typedef std::pair<string,string> nsec3;
typedef set<nsec3> nsec3set;
-string nsec3Hash(const string &qname, const string &salt, unsigned int iters)
+string nsec3Hash(const DNSName &qname, const string &salt, unsigned int iters)
{
return toBase32Hex(hashQNameWithSalt(iters, salt, qname));
}
-void proveOrDeny(const nsec3set &nsec3s, const string &qname, const string &salt, unsigned int iters, set<string> &proven, set<string> &denied)
+void proveOrDeny(const nsec3set &nsec3s, const DNSName &qname, const string &salt, unsigned int iters, set<DNSName> &proven, set<DNSName> &denied)
{
string hashed = nsec3Hash(qname, salt, iters);
if(hashed == base)
{
proven.insert(qname);
- cout<<qname<<" ("<<hashed<<") proven by base of "<<base<<".."<<next<<endl;
+ cout<<qname.toString()<<" ("<<hashed<<") proven by base of "<<base<<".."<<next<<endl;
}
if(hashed == next)
{
proven.insert(qname);
- cout<<qname<<" ("<<hashed<<") proven by next of "<<base<<".."<<next<<endl;
+ cout<<qname.toString()<<" ("<<hashed<<") proven by next of "<<base<<".."<<next<<endl;
}
if((hashed > base && hashed < next) ||
(next < base && (hashed < next || hashed > base)))
{
denied.insert(qname);
- cout<<qname<<" ("<<hashed<<") denied by "<<base<<".."<<next<<endl;
+ cout<<qname.toString()<<" ("<<hashed<<") denied by "<<base<<".."<<next<<endl;
}
if (base == next && base != hashed)
{
denied.insert(qname);
- cout<<qname<<" ("<<hashed<<") denied by "<<base<<".."<<next<<endl;
+ cout<<qname.toString()<<" ("<<hashed<<") denied by "<<base<<".."<<next<<endl;
}
}
}
delete[] creply;
MOADNSParser mdp(reply);
- cout<<"Reply to question for qname='"<<mdp.d_qname<<"', qtype="<<DNSRecordContent::NumberToType(mdp.d_qtype)<<endl;
+ cout<<"Reply to question for qname='"<<mdp.d_qname.toString()<<"', qtype="<<DNSRecordContent::NumberToType(mdp.d_qtype)<<endl;
cout<<"Rcode: "<<mdp.d_header.rcode<<", RD: "<<mdp.d_header.rd<<", QR: "<<mdp.d_header.qr;
cout<<", TC: "<<mdp.d_header.tc<<", AA: "<<mdp.d_header.aa<<", opcode: "<<mdp.d_header.opcode<<endl;
- set<string> names;
- set<string> namesseen;
- set<string> namestocheck;
+ set<DNSName> names;
+ set<DNSName> namesseen;
+ set<DNSName> namestocheck;
nsec3set nsec3s;
string nsec3salt;
int nsec3iters = 0;
// nsec3.insert(new nsec3()
// cerr<<toBase32Hex(r.d_nexthash)<<endl;
vector<string> parts;
- boost::split(parts, i->first.d_label, boost::is_any_of("."));
+ string sname=i->first.d_label.toString();
+ boost::split(parts, sname /* FIXME */, boost::is_any_of("."));
nsec3s.insert(make_pair(toLower(parts[0]), toBase32Hex(r.d_nexthash)));
nsec3salt = r.d_salt;
nsec3iters = r.d_iterations;
else
{
// cerr<<"namesseen.insert('"<<i->first.d_label<<"')"<<endl;
- names.insert(stripDot(i->first.d_label));
- namesseen.insert(stripDot(i->first.d_label));
+ names.insert(i->first.d_label);
+ namesseen.insert(i->first.d_label);
}
if(i->first.d_type == QType::CNAME)
namesseen.insert(stripDot(i->first.d_content->getZoneRepresentation()));
}
- cout<<i->first.d_place-1<<"\t"<<i->first.d_label<<"\tIN\t"<<DNSRecordContent::NumberToType(i->first.d_type);
+ cout<<i->first.d_place-1<<"\t"<<i->first.d_label.toString()<<"\tIN\t"<<DNSRecordContent::NumberToType(i->first.d_type);
cout<<"\t"<<i->first.d_ttl<<"\t"<< i->first.d_content->getZoneRepresentation()<<"\n";
}
#endif
cout<<"== nsec3 prove/deny report follows =="<<endl;
- set<string> proven;
- set<string> denied;
+ set<DNSName> proven;
+ set<DNSName> denied;
namesseen.insert(stripDot(qname));
- BOOST_FOREACH(string n, namesseen)
+ for(const auto &n: namesseen)
{
- string shorter(n);
+ DNSName shorter(n);
