Commit fc0cd925 authored by Lubos Slovak's avatar Lubos Slovak

Fixed saving packet wire formats for veryfying.

- Was only doing it for AXFR, now for both.
- Was not adding the last incoming packet.

refs #1460
parent 52fe3a71
......@@ -2012,6 +2012,8 @@ static int ns_xfr_send_and_clear(knot_ns_xfr_t *xfr, int add_tsig)
if (xfr->tsig_key) {
// add the data to TSIG data
assert(KNOT_NS_TSIG_DATA_MAX_SIZE - xfr->tsig_data_size
>= xfr->wire_size);
memcpy(xfr->tsig_data + xfr->tsig_data_size,
xfr->wire, real_size);
xfr->tsig_data_size += real_size;
......
......@@ -388,11 +388,11 @@ static int knot_tsig_create_sign_wire(const uint8_t *msg, size_t msg_len,
}
static int knot_tsig_create_sign_wire_next(const uint8_t *msg, size_t msg_len,
const uint8_t *prev_mac,
size_t prev_mac_len,
uint8_t *digest, size_t *digest_len,
const knot_rrset_t *tmp_tsig,
const knot_key_t *key)
const uint8_t *prev_mac,
size_t prev_mac_len,
uint8_t *digest, size_t *digest_len,
const knot_rrset_t *tmp_tsig,
const knot_key_t *key)
{
if (!msg || !key || digest_len == NULL) {
dbg_tsig("TSIG: create wire: bad args.\n");
......
......@@ -358,6 +358,15 @@ static int xfrin_check_tsig(knot_packet_t *packet, knot_ns_xfr_t *xfr,
return ret;
}
if (xfr->tsig_key) {
// just append the wireformat to the TSIG data
assert(KNOT_NS_TSIG_DATA_MAX_SIZE - xfr->tsig_data_size
>= xfr->wire_size);
memcpy(xfr->tsig_data + xfr->tsig_data_size,
xfr->wire, xfr->wire_size);
xfr->tsig_data_size += xfr->wire_size;
}
if (xfr->tsig_key) {
if (tsig_req && tsig == NULL) {
// TSIG missing!!
......@@ -372,7 +381,7 @@ static int xfrin_check_tsig(knot_packet_t *packet, knot_ns_xfr_t *xfr,
xfr->tsig_prev_time_signed);
} else {
ret = knot_tsig_client_check_next(tsig,
xfr->wire, xfr->wire_size,
xfr->tsig_data, xfr->tsig_data_size,
xfr->digest, xfr->digest_size,
xfr->tsig_key,
xfr->tsig_prev_time_signed);
......@@ -402,14 +411,9 @@ static int xfrin_check_tsig(knot_packet_t *packet, knot_ns_xfr_t *xfr,
tsig_rdata_time_signed(tsig);
} else { // TSIG not required and not there
// just append the wireformat to the TSIG data
assert(KNOT_NS_TSIG_DATA_MAX_SIZE - xfr->tsig_data_size
>= xfr->wire_size);
memcpy(xfr->tsig_data + xfr->tsig_data_size,
xfr->wire, xfr->wire_size);
xfr->tsig_data_size += xfr->wire_size;
}
}/* else { // TSIG not required and not there
}*/
} else if (tsig != NULL) {
// TSIG where it should not be
return KNOT_EMALF;
......@@ -595,16 +599,16 @@ dbg_xfrin_exec(
/*! \note [TSIG] add the packet wire size to the data to be verified by
* TSIG
*/
if (xfr->tsig_key) {
dbg_xfrin("Adding packet wire to TSIG data (size till now: %zu,"
" adding: %zu).\n", xfr->tsig_data_size,
xfr->wire_size);
assert(KNOT_NS_TSIG_DATA_MAX_SIZE - xfr->tsig_data_size
>= xfr->wire_size);
memcpy(xfr->tsig_data + xfr->tsig_data_size, xfr->wire,
xfr->wire_size);
xfr->tsig_data_size += xfr->wire_size;
}
// if (xfr->tsig_key) {
// dbg_xfrin("Adding packet wire to TSIG data (size till now: %zu,"
// " adding: %zu).\n", xfr->tsig_data_size,
// xfr->wire_size);
// assert(KNOT_NS_TSIG_DATA_MAX_SIZE - xfr->tsig_data_size
// >= xfr->wire_size);
// memcpy(xfr->tsig_data + xfr->tsig_data_size, xfr->wire,
// xfr->wire_size);
// xfr->tsig_data_size += xfr->wire_size;
// }
assert(zone != NULL);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment