Blame
Date:
Sat Aug 1 09:01:52 2020 UTC
Message:
move extended RCODE's out of the RCODE section those are only 0x00 through 0x0F make a section that shows extended RCODE's that are added to a EDNS0 tag.
0001
2014-11-14
pjp
/*
0002
2018-10-19
pjp
* Copyright (c) 2005-2018 Peter J. Philipp
0003
2014-11-14
pjp
* All rights reserved.
0004
2014-11-14
pjp
*
0005
2014-11-14
pjp
* Redistribution and use in source and binary forms, with or without
0006
2014-11-14
pjp
* modification, are permitted provided that the following conditions
0007
2014-11-14
pjp
* are met:
0008
2014-11-14
pjp
* 1. Redistributions of source code must retain the above copyright
0009
2014-11-14
pjp
* notice, this list of conditions and the following disclaimer.
0010
2014-11-14
pjp
* 2. Redistributions in binary form must reproduce the above copyright
0011
2014-11-14
pjp
* notice, this list of conditions and the following disclaimer in the
0012
2014-11-14
pjp
* documentation and/or other materials provided with the distribution.
0013
2014-11-14
pjp
* 3. The name of the author may not be used to endorse or promote products
0014
2014-11-14
pjp
* derived from this software without specific prior written permission
0015
2014-11-14
pjp
*
0016
2014-11-14
pjp
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
0017
2014-11-14
pjp
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
0018
2014-11-14
pjp
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
0019
2014-11-14
pjp
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
0020
2014-11-14
pjp
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
0021
2014-11-14
pjp
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
0022
2014-11-14
pjp
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
0023
2014-11-14
pjp
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
0024
2014-11-14
pjp
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
0025
2014-11-14
pjp
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
0026
2014-11-14
pjp
*
0027
2014-11-14
pjp
*/
0028
2017-10-26
pjp
0029
2017-10-26
pjp
/*
0030
2020-07-13
pjp
* $Id: additional.c,v 1.38 2020/07/13 22:02:26 pjp Exp $
0031
2017-10-26
pjp
*/
0032
2017-10-26
pjp
0033
2019-06-06
pjp
#include <sys/types.h>
0034
2019-06-06
pjp
#include <sys/socket.h>
0035
2019-06-06
pjp
0036
2019-06-06
pjp
#include <netinet/in.h>
0037
2019-06-06
pjp
#include <arpa/inet.h>
0038
2019-06-06
pjp
#include <netdb.h>
0039
2019-06-06
pjp
0040
2019-06-06
pjp
#include <stdio.h>
0041
2019-06-06
pjp
#include <stdlib.h>
0042
2019-06-06
pjp
#include <string.h>
0043
2019-06-06
pjp
0044
2020-07-03
pjp
#include <syslog.h>
0045
2020-07-03
pjp
0046
2019-06-06
pjp
#ifdef __linux__
0047
2019-06-06
pjp
#include <grp.h>
0048
2019-06-06
pjp
#define __USE_BSD 1
0049
2019-06-06
pjp
#include <endian.h>
0050
2019-06-06
pjp
#include <bsd/stdlib.h>
0051
2019-06-06
pjp
#include <bsd/string.h>
0052
2019-06-06
pjp
#include <bsd/sys/queue.h>
0053
2019-06-06
pjp
#define __unused
0054
2019-06-06
pjp
#include <bsd/sys/tree.h>
0055
2019-06-06
pjp
#include <bsd/sys/endian.h>
0056
2019-06-06
pjp
#else /* not linux */
0057
2019-06-06
pjp
#include <sys/queue.h>
0058
2019-06-06
pjp
#include <sys/tree.h>
0059
2019-06-07
pjp
#ifdef __FreeBSD__
0060
2019-06-07
pjp
#include <sys/endian.h>
0061
2019-06-07
pjp
#endif /* __FreeBSD__ */
0062
2019-06-06
pjp
#endif /* __linux__ */
0063
2019-06-06
pjp
0064
2019-06-06
pjp
0065
2016-07-06
pjp
#include "ddd-dns.h"
0066
2016-07-06
pjp
#include "ddd-db.h"
0067
2016-07-06
pjp
0068
2019-02-24
pjp
#include <openssl/evp.h>
0069
2019-02-24
pjp
#include <openssl/hmac.h>
0070
2019-02-24
pjp
0071
2019-02-15
pjp
int additional_a(char *, int, struct rbtree *, char *, int, int, int *);
0072
2019-02-15
pjp
int additional_aaaa(char *, int, struct rbtree *, char *, int, int, int *);
0073
2019-02-15
pjp
int additional_mx(char *, int, struct rbtree *, char *, int, int, int *);
0074
2019-11-09
pjp
int additional_ds(char *, int, struct rbtree *, char *, int, int, int *);
0075
2014-11-14
pjp
int additional_opt(struct question *, char *, int, int);
0076
2019-02-15
pjp
int additional_ptr(char *, int, struct rbtree *, char *, int, int, int *);
0077
2020-07-06
pjp
int additional_rrsig(char *, int, int, struct rbtree *, char *, int, int, int *, int);
0078
2020-07-06
pjp
int additional_nsec(char *, int, int, struct rbtree *, char *, int, int, int *, int);
0079
2020-07-06
pjp
int additional_nsec3(char *, int, int, struct rbtree *, char *, int, int, int *, int);
0080
2019-02-28
pjp
int additional_tsig(struct question *, char *, int, int, int, int, HMAC_CTX *);
0081
2014-11-14
pjp
0082
2019-12-03
pjp
extern void pack(char *, char *, int);
0083
2019-12-03
pjp
extern void pack32(char *, u_int32_t);
0084
2019-12-03
pjp
extern void pack16(char *, u_int16_t);
0085
2019-12-03
pjp
extern void pack8(char *, u_int8_t);
0086
2019-12-03
pjp
extern uint32_t unpack32(char *);
0087
2019-12-03
pjp
extern uint16_t unpack16(char *);
0088
2019-12-03
pjp
extern void unpack(char *, char *, int);
0089
2019-12-03
pjp
0090
2015-06-17
pjp
extern int compress_label(u_char *, int, int);
0091
2019-02-15
pjp
extern struct rbtree * find_rrset(ddDB *db, char *name, int len);
0092
2019-02-15
pjp
extern struct rrset * find_rr(struct rbtree *rbt, u_int16_t rrtype);
0093
2019-02-15
pjp
extern int display_rr(struct rrset *rrset);
0094
2019-02-24
pjp
extern int find_tsig_key(char *, int, char *, int);
0095
2020-07-03
pjp
extern void dolog(int, char *, ...);
0096
2014-11-14
pjp
0097
2019-02-24
pjp
0098
2020-07-03
pjp
0099
2017-10-26
pjp
extern int dnssec;
0100
2015-06-17
pjp
0101
2017-10-26
pjp
0102
2014-11-14
pjp
/*
0103
2014-11-14
pjp
* ADDITIONAL_A - tag on an additional set of A records to packet
0104
2014-11-14
pjp
*/
0105
2014-11-14
pjp
0106
2014-11-14
pjp
int
0107
2019-02-15
pjp
additional_a(char *name, int namelen, struct rbtree *rbt, char *reply, int replylen, int offset, int *retcount)
0108
2014-11-14
pjp
{
0109
2019-02-15
pjp
int a_count = 0;
0110
2014-11-14
pjp
int tmplen;
0111
2014-11-14
pjp
int rroffset = offset;
0112
2014-11-14
pjp
0113
2014-11-14
pjp
struct answer {
0114
2014-11-14
pjp
u_int16_t type;
0115
2014-11-14
pjp
u_int16_t class;
0116
2014-11-14
pjp
u_int32_t ttl;
0117
2014-11-14
pjp
u_int16_t rdlength; /* 12 */
0118
2014-11-14
pjp
in_addr_t rdata; /* 16 */
0119
2014-11-14
pjp
} __attribute__((packed));
0120
2014-11-14
pjp
0121
2014-11-14
pjp
struct answer *answer;
0122
2019-02-15
pjp
struct rrset *rrset = NULL;
0123
2019-02-15
pjp
struct rr *rrp = NULL;
0124
2019-12-04
pjp
int tmpcount = 0;
0125
2014-11-14
pjp
0126
2019-12-04
pjp
pack32((char *)retcount, 0);
0127
2014-11-14
pjp
0128
2019-02-15
pjp
if ((rrset = find_rr(rbt, DNS_TYPE_A)) == NULL)
0129
2019-02-15
pjp
return 0;
0130
2014-11-14
pjp
0131
2019-02-15
pjp
TAILQ_FOREACH(rrp, &rrset->rr_head, entries) {
0132
2014-11-14
pjp
rroffset = offset;
0133
2014-11-14
pjp
if ((offset + namelen) > replylen)
0134
2014-11-14
pjp
goto out;
0135
2014-11-14
pjp
0136
2014-11-14
pjp
memcpy(&reply[offset], name, namelen);
0137
2014-11-14
pjp
offset += namelen;
0138
2014-11-14
pjp
tmplen = compress_label((u_char*)reply, offset, namelen);
0139
2014-11-14
pjp
0140
2014-11-14
pjp
if (tmplen != 0) {
0141
2014-11-14
pjp
offset = tmplen;
0142
2014-11-14
pjp
}
0143
2014-11-14
pjp
if ((offset + sizeof(struct answer)) > replylen) {
0144
2014-11-14
pjp
offset = rroffset;
0145
2014-11-14
pjp
goto out;
0146
2014-11-14
pjp
}
0147
2014-11-14
pjp
0148
2014-11-14
pjp
answer = (struct answer *)&reply[offset];
0149
2014-11-14
pjp
0150
2014-11-14
pjp
answer->type = htons(DNS_TYPE_A);
0151
2014-11-14
pjp
answer->class = htons(DNS_CLASS_IN);
0152
2020-05-07
pjp
answer->ttl = htonl(rrset->ttl);
0153
2014-11-14
pjp
0154
2014-11-14
pjp
answer->rdlength = htons(sizeof(in_addr_t));
0155
2014-11-14
pjp
0156
2019-02-15
pjp
memcpy((char *)&answer->rdata, (char *)&((struct a *)rrp->rdata)->a, sizeof(in_addr_t));
0157
2014-11-14
pjp
offset += sizeof(struct answer);
0158
2019-12-04
pjp
tmpcount++;
0159
2014-11-14
pjp
0160
2019-02-15
pjp
a_count++;
0161
2014-11-14
pjp
}
0162
2014-11-14
pjp
0163
2019-12-04
pjp
pack32((char *)retcount, tmpcount);
0164
2014-11-14
pjp
0165
2014-11-14
pjp
out:
0166
2014-11-14
pjp
return (offset);
0167
2014-11-14
pjp
0168
2014-11-14
pjp
}
0169
2014-11-14
pjp
0170
2014-11-14
pjp
/*
0171
2014-11-14
pjp
* ADDITIONAL_AAAA - tag on an additional set of AAAA records to packet
0172
2014-11-14
pjp
*/
0173
2014-11-14
pjp
0174
2014-11-14
pjp
int
0175
2019-02-15
pjp
additional_aaaa(char *name, int namelen, struct rbtree *rbt, char *reply, int replylen, int offset, int *retcount)
0176
2014-11-14
pjp
{
0177
2019-02-15
pjp
int aaaa_count = 0;
0178
2014-11-14
pjp
int tmplen;
0179
2014-11-14
pjp
int rroffset = offset;
0180
2014-11-14
pjp
0181
2014-11-14
pjp
struct answer {
0182
2014-11-14
pjp
u_int16_t type;
0183
2014-11-14
pjp
u_int16_t class;
0184
2014-11-14
pjp
u_int32_t ttl;
0185
2014-11-14
pjp
u_int16_t rdlength;
0186
2014-11-14
pjp
struct in6_addr rdata;
0187
2014-11-14
pjp
} __attribute__((packed));
0188
2014-11-14
pjp
0189
2014-11-14
pjp
struct answer *answer;
0190
2019-02-15
pjp
struct rrset *rrset = NULL;
0191
2019-02-15
pjp
struct rr *rrp = NULL;
0192
2019-12-04
pjp
int tmpcount = 0;
0193
2014-11-14
pjp
0194
2019-12-04
pjp
pack32((char *)retcount, 0);
0195
2014-11-14
pjp
0196
2019-02-15
pjp
if ((rrset = find_rr(rbt, DNS_TYPE_AAAA)) == NULL)
0197
2019-02-15
pjp
return 0;
0198
2014-11-14
pjp
0199
2019-02-15
pjp
TAILQ_FOREACH(rrp, &rrset->rr_head, entries) {
0200
2014-11-14
pjp
rroffset = offset;
0201
2014-11-14
pjp
if ((offset + namelen) > replylen)
0202
2014-11-14
pjp
goto out;
0203
2014-11-14
pjp
0204
2014-11-14
pjp
memcpy(&reply[offset], name, namelen);
0205
2014-11-14
pjp
offset += namelen;
0206
2014-11-14
pjp
tmplen = compress_label((u_char*)reply, offset, namelen);
0207
2014-11-14
pjp
0208
2014-11-14
pjp
if (tmplen != 0) {
0209
2014-11-14
pjp
offset = tmplen;
0210
2014-11-14
pjp
}
0211
2014-11-14
pjp
0212
2014-11-14
pjp
if ((offset + sizeof(struct answer)) > replylen) {
0213
2014-11-14
pjp
offset = rroffset;
0214
2014-11-14
pjp
goto out;
0215
2014-11-14
pjp
}
0216
2014-11-14
pjp
0217
2014-11-14
pjp
answer = (struct answer *)&reply[offset];
0218
2014-11-14
