a156d1ec2f
must lowercase ownername when computing hash for DS
2014-04-10 19:40:52 -04:00
fb787f0d96
Update the documentation
2014-02-02 20:30:52 +00:00
9c75b3cdc2
Fi the tests too
2014-01-27 14:45:34 +00:00
39a8e2b8af
Small api change to check RRSIG validity
2014-01-27 14:42:17 +00:00
c97bb6d79d
The right way around
2014-01-26 20:22:19 +00:00
2a659fce45
dnssec: don't override OrigTtl in sig
...
When creating a signature and the OrigTtl is already set
don't override it.
2014-01-26 19:53:49 +00:00
6b32a711e9
Allocate just enough space
...
Remove the len()*2, and replace it with len()+1. The current
len() impl. of the types is good enough to be more precise.
2013-12-06 11:30:33 +00:00
70ee966106
Fix the unknown record sign test
...
Don't make up new error in msg.Pack when there are perfectly fine
errors to return.
2013-12-06 09:43:26 +00:00
edd235088a
Added TYPE65534 record type so that zone scanning doesn't die upon encountering one. Fixed DNSSEC signature verification.
2013-12-04 12:58:20 -05:00
ee8ace0477
Merge branch 'master' of github.com:miekg/dns
2013-09-11 08:22:23 +01:00
9c1ee5d5ca
Update IsDomainName
...
This new functions just compiles the domain to wire format, if that
works, the name is deemed OK. It is also much less strict than the
older code. Almost everything is allowed in the name, except two
dots back to back (there is an explicit test for that).
2013-09-10 18:09:22 +00:00
47cc5b052d
Work on making IsDomainName better
2013-09-10 13:13:10 +00:00
cb70138d9e
Remove comment
2013-09-01 21:37:14 +01:00
38ea608d79
Rename the Label* functions
...
SplitLabels -> SplitDomainName
CompareLabels -> CompareDomainName
LenLabels -> CountLabel
-> NextLabel was added as a simple iterator-like function
2013-06-22 07:21:15 +00:00
c66494c6c5
Resolv merge conflicts
2013-05-12 19:08:37 +02:00
81941d4422
Update all copyright notices
2013-05-12 16:15:52 +02:00
320d981509
Add Algo-signal-draft impl. for EDNS0
2013-05-11 21:02:17 +02:00
d53d9eab81
gofmt
2013-05-05 20:30:44 +02:00
cd10853288
Make Len() and Copy() private
...
I don't think anybody will needs these, msg.Len() is still
available. Severly cuts back on the amount of exported functions.
2013-02-09 08:35:17 +01:00
235e892dfc
Rename the RR types drop the RR_ prefix
...
This is also done in the official Go library. It also make the
code shorter.
2012-12-09 19:23:25 +01:00
2a3b818b95
Use much more descriptive names for the maps
...
Alg_str -> AlgorithmToString
Rr_str -> TypeToString
And for the reverse maps also.
2012-12-02 09:29:54 +01:00
ffe42637c5
Documentation
2012-12-01 12:44:57 +01:00
aaa65c0ae0
documentation
2012-11-20 10:10:09 +01:00
dce8b2e71a
gofmt
2012-10-10 22:17:50 +02:00
570bf8dc69
Use proper error in packing and unpacking
...
All the relevant functions now return an error instead of
a simple boolean. This greatly approves the feedback to coders.
Spotted some fishy error handling along the way and fix that too.
2012-10-09 21:17:54 +02:00
c88a47e261
use nil for signing in rsa
2012-09-16 10:28:53 +02:00
8a21b263d8
Disallow rsamd5 as per rfc 6725
2012-09-14 09:11:19 +02:00
ceea1024c1
use rr as var name
2012-09-03 08:37:16 +02:00
25abc3c0fc
use rr as var name
2012-09-03 08:35:21 +02:00
c0c9a5f3a9
docs
2012-08-27 08:41:14 +02:00
b96e6ac78d
tweaks to the documentation
2012-08-24 09:35:33 +02:00
6f7aad15d8
documenation
2012-08-21 17:36:58 +02:00
b0fc5a2f22
re-export these - I use them in unbound
2012-08-20 18:03:15 +02:00
7b406f80ce
dont export
2012-08-17 08:34:46 +02:00
73b6d37885
cleanup api, dont export Year68
2012-08-17 08:29:45 +02:00
2d2b4f5e64
tweaks to give more power to unbound package
2012-07-01 20:58:54 +02:00
e6fca0be3f
Actually copy the RR for DNSSEC validation.
...
This is needed because we need to fiddle with the TTL and sometimes
even need to lowercase the rdata. We dont want this to propagate
to the original RRs
2012-06-20 19:16:54 +02:00
f48dba4ad1
Add Copy to all RRs
2012-06-20 11:56:25 +02:00
0cfe2d6a43
Make copy private
2012-05-12 20:06:52 +02:00
614aa87ab2
Add a copy function for RRHeader - use this when validating
2012-05-11 15:03:49 +02:00
3611c4d458
fmt
2012-05-05 17:37:48 +02:00
1948cd2a90
Use go vetted struct tags
...
