Fix tsig - now add verify stuff
This commit is contained in:
parent
df4fb16e14
commit
c40c936cf5
34
msg.go
34
msg.go
|
@ -379,6 +379,12 @@ func packStructValue(val *reflect.StructValue, msg []byte, off int) (off1 int, o
|
|||
return len(msg), false
|
||||
}
|
||||
copy(msg[off:off+hex.DecodedLen(len(s))], h)
|
||||
off += hex.DecodedLen(len(s))
|
||||
case "fixed-sized":
|
||||
// the size is already encoded in the RR, we can safely use the
|
||||
// length of string. String is RAW (not encoded in hex, nor base64)
|
||||
copy(msg[off:off+len(s)], s)
|
||||
off += len(s)
|
||||
case "":
|
||||
// Counted string: 1 byte length.
|
||||
if len(s) > 255 || off+1+len(s) > len(msg) {
|
||||
|
@ -601,25 +607,25 @@ func unpackStructValue(val *reflect.StructValue, msg []byte, off int) (off1 int,
|
|||
case "fixed-size":
|
||||
// We should already know how many bytes we can expect
|
||||
// TODO(mg) pack variant. Note that looks a bit like the EDNS0
|
||||
// Option parsing, maybe it should be merged.
|
||||
var size int
|
||||
switch val.Type().Name() {
|
||||
case "RR_TSIG":
|
||||
switch f.Name {
|
||||
case "MAC":
|
||||
name := val.FieldByName("MACSize")
|
||||
size = int(name.(*reflect.UintValue).Get())
|
||||
case "OtherData":
|
||||
name := val.FieldByName("OtherLen")
|
||||
size = int(name.(*reflect.UintValue).Get())
|
||||
}
|
||||
}
|
||||
// Option parsing, maybe it should be merged.
|
||||
var size int
|
||||
switch val.Type().Name() {
|
||||
case "RR_TSIG":
|
||||
switch f.Name {
|
||||
case "MAC":
|
||||
name := val.FieldByName("MACSize")
|
||||
size = int(name.(*reflect.UintValue).Get())
|
||||
case "OtherData":
|
||||
name := val.FieldByName("OtherLen")
|
||||
size = int(name.(*reflect.UintValue).Get())
|
||||
}
|
||||
}
|
||||
if off+size > len(msg) {
|
||||
fmt.Fprintf(os.Stderr, "dns: failure unpacking fixed-size string")
|
||||
return len(msg), false
|
||||
}
|
||||
s = string(msg[off : off+size])
|
||||
off+=size
|
||||
off += size
|
||||
case "":
|
||||
if off >= len(msg) || off+1+int(msg[off]) > len(msg) {
|
||||
fmt.Fprintf(os.Stderr, "dns: failure unpacking string")
|
||||
|
|
3
tsig.go
3
tsig.go
|
@ -60,7 +60,7 @@ type tsigWireFmt struct {
|
|||
// MACSize, MAC and OrigId excluded
|
||||
Error uint16
|
||||
OtherLen uint16
|
||||
OtherData string
|
||||
OtherData string "fixed-size"
|
||||
}
|
||||
|
||||
// Generate the HMAC for msg. The TSIG RR is modified
|
||||
|
@ -104,6 +104,7 @@ func (rr *RR_TSIG) Generate(msg *Msg, secret string) bool {
|
|||
// Verify a TSIG. The msg should be the complete message with
|
||||
// the TSIG record still attached (as the last rr in the Additional
|
||||
// section) TODO(mg)
|
||||
// The secret is a base64 encoded string with a secret
|
||||
func (rr *RR_TSIG) Verify(msg *Msg, secret string) bool {
|
||||
// copy the mesg, strip (and check) the tsig rr
|
||||
// perform the opposite of Generate() and then
|
||||
|
|
Loading…
Reference in New Issue