10
0
Fork 0
mirror of https://github.com/ZeusWPI/ZNS.git synced 2024-10-29 21:14:27 +01:00

aaargh case nsensitive

This commit is contained in:
Xander Bil 2024-08-23 23:09:15 +02:00
parent 60ea5f109e
commit 4939d2b3e1
No known key found for this signature in database
GPG key ID: EC9706B54A278598
4 changed files with 40 additions and 16 deletions

View file

@ -7,21 +7,20 @@ use zns::{
errors::ZNSError, errors::ZNSError,
parser::FromBytes, parser::FromBytes,
reader::Reader, reader::Reader,
structs::{Class, RRClass, RRType, Type}, structs::{Class, LabelString, RRClass, RRType, Type},
}; };
use super::{dnskey::DNSKeyRData, sig::Sig}; use super::{dnskey::DNSKeyRData, sig::Sig};
pub async fn authenticate( pub async fn authenticate(
sig: &Sig, sig: &Sig,
zone: &[String], zone: &LabelString,
connection: &mut PgConnection, connection: &mut PgConnection,
) -> Result<bool, ZNSError> { ) -> Result<bool, ZNSError> {
if zone.len() >= Config::get().authoritative_zone.len() { if zone.len() > Config::get().authoritative_zone.len() {
//TODO: panic? subtract
let username = &zone[zone.len() - Config::get().authoritative_zone.len() - 1]; let username = &zone[zone.len() - Config::get().authoritative_zone.len() - 1];
let ssh_verified = validate_ssh(username, sig) let ssh_verified = validate_ssh(&username.to_lowercase(), sig)
.await .await
.map_err(|e| ZNSError::Servfail { .map_err(|e| ZNSError::Servfail {
message: e.to_string(), message: e.to_string(),

View file

@ -6,7 +6,7 @@ use crate::{
}; };
use zns::structs::{Class, Message, RRClass, RRType, Type}; use zns::structs::{Class, Message, RRClass, RRType, Type};
use zns::{errors::ZNSError, utils::vec_equal}; use zns::{errors::ZNSError, utils::labels_equal};
use self::sig::Sig; use self::sig::Sig;
@ -64,7 +64,7 @@ impl ResponseHandler for UpdateHandler {
let rlen = rr.name.len(); let rlen = rr.name.len();
// Check if rr has same zone // Check if rr has same zone
if rlen < zlen || !(vec_equal(&zone.qname, &rr.name[rlen - zlen..])) { if rlen < zlen || !(labels_equal(&zone.qname, &rr.name[rlen - zlen..].into())) {
return Err(ZNSError::Refused { return Err(ZNSError::Refused {
message: "RR has different zone from Question".to_string(), message: "RR has different zone from Question".to_string(),
}); });

View file

@ -1,7 +1,7 @@
use crate::{ use crate::{
errors::ZNSError, errors::ZNSError,
structs::{LabelString, Message, Opcode, RCODE}, structs::{LabelString, Message, Opcode, RCODE},
utils::vec_equal, utils::labels_equal,
}; };
impl Message { impl Message {
@ -23,7 +23,7 @@ impl Message {
for question in &self.question { for question in &self.question {
let zlen = question.qname.len(); let zlen = question.qname.len();
if !(zlen >= auth_zone.len() if !(zlen >= auth_zone.len()
&& vec_equal(&question.qname[zlen - auth_zone.len()..], auth_zone)) && labels_equal(&question.qname[zlen - auth_zone.len()..].into(), auth_zone))
{ {
return Err(ZNSError::Refused { return Err(ZNSError::Refused {
message: format!("Not authoritative for: {}", question.qname.join(".")), message: format!("Not authoritative for: {}", question.qname.join(".")),
@ -68,17 +68,21 @@ mod tests {
} }
#[test] #[test]
fn test_not_authoritative() { fn test_authoritative() {
let message = get_message(Some(vec![ let name = vec![
String::from("not"), String::from("not"),
String::from("good"), String::from("good"),
String::from("zone"), String::from("zone"),
])); ];
let zone = vec![String::from("good")]; let message = get_message(Some(name));
assert!(message assert!(message
.check_authoritative(&zone) .check_authoritative(&vec![String::from("good")])
.is_err_and(|x| x.rcode() == RCODE::REFUSED)); .is_err_and(|x| x.rcode() == RCODE::REFUSED));
assert!(message
.check_authoritative(&vec![String::from("Zone")])
.is_ok())
} }
} }

View file

@ -1,13 +1,34 @@
pub fn vec_equal<T: PartialEq>(vec1: &[T], vec2: &[T]) -> bool { use crate::structs::LabelString;
pub fn labels_equal(vec1: &LabelString, vec2: &LabelString) -> bool {
if vec1.len() != vec2.len() { if vec1.len() != vec2.len() {
return false; return false;
} }
for (elem1, elem2) in vec1.iter().zip(vec2.iter()) { for (elem1, elem2) in vec1.iter().zip(vec2.iter()) {
if elem1 != elem2 { if elem1.to_lowercase() != elem2.to_lowercase() {
return false; return false;
} }
} }
true true
} }
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_labels_equal() {
assert!(labels_equal(
&vec![String::from("one"), String::from("two")],
&vec![String::from("oNE"), String::from("two")]
));
assert!(!labels_equal(
&vec![String::from("one"), String::from("two")],
&vec![String::from("oNEe"), String::from("two")]
));
}
}