pjp
0219
2014-11-14
pjp
answer->type = htons(DNS_TYPE_AAAA);
0220
2014-11-14
pjp
answer->class = htons(DNS_CLASS_IN);
0221
2020-05-07
pjp
answer->ttl = htonl(rrset->ttl);
0222
2014-11-14
pjp
0223
2014-11-14
pjp
answer->rdlength = htons(sizeof(struct in6_addr));
0224
2014-11-14
pjp
0225
2019-02-15
pjp
memcpy((char *)&answer->rdata, (char *)&((struct aaaa *)rrp->rdata)->aaaa, sizeof(struct in6_addr));
0226
2014-11-14
pjp
offset += sizeof(struct answer);
0227
2019-12-04
pjp
tmpcount++;
0228
2014-11-14
pjp
0229
2019-02-15
pjp
aaaa_count++;
0230
2014-11-14
pjp
}
0231
2014-11-14
pjp
0232
2019-12-04
pjp
pack32((char *)retcount, tmpcount);
0233
2014-11-14
pjp
out:
0234
2014-11-14
pjp
return (offset);
0235
2014-11-14
pjp
0236
2014-11-14
pjp
}
0237
2014-11-14
pjp
0238
2014-11-14
pjp
/*
0239
2014-11-14
pjp
* ADDITIONAL_MX() - replies a DNS question (*q) on socket (so)
0240
2014-11-14
pjp
*
0241
2014-11-14
pjp
*/
0242
2014-11-14
pjp
0243
2014-11-14
pjp
int
0244
2019-02-15
pjp
additional_mx(char *name, int namelen, struct rbtree *rbt, char *reply, int replylen, int offset, int *retcount)
0245
2014-11-14
pjp
{
0246
2019-02-15
pjp
int mx_count = 0;
0247
2014-11-14
pjp
int tmplen;
0248
2014-11-14
pjp
int rroffset = offset;
0249
2014-11-14
pjp
0250
2014-11-14
pjp
struct answer {
0251
2014-11-14
pjp
u_int16_t type;
0252
2014-11-14
pjp
u_int16_t class;
0253
2014-11-14
pjp
u_int32_t ttl;
0254
2014-11-14
pjp
u_int16_t rdlength;
0255
2014-11-14
pjp
u_int16_t mx_priority;
0256
2014-11-14
pjp
} __attribute__((packed));
0257
2014-11-14
pjp
0258
2014-11-14
pjp
struct answer *answer;
0259
2019-02-15
pjp
struct rrset *rrset = NULL;
0260
2019-02-15
pjp
struct rr *rrp = NULL;
0261
2019-12-04
pjp
int tmpcount = 0;
0262
2014-11-14
pjp
0263
2019-12-04
pjp
pack32((char *)retcount, 0);
0264
2014-11-14
pjp
0265
2019-02-15
pjp
if ((rrset = find_rr(rbt, DNS_TYPE_MX)) == NULL)
0266
2019-02-15
pjp
return 0;
0267
2014-11-14
pjp
0268
2015-06-17
pjp
0269
2019-02-15
pjp
TAILQ_FOREACH(rrp, &rrset->rr_head, entries) {
0270
2014-11-14
pjp
rroffset = offset;
0271
2014-11-14
pjp
0272
2014-11-14
pjp
if ((offset + namelen) > replylen)
0273
2019-02-15
pjp
return 0;
0274
2014-11-14
pjp
0275
2014-11-14
pjp
memcpy(&reply[offset], name, namelen);
0276
2014-11-14
pjp
offset += namelen;
0277
2014-11-14
pjp
tmplen = compress_label((u_char*)reply, offset, namelen);
0278
2014-11-14
pjp
0279
2014-11-14
pjp
if (tmplen != 0) {
0280
2014-11-14
pjp
offset = tmplen;
0281
2014-11-14
pjp
}
0282
2014-11-14
pjp
0283
2014-11-14
pjp
if ((offset + sizeof(struct answer)) > replylen) {
0284
2014-11-14
pjp
offset = rroffset;
0285
2019-02-15
pjp
return 0;
0286
2014-11-14
pjp
}
0287
2014-11-14
pjp
0288
2014-11-14
pjp
answer = (struct answer *)&reply[offset];
0289
2014-11-14
pjp
0290
2014-11-14
pjp
answer->type = htons(DNS_TYPE_MX);
0291
2014-11-14
pjp
answer->class = htons(DNS_CLASS_IN);
0292
2020-05-07
pjp
answer->ttl = htonl(rrset->ttl);
0293
2019-02-15
pjp
answer->mx_priority = htons(((struct smx *)rrp->rdata)->preference);
0294
2014-11-14
pjp
0295
2014-11-14
pjp
offset += sizeof(struct answer);
0296
2014-11-14
pjp
0297
2019-02-15
pjp
if ((offset + ((struct smx *)rrp->rdata)->exchangelen) > replylen) {
0298
2014-11-14
pjp
offset = rroffset;
0299
2019-02-15
pjp
return 0;
0300
2014-11-14
pjp
}
0301
2014-11-14
pjp
0302
2019-02-15
pjp
memcpy((char *)&reply[offset], (char *)((struct smx *)rrp->rdata)->exchange, ((struct smx *)rrp->rdata)->exchangelen);
0303
2014-11-14
pjp
0304
2019-02-15
pjp
offset += ((struct smx *)rrp->rdata)->exchangelen;
0305
2019-02-15
pjp
tmplen = compress_label((u_char*)reply, offset, ((struct smx *)rrp->rdata)->exchangelen);
0306
2014-11-14
pjp
0307
2014-11-14
pjp
if (tmplen != 0) {
0308
2019-02-15
pjp
answer->rdlength = htons((((struct smx *)rrp->rdata)->exchangelen - (offset - tmplen)) + sizeof(u_int16_t));
0309
2014-11-14
pjp
offset = tmplen;
0310
2014-11-14
pjp
} else
0311
2019-02-15
pjp
answer->rdlength = htons(((struct smx *)rrp->rdata)->exchangelen + sizeof(u_int16_t));
0312
2014-11-14
pjp
0313
2014-11-14
pjp
0314
2019-12-04
pjp
tmpcount++;
0315
2014-11-14
pjp
0316
2019-02-15
pjp
mx_count++;
0317
2014-11-14
pjp
}
0318
2019-12-04
pjp
0319
2019-12-04
pjp
pack32((char *)retcount, tmpcount);
0320
2014-11-14
pjp
0321
2014-11-14
pjp
return (offset);
0322
2014-11-14
pjp
0323
2014-11-14
pjp
}
0324
2014-11-14
pjp
0325
2014-11-14
pjp
/*
0326
2014-11-14
pjp
* ADDITIONAL_PTR() - replies a DNS question (*q) on socket (so)
0327
2014-11-14
pjp
*
0328
2014-11-14
pjp
*/
0329
2014-11-14
pjp
0330
2014-11-14
pjp
0331
2014-11-14
pjp
int
0332
2019-02-15
pjp
additional_ptr(char *name, int namelen, struct rbtree *rbt, char *reply, int replylen, int offset, int *retcount)
0333
2014-11-14
pjp
{
0334
2014-11-14
pjp
int tmplen;
0335
2014-11-14
pjp
int rroffset = offset;
0336
2014-11-14
pjp
0337
2014-11-14
pjp
struct answer {
0338
2014-11-14
pjp
u_int16_t type;
0339
2014-11-14
pjp
u_int16_t class;
0340
2014-11-14
pjp
u_int32_t ttl;
0341
2014-11-14
pjp
u_int16_t rdlength;
0342
2014-11-14
pjp
} __attribute__((packed));
0343
2014-11-14
pjp
0344
2014-11-14
pjp
struct answer *answer;
0345
2019-02-15
pjp
struct rrset *rrset = NULL;
0346
2019-02-15
pjp
struct rr *rrp = NULL;
0347
2019-12-04
pjp
int tmpcount = 0;
0348
2014-11-14
pjp
0349
2019-12-04
pjp
pack32((char *)retcount, 0);
0350
2014-11-14
pjp
0351
2019-02-15
pjp
if ((rrset = find_rr(rbt, DNS_TYPE_PTR)) == NULL)
0352
2019-02-15
pjp
return 0;
0353
2014-11-14
pjp
0354
2014-11-14
pjp
if ((offset + namelen) > replylen)
0355
2014-11-14
pjp
goto out;
0356
2014-11-14
pjp
0357
2014-11-14
pjp
memcpy(&reply[offset], name, namelen);
0358
2014-11-14
pjp
offset += namelen;
0359
2014-11-14
pjp
tmplen = compress_label((u_char*)reply, offset, namelen);
0360
2014-11-14
pjp
0361
2014-11-14
pjp
if (tmplen != 0) {
0362
2014-11-14
pjp
offset = tmplen;
0363
2014-11-14
pjp
}
0364
2014-11-14
pjp
0365
2014-11-14
pjp
if ((offset + sizeof(struct answer)) > replylen) {
0366
2014-11-14
pjp
offset = rroffset;
0367
2014-11-14
pjp
goto out;
0368
2014-11-14
pjp
}
0369
2014-11-14
pjp
0370
2019-02-15
pjp
rrp = TAILQ_FIRST(&rrset->rr_head);
0371
2019-02-15
pjp
if (rrp == NULL)
0372
2019-02-15
pjp
return 0;
0373
2019-02-15
pjp
0374
2014-11-14
pjp
answer = (struct answer *)&reply[offset];
0375
2014-11-14
pjp
0376
2014-11-14
pjp
answer->type = htons(DNS_TYPE_PTR);
0377
2014-11-14
pjp
answer->class = htons(DNS_CLASS_IN);
0378
2020-05-07
pjp
answer->ttl = htonl(rrset->ttl);
0379
2014-11-14
pjp
0380
2014-11-14
pjp
offset += sizeof(struct answer);
0381
2014-11-14
pjp
0382
2019-02-15
pjp
if ((offset + ((struct ptr *)rrp->rdata)->ptrlen) > replylen) {
0383
2014-11-14
pjp
offset = rroffset;
0384
2014-11-14
pjp
goto out;
0385
2014-11-14
pjp
}
0386
2014-11-14
pjp
0387
2019-02-15
pjp
memcpy((char *)&reply[offset], (char *)((struct ptr *)rrp->rdata)->ptr, ((struct ptr *)rrp->rdata)->ptrlen);
0388
2014-11-14
pjp
0389
2019-02-15
pjp
offset += ((struct ptr *)rrp->rdata)->ptrlen;
0390
2019-02-15
pjp
tmplen = compress_label((u_char*)reply, offset, ((struct ptr *)rrp->rdata)->ptrlen);
0391
2014-11-14
pjp
0392
2014-11-14
pjp
if (tmplen != 0) {
0393
2019-02-15
pjp
answer->rdlength = htons(((struct ptr *)rrp->rdata)->ptrlen - (offset - tmplen));
0394
2014-11-14
pjp
offset = tmplen;
0395
2014-11-14
pjp
} else
0396
2019-02-15
pjp
answer->rdlength = htons(((struct ptr *)rrp->rdata)->ptrlen);
0397
2014-11-14
pjp
0398
2014-11-14
pjp
0399
2019-12-04
pjp
tmpcount++;
0400
2019-12-04
pjp
pack32((char *)retcount, tmpcount);
0401
2014-11-14
pjp
0402
2014-11-14
pjp
out:
0403
2014-11-14
pjp
return (offset);
0404
2014-11-14
pjp
0405
2014-11-14
pjp
}
0406
2019-02-24
pjp
/*
0407
2019-02-24
pjp
* ADDITIONAL_TSIG - tag on an additional TSIG record to packet
0408
2019-02-24
pjp
*/
0409
2014-11-14
pjp
0410
2019-02-24
pjp
int
0411
2019-02-28
pjp
additional_tsig(struct question *question, char *reply, int replylen, int offset, int request, int envelope, HMAC_CTX *tsigctx)
0412
2019-02-24
pjp
{
0413
2019-02-27
pjp
struct dns_tsigrr *answer, *ppanswer, *timers;
0414
2019-12-03
pjp
u_int macsize = 32;
0415
2019-02-24
pjp
int tsignamelen;
0416
2019-02-24
pjp
int ppoffset = 0;
0417
2019-02-28
pjp
int ttlen = 0, rollback;
0418
2019-02-24
pjp
char *pseudo_packet = NULL;
0419
2019-03-01
pjp
char tsig_timers[512];
0420
2019-02-24
pjp
struct dns_header *odh;
0421
2019-02-24
pjp
char tsigkey[512];
0422
2019-02-24
pjp
time_t now;
0423
2019-02-28
pjp
static int priordigest = 1;
0424
2020-07-13
pjp
#ifdef __linux__
0425
2020-07-13
pjp
uint64_t tmp64;
0426
2020-07-13
pjp
#endif
0427
2019-02-24
pjp
0428
2019-02-24
pjp
pseudo_packet = malloc(replylen);
0429
2019-02-24
pjp
if (pseudo_packet == NULL) {
0430
2019-02-24
pjp
goto out;
0431
2019-02-24
pjp
}
0432
2019-02-24
pjp
0433
2019-02-27
pjp
now = time(NULL);
0434
2020-07-13
pjp
#ifdef __linux__
0435
2020-07-13
pjp
tmp64 = now;
0436
2020-07-13
pjp
#endif
0437
2019-02-28
pjp
rollback = offset;
0438
2019-02-24
pjp
0439
2019-02-28
pjp
if (envelope > 1 || envelope < -1) {
0440
2019-02-27
pjp
ttlen = 0;
0441
2019-02-28
pjp
if (priordigest) {
0442
2019-12-03
pjp
pack16((char *)&tsig_timers[ttlen], htons(question->tsig.tsigmaclen));
0443
2019-02-28
pjp
ttlen += 2;
0444
2019-02-27
pjp
0445
2019-02-28
pjp
memcpy(&tsig_timers[ttlen], question->tsig.tsigmac, question->tsig.tsigmaclen);
0446
2019-02-28
pjp
ttlen += question->tsig.tsigmaclen;
0447
2019-02-27
pjp
0448
2019-03-01
pjp
HMAC_Update(tsigctx, tsig_timers, ttlen);
0449
2019-03-01
pjp
0450
2019-02-28
pjp
priordigest = 0;
0451
2019-02-28
pjp
}
0452
2019-02-28
pjp
0453
2019-02-27
pjp
question->tsig.tsigerrorcode = 0; /* to be sure */
0454
2019-02-27
pjp
} else {
0455
2019-02-27
pjp
if (request == 0) {
0456
2019-02-27
pjp
if (question->tsig.tsigerrorcode && question->tsig.tsigerrorcode != DNS_BADTIME) {
0457
2019-02-27
pjp
ppoffset = 0;
0458
2019-12-03
pjp
pack16(&pseudo_packet[ppoffset], 0);
0459
2019-02-27
pjp
ppoffset += 2;
0460
2019-02-27
pjp
} else {
0461
2019-02-27
pjp
/* RFC 2845 section 3.4.3 */
0462
2019-02-27
pjp
ppoffset = 0;
0463
2019-12-03
pjp
pack16(&pseudo_packet[ppoffset], htons(question->tsig.tsigmaclen));
0464
2019-02-27
pjp
ppoffset += 2;
0465
2019-02-27
pjp
0466
2019-02-27
pjp
