small tweaks in the NSEC3 code
This commit is contained in:
parent
826ae93ccb
commit
f0f567c5f7
|
@ -15,6 +15,15 @@ const (
|
|||
INDETERMINATE
|
||||
)
|
||||
|
||||
// Types of answers (without looking the RFCs)
|
||||
// len(m.Ns) > 0
|
||||
// NS records in there? -> delegation (rcode should be rcode.Success)
|
||||
// - secure delegation -> DS should be there
|
||||
// - insecure delegation -> Proof of no DS (either NSEC or NSEC3)
|
||||
// - plain old DNS delegation -> ...
|
||||
// SOA record in there? -> nxdomain (rcode should be rcode.Nxdomain)
|
||||
|
||||
|
||||
// Lookup does a (secure) DNS lookup. The message m contains
|
||||
// the question to be asked. Lookup returns last packet seen
|
||||
// which is either the answer or a packet somewhere in the
|
||||
|
|
6
nsecx.go
6
nsecx.go
|
@ -69,7 +69,11 @@ func (nsec3 *RR_NSEC3) Match(domain string) bool {
|
|||
return strings.ToUpper(SplitLabels(nsec3.Header().Name)[0]) == strings.ToUpper(HashName(domain, nsec3.Hash, nsec3.Iterations, nsec3.Salt))
|
||||
}
|
||||
|
||||
// Cover checks if domain is covered by the NSEC3 record. Domain must be given in plain text.
|
||||
// RR_NSEC Match? (Do have them both??)
|
||||
|
||||
// Cover checks if domain is covered by the NSEC3 record. Domain must be given in plain text (i.e. not hashed)
|
||||
// TODO(mg): this doesn't loop around
|
||||
// TODO(mg): make a CoverHashed variant?
|
||||
func (nsec3 *RR_NSEC3) Cover(domain string) bool {
|
||||
hashdom := strings.ToUpper(HashName(domain, nsec3.Hash, nsec3.Iterations, nsec3.Salt))
|
||||
nextdom := strings.ToUpper(nsec3.NextDomain)
|
||||
|
|
Loading…
Reference in New Issue