Fix TSIG and make check if is works with axfr (yes)
This commit is contained in:
Miek Gieben
parent
94780bc050
commit
735c254a3b
1
TODO
1
TODO
|
|
@ -3,6 +3,7 @@ Todo:
|
|||
* Tsig generation for replies (request MAC)
|
||||
* Parsing from strings, going with goyacc and .cz lexer
|
||||
* encoding NSEC3/NSEC bitmaps, DEcoding works
|
||||
* AXFR/IXFR with TSIG validation
|
||||
* Failed Xfr triggers nil error?
|
||||
|
||||
Issues:
|
||||
|
|
|
|||
4
msg.go
4
msg.go
|
|
@ -423,7 +423,7 @@ func packStructValue(val *reflect.StructValue, msg []byte, off int) (off1 int, o
|
|||
// There is no length encoded here
|
||||
h, e := hex.DecodeString(s)
|
||||
if e != nil {
|
||||
//fmt.Fprintf(os.Stderr, "dns: overflow packing domain-name")
|
||||
//fmt.Fprintf(os.Stderr, "dns: overflow packing (size-)hex string")
|
||||
return len(msg), false
|
||||
}
|
||||
copy(msg[off:off+hex.DecodedLen(len(s))], h)
|
||||
|
|
@ -698,7 +698,7 @@ func unpackStructValue(val *reflect.StructValue, msg []byte, off int) (off1 int,
|
|||
}
|
||||
}
|
||||
if off+size > len(msg) {
|
||||
//fmt.Fprintf(os.Stderr, "dns: failure unpacking hex-size string")
|
||||
//fmt.Fprintf(os.Stderr, "dns: failure unpacking size-hex string")
|
||||
return len(msg), false
|
||||
}
|
||||
s = hex.EncodeToString(msg[off : off+size])
|
||||
|
|
|
|||
|
|
@ -5,13 +5,13 @@ import (
|
|||
)
|
||||
|
||||
func TestPackNsec3(t *testing.T) {
|
||||
nsec3 := Nsec3Hash("dnsex.nl",HashSHA1 , 0, "DEAD")
|
||||
nsec3 := HashName("dnsex.nl",HashSHA1 , 0, "DEAD")
|
||||
if nsec3 != "ROCCJAE8BJJU7HN6T7NG3TNM8ACRS87J" {
|
||||
t.Logf("%v\n", nsec3)
|
||||
t.Fail()
|
||||
}
|
||||
|
||||
nsec3 = Nsec3Hash("a.b.c.example.org",HashSHA1 , 2, "DEAD")
|
||||
nsec3 = HashName("a.b.c.example.org",HashSHA1 , 2, "DEAD")
|
||||
if nsec3 != "6LQ07OAHBTOOEU2R9ANI2AT70K5O0RCG" {
|
||||
t.Logf("%v\n", nsec3)
|
||||
t.Fail()
|
||||
|
|
|
|||
12
tsig.go
12
tsig.go
|
|
@ -12,7 +12,7 @@ import (
|
|||
|
||||
// HMAC hashing codes. These are transmitted as domain names.
|
||||
const (
|
||||
HmacMD5 = "HMAC-MD5.SIG-ALG.REG.INT"
|
||||
HmacMD5 = "hmac-md5.sig-alg.reg.int"
|
||||
HmacSHA1 = "hmac-sha1"
|
||||
HmacSHA256 = "hmac-sha256"
|
||||
)
|
||||
|
|
@ -40,9 +40,11 @@ func (rr *RR_TSIG) String() string {
|
|||
" " + rr.Algorithm +
|
||||
" " + tsigTimeToDate(rr.TimeSigned) +
|
||||
" " + strconv.Itoa(int(rr.Fudge)) +
|
||||
" " + strings.ToUpper(hex.EncodeToString([]byte(rr.MAC))) +
|
||||
" " + strconv.Itoa(int(rr.MACSize)) +
|
||||
" " + rr.MAC +
|
||||
" " + strconv.Itoa(int(rr.OrigId)) +
|
||||
" " + strconv.Itoa(int(rr.Error)) +
|
||||
" " + strconv.Itoa(int(rr.OtherLen)) +
|
||||
" " + rr.OtherData
|
||||
}
|
||||
|
||||
|
|
@ -79,8 +81,8 @@ func (t *RR_TSIG) Generate(m *Msg, secret string) bool {
|
|||
h := hmac.NewMD5([]byte(rawsecret))
|
||||
io.WriteString(h, string(buf))
|
||||
|
||||
t.MAC = string(h.Sum())
|
||||
t.MACSize = uint16(len(t.MAC))
|
||||
t.MAC = strings.ToUpper(hex.EncodeToString(h.Sum()))
|
||||
t.MACSize = uint16(len(h.Sum())) // Needs to be "on-the-wire" size.
|
||||
if !ok {
|
||||
return false
|
||||
}
|
||||
|
|
@ -116,7 +118,7 @@ func (t *RR_TSIG) Verify(m *Msg, secret string) bool {
|
|||
}
|
||||
h := hmac.NewMD5([]byte(rawsecret))
|
||||
io.WriteString(h, string(buf))
|
||||
return string(h.Sum()) == t.MAC
|
||||
return strings.ToUpper(hex.EncodeToString(h.Sum())) == t.MAC
|
||||
}
|
||||
|
||||
func tsigToBuf(rr *RR_TSIG, msg *Msg) ([]byte, bool) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue