Commit 6019651c authored by Daniel Salzman's avatar Daniel Salzman

libknot: merge RCODE name sets

parent 2082cfe2
......@@ -618,7 +618,7 @@ bool process_query_acl_check(conf_t *conf, const knot_dname_t *zone_name,
free(key_name);
qdata->rcode = KNOT_RCODE_NOTAUTH;
qdata->rcode_tsig = KNOT_TSIG_ERR_BADKEY;
qdata->rcode_tsig = KNOT_RCODE_BADKEY;
return false;
}
......@@ -656,15 +656,15 @@ int process_query_verify(struct query_data *qdata)
break;
case KNOT_TSIG_EBADKEY:
qdata->rcode = KNOT_RCODE_NOTAUTH;
qdata->rcode_tsig = KNOT_TSIG_ERR_BADKEY;
qdata->rcode_tsig = KNOT_RCODE_BADKEY;
break;
case KNOT_TSIG_EBADSIG:
qdata->rcode = KNOT_RCODE_NOTAUTH;
qdata->rcode_tsig = KNOT_TSIG_ERR_BADSIG;
qdata->rcode_tsig = KNOT_RCODE_BADSIG;
break;
case KNOT_TSIG_EBADTIME:
qdata->rcode = KNOT_RCODE_NOTAUTH;
qdata->rcode_tsig = KNOT_TSIG_ERR_BADTIME;
qdata->rcode_tsig = KNOT_RCODE_BADTIME;
ctx->tsig_time_signed = knot_tsig_rdata_time_signed(query->tsig_rr);
break;
case KNOT_EMALF:
......
/* Copyright (C) 2011 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
/* Copyright (C) 2016 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
......@@ -30,36 +30,31 @@ const knot_lookup_t knot_opcode_names[] = {
_public_
const knot_lookup_t knot_rcode_names[] = {
{ KNOT_RCODE_NOERROR, "NOERROR" },
{ KNOT_RCODE_FORMERR, "FORMERR" },
{ KNOT_RCODE_SERVFAIL, "SERVFAIL" },
{ KNOT_RCODE_NXDOMAIN, "NXDOMAIN" },
{ KNOT_RCODE_NOTIMPL, "NOTIMPL" },
{ KNOT_RCODE_REFUSED, "REFUSED" },
{ KNOT_RCODE_YXDOMAIN, "YXDOMAIN" },
{ KNOT_RCODE_YXRRSET, "YXRRSET" },
{ KNOT_RCODE_NXRRSET, "NXRRSET" },
{ KNOT_RCODE_NOTAUTH, "NOTAUTH" },
{ KNOT_RCODE_NOTZONE, "NOTZONE" },
{ KNOT_RCODE_BADVERS, "BADVERS" },
{ KNOT_RCODE_NOERROR, "NOERROR" },
{ KNOT_RCODE_FORMERR, "FORMERR" },
{ KNOT_RCODE_SERVFAIL, "SERVFAIL" },
{ KNOT_RCODE_NXDOMAIN, "NXDOMAIN" },
{ KNOT_RCODE_NOTIMPL, "NOTIMPL" },
{ KNOT_RCODE_REFUSED, "REFUSED" },
{ KNOT_RCODE_YXDOMAIN, "YXDOMAIN" },
{ KNOT_RCODE_YXRRSET, "YXRRSET" },
{ KNOT_RCODE_NXRRSET, "NXRRSET" },
{ KNOT_RCODE_NOTAUTH, "NOTAUTH" },
{ KNOT_RCODE_NOTZONE, "NOTZONE" },
{ KNOT_RCODE_BADVERS, "BADVERS" },
{ KNOT_RCODE_BADKEY, "BADKEY" },
{ KNOT_RCODE_BADTIME, "BADTIME" },
{ KNOT_RCODE_BADMODE, "BADMODE" },
{ KNOT_RCODE_BADNAME, "BADNAME" },
{ KNOT_RCODE_BADALG, "BADALG" },
{ KNOT_RCODE_BADTRUNC, "BADTRUNC" },
{ KNOT_RCODE_BADCOOKIE, "BADCOOKIE" },
{ 0, NULL }
};
_public_
const knot_lookup_t knot_tsig_err_names[] = {
{ KNOT_TSIG_ERR_BADSIG, "BADSIG" },
{ KNOT_TSIG_ERR_BADKEY, "BADKEY" },
{ KNOT_TSIG_ERR_BADTIME, "BADTIME" },
{ KNOT_TSIG_ERR_BADTRUNC, "BADTRUNC" },
{ 0, NULL }
};
_public_
const knot_lookup_t knot_tkey_err_names[] = {
{ KNOT_TKEY_ERR_BADMODE, "BADMODE" },
{ KNOT_TKEY_ERR_BADNAME, "BADNAME" },
{ KNOT_TKEY_ERR_BADALG, "BADALG" },
const knot_lookup_t knot_tsig_rcode_names[] = {
{ KNOT_RCODE_BADSIG, "BADSIG" },
{ 0, NULL }
};
......
/* Copyright (C) 2011 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
/* Copyright (C) 2016 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
......@@ -37,14 +37,9 @@ extern const knot_lookup_t knot_opcode_names[];
extern const knot_lookup_t knot_rcode_names[];
/*!
* \brief TSIG error names.
* \brief TSIG exceptions to reply code names.
*/
extern const knot_lookup_t knot_tsig_err_names[];
/*!
* \brief TKEY error names.
*/
extern const knot_lookup_t knot_tkey_err_names[];
extern const knot_lookup_t knot_tsig_rcode_names[];
/*!
* \brief DNSSEC algorithm names.
......
......@@ -69,10 +69,6 @@ typedef enum {
* \brief DNS reply codes (RCODEs).
*
* http://www.iana.org/assignments/dns-parameters/dns-parameters.xml
*
* \note Here, only RCODEs present in Header or as an Extended RCODE in
* OPT + Header are listed. Other codes are used in dedicated fields of
* other RRs.
*/
typedef enum {
KNOT_RCODE_NOERROR = 0, /*!< No error. */
......@@ -87,31 +83,16 @@ typedef enum {
KNOT_RCODE_NOTAUTH = 9, /*!< Server not authoritative. / Query not authorized. */
KNOT_RCODE_NOTZONE = 10, /*!< Name is not inside zone. */
KNOT_RCODE_BADVERS = 16, /*!< Bad OPT Version. */
KNOT_RCODE_BADSIG = 16, /*!< (TSIG) Signature failure. */
KNOT_RCODE_BADKEY = 17, /*!< (TSIG) Key is not supported. */
KNOT_RCODE_BADTIME = 18, /*!< (TSIG) Signature out of time window. */
KNOT_RCODE_BADMODE = 19, /*!< (TKEY) Bad mode. */
KNOT_RCODE_BADNAME = 20, /*!< (TKEY) Duplicate key name. */
KNOT_RCODE_BADALG = 21, /*!< (TKEY) Algorithm not supported. */
KNOT_RCODE_BADTRUNC = 22, /*!< (TSIG) Bad truncation. */
KNOT_RCODE_BADCOOKIE = 23 /*!< Bad/missing server cookie. */
} knot_rcode_t;
/*!
* \brief TSIG error codes to be set in the TSIG RR's RDATA.
*
* Defined in RFC 2845 and RFC 4635.
* See also https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml
*/
typedef enum {
KNOT_TSIG_ERR_BADSIG = 16, /*!< TSIG signature failed. */
KNOT_TSIG_ERR_BADKEY = 17, /*!< Key is not supported. */
KNOT_TSIG_ERR_BADTIME = 18, /*!< Signature out of time window. */
KNOT_TSIG_ERR_BADTRUNC = 22 /*!< Bad truncation. */
} knot_tsig_error_t;
/*!
* \brief TKEY error codes. (Defined in RFC 2930.)
*/
typedef enum {
KNOT_TKEY_ERR_BADMODE = 19, /*!< Bad TKEY mode. */
KNOT_TKEY_ERR_BADNAME = 20, /*!< Duplicate key name. */
KNOT_TKEY_ERR_BADALG = 21 /*!< Algorithm not supported. */
} knot_tkey_error_t;
/*!
* \brief DNS packet section identifiers.
*/
......
......@@ -141,7 +141,7 @@ int knot_tsig_create_rdata(knot_rrset_t *rr, const knot_dname_t *alg,
/* We already checked rr and know rdlen > 0, no need to check rest. */
int alg_len = knot_dname_size(alg);
size_t rdlen = alg_len + TSIG_FIXED_RDLEN + maclen;
if (tsig_err != KNOT_TSIG_ERR_BADTIME) {
if (tsig_err != KNOT_RCODE_BADTIME) {
rdlen -= TSIG_OTHER_MAXLEN;
}
uint8_t rd[rdlen];
......
......@@ -368,7 +368,7 @@ int knot_tsig_sign(uint8_t *msg, size_t *msg_len, size_t msg_max_len,
/* Create rdata for TSIG RR. */
uint16_t rdata_rcode = 0;
if (tsig_rcode == KNOT_TSIG_ERR_BADTIME)
if (tsig_rcode == KNOT_RCODE_BADTIME)
rdata_rcode = tsig_rcode;
const uint8_t *alg_name = dnssec_tsig_algorithm_to_dname(key->algorithm);
......@@ -376,7 +376,7 @@ int knot_tsig_sign(uint8_t *msg, size_t *msg_len, size_t msg_max_len,
knot_tsig_create_rdata(tmp_tsig, alg_name, alg_size, rdata_rcode);
/* Distinguish BADTIME response. */
if (tsig_rcode == KNOT_TSIG_ERR_BADTIME) {
if (tsig_rcode == KNOT_RCODE_BADTIME) {
/* Set client's time signed into the time signed field. */
knot_tsig_rdata_set_time_signed(tmp_tsig, request_time_signed);
......@@ -675,7 +675,7 @@ int knot_tsig_add(uint8_t *msg, size_t *msg_len, size_t msg_max_len,
return KNOT_ENOMEM;
}
assert(tsig_rcode != KNOT_TSIG_ERR_BADTIME);
assert(tsig_rcode != KNOT_RCODE_BADTIME);
knot_tsig_create_rdata(tmp_tsig, knot_tsig_rdata_alg_name(tsig_rr), 0, tsig_rcode);
knot_tsig_rdata_set_time_signed(tmp_tsig, knot_tsig_rdata_time_signed(tsig_rr));
......
......@@ -173,7 +173,7 @@ int knot_tsig_append(uint8_t *msg, size_t *msg_len, size_t msg_max_len,
* \todo Proper documentation.
*/
static inline bool knot_tsig_can_sign(uint16_t tsig_rcode) {
return (tsig_rcode == KNOT_RCODE_NOERROR || tsig_rcode == KNOT_TSIG_ERR_BADTIME);
return tsig_rcode == KNOT_RCODE_NOERROR || tsig_rcode == KNOT_RCODE_BADTIME;
}
/*! @} */
......@@ -92,13 +92,13 @@ int verify_packet(const knot_pkt_t *pkt, const sign_context_t *sign_ctx)
}
switch (knot_tsig_rdata_error(pkt->tsig_rr)) {
case KNOT_TSIG_ERR_BADSIG:
case KNOT_RCODE_BADSIG:
return KNOT_TSIG_EBADSIG;
case KNOT_TSIG_ERR_BADKEY:
case KNOT_RCODE_BADKEY:
return KNOT_TSIG_EBADKEY;
case KNOT_TSIG_ERR_BADTIME:
case KNOT_RCODE_BADTIME:
return KNOT_TSIG_EBADTIME;
case KNOT_TSIG_ERR_BADTRUNC:
case KNOT_RCODE_BADTRUNC:
return KNOT_TSIG_EBADTRUNC;
default:
return KNOT_EOK;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment