Fix TSIG and make check if is works with axfr (yes)

2011-03-11 14:24:33 +01:00 · 2011-03-11 14:24:33 +01:00 · 735c254a3b
parent 94780bc050
commit 735c254a3b
4 changed files with 12 additions and 9 deletions
--- a/1
+++ b/1
@ -3,6 +3,7 @@ Todo:
 * Tsig generation for replies (request MAC)
 * Parsing from strings, going with goyacc and .cz lexer
 * encoding NSEC3/NSEC bitmaps, DEcoding works
 * AXFR/IXFR with TSIG validation
 * Failed Xfr triggers nil error?
 Issues:
--- a/msg.go
+++ b/msg.go
@ -423,7 +423,7 @@ func packStructValue(val *reflect.StructValue, msg []byte, off int) (off1 int, o
 				// There is no length encoded here
 				h, e := hex.DecodeString(s)
 				if e != nil {
-					//fmt.Fprintf(os.Stderr, "dns: overflow packing domain-name")
+					//fmt.Fprintf(os.Stderr, "dns: overflow packing (size-)hex string")
 					return len(msg), false
 				}
 				copy(msg[off:off+hex.DecodedLen(len(s))], h)
@ -698,7 +698,7 @@ func unpackStructValue(val *reflect.StructValue, msg []byte, off int) (off1 int,
 					}
 				}
 				if off+size > len(msg) {
-					//fmt.Fprintf(os.Stderr, "dns: failure unpacking hex-size string")
+					//fmt.Fprintf(os.Stderr, "dns: failure unpacking size-hex string")
 					return len(msg), false
 				}
 				s = hex.EncodeToString(msg[off : off+size])
--- a/nsec3_test.go
+++ b/nsec3_test.go
@ -5,13 +5,13 @@ import (
 )
 func TestPackNsec3(t *testing.T) {
-        nsec3 := Nsec3Hash("dnsex.nl",HashSHA1 , 0, "DEAD")
+        nsec3 := HashName("dnsex.nl",HashSHA1 , 0, "DEAD")
        if nsec3 != "ROCCJAE8BJJU7HN6T7NG3TNM8ACRS87J" {
                t.Logf("%v\n", nsec3)
                t.Fail()
        }
-        nsec3 = Nsec3Hash("a.b.c.example.org",HashSHA1 , 2, "DEAD")
+        nsec3 = HashName("a.b.c.example.org",HashSHA1 , 2, "DEAD")
        if nsec3 != "6LQ07OAHBTOOEU2R9ANI2AT70K5O0RCG" {
                t.Logf("%v\n", nsec3)
                t.Fail()
--- a/tsig.go
+++ b/tsig.go
@ -12,7 +12,7 @@ import (
 // HMAC hashing codes. These are transmitted as domain names.
 const (
-	HmacMD5    = "HMAC-MD5.SIG-ALG.REG.INT"
+	HmacMD5    = "hmac-md5.sig-alg.reg.int"
 	HmacSHA1   = "hmac-sha1"
 	HmacSHA256 = "hmac-sha256"
 )
@ -40,9 +40,11 @@ func (rr *RR_TSIG) String() string {
 		" " + rr.Algorithm +
 		" " + tsigTimeToDate(rr.TimeSigned) +
 		" " + strconv.Itoa(int(rr.Fudge)) +
-		" " + strings.ToUpper(hex.EncodeToString([]byte(rr.MAC))) +
+		" " + strconv.Itoa(int(rr.MACSize)) +
 		" " + rr.MAC +
 		" " + strconv.Itoa(int(rr.OrigId)) +
 		" " + strconv.Itoa(int(rr.Error)) +
 		" " + strconv.Itoa(int(rr.OtherLen)) +
 		" " + rr.OtherData
 }
@ -79,8 +81,8 @@ func (t *RR_TSIG) Generate(m *Msg, secret string) bool {
 	h := hmac.NewMD5([]byte(rawsecret))
 	io.WriteString(h, string(buf))
-	t.MAC = string(h.Sum())
+	t.MAC = strings.ToUpper(hex.EncodeToString(h.Sum()))
-	t.MACSize = uint16(len(t.MAC))
+	t.MACSize = uint16(len(h.Sum()))        // Needs to be "on-the-wire" size.
 	if !ok {
 		return false
 	}
@ -116,7 +118,7 @@ func (t *RR_TSIG) Verify(m *Msg, secret string) bool {
        }
        h := hmac.NewMD5([]byte(rawsecret))
        io.WriteString(h, string(buf))
-        return string(h.Sum()) == t.MAC
+        return strings.ToUpper(hex.EncodeToString(h.Sum())) == t.MAC
 }
 func tsigToBuf(rr *RR_TSIG, msg *Msg) ([]byte, bool) {