mirror of
https://github.com/ZeusWPI/ZNS.git
synced 2024-11-22 05:41:11 +01:00
aaargh case nsensitive
This commit is contained in:
parent
60ea5f109e
commit
4939d2b3e1
4 changed files with 40 additions and 16 deletions
|
@ -7,21 +7,20 @@ use zns::{
|
||||||
errors::ZNSError,
|
errors::ZNSError,
|
||||||
parser::FromBytes,
|
parser::FromBytes,
|
||||||
reader::Reader,
|
reader::Reader,
|
||||||
structs::{Class, RRClass, RRType, Type},
|
structs::{Class, LabelString, RRClass, RRType, Type},
|
||||||
};
|
};
|
||||||
|
|
||||||
use super::{dnskey::DNSKeyRData, sig::Sig};
|
use super::{dnskey::DNSKeyRData, sig::Sig};
|
||||||
|
|
||||||
pub async fn authenticate(
|
pub async fn authenticate(
|
||||||
sig: &Sig,
|
sig: &Sig,
|
||||||
zone: &[String],
|
zone: &LabelString,
|
||||||
connection: &mut PgConnection,
|
connection: &mut PgConnection,
|
||||||
) -> Result<bool, ZNSError> {
|
) -> Result<bool, ZNSError> {
|
||||||
if zone.len() >= Config::get().authoritative_zone.len() {
|
if zone.len() > Config::get().authoritative_zone.len() {
|
||||||
//TODO: panic? subtract
|
|
||||||
let username = &zone[zone.len() - Config::get().authoritative_zone.len() - 1];
|
let username = &zone[zone.len() - Config::get().authoritative_zone.len() - 1];
|
||||||
|
|
||||||
let ssh_verified = validate_ssh(username, sig)
|
let ssh_verified = validate_ssh(&username.to_lowercase(), sig)
|
||||||
.await
|
.await
|
||||||
.map_err(|e| ZNSError::Servfail {
|
.map_err(|e| ZNSError::Servfail {
|
||||||
message: e.to_string(),
|
message: e.to_string(),
|
||||||
|
|
|
@ -6,7 +6,7 @@ use crate::{
|
||||||
};
|
};
|
||||||
|
|
||||||
use zns::structs::{Class, Message, RRClass, RRType, Type};
|
use zns::structs::{Class, Message, RRClass, RRType, Type};
|
||||||
use zns::{errors::ZNSError, utils::vec_equal};
|
use zns::{errors::ZNSError, utils::labels_equal};
|
||||||
|
|
||||||
use self::sig::Sig;
|
use self::sig::Sig;
|
||||||
|
|
||||||
|
@ -64,7 +64,7 @@ impl ResponseHandler for UpdateHandler {
|
||||||
let rlen = rr.name.len();
|
let rlen = rr.name.len();
|
||||||
|
|
||||||
// Check if rr has same zone
|
// Check if rr has same zone
|
||||||
if rlen < zlen || !(vec_equal(&zone.qname, &rr.name[rlen - zlen..])) {
|
if rlen < zlen || !(labels_equal(&zone.qname, &rr.name[rlen - zlen..].into())) {
|
||||||
return Err(ZNSError::Refused {
|
return Err(ZNSError::Refused {
|
||||||
message: "RR has different zone from Question".to_string(),
|
message: "RR has different zone from Question".to_string(),
|
||||||
});
|
});
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
use crate::{
|
use crate::{
|
||||||
errors::ZNSError,
|
errors::ZNSError,
|
||||||
structs::{LabelString, Message, Opcode, RCODE},
|
structs::{LabelString, Message, Opcode, RCODE},
|
||||||
utils::vec_equal,
|
utils::labels_equal,
|
||||||
};
|
};
|
||||||
|
|
||||||
impl Message {
|
impl Message {
|
||||||
|
@ -23,7 +23,7 @@ impl Message {
|
||||||
for question in &self.question {
|
for question in &self.question {
|
||||||
let zlen = question.qname.len();
|
let zlen = question.qname.len();
|
||||||
if !(zlen >= auth_zone.len()
|
if !(zlen >= auth_zone.len()
|
||||||
&& vec_equal(&question.qname[zlen - auth_zone.len()..], auth_zone))
|
&& labels_equal(&question.qname[zlen - auth_zone.len()..].into(), auth_zone))
|
||||||
{
|
{
|
||||||
return Err(ZNSError::Refused {
|
return Err(ZNSError::Refused {
|
||||||
message: format!("Not authoritative for: {}", question.qname.join(".")),
|
message: format!("Not authoritative for: {}", question.qname.join(".")),
|
||||||
|
@ -68,17 +68,21 @@ mod tests {
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_not_authoritative() {
|
fn test_authoritative() {
|
||||||
let message = get_message(Some(vec![
|
let name = vec![
|
||||||
String::from("not"),
|
String::from("not"),
|
||||||
String::from("good"),
|
String::from("good"),
|
||||||
String::from("zone"),
|
String::from("zone"),
|
||||||
]));
|
];
|
||||||
|
|
||||||
let zone = vec![String::from("good")];
|
let message = get_message(Some(name));
|
||||||
|
|
||||||
assert!(message
|
assert!(message
|
||||||
.check_authoritative(&zone)
|
.check_authoritative(&vec![String::from("good")])
|
||||||
.is_err_and(|x| x.rcode() == RCODE::REFUSED));
|
.is_err_and(|x| x.rcode() == RCODE::REFUSED));
|
||||||
|
|
||||||
|
assert!(message
|
||||||
|
.check_authoritative(&vec![String::from("Zone")])
|
||||||
|
.is_ok())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,13 +1,34 @@
|
||||||
pub fn vec_equal<T: PartialEq>(vec1: &[T], vec2: &[T]) -> bool {
|
use crate::structs::LabelString;
|
||||||
|
|
||||||
|
pub fn labels_equal(vec1: &LabelString, vec2: &LabelString) -> bool {
|
||||||
if vec1.len() != vec2.len() {
|
if vec1.len() != vec2.len() {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
for (elem1, elem2) in vec1.iter().zip(vec2.iter()) {
|
for (elem1, elem2) in vec1.iter().zip(vec2.iter()) {
|
||||||
if elem1 != elem2 {
|
if elem1.to_lowercase() != elem2.to_lowercase() {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
true
|
true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[cfg(test)]
|
||||||
|
mod tests {
|
||||||
|
|
||||||
|
use super::*;
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn test_labels_equal() {
|
||||||
|
assert!(labels_equal(
|
||||||
|
&vec![String::from("one"), String::from("two")],
|
||||||
|
&vec![String::from("oNE"), String::from("two")]
|
||||||
|
));
|
||||||
|
|
||||||
|
assert!(!labels_equal(
|
||||||
|
&vec![String::from("one"), String::from("two")],
|
||||||
|
&vec![String::from("oNEe"), String::from("two")]
|
||||||
|
));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue