static int knot_tsig_check_key(const knot_rrset_t *tsig_rr, const knot_tsig_key_t *tsig_key) { if (tsig_rr == NULL || tsig_key == NULL) { return KNOT_EINVAL; } const knot_dname_t *tsig_name = tsig_rr->owner; if (!tsig_name) { return KNOT_EMALF; } char *name = knot_dname_to_str(tsig_name); if (!name) { return KNOT_EMALF; } if (knot_dname_cmp(tsig_name, tsig_key->name) != 0) { /*!< \todo which error. */ dbg_tsig("TSIG: unknown key: %s\n", name); free(name); return KNOT_TSIG_EBADKEY; } free(name); return KNOT_EOK; }
static void _test_nsec_next(const char *msg, const knot_dname_t *input, const knot_dname_t *apex, const knot_dname_t *expected) { knot_dname_t *next = online_nsec_next(input, apex); ok(next != NULL && knot_dname_cmp(next, expected) == 0, "nsec_next, %s", msg); knot_dname_free(&next, NULL); }
/** * Check whether the NSEC RR proves that there is no closer match for <SNAME, SCLASS>. * @param nsec NSEC RRSet. * @param sname Searched name. * @return 0 or error code. */ static int nsec_nonamematch(const knot_rrset_t *nsec, const knot_dname_t *sname) { assert(nsec && sname); const knot_dname_t *next = knot_nsec_next(&nsec->rrs); /* If NSEC 'owner' >= 'next', it means that there is nothing after 'owner' */ const bool is_last_nsec = (knot_dname_cmp(nsec->owner, next) >= 0); if (is_last_nsec) { /* SNAME is after owner => provably doesn't exist */ if (knot_dname_cmp(nsec->owner, sname) < 0) { return kr_ok(); } } else { /* Prove that SNAME is between 'owner' and 'next' */ if ((knot_dname_cmp(nsec->owner, sname) < 0) && (knot_dname_cmp(sname, next) < 0)) { return kr_ok(); } } return kr_error(EINVAL); }
/*! Run all scheduled tests for given parameters. */ int main(int argc, char *argv[]) { plan(19); // Test 1: Allocate new config const char *config_fn = "rc:/sample_conf"; conf_t *conf = conf_new(strdup(config_fn)); ok(conf != 0, "config_new()"); // Test 2: Parse config int ret = conf_parse_str(conf, sample_conf_rc); is_int(0, ret, "parsing configuration file %s", config_fn); if (ret != 0) { skip_block(19, "Parse err"); goto skip_all; } // Test 3: Test server version (0-level depth) is_string("Infinitesimal", conf->version, "server version loaded ok"); // Test 4: Test interfaces (1-level depth) ok(!EMPTY_LIST(conf->ifaces), "configured interfaces exist"); // Test 5,6: Interfaces content (2-level depth) struct node *n = HEAD(conf->ifaces); conf_iface_t *iface = (conf_iface_t*)n; struct sockaddr_storage addr_ref; sockaddr_set(&addr_ref, AF_INET, "10.10.1.1", 53531); is_int(0, sockaddr_cmp(&iface->addr, &addr_ref), "interface0 address check"); n = n->next; iface = (conf_iface_t*)n; sockaddr_set(&addr_ref, AF_INET6, "::0", 53); is_int(0, sockaddr_cmp(&iface->addr, &addr_ref), "interface1 address check"); // Test 9,10: Check server key if (EMPTY_LIST(conf->keys)) { ok(0, "TSIG key algorithm check - NO KEY FOUND"); ok(0, "TSIG key secret check - NO KEY FOUND"); } else { knot_tsig_key_t *k = &((conf_key_t *)HEAD(conf->keys))->k; uint8_t decoded_secret[] = { 0x5a }; ok(k->algorithm == KNOT_TSIG_ALG_HMAC_MD5, "TSIG key algorithm check"); ok(k->secret.size == sizeof(decoded_secret) && memcmp(k->secret.data, decoded_secret, sizeof(decoded_secret)) == 0, "TSIG key secret check"); } // Test 11,12,13,14,15,16,17,18: Check logging facilities ok(list_size(&conf->logs) == 4, "log facilites count check"); n = HEAD(conf->logs); ok(!EMPTY_LIST(conf->logs), "log facilities not empty"); conf_log_t *log = (conf_log_t*)n; node_t *nm = HEAD(log->map); conf_log_map_t *m = (conf_log_map_t*)nm; ok(log->type == LOGT_SYSLOG, "log0 is syslog"); if (EMPTY_LIST(log->map)) { skip_block(5, "Empty list"); } else { ok(m->source == LOG_ANY, "syslog first rule is ANY"); int mask = LOG_UPTO(LOG_NOTICE); ok(m->prios == mask, "syslog mask is equal"); nm = nm->next; m = (conf_log_map_t*)nm; ok(m != 0, "syslog has more than 1 rule"); if (m == 0) { skip_block(2, "No mapping"); } else { ok(m->source == LOG_ZONE, "syslog next rule is for zone"); ok(m->prios == LOG_UPTO(LOG_INFO), "rule for zone is: info level"); } } // Test 19,20: File facility checks n = n->next; log = (conf_log_t*)n; ok(n != 0, "log has next facility"); if (n == 0) { skip("No mapping"); } else { is_string("/var/log/knot/server.err", log->file, "log file matches"); } // Test 21: Load key dname const char *sample_str = "key0.example.net"; knot_dname_t *sample = knot_dname_from_str_alloc(sample_str); if (list_size(&conf->keys) > 0) { knot_tsig_key_t *k = &((conf_key_t *)HEAD(conf->keys))->k; ok(knot_dname_cmp(sample, k->name) == 0, "TSIG key dname check"); } else { ok(0, "TSIG key dname check - NO KEY FOUND"); } knot_dname_free(&sample, NULL); skip_all: // Deallocating config conf_free(conf); return 0; }
static int zone_contents_add_node(zone_contents_t *zone, zone_node_t *node, bool create_parents) { if (zone == NULL || node == NULL) { return KNOT_EINVAL; } int ret = 0; if ((ret = zone_contents_check_node(zone, node)) != 0) { dbg_zone("Node check failed.\n"); return ret; } ret = zone_tree_insert(zone->nodes, node); if (ret != KNOT_EOK) { dbg_zone("Failed to insert node into zone tree.\n"); return ret; } if (!create_parents) { return KNOT_EOK; } dbg_zone_detail("Creating parents of the node.\n"); /* No parents for root domain. */ if (*node->owner == '\0') return KNOT_EOK; zone_node_t *next_node = NULL; const uint8_t *parent = knot_wire_next_label(node->owner, NULL); if (knot_dname_cmp(zone->apex->owner, parent) == 0) { dbg_zone_detail("Zone apex is the parent.\n"); node_set_parent(node, zone->apex); // check if the node is not wildcard child of the parent if (knot_dname_is_wildcard(node->owner)) { zone->apex->flags |= NODE_FLAGS_WILDCARD_CHILD; } } else { while (parent != NULL && !(next_node = zone_contents_get_node(zone, parent))) { /* Create a new node. */ dbg_zone_detail("Creating new node.\n"); next_node = node_new(parent, NULL); if (next_node == NULL) { return KNOT_ENOMEM; } /* Insert node to a tree. */ dbg_zone_detail("Inserting new node to zone tree.\n"); ret = zone_tree_insert(zone->nodes, next_node); if (ret != KNOT_EOK) { node_free(&next_node, NULL); return ret; } /* Update node pointers. */ node_set_parent(node, next_node); if (knot_dname_is_wildcard(node->owner)) { next_node->flags |= NODE_FLAGS_WILDCARD_CHILD; } dbg_zone_detail("Next parent.\n"); node = next_node; parent = knot_wire_next_label(parent, NULL); } // set the found parent (in the zone) as the parent of the last // inserted node assert(node->parent == NULL); node_set_parent(node, next_node); dbg_zone_detail("Created all parents.\n"); } return KNOT_EOK; }