mirror of
https://github.com/systemd/systemd
synced 2024-10-15 12:34:37 +00:00
resolve: print TLSA packets in hexadecimal
https://tools.ietf.org/html/rfc6698#section-2.2 says: > The certificate association data field MUST be represented as a string > of hexadecimal characters. Whitespace is allowed within the string of > hexadecimal characters
This commit is contained in:
parent
82d1d24093
commit
236d312b8d
|
@ -357,7 +357,7 @@ d08ee310438ca124a6149ea5cc21b6313b390dce485576eff96f8722._openpgpkey.fedoraproje
|
||||||
<literal>:443</literal> could be skipped)</title>
|
<literal>:443</literal> could be skipped)</title>
|
||||||
|
|
||||||
<programlisting>$ systemd-resolve --tlsa=tcp fedoraproject.org:443
|
<programlisting>$ systemd-resolve --tlsa=tcp fedoraproject.org:443
|
||||||
_443._tcp.fedoraproject.org IN TLSA 0 0 1 GUAL5bejH7czkXcAeJ0vCiRxwMnVBsDlBMBsFtfLF8A=
|
_443._tcp.fedoraproject.org IN TLSA 0 0 1 19400be5b7a31fb733917700789d2f0a2471c0c9d506c0e504c06c16d7cb17c0
|
||||||
-- Cert. usage: CA constraint
|
-- Cert. usage: CA constraint
|
||||||
-- Selector: Full Certificate
|
-- Selector: Full Certificate
|
||||||
-- Matching type: SHA-256
|
-- Matching type: SHA-256
|
||||||
|
|
|
@ -1116,40 +1116,30 @@ const char *dns_resource_record_to_string(DnsResourceRecord *rr) {
|
||||||
|
|
||||||
case DNS_TYPE_TLSA: {
|
case DNS_TYPE_TLSA: {
|
||||||
const char *cert_usage, *selector, *matching_type;
|
const char *cert_usage, *selector, *matching_type;
|
||||||
char *ss;
|
|
||||||
int n;
|
|
||||||
|
|
||||||
cert_usage = tlsa_cert_usage_to_string(rr->tlsa.cert_usage);
|
cert_usage = tlsa_cert_usage_to_string(rr->tlsa.cert_usage);
|
||||||
selector = tlsa_selector_to_string(rr->tlsa.selector);
|
selector = tlsa_selector_to_string(rr->tlsa.selector);
|
||||||
matching_type = tlsa_matching_type_to_string(rr->tlsa.matching_type);
|
matching_type = tlsa_matching_type_to_string(rr->tlsa.matching_type);
|
||||||
|
|
||||||
r = asprintf(&s, "%s %u %u %u %n",
|
t = hexmem(rr->sshfp.fingerprint, rr->sshfp.fingerprint_size);
|
||||||
|
if (!t)
|
||||||
|
return NULL;
|
||||||
|
|
||||||
|
r = asprintf(&s,
|
||||||
|
"%s %u %u %u %s\n"
|
||||||
|
" -- Cert. usage: %s\n"
|
||||||
|
" -- Selector: %s\n"
|
||||||
|
" -- Matching type: %s",
|
||||||
k,
|
k,
|
||||||
rr->tlsa.cert_usage,
|
rr->tlsa.cert_usage,
|
||||||
rr->tlsa.selector,
|
rr->tlsa.selector,
|
||||||
rr->tlsa.matching_type,
|
rr->tlsa.matching_type,
|
||||||
&n);
|
t,
|
||||||
if (r < 0)
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
r = base64_append(&s, n,
|
|
||||||
rr->tlsa.data, rr->tlsa.data_size,
|
|
||||||
8, columns());
|
|
||||||
if (r < 0)
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
r = asprintf(&ss, "%s\n"
|
|
||||||
" -- Cert. usage: %s\n"
|
|
||||||
" -- Selector: %s\n"
|
|
||||||
" -- Matching type: %s",
|
|
||||||
s,
|
|
||||||
cert_usage,
|
cert_usage,
|
||||||
selector,
|
selector,
|
||||||
matching_type);
|
matching_type);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return NULL;
|
return NULL;
|
||||||
free(s);
|
|
||||||
s = ss;
|
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue