From 491088f969cdaf335430acaf9fbf50cbdb763496 Mon Sep 17 00:00:00 2001
From: Matthew Zipkin <pinheadmz@gmail.com>
Date: Wed, 1 Dec 2021 10:21:27 -0500
Subject: [PATCH] dns: make name_dirty test more like hsd rule.verifyName()

---
 src/dns.c        | 33 +++++++++++++++++++--------------
 test/hnsd-test.c | 23 +++++++++++++++++++++++
 2 files changed, 42 insertions(+), 14 deletions(-)

diff --git a/src/dns.c b/src/dns.c
index c9fe6394..644c99b9 100644
--- a/src/dns.c
+++ b/src/dns.c
@@ -2431,26 +2431,31 @@ hsk_dns_name_alloc(
 
 bool
 hsk_dns_name_dirty(const char *name) {
-  char *s = (char *)name;
+  int len = strlen(name);
+  if (len > HSK_DNS_MAX_LABEL)
+    return true;
 
-  while (*s) {
-    uint8_t c = (uint8_t)*s;
+  for (int i = 0; i < len; i++) {
+    uint8_t c = name[i];
+
+    if (c >= 0x41 && c <= 0x5a)
+      c ^= 0x20;
 
     switch (c) {
-      case 0x28 /*(*/:
-      case 0x29 /*)*/:
-      case 0x3b /*;*/:
-      case 0x20 /* */:
-      case 0x40 /*@*/:
-      case 0x22 /*"*/:
-      case 0x5c /*\\*/:
-        return true;
+      case 0x5f: /* _ */
+      case 0x2d: /* - */
+        if (i == 0 || i == len - 1) {
+          return true;
+        } else {
+          continue;
+        }
     }
 
-    if (c < 0x20 || c > 0x7e)
+    if (c < 0x30 ||
+       (c > 0x39 && c < 0x61) ||
+        c > 0x7a) {
       return true;
-
-    s += 1;
+    }
   }
 
   return false;
diff --git a/test/hnsd-test.c b/test/hnsd-test.c
index 5049ec70..a71267ed 100644
--- a/test/hnsd-test.c
+++ b/test/hnsd-test.c
@@ -207,6 +207,28 @@ test_prev_name() {
   ) == 0);
 }
 
+void
+test_verify_name() {
+  printf("test_verify_name\n");
+
+  assert(!hsk_dns_name_dirty("hello"));
+  assert(!hsk_dns_name_dirty("HELLO"));
+  assert(!hsk_dns_name_dirty("heLLo"));
+  assert(!hsk_dns_name_dirty("HeLl0"));
+  assert(!hsk_dns_name_dirty("hel-lo"));
+  assert(!hsk_dns_name_dirty("1"));
+  assert(!hsk_dns_name_dirty("000_000"));
+  assert(!hsk_dns_name_dirty("this-domain-name-has-sixty-three-octets-taking-max-label-length"));
+  assert(hsk_dns_name_dirty("hel!lo"));
+  assert(hsk_dns_name_dirty("-hello"));
+  assert(hsk_dns_name_dirty("hello_"));
+  assert(hsk_dns_name_dirty("1@1"));
+  assert(hsk_dns_name_dirty("x\\000y"));
+  assert(hsk_dns_name_dirty("H&ELLO"));
+  assert(hsk_dns_name_dirty("3 3"));
+  assert(hsk_dns_name_dirty("this-domain-name-has-sixtyfour-octets-exceeding-max-label-length"));
+}
+
 /*
  * TEST RUNNER
  */
@@ -220,6 +242,7 @@ main() {
   test_decode_resource();
   test_next_name();
   test_prev_name();
+  test_verify_name();
 
   printf("ok\n");