdiff
