aboutsummaryrefslogtreecommitdiff
path: root/validator/val_nsec3.c
diff options
context:
space:
mode:
Diffstat (limited to 'validator/val_nsec3.c')
-rw-r--r--validator/val_nsec3.c121
1 files changed, 61 insertions, 60 deletions
diff --git a/validator/val_nsec3.c b/validator/val_nsec3.c
index 20580c0d755f..fe5091c0a384 100644
--- a/validator/val_nsec3.c
+++ b/validator/val_nsec3.c
@@ -21,16 +21,16 @@
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/**
@@ -62,18 +62,19 @@
#include "util/data/msgreply.h"
/* we include nsec.h for the bitmap_has_type function */
#include "validator/val_nsec.h"
+#include "ldns/sbuffer.h"
/**
* This function we get from ldns-compat or from base system
* it returns the number of data bytes stored at the target, or <0 on error.
*/
-int ldns_b32_ntop_extended_hex(uint8_t const *src, size_t srclength,
+int sldns_b32_ntop_extended_hex(uint8_t const *src, size_t srclength,
char *target, size_t targsize);
/**
* This function we get from ldns-compat or from base system
* it returns the number of data bytes stored at the target, or <0 on error.
*/
-int ldns_b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len,
+int sldns_b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len,
uint8_t *target, size_t targsize);
/**
@@ -259,7 +260,7 @@ size_t nsec3_hash_to_b32(uint8_t* hash, size_t hashlen, uint8_t* zone,
int ret;
if(max < hashlen*2+1) /* quick approx of b32, as if hexb16 */
return 0;
- ret = ldns_b32_ntop_extended_hex(hash, hashlen, (char*)buf+1, max-1);
+ ret = sldns_b32_ntop_extended_hex(hash, hashlen, (char*)buf+1, max-1);
if(ret < 1)
return 0;
buf[0] = (uint8_t)ret; /* length of b32 label */
@@ -534,16 +535,16 @@ nsec3_hash_cmp(const void* c1, const void* c2)
}
size_t
-nsec3_get_hashed(ldns_buffer* buf, uint8_t* nm, size_t nmlen, int algo,
+nsec3_get_hashed(sldns_buffer* buf, uint8_t* nm, size_t nmlen, int algo,
size_t iter, uint8_t* salt, size_t saltlen, uint8_t* res, size_t max)
{
size_t i, hash_len;
/* prepare buffer for first iteration */
- ldns_buffer_clear(buf);
- ldns_buffer_write(buf, nm, nmlen);
- query_dname_tolower(ldns_buffer_begin(buf));
- ldns_buffer_write(buf, salt, saltlen);
- ldns_buffer_flip(buf);
+ sldns_buffer_clear(buf);
+ sldns_buffer_write(buf, nm, nmlen);
+ query_dname_tolower(sldns_buffer_begin(buf));
+ sldns_buffer_write(buf, salt, saltlen);
+ sldns_buffer_flip(buf);
switch(algo) {
#if defined(HAVE_EVP_SHA1) || defined(HAVE_NSS)
case NSEC3_HASH_SHA1:
@@ -555,29 +556,29 @@ nsec3_get_hashed(ldns_buffer* buf, uint8_t* nm, size_t nmlen, int algo,
if(hash_len > max)
return 0;
# ifdef HAVE_SSL
- (void)SHA1((unsigned char*)ldns_buffer_begin(buf),
- (unsigned long)ldns_buffer_limit(buf),
+ (void)SHA1((unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf),
(unsigned char*)res);
# else
(void)HASH_HashBuf(HASH_AlgSHA1, (unsigned char*)res,
- (unsigned char*)ldns_buffer_begin(buf),
- (unsigned long)ldns_buffer_limit(buf));
+ (unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf));
# endif
for(i=0; i<iter; i++) {
- ldns_buffer_clear(buf);
- ldns_buffer_write(buf, res, hash_len);
- ldns_buffer_write(buf, salt, saltlen);
- ldns_buffer_flip(buf);
+ sldns_buffer_clear(buf);
+ sldns_buffer_write(buf, res, hash_len);
+ sldns_buffer_write(buf, salt, saltlen);
+ sldns_buffer_flip(buf);
# ifdef HAVE_SSL
(void)SHA1(
- (unsigned char*)ldns_buffer_begin(buf),
- (unsigned long)ldns_buffer_limit(buf),
+ (unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf),
(unsigned char*)res);
# else
(void)HASH_HashBuf(HASH_AlgSHA1,
(unsigned char*)res,
- (unsigned char*)ldns_buffer_begin(buf),
- (unsigned long)ldns_buffer_limit(buf));
+ (unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf));
# endif
}
break;
@@ -591,7 +592,7 @@ nsec3_get_hashed(ldns_buffer* buf, uint8_t* nm, size_t nmlen, int algo,
/** perform hash of name */
static int
-nsec3_calc_hash(struct regional* region, ldns_buffer* buf,
+nsec3_calc_hash(struct regional* region, sldns_buffer* buf,
struct nsec3_cached_hash* c)
{
int algo = nsec3_get_algo(c->nsec3, c->rr);
