NLnetLabs · tertsdiepraam · Oct 23, 2024 · Aug 29, 2024 · Aug 30, 2024 · Aug 30, 2024
diff --git a/src/base/iana/class.rs b/src/base/iana/class.rs
@@ -30,33 +30,34 @@ int_enum! {
     ///
     /// This class is defined in RFC 1035 and really the only one relevant
     /// at all.
-    (IN => 1, b"IN")
+    (IN => 1, "IN")
 
     /// Chaosnet (CH).
     ///
     /// A network protocol developed at MIT in the 1970s. Reused by BIND for
     /// built-in server information zones.",
-    (CH => 3, b"CH")
+    (CH => 3, "CH")
 
     /// Hesiod (HS).
     ///
     /// A system information protocol part of MIT's Project Athena.",
-    (HS => 4, b"HS")
+    (HS => 4, "HS")
 
     /// Query class None.
     ///
     /// Defined in RFC 2136, this class is used in UPDATE queries to
     /// require that an RRset does not exist prior to the update.",
-    (NONE => 0xFE, b"NONE")
+    (NONE => 0xFE, "NONE")
 
     /// Query class * (ANY).
     ///
     /// This class can be used in a query to indicate that records for the
     /// given name from any class are requested.",
-    (ANY => 0xFF, b"*")
+    (ANY => 0xFF, "*")
 }
 
 int_enum_str_with_prefix!(Class, "CLASS", b"CLASS", u16, "unknown class");
+int_enum_zonefile_fmt_with_prefix!(Class, "CLASS");
 
 //============ Tests =========================================================
 

diff --git a/src/base/iana/digestalg.rs b/src/base/iana/digestalg.rs
@@ -18,31 +18,32 @@ int_enum! {
     /// Specifies that the SHA-1 hash function is used.
     ///
     /// Implementation of this function is currently mandatory.
-    (SHA1 => 1, b"SHA-1")
+    (SHA1 => 1, "SHA-1")
 
     /// Specifies that the SHA-256 hash function is used.
     ///
     /// Implementation of this function is currently mandatory.
-    (SHA256 => 2, b"SHA-256")
+    (SHA256 => 2, "SHA-256")
 
     /// Specifies that the GOST R 34.11-94 hash function is used.
     ///
     /// Use of this hash function is described in [RFC 5933]. Implementing
     /// the function is optional.
     ///
     /// [RFC 5933]: https://tools.ietf.org/html/rfc5933
-    (GOST => 3, b"GOST R 34.11-94")
+    (GOST => 3, "GOST R 34.11-94")
 
     /// Specifies that the SHA-384 hash function is used.
     ///
     /// Use of this hash function is described in [RFC 6605]. Implementing
     /// the function is optional.
     ///
     /// [RFC 6605]: https://tools.ietf.org/html/rfc6605
-    (SHA384 => 4, b"SHA-384")
+    (SHA384 => 4, "SHA-384")
 }
 
 int_enum_str_decimal!(DigestAlg, u8);
+int_enum_zonefile_fmt_decimal!(DigestAlg, "digest type");
 
 //============ Tests =========================================================
 

diff --git a/src/base/iana/exterr.rs b/src/base/iana/exterr.rs
@@ -19,103 +19,103 @@ int_enum! {
     /// match known extended error codes. Implementations SHOULD
     /// include an EXTRA-TEXT value to augment this error code with
     /// additional information.
-    (OTHER => 0, b"Other Error")
+    (OTHER => 0, "Other Error")
 
     /// The resolver attempted to perform DNSSEC validation, but a DNSKEY
     /// RRset contained only unsupported DNSSEC algorithms.
-    (UNSUPPORTED_DNSKEY_ALGORITHM => 1, b"Unsupported DNSKEY Algorithm")
+    (UNSUPPORTED_DNSKEY_ALGORITHM => 1, "Unsupported DNSKEY Algorithm")
 
     /// The resolver attempted to perform DNSSEC validation, but a DS
     /// RRset contained only unsupported Digest Types.
-    (UNSUPPORTED_DS_DIGEST_TYPE => 2, b"Unsupported DS Digest Type")
+    (UNSUPPORTED_DS_DIGEST_TYPE => 2, "Unsupported DS Digest Type")
 
     /// The resolver was unable to resolve the answer within its time
     /// limits and decided to answer with previously cached data
     /// instead of answering with an error. This is typically caused
     /// by problems communicating with an authoritative server,
     /// possibly as result of a denial of service (DoS) attack against
     /// another network. (See also Code 19.)
-    (STALE_ANSWER => 3, b"Stale Answer")
+    (STALE_ANSWER => 3, "Stale Answer")
 
     /// For policy reasons (legal obligation or malware filtering, for
     /// instance), an answer was forged. Note that this should be
     /// used when an answer is still provided, not when failure
     /// codes are returned instead. See Blocked (15), Censored
     /// (16), and Filtered (17) for use when returning other
     /// response codes.
-    (FORGED_ANSWER => 4, b"Forged Answer")
+    (FORGED_ANSWER => 4, "Forged Answer")
 
     /// The resolver attempted to perform DNSSEC validation, but
     /// validation ended in the Indeterminate state [RFC 4035].
     ///
     /// [RFC 4035]: https://tools.ietf.org/html/rfc4035
-    (DNSSEC_INDETERMINATE => 5, b"DNSSEC Indeterminate")
+    (DNSSEC_INDETERMINATE => 5, "DNSSEC Indeterminate")
 
     /// The resolver attempted to perform DNSSEC validation, but
     /// validation ended in the Bogus state.
-    (DNSSEC_BOGUS => 6, b"DNSSEC Bogus")
+    (DNSSEC_BOGUS => 6, "DNSSEC Bogus")
 
     /// The resolver attempted to perform DNSSEC validation, but no
     /// signatures are presently valid and some (often all) are
     /// expired.
-    (SIGNATURE_EXPIRED => 7, b"Signature Expired")
+    (SIGNATURE_EXPIRED => 7, "Signature Expired")
 
     /// The resolver attempted to perform DNSSEC validation, but no
     /// signatures are presently valid and at least some are not yet
     /// valid.
-    (SIGNATURE_NOT_YET_VALID => 8, b"Signature Not Yet Valid")
+    (SIGNATURE_NOT_YET_VALID => 8, "Signature Not Yet Valid")
 
     /// A DS record existed at a parent, but no supported matching
     /// DNSKEY record could be found for the child.
-    (DNSKEY_MISSING => 9, b"DNSKEY Missing")
+    (DNSKEY_MISSING => 9, "DNSKEY Missing")
 
     /// The resolver attempted to perform DNSSEC validation, but no
     /// RRSIGs could be found for at least one RRset where RRSIGs were
     /// expected.
-    (RRSIGS_MISSING => 10, b"RRSIGs Missing")
+    (RRSIGS_MISSING => 10, "RRSIGs Missing")
 
     /// The resolver attempted to perform DNSSEC validation, but no
     /// Zone Key Bit was set in a DNSKEY.
-    (NO_ZONE_KEY_BIT_SET => 11, b"No Zone Key Bit Set")
+    (NO_ZONE_KEY_BIT_SET => 11, "No Zone Key Bit Set")
 
     /// The resolver attempted to perform DNSSEC validation, but the
     /// requested data was missing and a covering NSEC or NSEC3 was
     /// not provided.
-    (NSEC_MISSING => 12, b"NSEC Missing")
+    (NSEC_MISSING => 12, "NSEC Missing")
 
     /// The resolver is returning the SERVFAIL RCODE from its cache.
-    (CACHED_ERROR => 13, b"Cached Error")
+    (CACHED_ERROR => 13, "Cached Error")
 
     /// The server is unable to answer the query, as it was not fully
     /// functional when the query was received.
-    (NOT_READY => 14, b"Not Ready")
+    (NOT_READY => 14, "Not Ready")
 
     /// The server is unable to respond to the request because the
     /// domain is on a blocklist due to an internal security policy
     /// imposed by the operator of the server resolving or forwarding
     /// the query.
-    (BLOCKED => 15, b"Blocked")
+    (BLOCKED => 15, "Blocked")
 
     /// The server is unable to respond to the request because the
     /// domain is on a blocklist due to an external requirement
     /// imposed by an entity other than the operator of the server
     /// resolving or forwarding the query. Note that how the imposed
     /// policy is applied is irrelevant (in-band DNS filtering, court
     /// order, etc.).
-    (CENSORED => 16, b"Censored")
+    (CENSORED => 16, "Censored")
 
