* resolved:
- DNSSEC
+ - use base64 for key presentation?
+ - add display of private key types (http://tools.ietf.org/html/rfc4034#appendix-A.1.1)?
- LLMNR:
- do not fail daemon startup if socket is already busy (container)
- process incoming notification of conflict
[DNS_PROTOCOL_LLMNR] = "llmnr",
};
DEFINE_STRING_TABLE_LOOKUP(dns_protocol, DnsProtocol);
+
+static const char* const dnssec_algorithm_table[_DNSSEC_ALGORITHM_MAX_DEFINED] = {
+ [DNSSEC_ALGORITHM_RSAMD5] = "RSAMD5",
+ [DNSSEC_ALGORITHM_DH] = "DH",
+ [DNSSEC_ALGORITHM_DSA] = "DSA",
+ [DNSSEC_ALGORITHM_ECC] = "ECC",
+ [DNSSEC_ALGORITHM_RSASHA1] = "RSASHA1",
+ [DNSSEC_ALGORITHM_INDIRECT] = "INDIRECT",
+ [DNSSEC_ALGORITHM_PRIVATEDNS] = "PRIVATEDNS",
+ [DNSSEC_ALGORITHM_PRIVATEOID] = "PRIVATEOID",
+};
+DEFINE_STRING_TABLE_LOOKUP(dnssec_algorithm, int);
return (rr->dnskey.zone_key_flag * DNSKEY_FLAG_ZONE_KEY |
rr->dnskey.sep_flag * DNSKEY_FLAG_SEP);
}
+
+/* http://tools.ietf.org/html/rfc4034#appendix-A.1 */
+enum {
+ DNSSEC_ALGORITHM_RSAMD5 = 1,
+ DNSSEC_ALGORITHM_DH,
+ DNSSEC_ALGORITHM_DSA,
+ DNSSEC_ALGORITHM_ECC,
+ DNSSEC_ALGORITHM_RSASHA1,
+ DNSSEC_ALGORITHM_INDIRECT = 252,
+ DNSSEC_ALGORITHM_PRIVATEDNS,
+ DNSSEC_ALGORITHM_PRIVATEOID,
+ _DNSSEC_ALGORITHM_MAX_DEFINED
+};
+
+const char* dnssec_algorithm_to_string(int i) _const_;
+int dnssec_algorithm_from_string(const char *s) _pure_;
return -ENOMEM;
break;
- case DNS_TYPE_DNSKEY:
+ case DNS_TYPE_DNSKEY: {
+ const char *alg;
+
+ alg = dnssec_algorithm_to_string(rr->dnskey.algorithm);
+
t = hexmem(rr->dnskey.key, rr->dnskey.key_size);
if (!t)
return -ENOMEM;
- r = asprintf(&s, "%s %u 3 %u %s",
+ r = asprintf(&s, "%s %u 3 %.*s%.*u %s",
k,
dnskey_to_flags(rr),
- rr->dnskey.algorithm,
+ alg ? -1 : 0, alg,
+ alg ? 0 : 1, alg ? 0u : (unsigned) rr->dnskey.algorithm,
t);
if (r < 0)
return -ENOMEM;
break;
+ }
default:
t = hexmem(rr->generic.data, rr->generic.size);
projects / platform / upstream / systemd.git / commitdiff