summaryrefslogtreecommitdiff
path: root/src/dnssecport.erl
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordu.net>2016-04-07 16:04:31 +0200
committerLinus Nordberg <linus@nordu.net>2016-04-07 16:04:31 +0200
commite751a89645f58aae29551e251edd57177aa7f026 (patch)
tree74aa675671abe87659d0aa9989c19c47f995f512 /src/dnssecport.erl
parent28bc4ae4d9cf9f34f9dcd99da1c89bdb56a2bd38 (diff)
Canonicalise DS RR and refactor dns a bit.dnssec
Rename split_rrset/1 -> decode_rrset/1. Add type rr() and use it. Canonicalise DS RR.
Diffstat (limited to 'src/dnssecport.erl')
-rw-r--r--src/dnssecport.erl27
1 files changed, 17 insertions, 10 deletions
diff --git a/src/dnssecport.erl b/src/dnssecport.erl
index 02f919a..c942fb4 100644
--- a/src/dnssecport.erl
+++ b/src/dnssecport.erl
@@ -30,7 +30,7 @@ init(Program) ->
decode_response(Response) ->
<<Status:16/integer, RRSet/binary>> = Response,
- {ok, Status, dns:split_rrset(RRSet)}.
+ {ok, Status, dns:decode_rrset(RRSet)}.
handle_call(stop, _From, State) ->
lager:debug("dnssec stop request received"),
@@ -45,13 +45,12 @@ handle_call({validate, Data}, _From, State) ->
{Port, {data, Response}} ->
case decode_response(list_to_binary(Response)) of
{ok, 400, [DS | Chain]} ->
- {reply,
- {ok, [dns:encode_rr(DS) | dns:encode_rrset(Chain)]},
- State};
+ RRSIG = hd(Chain),
+ R = [dns:encode_rr(dns:canonicalize_dsrr(DS, RRSIG)),
+ dns:encode_rrset(Chain)],
+ {reply, {ok, R}, State};
{ok, Error, _} ->
- {reply, {error, Error}, State};
- {error, Reason} ->
- {stop, {protocolerror, Reason}, State}
+ {reply, {error, Error}, State}
end;
{Port, {exit_status, ExitStatus}} ->
lager:error("dnssec port ~p exiting with status ~p",
@@ -103,6 +102,7 @@ stop_port(State) ->
%% Unit tests.
-define(TA_FILE, "test/testdata/dnssec/trust_anchors").
-define(REQ1_FILE, "test/testdata/dnssec/req.1").
+-define(REQ2_FILE, "test/testdata/dnssec/req-lowttl").
start_test_port() ->
create_port("priv/dnssecport", [?TA_FILE]).
@@ -113,13 +113,14 @@ stop_test_port(Port) ->
read_submission_from_file(Filename) ->
{ok, Data} = file:read_file(Filename),
- dns:split_rrset(Data).
+ dns:decode_rrset(Data).
read_dec_enc_test_() ->
DecodedRRset = read_submission_from_file(?REQ1_FILE),
{ok, FileContent} = file:read_file(?REQ1_FILE),
[?_assertEqual(FileContent, dns:encode_rrset(DecodedRRset))].
+%% TODO: These tests are a bit lame. Room for improvement!
full_test_() ->
{setup,
fun() ->
@@ -127,10 +128,16 @@ full_test_() ->
fun(Port) ->
stop_test_port(Port) end,
fun(Port) ->
- R = handle_call({validate, read_submission_from_file(?REQ1_FILE)},
+ R1 = handle_call({validate, read_submission_from_file(?REQ1_FILE)},
self(), #state{port = Port}),
+ R2 = handle_call({validate, read_submission_from_file(?REQ2_FILE)},
+ self(), #state{port = Port}),
+ {reply, {ok, [DSBin | _ChainBin]}, _} = R2,
+ {DS, <<>>} = dns:decode_rr(DSBin),
[
- ?_assertMatch({reply, {ok, _}, _State}, R)
+ ?_assertMatch({reply, {ok, _}, _State}, R1),
+ ?_assertMatch({reply, {ok, _}, _State}, R2),
+ ?_assertMatch({rr, _Name, _Type, _Class, 3600, _RDATA}, DS)
] end
}.