     /// The server is unable to respond to the request because the
     /// domain is on a blocklist as requested by the client.
     /// Functionally, this amounts to "you requested that we filter
     /// domains like this one."
-    (FILTERED => 17, b"Filtered")
+    (FILTERED => 17, "Filtered")
 
     /// An authoritative server or recursive resolver that receives a
     /// query from an "unauthorized" client can annotate its REFUSED
     /// message with this code. Examples of "unauthorized" clients are
     /// recursive queries from IP addresses outside the network,
     /// blocklisted IP addresses, local policy, etc.
-    (PROHIBITED => 18, b"Prohibited")
+    (PROHIBITED => 18, "Prohibited")
 
     /// The resolver was unable to resolve an answer within its
     /// configured time limits and decided to answer with a previously
@@ -124,31 +124,31 @@ int_enum! {
     /// with an authoritative server, possibly as result of a denial
     /// of service (DoS) attack against another network. (See also
     /// Code 3.)
-    (STALE_NXDOMAIN_ANSWER => 19, b"Stale NXDomain Answer")
+    (STALE_NXDOMAIN_ANSWER => 19, "Stale NXDomain Answer")
 
     /// An authoritative server that receives a query with the
     /// Recursion Desired (RD) bit clear, or when it is not configured
     /// for recursion for a domain for which it is not authoritative,
     /// SHOULD include this EDE code in the REFUSED response. A
     /// resolver that receives a query with the RD bit clear SHOULD
     /// include this EDE code in the REFUSED response.
-    (NOT_AUTHORITATIVE => 20, b"Not Authoritative")
+    (NOT_AUTHORITATIVE => 20, "Not Authoritative")
 
     /// The requested operation or query is not supported.
-    (NOT_SUPPORTED => 21, b"Not Supported")
+    (NOT_SUPPORTED => 21, "Not Supported")
 
     /// The resolver could not reach any of the authoritative name
     /// servers (or they potentially refused to reply).
-    (NO_REACHABLE_AUTHORITY => 22, b"No Reachable Authority")
+    (NO_REACHABLE_AUTHORITY => 22, "No Reachable Authority")
 
     /// An unrecoverable error occurred while communicating with
     /// another server.
-    (NETWORK_ERROR => 23, b"Network Error")
+    (NETWORK_ERROR => 23, "Network Error")
 
     /// The authoritative server cannot answer with data for a zone it
     /// is otherwise configured to support. Examples of this include
     /// its most recent zone being too old or having expired.
-    (INVALID_DATA => 24, b"Invalid Data")
+    (INVALID_DATA => 24, "Invalid Data")
 }
 
 /// Start of the private range for EDE codes.
@@ -164,14 +164,8 @@ pub const EDE_PRIVATE_RANGE_BEGIN: u16 = 49152;
 // bundled by the `int_enum_*` macros is not very useful.
 impl core::fmt::Display for ExtendedErrorCode {
     fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result {
-        use core::fmt::Write;
-        match self.to_mnemonic() {
-            Some(m) => {
-                for ch in m {
-                    f.write_char(*ch as char)?
-                }
-                Ok(())
-            }
+        match self.to_mnemonic_str() {
+            Some(m) => f.write_str(m),
             None => write!(f, "EDE{}", self.to_int()),
         }
     }

diff --git a/src/base/iana/macros.rs b/src/base/iana/macros.rs
@@ -39,7 +39,7 @@ macro_rules! int_enum {
             #[must_use]
             pub fn from_mnemonic(m: &[u8]) -> Option<Self> {
                 $(
-                    if m.eq_ignore_ascii_case($mnemonic) {
+                    if m.eq_ignore_ascii_case($mnemonic.as_bytes()) {
                         return Some($ianatype::$variant)
                     }
                 )*
@@ -52,6 +52,14 @@ macro_rules! int_enum {
             /// is hidden in a `Int` variant.
             #[must_use]
             pub const fn to_mnemonic(self) -> Option<&'static [u8]> {
+                match self.to_mnemonic_str() {
+                    Some(m) => Some(m.as_bytes()),
+                    None => None,
+                }
+            }
+
+            /// Returns the mnemonic as a `&str` for this value if there is one
+            pub const fn to_mnemonic_str(self) -> Option<&'static str> {
                 match self {
                     $(
                         $ianatype::$variant => {
@@ -201,7 +209,14 @@ macro_rules! int_enum_str_decimal {
 
