Miek Gieben
70ee966106
Fix the unknown record sign test
...
Don't make up new error in msg.Pack when there are perfectly fine
errors to return.
2013-12-06 09:43:26 +00:00
Skinner, Alex
edd235088a
Added TYPE65534 record type so that zone scanning doesn't die upon encountering one. Fixed DNSSEC signature verification.
2013-12-04 12:58:20 -05:00
Miek Gieben
ee8ace0477
Merge branch 'master' of github.com:miekg/dns
2013-09-11 08:22:23 +01:00
Miek Gieben
9c1ee5d5ca
Update IsDomainName
...
This new functions just compiles the domain to wire format, if that
works, the name is deemed OK. It is also much less strict than the
older code. Almost everything is allowed in the name, except two
dots back to back (there is an explicit test for that).
2013-09-10 18:09:22 +00:00
Miek Gieben
47cc5b052d
Work on making IsDomainName better
2013-09-10 13:13:10 +00:00
Miek Gieben
cb70138d9e
Remove comment
2013-09-01 21:37:14 +01:00
Miek Gieben
38ea608d79
Rename the Label* functions
...
SplitLabels -> SplitDomainName
CompareLabels -> CompareDomainName
LenLabels -> CountLabel
-> NextLabel was added as a simple iterator-like function
2013-06-22 07:21:15 +00:00
Miek Gieben
c66494c6c5
Resolv merge conflicts
2013-05-12 19:08:37 +02:00
Miek Gieben
81941d4422
Update all copyright notices
2013-05-12 16:15:52 +02:00
Miek Gieben
320d981509
Add Algo-signal-draft impl. for EDNS0
2013-05-11 21:02:17 +02:00
Miek Gieben
d53d9eab81
gofmt
2013-05-05 20:30:44 +02:00
Miek Gieben
cd10853288
Make Len() and Copy() private
...
I don't think anybody will needs these, msg.Len() is still
available. Severly cuts back on the amount of exported functions.
2013-02-09 08:35:17 +01:00
Miek Gieben
235e892dfc
Rename the RR types drop the RR_ prefix
...
This is also done in the official Go library. It also make the
code shorter.
2012-12-09 19:23:25 +01:00
Miek Gieben
2a3b818b95
Use much more descriptive names for the maps
...
Alg_str -> AlgorithmToString
Rr_str -> TypeToString
And for the reverse maps also.
2012-12-02 09:29:54 +01:00
Miek Gieben
ffe42637c5
Documentation
2012-12-01 12:44:57 +01:00
Miek Gieben
aaa65c0ae0
documentation
2012-11-20 10:10:09 +01:00
Miek Gieben
dce8b2e71a
gofmt
2012-10-10 22:17:50 +02:00
Miek Gieben
570bf8dc69
Use proper error in packing and unpacking
...
All the relevant functions now return an error instead of
a simple boolean. This greatly approves the feedback to coders.
Spotted some fishy error handling along the way and fix that too.
2012-10-09 21:17:54 +02:00
Miek Gieben
c88a47e261
use nil for signing in rsa
2012-09-16 10:28:53 +02:00
Miek Gieben
8a21b263d8
Disallow rsamd5 as per rfc 6725
2012-09-14 09:11:19 +02:00
Miek Gieben
ceea1024c1
use rr as var name
2012-09-03 08:37:16 +02:00
Miek Gieben
25abc3c0fc
use rr as var name
2012-09-03 08:35:21 +02:00
Miek Gieben
c0c9a5f3a9
docs
2012-08-27 08:41:14 +02:00
Miek Gieben
b96e6ac78d
tweaks to the documentation
2012-08-24 09:35:33 +02:00
Miek Gieben
6f7aad15d8
documenation
2012-08-21 17:36:58 +02:00
Miek Gieben
b0fc5a2f22
re-export these - I use them in unbound
2012-08-20 18:03:15 +02:00
Miek Gieben
7b406f80ce
dont export
2012-08-17 08:34:46 +02:00
Miek Gieben
73b6d37885
cleanup api, dont export Year68
2012-08-17 08:29:45 +02:00
Miek Gieben
2d2b4f5e64
tweaks to give more power to unbound package
2012-07-01 20:58:54 +02:00
Miek Gieben
e6fca0be3f
Actually copy the RR for DNSSEC validation.
...