@@ -601,11 +602,11 @@ nsec3_calc_hash(struct regional* region, ldns_buffer* buf,
if(!nsec3_get_salt(c->nsec3, c->rr, &salt, &saltlen))
return -1;
/* prepare buffer for first iteration */
- ldns_buffer_clear(buf);
- ldns_buffer_write(buf, c->dname, c->dname_len);
- query_dname_tolower(ldns_buffer_begin(buf));
- ldns_buffer_write(buf, salt, saltlen);
- ldns_buffer_flip(buf);
+ sldns_buffer_clear(buf);
+ sldns_buffer_write(buf, c->dname, c->dname_len);
+ query_dname_tolower(sldns_buffer_begin(buf));
+ sldns_buffer_write(buf, salt, saltlen);
+ sldns_buffer_flip(buf);
switch(algo) {
#if defined(HAVE_EVP_SHA1) || defined(HAVE_NSS)
case NSEC3_HASH_SHA1:
@@ -619,30 +620,30 @@ nsec3_calc_hash(struct regional* region, ldns_buffer* buf,
if(!c->hash)
return 0;
# ifdef HAVE_SSL
- (void)SHA1((unsigned char*)ldns_buffer_begin(buf),
- (unsigned long)ldns_buffer_limit(buf),
+ (void)SHA1((unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf),
(unsigned char*)c->hash);
# else
(void)HASH_HashBuf(HASH_AlgSHA1,
(unsigned char*)c->hash,
- (unsigned char*)ldns_buffer_begin(buf),
- (unsigned long)ldns_buffer_limit(buf));
+ (unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf));
# endif
for(i=0; i<iter; i++) {
- ldns_buffer_clear(buf);
- ldns_buffer_write(buf, c->hash, c->hash_len);
- ldns_buffer_write(buf, salt, saltlen);
- ldns_buffer_flip(buf);
+ sldns_buffer_clear(buf);
+ sldns_buffer_write(buf, c->hash, c->hash_len);
+ sldns_buffer_write(buf, salt, saltlen);
+ sldns_buffer_flip(buf);
# ifdef HAVE_SSL
(void)SHA1(
- (unsigned char*)ldns_buffer_begin(buf),
- (unsigned long)ldns_buffer_limit(buf),
+ (unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf),
(unsigned char*)c->hash);
# else
(void)HASH_HashBuf(HASH_AlgSHA1,
(unsigned char*)c->hash,
- (unsigned char*)ldns_buffer_begin(buf),
- (unsigned long)ldns_buffer_limit(buf));
+ (unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf));
# endif
}
break;
@@ -656,19 +657,19 @@ nsec3_calc_hash(struct regional* region, ldns_buffer* buf,
/** perform b32 encoding of hash */
static int
-nsec3_calc_b32(struct regional* region, ldns_buffer* buf,
+nsec3_calc_b32(struct regional* region, sldns_buffer* buf,
struct nsec3_cached_hash* c)
{
int r;
- ldns_buffer_clear(buf);
- r = ldns_b32_ntop_extended_hex(c->hash, c->hash_len,
- (char*)ldns_buffer_begin(buf), ldns_buffer_limit(buf));
+ sldns_buffer_clear(buf);
+ r = sldns_b32_ntop_extended_hex(c->hash, c->hash_len,
+ (char*)sldns_buffer_begin(buf), sldns_buffer_limit(buf));
if(r < 1) {
log_err("b32_ntop_extended_hex: error in encoding: %d", r);
return 0;
}
c->b32_len = (size_t)r;
- c->b32 = regional_alloc_init(region, ldns_buffer_begin(buf),
+ c->b32 = regional_alloc_init(region, sldns_buffer_begin(buf),
c->b32_len);
if(!c->b32)
return 0;
@@ -676,7 +677,7 @@ nsec3_calc_b32(struct regional* region, ldns_buffer* buf,
}
int
-nsec3_hash_name(rbtree_t* table, struct regional* region, ldns_buffer* buf,
+nsec3_hash_name(rbtree_t* table, struct regional* region, sldns_buffer* buf,
struct ub_packed_rrset_key* nsec3, int rr, uint8_t* dname,
size_t dname_len, struct nsec3_cached_hash** hash)
{
@@ -816,7 +817,7 @@ find_matching_nsec3(struct module_env* env, struct nsec3_filter* flt,
int
nsec3_covers(uint8_t* zone, struct nsec3_cached_hash* hash,
- struct ub_packed_rrset_key* rrset, int rr, ldns_buffer* buf)
+ struct ub_packed_rrset_key* rrset, int rr, sldns_buffer* buf)
{
uint8_t* next, *owner;
size_t nextlen;
@@ -840,10 +841,10 @@ nsec3_covers(uint8_t* zone, struct nsec3_cached_hash* hash,
return 1;
/* convert owner name from text to binary */
- ldns_buffer_clear(buf);
- owner = ldns_buffer_begin(buf);
- len = ldns_b32_pton_extended_hex((char*)rrset->rk.dname+1,
- hash->b32_len, owner, ldns_buffer_limit(buf));
+ sldns_buffer_clear(buf);
+ owner = sldns_buffer_begin(buf);
+ len = sldns_b32_pton_extended_hex((char*)rrset->rk.dname+1,
+ hash->b32_len, owner, sldns_buffer_limit(buf));
if(len<1)
return 0; /* bad owner name in some way */
if((size_t)len != hash->hash_len || (size_t)len != nextlen)
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-28 07:57:02 +0000