Browse files

tested and working NSEC3PARAM records

  • Loading branch information...
1 parent 3109a46 commit 23708da7be59f95be2c0e051771e1887f43e8beb Matt Simerson committed Apr 9, 2013
Showing with 46 additions and 23 deletions.
  1. +6 −2 client/htdocs/nt-script.js
  2. +2 −2 client/htdocs/zone.cgi
  3. +21 −17 server/lib/NicToolServer/Export/tinydns.pm
  4. +17 −2 server/t/22_export.t
View
8 client/htdocs/nt-script.js
@@ -35,9 +35,9 @@ function selectedRRType(rrType) {
case 'NSEC':
setFormRRTypeNSEC(); break;
case 'NSEC3':
- setFormRRTypeNSEC(); break;
+ setFormRRTypeNSEC3(); break;
case 'NSEC3PARAM':
- setFormRRTypeNSEC(); break;
+ setFormRRTypeNSECPARAM(); break;
case 'RRSIG':
setFormRRTypeRRSIG(); break;
}
@@ -128,6 +128,10 @@ function setFormRRTypeNSEC() {
$('td#address_label').text('Next Domain Name');
$('td#description_label').text('Type Bit Map');
}
+function setFormRRTypeNSEC3() {
+}
+function setFormRRTypeNSEC3PARAM() {
+}
function setFormRRTypeRRSIG() {
}
View
4 client/htdocs/zone.cgi
@@ -993,7 +993,7 @@ sub _build_rr_type_menu {
if ( $zone->{'zone'} =~ /(in-addr|ip6)\.arpa$/ ) {
my %reverse = map {
- my $spa = ' ' x (9-length $_->{name});
+ my $spa = ' ' x (11-length $_->{name});
$_->{name} => $_->{name} . ${spa} . $_->{description} }
grep( $_->{reverse} == 1, @$rr_types);
@@ -1002,7 +1002,7 @@ sub _build_rr_type_menu {
}
else {
my %forwards = map {
- my $spa = ' ' x (9-length $_->{name}); # white space
+ my $spa = ' ' x (11-length $_->{name}); # white space
$_->{name} => $_->{name} . ${spa} . $_->{description} }
grep( $_->{forward} == 1, @$rr_types);
View
38 server/lib/NicToolServer/Export/tinydns.pm
@@ -585,17 +585,11 @@ sub zr_nsec3 {
if ( ')' eq substr( $data[-1], -1, 1) ) { chop $data[-1]; };
my ($hash_algo, $flags, $iters, $salt, $next_hash, @types ) = @data;
- if ( $salt eq '-' ) { $salt = ''; }
- else { $salt = pack 'H*', $salt }; # to binary
+ my $rdata = $self->pack_nsec3_params( $hash_algo, $flags, $iters, $salt );
$next_hash = $self->base32str_to_bin( $next_hash );
- my $rdata = escape_rdata( pack 'CCnCa*Ca*',
- $hash_algo, # Hash Algorithm 1 octet
- $flags, # Flags 1 octet
- $iters, # Iterations 16 bit ui,lf(n)
- length( $salt ), # Salt Length 1 octet
- $salt, # Salt binary octets
+ $rdata .= escape_rdata( pack 'Ca*',
length( $next_hash), # Hash Length 1 octet
$next_hash # Next Hashed Owner Name - unmodified binary hash value
);
@@ -610,16 +604,11 @@ sub zr_nsec3param {
my $self = shift;
my $r = shift or die;
- # NSEC3: https://tools.ietf.org/html/rfc5155
+ # NSEC3PARAM: https://tools.ietf.org/html/rfc5155
+ my ($hash_algo, $flags, $iters, $salt) = split /\s+/, $r->{address};
- my $rdata = $r->{address};
- # Hash Algorithm 1 octet
- # Flag Fields 1 octet
- # Iterations 16 bit ui,lf(n)
- # Salt Length 1 octet
- # Salt N binary octets (0-N)
-
-# TTL should be same as zone SOA minimum: RFC 2308
+# RDATA mirrors the first four fields in the NSEC3
+ my $rdata = $self->pack_nsec3_params( $hash_algo, $flags, $iters, $salt );
return $self->zr_generic( 51, $r, $rdata );
};
@@ -722,6 +711,21 @@ sub pack_hex {
return $r;
};
+sub pack_nsec3_params {
+ my ($self, $hash_algo, $flags, $iters, $salt ) = @_;
+
+ if ( $salt eq '-' ) { $salt = ''; }
+ else { $salt = pack 'H*', $salt }; # to binary
+
+ return escape_rdata( pack 'CCnCa*',
+ $hash_algo, # Hash Algorithm 1 octet
+ $flags, # Flags 1 octet
+ $iters, # Iterations 16 bit ui,lf(n)
+ length( $salt ), # Salt Length 1 octet
+ $salt, # Salt binary octets
+ );
+};
+
sub pack_type_bitmap {
my ( $self, $rr_type_list ) = @_;
View
19 server/t/22_export.t
@@ -62,7 +62,7 @@ foreach ( @good_ports ) {
ok( $export->is_ip_port($_), "is_ip_port, valid, $_");
};
-#done_testing() and exit;
+done_testing() and exit;
# TODO: specify NS type when loading, so we can run these NS specific tests
$export->load_export_class();
@@ -73,6 +73,7 @@ _zr_rrsig();
_aaaa_to_ptr();
_datestamp_to_int();
_zr_nsec3();
+_zr_nsec3param();
_zr_ipseckey();
done_testing() and exit;
@@ -186,7 +187,6 @@ sub _zr_nsec3 {
};
-
sub _zr_ipseckey {
$r = $export->{export_class}->zr_ipseckey( {
name => 'ipsec.simerson.com.',
@@ -203,3 +203,18 @@ sub _zr_ipseckey {
', 'zr_ipseckey');
};
+
+sub _zr_nsec3param {
+ $r = $export->{export_class}->zr_nsec3param( {
+ name => 'nsec3param.simerson.com.',
+ address => '1 1 12 aabbccdd 2t7b4g4vsa5smi47k61mv5bv1a22bojr',
+ description => '',
+ ttl => '86400',
+ timestamp => '',
+ location => '',
+ } );
+ cmp_ok( $r, 'eq', ':nsec3param.simerson.com.:51:\001\001\000\014\004\252\273\314\335:86400::
+', 'zr_nsec3param');
+
+};
+

0 comments on commit 23708da

Please sign in to comment.