This is needed because we need to fiddle with the TTL and sometimes
even need to lowercase the rdata. We dont want this to propagate
to the original RRs
2012-06-20 19:16:54 +02:00
Miek Gieben
f48dba4ad1
Add Copy to all RRs
2012-06-20 11:56:25 +02:00
Miek Gieben
0cfe2d6a43
Make copy private
2012-05-12 20:06:52 +02:00
Miek Gieben
614aa87ab2
Add a copy function for RRHeader - use this when validating
2012-05-11 15:03:49 +02:00
Miek Gieben
3611c4d458
fmt
2012-05-05 17:37:48 +02:00
Miek Gieben
1948cd2a90
Use go vetted struct tags
...
They had the form: "domain-name", now they are key value pairs (key is
always dns: `dns:"domain-name"`
2012-04-29 21:55:29 +02:00
Miek Gieben
70fac2eec3
add the nsec3 alias too
2012-04-19 14:39:50 +02:00
Miek Gieben
3aba338dc5
better docs
2012-04-19 13:32:50 +02:00
Miek Gieben
3ef88ef28d
Use uppercase M
2012-04-18 12:57:38 +02:00
Miek Gieben
4810b60cda
Make it build
2012-04-18 12:55:48 +02:00
Miek Gieben
ca067eb038
calculate the value of dsas T
2012-04-18 12:55:08 +02:00
Miek Gieben
01258c0d97
Finish DSA support -- completely untested
2012-04-18 12:48:54 +02:00
Miek Gieben
96a9b0d7d1
Signing with dsa
2012-04-18 11:57:32 +02:00
Miek Gieben
7c9a376659
More DSA stuff: generation/signing/verifying
2012-04-17 11:58:06 +02:00
Miek Gieben
4536259037
1/2 support for DSA
2012-04-17 11:39:58 +02:00
Miek Gieben
70efdaabea
keytag calc. for RSAMD5 keys
2012-04-17 10:55:02 +02:00
Miek Gieben
daf51db85d
add indirect alg type
2012-04-16 09:09:32 +02:00
Miek Gieben
cf627feaa8
remove debugging.Validation code works, but isnt validating
2012-04-15 21:43:52 +02:00
Miek Gieben
e6b2ec8d72
Add ecdsa verification
2012-04-15 21:37:00 +02:00
Miek Gieben
b58c604e17
Add symmetry to the reading of public/private keys
...
Add a NewPrivateKey that works on strings and calls ReadPrivateKey
that works on io.Readers.
2012-04-15 20:50:53 +02:00
Miek Gieben
3e11306260
some debugging
2012-04-12 15:39:54 +02:00
Miek Gieben
134b557647
Start with validating Curve algos
2012-04-11 16:20:29 +02:00
Miek Gieben
1e1559423d
Fix EC signing
2012-04-11 16:09:40 +02:00
Miek Gieben
b1099c10b8
More stuff for ecdsa. Need to find good abstraction
2012-04-11 15:42:33 +02:00
Miek Gieben
edf4b3d11b
Test signing with ecdsa
2012-04-11 15:13:17 +02:00
Miek Gieben
35bfb48fac
fix the mnemonic for ecdsa*
2012-04-11 14:37:51 +02:00
Miek Gieben
a55014ff8a
elliptic curve stuff
2012-04-11 14:32:44 +02:00
Miek Gieben
1083e5542e
add comment
2012-04-06 20:12:00 +02:00
Miek Gieben
33a58c8cb7
make it compile
2012-03-19 20:00:40 +01:00
Miek Gieben
f38cd6abe0
better errors
2012-03-18 22:44:42 +01:00
Miek Gieben
9f14f2d5ab
Documentation updates
2012-03-08 20:47:45 +01:00
Miek Gieben
1744a80850
add a TsigStatus to the client as well
...
Bring server and client side more inline
with each other. For a client we also
use TsigStatus() to retrieve the tsig info.
2012-03-04 14:47:20 +01:00
Miek Gieben
dc16392734
Newly allocated names
2012-03-02 15:28:22 +01:00
Miek Gieben
104d875a75
Flag large RSA exponents as an error
2012-02-29 21:11:45 +01:00
Miek Gieben
c32c13ba25
dnssec-bis-16 updates fix
2012-02-28 20:09:00 +01:00
Miek Gieben
d7a7e6e112
Lowercase/uppercase mahem in DNSSEC
2012-02-28 19:25:09 +01:00
Miek Gieben
ea57a49d94
Allow mnemonic algorithm numbers in DS (and DS-like) records
2012-02-27 19:17:58 +01:00
Miek Gieben
ef2e12b0dd
Validation fixes, still not perfect, but much nicer
2012-02-25 22:04:29 +01:00
Miek Gieben
89c05b4f74
gofmt
2012-02-23 19:37:08 +01:00
Miek Gieben
c6042c4ce8
Work on copy of the header when validating
2012-02-23 12:46:39 +01:00
Miek Gieben
d0a45c667e
Downcase these domains
2012-02-23 10:47:50 +01:00
Miek Gieben
99ea36cd42
Check the protocol value of the key
2012-02-16 23:34:09 +01:00
Miek Gieben
2cb265697e
Documentation
...
Need to think about the non-existing root-label and the label
functions.
2012-02-12 11:34:28 +01:00
Peter van Dijk
448596bccb
fix typo
2012-02-10 09:19:23 +01:00
Peter van Dijk
c05615b783
fix RRSIG wildcard checking
2012-02-10 09:19:00 +01:00
Miek Gieben
ed61734c89
Optimize the RR reading further
...
remove len(strings) from the code. 16% increase
in speed. Getting about 35K RR/s
2012-01-30 21:26:29 +01:00
Miek Gieben
bfc928973f
Remove/fix some todo
2012-01-29 00:34:59 +01:00
Miek Gieben
19f8d266b5
Remove the RRset type - only add obvious stuff
2012-01-28 01:14:07 +01:00
Miek Gieben
6d5fd7f975
Some more tweaks into verifying nsec3 messages
2012-01-22 16:12:10 +01:00
Miek Gieben
c051e5eec5
Small tweaks
2012-01-22 12:24:31 +01:00
Miek Gieben
f25584e94e
Overflow fixes
2012-01-21 12:35:19 +01:00
Miek Gieben
c9fc2ea493
Enable signature checking in messages
2012-01-21 11:58:26 +01:00
Miek Gieben
5917838cbb
gofmt
2012-01-20 12:24:20 +01:00
Miek Gieben
509912d4c4
Fixes for weekly.2012-01-20
2012-01-20 12:24:05 +01:00
Miek Gieben
9f3a1c1f13
Documentation and make ParseKey private (parseKey)
2012-01-16 21:44:49 +01:00
Miek Gieben
50a62b9c68
Dont downcase
2012-01-16 10:50:35 +01:00
Miek Gieben
4bd5d7f3f2
Lowercase rdata of rr to be signed/verified
2012-01-16 09:54:05 +01:00
Miek Gieben
8608def558
Documentation
2012-01-15 16:14:22 +01:00
Miek Gieben
5c74f7285f
Save some bytes in the dnssec signature validation
2012-01-15 16:00:40 +01:00
Miek Gieben
0509df509e
gofmt
2012-01-12 23:17:34 +01:00
Miek Gieben
d53102fc7b
Make alg_str public: Alg_str
2012-01-12 13:01:43 +01:00
Miek Gieben
f1a3b31384
Make a packStructCompress() to leave packStruct() simpler
2012-01-11 20:33:38 +01:00
Miek Gieben
eafe995a56
Add a compression flag to msg struct
2012-01-11 20:26:39 +01:00
Miek Gieben
6d95911558
Dont allow the question section to be compressed
2012-01-11 16:16:09 +01:00
Miek Gieben
974c28d1b1
More fixes for compression
2012-01-11 11:13:17 +01:00
Miek Gieben
7f77e5e6b4
Fix key2ds
2012-01-08 16:49:54 +01:00
Miek Gieben
cd266d5f0f
Its a uint8
2012-01-08 15:56:19 +01:00
Miek Gieben
ecfd5451a9
Remove the Labels() function.
...
This is now handled inside IsDomainName, which really parses
the name and then (also) returns the number of labels found.
2012-01-08 15:54:33 +01:00
Miek Gieben
d1b0ee219f
Digest fixes
2011-12-16 15:06:24 +01:00
Miek Gieben
131f6962d1
gofmt
2011-12-09 21:45:57 +01:00
Miek Gieben
17d3f12d31
Fix NSEC presentation
2011-12-09 16:11:37 +01:00