interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Put rrs to validate in rrset

This commit is contained in:
Willem Toorop 2015-09-21 12:59:30 +02:00
parent f673e12106
commit bf7f44dcb7
1 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/dnssec.c
View File

@ -1401,6 +1401,7 @@ static ldns_rr_list *rrset2ldns_rr_list(getdns_rrset *rrset)
* When the rrset was a wildcard expansion (rrsig labels < labels owner name), * When the rrset was a wildcard expansion (rrsig labels < labels owner name),
* nc_name will be set to the next closer (within rrset->name). * nc_name will be set to the next closer (within rrset->name).
*/ */
#define VAL_RRSET_SPC_SZ 1024
static int _getdns_verify_rrsig(struct mem_funcs *mf, static int _getdns_verify_rrsig(struct mem_funcs *mf,
getdns_rrset *rrset, rrsig_iter *rrsig, rrtype_iter *key, uint8_t **nc_name) getdns_rrset *rrset, rrsig_iter *rrsig, rrtype_iter *key, uint8_t **nc_name)
{ {
@ -1409,11 +1410,34 @@ static int _getdns_verify_rrsig(struct mem_funcs *mf,
ldns_rr *key_l = rr2ldns_rr(&key->rr_i); ldns_rr *key_l = rr2ldns_rr(&key->rr_i);
int r; int r;
int to_skip; int to_skip;
_getdns_rr_iter val_rrset_spc[VAL_RRSET_SPC_SZ];
_getdns_rr_iter *val_rrset = val_rrset_spc;
rrtype_iter rr_spc, *rr;
size_t i, valbuf_sz;
/* nc_name should already have been initialized by the parent! */ /* nc_name should already have been initialized by the parent! */
assert(nc_name); assert(nc_name);
assert(!*nc_name); assert(!*nc_name);
do {
for ( rr = rrtype_iter_init(&rr_spc, rrset), i = 0
; rr
; rr = rrtype_iter_next(rr), i++) {
if (val_rrset == val_rrset_spc) {
valbuf_sz += 0;
if (i < VAL_RRSET_SPC_SZ)
val_rrset[i] = rr->rr_i;
} else
val_rrset[i] = rr->rr_i;
}
/* More space needed for val_rrset */
if (val_rrset == val_rrset_spc && i > VAL_RRSET_SPC_SZ) {
val_rrset = GETDNS_XMALLOC(*mf, _getdns_rr_iter, i);
continue;
}
} while (0);
r = rrset_l && rrsig_l && key_l && r = rrset_l && rrsig_l && key_l &&
ldns_verify_rrsig(rrset_l, rrsig_l, key_l) == LDNS_STATUS_OK; ldns_verify_rrsig(rrset_l, rrsig_l, key_l) == LDNS_STATUS_OK;
@ -1421,6 +1445,8 @@ static int _getdns_verify_rrsig(struct mem_funcs *mf,
ldns_rr_free(rrsig_l); ldns_rr_free(rrsig_l);
ldns_rr_free(key_l); ldns_rr_free(key_l);
if (val_rrset != val_rrset_spc)
GETDNS_FREE(*mf, val_rrset);
if (!r) if (!r)
return 0; return 0;