         impl core::fmt::Display for $ianatype {
             fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result {
-                write!(f, "{}", self.to_int())
+                write!(f, "{}", self.to_int())?;
+
+                if let Some(m) = self.to_mnemonic_str() {
+                    write!(f, "(")?;
+                    f.write_str(m)?;
+                    write!(f, ")")?;
+                }
+                Ok(())
             }
         }
 
@@ -273,14 +288,10 @@ macro_rules! int_enum_str_with_decimal {
 
         impl core::fmt::Display for $ianatype {
             fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result {
-                use core::fmt::Write;
-
-                match self.to_mnemonic() {
+                match self.to_mnemonic_str() {
                     Some(m) => {
-                        for ch in m {
-                            f.write_char(*ch as char)?
-                        }
-                        Ok(())
+                        f.write_str(m)?;
+                        write!(f, "({})", self.to_int())
                     }
                     None => {
                         write!(f, "{}", self.to_int())
@@ -389,15 +400,8 @@ macro_rules! int_enum_str_with_prefix {
 
         impl core::fmt::Display for $ianatype {
             fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result {
-                use core::fmt::Write;
-
-                match self.to_mnemonic() {
-                    Some(m) => {
-                        for ch in m {
-                            f.write_char(*ch as char)?
-                        }
-                        Ok(())
-                    }
+                match self.to_mnemonic_str() {
+                    Some(m) => f.write_str(m),
                     None => {
                         write!(f, "{}{}", $str_prefix, self.to_int())
                     }
@@ -436,6 +440,56 @@ macro_rules! int_enum_str_with_prefix {
     };
 }
 
+macro_rules! int_enum_zonefile_fmt_decimal {
+    ($ianatype:ident, $name:expr) => {
+        impl $crate::base::zonefile_fmt::ZonefileFmt for $ianatype {
+            fn show(
+                &self,
+                p: &mut $crate::base::zonefile_fmt::Presenter,
+            ) -> $crate::base::zonefile_fmt::Result {
+                p.write_token(self.to_int())?;
+                p.write_comment(format_args!("{}: {}", $name, self))
+            }
+        }
+    };
+}
+
+macro_rules! int_enum_zonefile_fmt_with_decimal {
+    ($ianatype:ident) => {
+        impl $crate::base::zonefile_fmt::ZonefileFmt for $ianatype {
+            fn show(
+                &self,
+                p: &mut $crate::base::zonefile_fmt::Presenter,
+            ) -> $crate::base::zonefile_fmt::Result {
+                match self.to_mnemonic_str() {
+                    Some(m) => p.write_token(m),
+                    None => p.write_token(self.to_int()),
+                }
+            }
+        }
+    };
+}
+
+macro_rules! int_enum_zonefile_fmt_with_prefix {
+    ($ianatype:ident, $str_prefix:expr) => {
+        impl $crate::base::zonefile_fmt::ZonefileFmt for $ianatype {
+            fn show(
+                &self,
+                p: &mut $crate::base::zonefile_fmt::Presenter,
+            ) -> $crate::base::zonefile_fmt::Result {
+                match self.to_mnemonic_str() {
+                    Some(m) => p.write_token(m),
+                    None => p.write_token(format_args!(
+                        "{}{}",
+                        $str_prefix,
+                        self.to_int()
+                    )),
+                }
+            }
+        }
+    };
+}
+
 macro_rules! scan_impl {
     ($ianatype:ident) => {
         impl $ianatype {

diff --git a/src/base/iana/nsec3.rs b/src/base/iana/nsec3.rs
@@ -17,7 +17,8 @@ int_enum! {
     Nsec3HashAlg, u8;
 
     /// Specifies that the SHA-1 hash function is used.
-    (SHA1 => 1, b"SHA-1")
+    (SHA1 => 1, "SHA-1")
 }
 
 int_enum_str_decimal!(Nsec3HashAlg, u8);
+int_enum_zonefile_fmt_decimal!(Nsec3HashAlg, "hash algorithm");