They had the form: "domain-name", now they are key value pairs (key is
always dns: `dns:"domain-name"`
2012-04-29 21:55:29 +02:00
70fac2eec3
add the nsec3 alias too
2012-04-19 14:39:50 +02:00
3aba338dc5
better docs
2012-04-19 13:32:50 +02:00
3ef88ef28d
Use uppercase M
2012-04-18 12:57:38 +02:00
4810b60cda
Make it build
2012-04-18 12:55:48 +02:00
ca067eb038
calculate the value of dsas T
2012-04-18 12:55:08 +02:00
01258c0d97
Finish DSA support -- completely untested
2012-04-18 12:48:54 +02:00
96a9b0d7d1
Signing with dsa
2012-04-18 11:57:32 +02:00
7c9a376659
More DSA stuff: generation/signing/verifying
2012-04-17 11:58:06 +02:00
4536259037
1/2 support for DSA
2012-04-17 11:39:58 +02:00
70efdaabea
keytag calc. for RSAMD5 keys
2012-04-17 10:55:02 +02:00
daf51db85d
add indirect alg type
2012-04-16 09:09:32 +02:00
cf627feaa8
remove debugging.Validation code works, but isnt validating
2012-04-15 21:43:52 +02:00
e6b2ec8d72
Add ecdsa verification
2012-04-15 21:37:00 +02:00
b58c604e17
Add symmetry to the reading of public/private keys
...
Add a NewPrivateKey that works on strings and calls ReadPrivateKey
that works on io.Readers.
2012-04-15 20:50:53 +02:00
3e11306260
some debugging
2012-04-12 15:39:54 +02:00
134b557647
Start with validating Curve algos
2012-04-11 16:20:29 +02:00
1e1559423d
Fix EC signing
2012-04-11 16:09:40 +02:00
b1099c10b8
More stuff for ecdsa. Need to find good abstraction
2012-04-11 15:42:33 +02:00
edf4b3d11b
Test signing with ecdsa
2012-04-11 15:13:17 +02:00
35bfb48fac
fix the mnemonic for ecdsa*
2012-04-11 14:37:51 +02:00
a55014ff8a
elliptic curve stuff
2012-04-11 14:32:44 +02:00
1083e5542e
add comment
2012-04-06 20:12:00 +02:00
33a58c8cb7
make it compile
2012-03-19 20:00:40 +01:00
f38cd6abe0
better errors
2012-03-18 22:44:42 +01:00
9f14f2d5ab
Documentation updates
2012-03-08 20:47:45 +01:00
1744a80850
add a TsigStatus to the client as well
...
Bring server and client side more inline
with each other. For a client we also
use TsigStatus() to retrieve the tsig info.
2012-03-04 14:47:20 +01:00
dc16392734
Newly allocated names
2012-03-02 15:28:22 +01:00
104d875a75
Flag large RSA exponents as an error
2012-02-29 21:11:45 +01:00
c32c13ba25
dnssec-bis-16 updates fix
2012-02-28 20:09:00 +01:00
d7a7e6e112
Lowercase/uppercase mahem in DNSSEC
2012-02-28 19:25:09 +01:00
ea57a49d94
Allow mnemonic algorithm numbers in DS (and DS-like) records
2012-02-27 19:17:58 +01:00
ef2e12b0dd
Validation fixes, still not perfect, but much nicer
2012-02-25 22:04:29 +01:00
89c05b4f74
gofmt
2012-02-23 19:37:08 +01:00
c6042c4ce8
Work on copy of the header when validating
2012-02-23 12:46:39 +01:00
d0a45c667e
Downcase these domains
2012-02-23 10:47:50 +01:00
99ea36cd42
Check the protocol value of the key
2012-02-16 23:34:09 +01:00
2cb265697e
Documentation
...
Need to think about the non-existing root-label and the label
functions.
2012-02-12 11:34:28 +01:00
448596bccb
fix typo
2012-02-10 09:19:23 +01:00
c05615b783
fix RRSIG wildcard checking
2012-02-10 09:19:00 +01:00
ed61734c89
Optimize the RR reading further
...
remove len(strings) from the code. 16% increase
in speed. Getting about 35K RR/s
2012-01-30 21:26:29 +01:00
bfc928973f
Remove/fix some todo
2012-01-29 00:34:59 +01:00
19f8d266b5
Remove the RRset type - only add obvious stuff
2012-01-28 01:14:07 +01:00
6d5fd7f975
Some more tweaks into verifying nsec3 messages
2012-01-22 16:12:10 +01:00
c051e5eec5
Small tweaks
2012-01-22 12:24:31 +01:00
f25584e94e
Overflow fixes
2012-01-21 12:35:19 +01:00
c9fc2ea493
Enable signature checking in messages
2012-01-21 11:58:26 +01:00
5917838cbb
gofmt
2012-01-20 12:24:20 +01:00
509912d4c4
Fixes for weekly.2012-01-20
2012-01-20 12:24:05 +01:00
9f3a1c1f13
Documentation and make ParseKey private (parseKey)
2012-01-16 21:44:49 +01:00
50a62b9c68
Dont downcase
2012-01-16 10:50:35 +01:00
4bd5d7f3f2
Lowercase rdata of rr to be signed/verified
2012-01-16 09:54:05 +01:00
8608def558
Documentation
2012-01-15 16:14:22 +01:00
5c74f7285f
Save some bytes in the dnssec signature validation
2012-01-15 16:00:40 +01:00
0509df509e
gofmt
2012-01-12 23:17:34 +01:00
d53102fc7b
Make alg_str public: Alg_str
2012-01-12 13:01:43 +01:00
f1a3b31384
Make a packStructCompress() to leave packStruct() simpler
2012-01-11 20:33:38 +01:00
eafe995a56
Add a compression flag to msg struct
2012-01-11 20:26:39 +01:00
6d95911558
Dont allow the question section to be compressed
2012-01-11 16:16:09 +01:00
Alex A. Skinner
Miek Gieben
Skinner, Alex
Peter van Dijk