10
0
Fork 0
mirror of https://github.com/ZeusWPI/ZNS.git synced 2024-11-24 14:11:10 +01:00

aaargh case nsensitive

This commit is contained in:
Xander Bil 2024-08-23 23:09:15 +02:00
parent 60ea5f109e
commit 4939d2b3e1
No known key found for this signature in database
GPG key ID: EC9706B54A278598
4 changed files with 40 additions and 16 deletions

View file

@ -7,21 +7,20 @@ use zns::{
errors::ZNSError,
parser::FromBytes,
reader::Reader,
structs::{Class, RRClass, RRType, Type},
structs::{Class, LabelString, RRClass, RRType, Type},
};
use super::{dnskey::DNSKeyRData, sig::Sig};
pub async fn authenticate(
sig: &Sig,
zone: &[String],
zone: &LabelString,
connection: &mut PgConnection,
) -> Result<bool, ZNSError> {
if zone.len() >= Config::get().authoritative_zone.len() {
//TODO: panic? subtract
if zone.len() > Config::get().authoritative_zone.len() {
let username = &zone[zone.len() - Config::get().authoritative_zone.len() - 1];
let ssh_verified = validate_ssh(username, sig)
let ssh_verified = validate_ssh(&username.to_lowercase(), sig)
.await
.map_err(|e| ZNSError::Servfail {
message: e.to_string(),

View file

@ -6,7 +6,7 @@ use crate::{
};
use zns::structs::{Class, Message, RRClass, RRType, Type};
use zns::{errors::ZNSError, utils::vec_equal};
use zns::{errors::ZNSError, utils::labels_equal};
use self::sig::Sig;
@ -64,7 +64,7 @@ impl ResponseHandler for UpdateHandler {
let rlen = rr.name.len();
// Check if rr has same zone
if rlen < zlen || !(vec_equal(&zone.qname, &rr.name[rlen - zlen..])) {
if rlen < zlen || !(labels_equal(&zone.qname, &rr.name[rlen - zlen..].into())) {
return Err(ZNSError::Refused {
message: "RR has different zone from Question".to_string(),
});

View file

@ -1,7 +1,7 @@
use crate::{
errors::ZNSError,
structs::{LabelString, Message, Opcode, RCODE},
utils::vec_equal,
utils::labels_equal,
};
impl Message {
@ -23,7 +23,7 @@ impl Message {
for question in &self.question {
let zlen = question.qname.len();
if !(zlen >= auth_zone.len()
&& vec_equal(&question.qname[zlen - auth_zone.len()..], auth_zone))
&& labels_equal(&question.qname[zlen - auth_zone.len()..].into(), auth_zone))
{
return Err(ZNSError::Refused {
message: format!("Not authoritative for: {}", question.qname.join(".")),
@ -68,17 +68,21 @@ mod tests {
}
#[test]
fn test_not_authoritative() {
let message = get_message(Some(vec![
fn test_authoritative() {
let name = vec![
String::from("not"),
String::from("good"),
String::from("zone"),
]));
];
let zone = vec![String::from("good")];
let message = get_message(Some(name));
assert!(message
.check_authoritative(&zone)
.check_authoritative(&vec![String::from("good")])
.is_err_and(|x| x.rcode() == RCODE::REFUSED));
assert!(message
.check_authoritative(&vec![String::from("Zone")])
.is_ok())
}
}

View file

@ -1,13 +1,34 @@
pub fn vec_equal<T: PartialEq>(vec1: &[T], vec2: &[T]) -> bool {
use crate::structs::LabelString;
pub fn labels_equal(vec1: &LabelString, vec2: &LabelString) -> bool {
if vec1.len() != vec2.len() {
return false;
}
for (elem1, elem2) in vec1.iter().zip(vec2.iter()) {
if elem1 != elem2 {
if elem1.to_lowercase() != elem2.to_lowercase() {
return false;
}
}
true
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_labels_equal() {
assert!(labels_equal(
&vec![String::from("one"), String::from("two")],
&vec![String::from("oNE"), String::from("two")]
));
assert!(!labels_equal(
&vec![String::from("one"), String::from("two")],
&vec![String::from("oNEe"), String::from("two")]
));
}
}