-
Notifications
You must be signed in to change notification settings - Fork 451
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add SSHFP and OPENPGPKEY support #647
Conversation
Codecov Report
@@ Coverage Diff @@
## master #647 +/- ##
==========================================
- Coverage 86.3% 85.53% -0.78%
==========================================
Files 142 146 +4
Lines 14951 15089 +138
==========================================
+ Hits 12903 12905 +2
- Misses 2048 2184 +136 |
Codecov Report
@@ Coverage Diff @@
## master #647 +/- ##
==========================================
+ Coverage 86.3% 86.33% +0.03%
==========================================
Files 142 146 +4
Lines 14951 15196 +245
==========================================
+ Hits 12903 13119 +216
- Misses 2048 2077 +29 |
This is looking good. I'm going to be on a plane today, so I can't promise a full review before tomorrow.
At a minimum, a parser test (can be the examples in the RFC's) would be good for the text parsing. For the binary, I'm fine with create the struct in Rust, then serialize/deserialize and validate that the result is expected. It should be a good enough sanity test.
Yeah, let's not pull in a large dep. That can be the responsibility of high level libs validating the data.
Agreed, let's only go with what people are using. It can be added later.
This is an area I want to improve in general. At some point we'll probably start enforcing max packets sizes of 512 for UDP requests and truncating, but you shouldn't worry about that in this change. There's a bunch to clean up there.
That test is to enforce canonical ordering of records: https://tools.ietf.org/html/rfc4034#section-6 Maybe put a comment in there that refers back to that rfc? That's less specific about the record types, and more about the name. You shouldn't need to modify that test as it's based off the RecordType assigned u16 value. Here's where that ordering is defined: https://github.com/bluejekyll/trust-dns/blob/master/crates/proto/src/rr/record_type.rs#L299-L309 (which is probably the better place for that comment).
No! That should definitely be removed (must have come in after debugging something, I have a bad habit of that).
I copy this into each file. You can update this to 2019, first patch of the year ;) |
Also, if you don't mind, add this in the root CHANGELOG.md under the 0.16 release, in a new Added section if it doesn't exist (there are examples in that file) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks really good. I don't see any major concerns. Thank you for taking care of putting in the RFC references in the comments.
use error::*; | ||
use rr::rdata::SSHFP; | ||
|
||
const HEX: ::data_encoding::Encoding = new_encoding! { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm assuming this means that this format isn't currently supported by the data_encoding library?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, it is not in data_encoding. It is copy-pasted from here. It could be shared, is there a canonical module in trust_dns for "utility things"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not as such. I’m guessing there might be enough things around data encoding/base64 where this might be desirable.
Don’t worry about that in this pr though, that seems like something we could clean up later.
/// [RFC 6594](https://tools.ietf.org/html/rfc6594) and | ||
/// [RFC 7479](https://tools.ietf.org/html/rfc7479). | ||
#[derive(Debug, PartialEq, Eq, Hash, Clone, Copy)] | ||
pub enum Algorithm { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This competes with a similar name, if this generally is only used in this context, it's probably ok, but an FYI: https://github.com/bluejekyll/trust-dns/blob/master/crates/proto/src/rr/dnssec/algorithm.rs#L104
- removed println from TLSA presentation parsing - added doc for the Canonical DNS Name Order
I have changed the representation format parsing so that the fingerprint must be in exactly one entry and not the rest is put together. |
Ok, this looks great! Thanks for the PR! |
This PR (addresses #646) adds support for the SSHFP and OPENPGPKEY record types. It is WIP as tests are still missing.
The license headers are also missing in new files, as I was not sure which year to choose.