do {
namestocheck.insert(shorter);
- } while(chopOff(shorter));
+ } while(shorter.chopOff());
}
- BOOST_FOREACH(string n, namestocheck)
+ for(const auto &n: namestocheck)
{
proveOrDeny(nsec3s, n, nsec3salt, nsec3iters, proven, denied);
proveOrDeny(nsec3s, "*."+n, nsec3salt, nsec3iters, proven, denied);
cout<<"qname found proven, NODATA response?"<<endl;
exit(EXIT_SUCCESS);
}
- string shorter=qname;
- string encloser;
- string nextcloser;
- string prev(qname);
- while(chopOff(shorter))
+ DNSName shorter=qname;
+ DNSName encloser;
+ DNSName nextcloser;
+ DNSName prev(qname);
+ while(shorter.chopOff())
{
if(proven.count(shorter))
{
encloser=shorter;
nextcloser=prev;
- cout<<"found closest encloser at "<<encloser<<endl;
- cout<<"next closer is "<<nextcloser<<endl;
+ cout<<"found closest encloser at "<<encloser.toString()<<endl;
+ cout<<"next closer is "<<nextcloser.toString()<<endl;
break;
}
prev=shorter;
}
- if(encloser.size() && nextcloser.size())
+ if(encloser.countLabels() && nextcloser.countLabels())
{
if(denied.count(nextcloser))
{
- cout<<"next closer ("<<nextcloser<<") is denied correctly"<<endl;
+ cout<<"next closer ("<<nextcloser.toString()<<") is denied correctly"<<endl;
}
else
{
- cout<<"next closer ("<<nextcloser<<") NOT denied"<<endl;
+ cout<<"next closer ("<<nextcloser.toString()<<") NOT denied"<<endl;
}
- if(denied.count("*."+encloser))
+ DNSName wcplusencloser=DNSName("*")+encloser;
+ if(denied.count(wcplusencloser))
{
- cout<<"wildcard at encloser (*."<<encloser<<") is denied correctly"<<endl;
+ cout<<"wildcard at encloser ("<<wcplusencloser.toString()<<") is denied correctly"<<endl;
}
- else if(proven.count("*."+encloser))
+ else if(proven.count(wcplusencloser))
{
- cout<<"wildcard at encloser (*."<<encloser<<") is proven"<<endl;
+ cout<<"wildcard at encloser ("<<wcplusencloser.toString()<<") is proven"<<endl;
}
else
{
- cout<<"wildcard at encloser (*."<<encloser<<") is NOT denied or proven"<<endl;
+ cout<<"wildcard at encloser ("<<wcplusencloser.toString()<<") is NOT denied or proven"<<endl;
}
}
exit(EXIT_SUCCESS);
bool isNSEC3 = false;
int soacount=0;
- vector<pair<string,string> > records;
- set<string> labels;
- map<string,string> hashes;
+ vector<pair<DNSName,string> > records;
+ set<DNSName> labels;
+ map<string,DNSName> hashes;
NSEC3PARAMRecordContent ns3pr;
while(soacount<2) {
o<<"\t"<<i->first.d_content->getZoneRepresentation();
}
- records.push_back(make_pair(stripDot(i->first.d_label),o.str()));
+ records.push_back(make_pair(i->first.d_label,o.str()));
- string shorter(stripDot(i->first.d_label));
+ DNSName shorter(i->first.d_label);
do {
labels.insert(shorter);
if (pdns_iequals(shorter, argv[3]))
break;
- }while(chopOff(shorter));
+ }while(shorter.chopOff());
}
if (isNSEC3 && unhash)
{
string hashed;
- BOOST_FOREACH(const string &label, labels) {
+ for(const auto &label: labels) {
hashed=toBase32Hex(hashQNameWithSalt(ns3pr.d_iterations, ns3pr.d_salt, label));
- hashes.insert(pair<string,string>(hashed, label));
+ hashes.insert(pair<string,DNSName>(hashed, label));
}
}
- pair<string,string> record;
- BOOST_FOREACH(record, records) {
- string label=record.first;
+ for(auto &record: records) {
+ DNSName label /* FIXME rename */=record.first;
if (isNSEC3 && unhash)
{
- map<string,string>::iterator i = hashes.find(makeRelative(label, argv[3]));
+ auto i = hashes.find(makeRelative(label.toString(), argv[3]));
if (i != hashes.end())
label=i->second;
}
- cout<<label<<"."<<record.second<<endl;
+ cout<<label.toString()<<"."<<record.second<<endl;
}
}
projects / pdns / commitdiff