memcpy(&pseudo_packet[ppoffset], question->tsig.tsigmac, question->tsig.tsigmaclen);
0467
2019-02-27
pjp
ppoffset += question->tsig.tsigmaclen;
0468
2019-02-27
pjp
}
0469
2019-02-27
pjp
}
0470
2019-02-24
pjp
}
0471
2019-02-27
pjp
0472
2019-02-24
pjp
odh = (struct dns_header *)reply;
0473
2019-02-24
pjp
memcpy(&pseudo_packet[ppoffset], &reply[0], offset);
0474
2019-02-24
pjp
ppoffset += offset;
0475
2019-02-24
pjp
0476
2019-02-28
pjp
if (envelope > 1 || envelope < -1) {
0477
2019-03-01
pjp
HMAC_Update(tsigctx, reply, offset);
0478
2019-02-27
pjp
}
0479
2019-02-27
pjp
0480
2019-02-24
pjp
if ((tsignamelen = find_tsig_key(question->tsig.tsigkey,
0481
2019-02-24
pjp
question->tsig.tsigkeylen, (char *)&tsigkey, sizeof(tsigkey))) < 0) {
0482
2019-02-24
pjp
/* do nothing here? */
0483
2019-02-24
pjp
memset(tsigkey, 0, sizeof(tsigkey));
0484
2019-02-24
pjp
tsignamelen = 0;
0485
2019-02-24
pjp
}
0486
2019-02-24
pjp
0487
2019-02-24
pjp
if ((offset + 2 + 8 + 2 + question->tsig.tsigmaclen +
0488
2019-02-24
pjp
question->tsig.tsigkeylen +
0489
2019-02-24
pjp
question->tsig.tsigalglen + 2 + 2 + 4) > replylen) {
0490
2020-07-03
pjp
dolog(LOG_ERR, "additional_tsig: is bigger than replylen\n");
0491
2020-07-03
pjp
offset = rollback;
0492
2019-02-24
pjp
goto out;
0493
2019-02-24
pjp
}
0494
2019-02-24
pjp
0495
2019-02-24
pjp
/* keyname */
0496
2019-02-24
pjp
memcpy(&reply[offset], question->tsig.tsigkey, question->tsig.tsigkeylen);
0497
2019-02-24
pjp
offset += question->tsig.tsigkeylen;
0498
2019-02-24
pjp
0499
2019-02-24
pjp
memcpy(&pseudo_packet[ppoffset], question->tsig.tsigkey, question->tsig.tsigkeylen);
0500
2019-02-24
pjp
ppoffset += question->tsig.tsigkeylen;
0501
2019-02-24
pjp
0502
2019-02-24
pjp
/* type TSIG */
0503
2019-12-03
pjp
pack16(&reply[offset], htons(DNS_TYPE_TSIG));
0504
2019-02-24
pjp
offset += 2;
0505
2019-02-24
pjp
0506
2019-02-24
pjp
/* class ANY */
0507
2019-12-03
pjp
pack16(&reply[offset], htons(DNS_CLASS_ANY));
0508
2019-02-24
pjp
offset += 2;
0509
2019-02-24
pjp
0510
2019-12-03
pjp
pack16(&pseudo_packet[ppoffset], htons(DNS_CLASS_ANY));
0511
2019-02-24
pjp
ppoffset += 2;
0512
2019-02-24
pjp
0513
2019-02-24
pjp
/* ttl */
0514
2019-12-03
pjp
pack32(&reply[offset], 0);
0515
2019-02-24
pjp
offset += 4;
0516
2019-02-24
pjp
0517
2019-12-03
pjp
pack32(&pseudo_packet[ppoffset], 0);
0518
2019-02-24
pjp
ppoffset += 4;
0519
2019-02-24
pjp
0520
2019-02-24
pjp
/* rdlen */
0521
2019-02-26
pjp
if (question->tsig.tsigerrorcode == DNS_BADTIME) {
0522
2019-12-03
pjp
pack16(&reply[offset], htons(2 + 8 + question->tsig.tsigalglen + question->tsig.tsigmaclen + 2 + 2 + 2 + 6));
0523
2019-02-26
pjp
} else {
0524
2019-12-03
pjp
pack16(&reply[offset], htons(2 + 8 + question->tsig.tsigalglen + question->tsig.tsigmaclen + 2 + 2 + 2));
0525
2019-02-26
pjp
}
0526
2019-02-24
pjp
offset += 2;
0527
2019-02-24
pjp
0528
2019-02-24
pjp
memcpy(&reply[offset], question->tsig.tsigalg, question->tsig.tsigalglen);
0529
2019-02-24
pjp
offset += question->tsig.tsigalglen;
0530
2019-02-24
pjp
0531
2019-02-24
pjp
memcpy(&pseudo_packet[ppoffset], question->tsig.tsigalg, question->tsig.tsigalglen);
0532
2019-02-24
pjp
ppoffset += question->tsig.tsigalglen;
0533
2019-02-24
pjp
0534
2019-02-24
pjp
0535
2019-02-24
pjp
answer = (struct dns_tsigrr *)&reply[offset];
0536
2019-02-28
pjp
if (envelope > 1 || envelope < -1) {
0537
2020-07-13
pjp
#ifdef __linux__
0538
2020-07-13
pjp
answer->timefudge = htobe64(((u_int64_t)tmp64 << 16) | (DEFAULT_TSIG_FUDGE & 0xffff));
0539
2020-07-13
pjp
#else
0540
2019-12-11
pjp
answer->timefudge = htobe64(((u_int64_t)now << 16) | (DEFAULT_TSIG_FUDGE & 0xffff));
0541
2020-07-13
pjp
#endif
0542
2019-02-26
pjp
} else {
0543
2019-02-28
pjp
if (request == 0 || envelope == 1) {
0544
2019-02-27
pjp
answer->timefudge = question->tsig.tsig_timefudge;
0545
2019-02-27
pjp
} else {
0546
2020-07-13
pjp
#ifdef __linux__
0547
2020-07-13
pjp
answer->timefudge = htobe64((tmp64 << 16) | (DEFAULT_TSIG_FUDGE & 0xffff));
0548
2020-07-13
pjp
#else
0549
2019-12-11
pjp
answer->timefudge = htobe64((now << 16) | (DEFAULT_TSIG_FUDGE & 0xffff));
0550
2020-07-13
pjp
#endif
0551
2019-02-27
pjp
}
0552
2019-02-26
pjp
}
0553
2019-02-27
pjp
0554
2019-02-24
pjp
answer->macsize = htons(question->tsig.tsigmaclen);
0555
2019-02-24
pjp
offset += (8 + 2);
0556
2019-02-24
pjp
0557
2019-02-24
pjp
/* skip mac */
0558
2019-02-24
pjp
offset += question->tsig.tsigmaclen;
0559
2019-02-24
pjp
0560
2019-12-03
pjp
pack16(&reply[offset], odh->id);
0561
2019-02-24
pjp
offset += 2;
0562
2019-02-24
pjp
0563
2019-12-03
pjp
pack16(&reply[offset], htons(question->tsig.tsigerrorcode));
0564
2019-02-24
pjp
offset += 2;
0565
2019-02-24
pjp
0566
2019-02-26
pjp
if (question->tsig.tsigerrorcode == DNS_BADTIME) {
0567
2019-12-03
pjp
pack16(&reply[offset], htons(6));
0568
2019-02-26
pjp
offset += 2;
0569
2019-02-24
pjp
0570
2019-12-03
pjp
pack16(&reply[offset], 0);
0571
2019-02-26
pjp
offset += 2;
0572
2019-02-26
pjp
0573
2019-12-03
pjp
pack32(&reply[offset], htonl(now & 0xffffffff));
0574
2019-02-26
pjp
offset += 4;
0575
2019-02-26
pjp
0576
2019-02-26
pjp
} else {
0577
2019-12-03
pjp
pack16(&reply[offset], 0);
0578
2019-02-26
pjp
offset += 2;
0579
2019-02-26
pjp
}
0580
2019-02-26
pjp
0581
2019-02-24
pjp
ppanswer = (struct dns_tsigrr *)&pseudo_packet[ppoffset];
0582
2019-02-28
pjp
if (request == 0 || envelope == 1)
0583
2019-02-26
pjp
ppanswer->timefudge = question->tsig.tsig_timefudge;
0584
2019-02-26
pjp
else
0585
2020-07-13
pjp
#ifdef __linux__
0586
2020-07-13
pjp
ppanswer->timefudge = htobe64(((u_int64_t)tmp64 << 16) | (DEFAULT_TSIG_FUDGE & 0xffff));
0587
2020-07-13
pjp
#else
0588
2019-12-11
pjp
ppanswer->timefudge = htobe64(((u_int64_t)now << 16) | (DEFAULT_TSIG_FUDGE & 0xffff));
0589
2020-07-13
pjp
#endif
0590
2019-02-24
pjp
ppoffset += 8;
0591
2019-02-24
pjp
0592
2019-02-24
pjp
0593
2019-02-24
pjp
/* error */
0594
2019-12-03
pjp
pack16(&pseudo_packet[ppoffset], htons(question->tsig.tsigerrorcode));
0595
2019-02-24
pjp
ppoffset += 2;
0596
2019-02-24
pjp
0597
2019-02-24
pjp
/* other len */
0598
2019-02-26
pjp
if (question->tsig.tsigerrorcode == DNS_BADTIME) {
0599
2019-12-03
pjp
pack16(&pseudo_packet[ppoffset], htons(6));
0600
2019-02-26
pjp
ppoffset += 2;
0601
2019-02-24
pjp
0602
2019-12-03
pjp
pack16(&pseudo_packet[ppoffset], htons(0));
0603
2019-02-26
pjp
ppoffset += 2;
0604
2019-02-26
pjp
0605
2019-12-03
pjp
pack32(&pseudo_packet[ppoffset], htonl(now & 0xffffffff));
0606
2019-02-26
pjp
ppoffset += 4;
0607
2019-02-26
pjp
} else {
0608
2019-12-03
pjp
pack16(&pseudo_packet[ppoffset], htons(0));
0609
2019-02-26
pjp
ppoffset += 2;
0610
2019-02-26
pjp
}
0611
2019-02-24
pjp
0612
2019-02-27
pjp
0613
2019-02-28
pjp
if (envelope > 1 || envelope < -1) {
0614
2019-02-28
pjp
if (envelope % 89 == 0 || envelope == -2) {
0615
2019-03-01
pjp
ttlen = 0;
0616
2019-02-28
pjp
timers = (struct dns_tsigrr *)&tsig_timers[ttlen];
0617
2019-12-11
pjp
timers->timefudge = htobe64(((u_int64_t)now << 16) | (DEFAULT_TSIG_FUDGE & 0xffff));
0618
2019-02-28
pjp
ttlen += 8;
0619
2019-03-01
pjp
HMAC_Update(tsigctx, (const unsigned char *)tsig_timers, ttlen);
0620
2019-02-28
pjp
}
0621
2019-02-28
pjp
0622
2019-02-27
pjp
0623
2019-12-03
pjp
/* we need it for the else */
0624
2019-02-28
pjp
if (envelope % 89 == 0 || envelope == -2) {
0625
2019-02-28
pjp
macsize = 32;
0626
2019-02-28
pjp
HMAC_Final(tsigctx, (unsigned char *)&answer->mac[0], (u_int *)&macsize);
0627
2019-02-28
pjp
memcpy(question->tsig.tsigmac, &answer->mac[0], macsize);
0628
2019-02-28
pjp
priordigest = 1;
0629
2019-02-28
pjp
} else
0630
2019-02-28
pjp
offset = rollback;
0631
2019-02-27
pjp
0632
2019-02-24
pjp
} else {
0633
2019-02-26
pjp
0634
2019-02-27
pjp
if (question->tsig.tsigerrorcode == DNS_BADTIME) {
0635
2019-02-27
pjp
HMAC(EVP_sha256(), tsigkey, tsignamelen,
0636
2019-02-27
pjp
(unsigned char *)pseudo_packet, ppoffset,
0637
2019-02-27
pjp
(unsigned char *)&answer->mac[0], (u_int *)&macsize);
0638
2019-02-27
pjp
} else if (question->tsig.tsigerrorcode) {
0639
2019-02-27
pjp
memset(&answer->mac[0], 0, question->tsig.tsigmaclen);
0640
2019-02-27
pjp
} else {
0641
2019-02-27
pjp
HMAC(EVP_sha256(), tsigkey, tsignamelen,
0642
2019-02-27
pjp
(unsigned char *)pseudo_packet, ppoffset,
0643
2019-02-27
pjp
(unsigned char *)&answer->mac[0], (u_int *)&macsize);
0644
2019-02-27
pjp
0645
2019-02-27
pjp
memcpy(question->tsig.tsigmac, &answer->mac[0], macsize);
0646
2019-02-27
pjp
}
0647
2019-02-24
pjp
}
0648
2019-02-24
pjp
0649
2019-02-24
pjp
free(pseudo_packet);
0650
2019-02-24
pjp
0651
2019-02-24
pjp
out:
0652
2019-02-24
pjp
return (offset);
0653
2019-02-24
pjp
0654
2019-02-24
pjp
}
0655
2019-02-24
pjp
0656
2014-11-14
pjp
/*
0657
2014-11-14
pjp
* ADDITIONAL_OPT - tag on an additional EDNS0 (OPT) record to packet
0658
2014-11-14
pjp
*/
0659
2014-11-14
pjp
0660
2014-11-14
pjp
int
0661
2014-11-14
pjp
additional_opt(struct question *question, char *reply, int replylen, int offset)
0662
2014-11-14
pjp
{
0663
2014-11-14
pjp
struct dns_optrr *answer;
0664
2015-06-20
pjp
int rcode = 0;
0665
2014-11-14
pjp
0666
2014-11-14
pjp
if ((offset + sizeof(struct dns_optrr)) > replylen) {
0667
2014-11-14
pjp
goto out;
0668
2014-11-14
pjp
}
0669
2014-11-14
pjp
0670
2014-11-14
pjp
answer = (struct dns_optrr *)&reply[offset];
0671
2014-11-14
pjp
0672
2014-11-14
pjp
memset(answer->name, 0, sizeof(answer->name));
0673
2014-11-14
pjp
answer->type = htons(DNS_TYPE_OPT);
0674
2014-11-14
pjp
answer->class = htons(question->edns0len);
0675
2015-06-20
pjp
if (dnssec && question->dnssecok)
0676
2015-06-20
pjp
rcode = DNSSEC_OK;
0677
2014-11-14
pjp
0678
2015-11-14
pjp
if (question->badvers)
0679
2015-11-14
pjp
rcode |= (0x1 << 24);
0680
2015-11-14
pjp
0681
2015-06-20
pjp
answer->ttl = htonl(rcode); /* EXTENDED RCODE */
0682
2015-06-20
pjp
0683
2014-11-14
pjp
answer->rdlen = htons(0);
0684
2014-11-14
pjp
0685
2014-11-14
pjp
offset += sizeof(struct dns_optrr);
0686
2014-11-14
pjp
0687
2014-11-14
pjp
out:
0688
2014-11-14
pjp
return (offset);
0689
2014-11-14
pjp
0690
2015-06-20
pjp
}
0691
2015-06-20
pjp
0692
2015-06-20
pjp
/*
0693
2015-06-20
pjp
* ADDITIONAL_RRSIG - tag on an additional RRSIG to the answer
0694
2019-02-15
pjp
* type passed must be a DNS_TYPE!
0695
2015-06-20
pjp
*/
0696
2015-06-20
pjp
0697
2015-06-20
pjp
int
0698
2020-07-06
pjp
additional_rrsig(char *name, int namelen, int inttype, struct rbtree *rbt, char *reply, int replylen, int offset, int *count, int authoritative)
0699
2015-06-20
pjp
{
0700
2015-06-20
pjp
struct answer {
0701
2015-06-20
pjp
u_int16_t type;
0702
2015-06-20
pjp
u_int16_t class;
0703
2015-06-20
pjp
u_int32_t ttl;
0704
2015-06-20
pjp
u_int16_t rdlength; /* 12 */
0705
2015-06-20
pjp
u_int16_t type_covered;
0706
2015-06-20
pjp
u_int8_t algorithm;
0707
2015-06-20
pjp
u_int8_t labels;
0708
2015-06-20
pjp
u_int32_t original_ttl;
0709
2015-06-20
pjp
u_int32_t sig_expiration;
0710
2015-06-20
pjp
u_int32_t sig_inception;
0711
2015-06-20
pjp
u_int16_t keytag;
0712
2015-06-20
pjp
} __attribute__((packed));
0713
2015-06-20
pjp
0714
2015-06-20
pjp
0715
2015-06-20
pjp
struct answer *answer;
0716
2019-02-15
pjp
struct rrset *rrset = NULL;
0717
2019-02-15
pjp
struct rr *rrp = NULL;
0718
2015-06-20
pjp
int tmplen, rroffset;
0719
2019-02-15
pjp
int rrsig_count = 0;
0720
2020-07-06
pjp
time_t now;
0721
2015-06-20
pjp
0722
2020-07-06
pjp
now = time(NULL);
0723
2020-07-06
pjp
0724
2019-02-15
pjp
if ((rrset = find_rr(rbt, DNS_TYPE_RRSIG)) == NULL)
0725
2015-09-12
pjp
return 0;
0726
2015-09-12
pjp
0727
2015-09-12
pjp
0728
2020-04-01
pjp
TAILQ_FOREACH(rrp, &rrset->rr_head, entries) {
0729
2020-04-01
pjp
if (inttype != -1 && inttype != ((struct rrsig *)rrp->rdata)->type_covered)
0730
2020-04-01
pjp
continue;
0731
2015-09-12
pjp
0732
2020-04-01
pjp
/* check if we go over our return length */
0733
2020-04-01
pjp
if ((offset + namelen) > replylen)
0734
2020-04-01
pjp
return 0;
0735
2019-02-15
pjp
0736
2020-04-01
pjp
memcpy(&reply[offset], name, namelen);
0737
2020-04-01
pjp
offset += namelen;
0738
2020-04-01
pjp
tmplen = compress_label((u_char*)reply, offset, namelen);
0739
2019-02-15
pjp
0740
2020-04-01
pjp
if (tmplen != 0) {
0741
2020-04-01
pjp
offset = tmplen;
0742
2020-04-01
pjp
}
0743
2019-02-15
pjp
0744
2020-04-01
pjp
if ((offset + sizeof(struct answer)) > replylen) {
0745
2020-04-01
pjp
return 0;
0746
2020-04-01
pjp
}
0747
2019-02-15
pjp
0748
2020-04-01
pjp
rroffset = offset;
0749
2019-02-15
pjp
answer = (struct answer *)&reply[offset];
0750
2019-02-15
pjp
answer->type = htons(DNS_TYPE_RRSIG);
0751
2019-02-15
pjp
answer->class = htons(DNS_CLASS_IN);
0752
2020-07-06
pjp
0753
2020-07-06
pjp
if (authoritative)
0754
2020-07-06
pjp
answer->ttl = htonl(((struct rrsig *)rrp->rdata)->ttl);
0755
2020-07-06
pjp
else
0756
2020-07-06
pjp
answer->ttl = htonl(((struct rrsig *)rrp->rdata)->ttl - (MIN(((struct rrsig *)rrp->rdata)->ttl , difftime(now, ((struct rrsig *)rrp->rdata)->created))));
0757
2020-07-06
pjp
0758
2019-02-15
pjp
answer->type_covered = htons(((struct rrsig *)rrp->rdata)->type_covered);
0759
2019-02-15
pjp
answer->algorithm = ((struct rrsig *)rrp->rdata)->algorithm;
0760
2019-02-15
pjp
answer->labels = ((struct rrsig *)rrp->rdata)->labels;
0761
2019-02-15
pjp
answer->original_ttl = htonl(((struct rrsig *)rrp->rdata)->original_ttl);
0762
2019-02-15
pjp
answer->sig_expiration = htonl(((struct rrsig *)rrp->rdata)->signature_expiration);
0763
2019-02-15
pjp
answer->sig_inception = htonl(((struct rrsig *)rrp->rdata)->signature_inception);
0764
2019-02-15
pjp
answer->keytag = htons(((struct rrsig *)rrp->rdata)->key_tag);
0765
2015-09-12
pjp
0766
2019-02-15
pjp
offset += sizeof(struct answer);
0767
2019-02-15
pjp
rroffset = offset;
0768
2015-09-12
pjp
0769
2019-02-15
pjp
if ((offset + ((struct rrsig *)rrp->rdata)->signame_len) > replylen)
0770
2019-02-15
pjp
return 0;
0771
2015-09-12
pjp
0772
2019-02-15
pjp
memcpy(&reply[offset], ((struct rrsig *)rrp->rdata)->signers_name, ((struct rrsig *)rrp->rdata)->signame_len);
0773
2015-09-12
pjp
0774
2019-02-15
pjp
offset += ((struct rrsig *)rrp->rdata)->signame_len;
0775
2015-09-12
pjp
0776
2019-02-15
pjp
if ((offset + ((struct rrsig *)rrp->rdata)->signature_len) > replylen)
0777
2019-02-15
pjp
return 0;
0778
2015-09-12
pjp
0779
2019-02-15
pjp
memcpy(&reply[offset], ((struct rrsig *)rrp->rdata)->signature, ((struct rrsig *)rrp->rdata)->signature_len);
0780
2019-02-15
pjp
offset += ((struct rrsig *)rrp->rdata)->signature_len;
0781
2019-02-15
pjp
0782
2020-04-01
pjp
answer->rdlength = htons((offset - rroffset) + 18);
0783
2020-04-01
pjp
0784
2020-04-01
pjp
rrsig_count++;
0785
2019-02-15
pjp
}
0786
2019-02-15
pjp
0787
2020-04-01
pjp
*count = rrsig_count;
0788
2019-02-15
pjp
0789
2019-02-15
pjp
return (offset);
0790
2015-09-12
pjp
}
0791
2015-09-12
pjp
0792
2015-09-12
pjp
/*
0793
2015-09-12
pjp
* ADDITIONAL_NSEC - tag on an additional NSEC with RRSIG to the answer
0794
2019-02-15
pjp
* type passed must be a DNS_TYPE!
0795
2015-09-12
pjp
*/
0796
2015-09-12
pjp
0797
2015-09-12
pjp
int
0798
2020-07-06
pjp
additional_nsec(char *name, int namelen, int inttype, struct rbtree *rbt, char *reply, int replylen, int offset, int *count, int authoritative)
0799
2015-09-12
pjp
{
0800
2015-09-12
pjp
struct answer {
0801
2015-09-12
pjp
u_int16_t type;
0802
2015-09-12
pjp
u_int16_t class;
0803
2015-09-12
pjp
u_int32_t ttl;
0804
2015-09-12
pjp
u_int16_t rdlength; /* 12 */
0805
2015-09-12
pjp
} __attribute__((packed));
0806
2015-09-12
pjp
0807
2015-09-12
pjp
struct answer *answer;
0808
2019-02-15
pjp
struct rrset *rrset = NULL;
0809
2019-02-15
pjp
struct rr *rrp = NULL;
0810
2015-09-12
pjp
int tmplen, rroffset;
0811
2020-04-01
pjp
int retcount;
0812
2020-07-06
pjp
time_t now;
0813
2015-09-12
pjp
0814
2020-07-06
pjp
now = time(NULL);
0815
2020-07-06
pjp
0816
2019-02-15
pjp
if ((rrset = find_rr(rbt, DNS_TYPE_NSEC)) == NULL)
0817
2015-06-20
pjp
goto out;
0818
2015-06-20
pjp
0819
2019-02-15
pjp
rrp = TAILQ_FIRST(&rrset->rr_head);
0820
2019-02-15
pjp
if (rrp == NULL)
0821
2019-02-15
pjp
goto out;
0822
2019-02-15
pjp
0823
2015-06-20
pjp
rroffset = offset;
0824
2015-06-20
pjp
0825
2015-06-20
pjp
/* check if we go over our return length */
0826
2015-06-20
pjp
if ((offset + namelen) > replylen)
0827
2015-06-20
pjp
return 0;
0828
2015-06-20
pjp
0829
2015-06-20
pjp
memcpy(&reply[offset], name, namelen);
0830
2015-06-20
pjp
offset += namelen;
0831
2015-06-20
pjp
tmplen = compress_label((u_char*)reply, offset, namelen);
0832
2015-06-20
pjp
0833
2015-06-20
pjp
if (tmplen != 0) {
0834
2015-06-20
pjp
offset = tmplen;
0835
2015-06-20
pjp
}
0836
2015-06-20
pjp
0837
2015-06-20
pjp
if ((offset + sizeof(struct answer)) > replylen) {
0838
2015-06-20
pjp
return 0;
0839
2015-06-20
pjp
}
0840
2015-06-20
pjp
0841
2015-06-20
pjp
answer = (struct answer *)&reply[offset];
0842
2015-09-12
pjp
answer->type = htons(DNS_TYPE_NSEC);
0843
2015-06-20
pjp
answer->class = htons(DNS_CLASS_IN);
0844
2020-07-06
pjp
if (authoritative)
0845
2020-07-06
pjp
answer->ttl = htonl(rrset->ttl);
0846
2020-07-06
pjp
else
0847
2020-07-06
pjp
answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
0848
2020-07-06
pjp
0849
2019-02-15
pjp
answer->rdlength = htons(((struct nsec *)rrp->rdata)->ndn_len +
0850
2019-02-15
pjp
((struct nsec *)rrp->rdata)->bitmap_len);
0851
2015-06-20
pjp
0852
2015-06-20
pjp
offset += sizeof(*answer);
0853
2015-07-01
pjp
0854
2019-02-15
pjp
memcpy(&reply[offset], ((struct nsec *)rrp->rdata)->next_domain_name,
0855
2019-02-15
pjp
((struct nsec *)rrp->rdata)->ndn_len);
0856
2015-07-01
pjp
0857
2019-02-15
pjp
offset += ((struct nsec *)rrp->rdata)->ndn_len;
0858
2015-07-01
pjp
0859
2019-02-15
pjp
memcpy(&reply[offset], ((struct nsec *)rrp->rdata)->bitmap,
0860
2019-02-15
pjp
((struct nsec *)rrp->rdata)->bitmap_len);
0861
2019-02-15
pjp
offset += ((struct nsec *)rrp->rdata)->bitmap_len;
0862
2015-07-01
pjp
0863
2020-07-06
pjp
tmplen = additional_rrsig(name, namelen, DNS_TYPE_NSEC, rbt, reply, replylen, offset, &retcount, authoritative);
0864
2015-09-12
pjp
0865
2015-09-12
pjp
if (tmplen == 0) {
0866
2015-09-12
pjp
goto out;
0867
2015-07-01
pjp
}
0868
2015-07-01
pjp
0869
2015-09-12
pjp
offset = tmplen;
0870
2020-04-01
pjp
0871
2020-04-01
pjp
*count = retcount + 1;
0872
2015-07-01
pjp
0873
2015-07-01
pjp
out:
0874
2015-07-01
pjp
return (offset);
0875
2015-07-01
pjp
0876
2015-07-01
pjp
}
0877
2015-07-01
pjp
0878
2015-07-01
pjp
/*
0879
2015-09-12
pjp
* ADDITIONAL_NSEC3 - tag on an additional NSEC3 with RRSIG to the answer
0880
2019-02-15
pjp
* type passed must be an DNS_TYPE!
0881
2015-07-01
pjp
*/
0882
2015-07-01
pjp
0883
2015-07-01
pjp
int
0884
2020-07-06
pjp
additional_nsec3(char *name, int namelen, int inttype, struct rbtree *rbt, char *reply, int replylen, int offset, int *count, int authoritative)
0885
2015-07-01
pjp
{
0886
2015-07-01
pjp
struct answer {
0887
2015-07-01
pjp
u_int16_t type;
0888
2015-07-01
pjp
u_int16_t class;
0889
2015-07-01
pjp
u_int32_t ttl;
0890
2015-07-01
pjp
u_int16_t rdlength; /* 12 */
0891
2015-09-12
pjp
u_int8_t algorithm;
0892
2015-09-12
pjp
u_int8_t flags;
0893
2015-09-12
pjp
u_int16_t iterations;
0894
2015-09-12
pjp
u_int8_t saltlen;
0895
2015-07-01
pjp
} __attribute__((packed));
0896
2015-07-01
pjp
0897
2015-07-01
pjp
struct answer *answer;
0898
2019-02-15
pjp
struct rrset *rrset;
0899
2019-02-15
pjp
struct rr *rrp;
0900
2019-02-15
pjp
0901
2015-07-01
pjp
int tmplen, rroffset;
0902
2015-09-12
pjp
u_int8_t *somelen;
0903
2020-04-01
pjp
int retcount;
0904
2020-07-06
pjp
time_t now;
0905
2015-07-01
pjp
0906
2020-07-06
pjp
now = time(NULL);
0907
2020-07-06
pjp
0908
2019-02-15
pjp
if ((rrset = find_rr(rbt, DNS_TYPE_NSEC3)) == NULL)
0909
2015-07-01
pjp
goto out;
0910
2015-07-01
pjp
0911
2019-02-15
pjp
rrp = TAILQ_FIRST(&rrset->rr_head);
0912
2019-02-15
pjp
if (rrp == NULL)
0913
2019-02-15
pjp
goto out;
0914
2019-02-15
pjp
0915
2015-06-20
pjp
rroffset = offset;
0916
2015-06-20
pjp
0917
2015-07-01
pjp
/* check if we go over our return length */
0918
2015-07-01
pjp
if ((offset + namelen) > replylen)
0919
2015-06-20
pjp
return 0;
0920
2015-06-20
pjp
0921
2015-07-01
pjp
memcpy(&reply[offset], name, namelen);
0922
2015-07-01
pjp
offset += namelen;
0923
2015-07-01
pjp
tmplen = compress_label((u_char*)reply, offset, namelen);
0924
2015-06-20
pjp
0925
2015-06-20
pjp
if (tmplen != 0) {
0926
2015-06-20
pjp
offset = tmplen;
0927
2015-06-20
pjp
}
0928
2015-06-20
pjp
0929
2015-07-01
pjp
if ((offset + sizeof(struct answer)) > replylen) {
0930
2015-06-20
pjp
return 0;
0931
2015-07-01
pjp
}
0932
2015-06-20
pjp
0933
2015-07-01
pjp
answer = (struct answer *)&reply[offset];
0934
2015-09-12
pjp
answer->type = htons(DNS_TYPE_NSEC3);
0935
2015-07-01
pjp
answer->class = htons(DNS_CLASS_IN);
0936
2020-07-06
pjp
0937
2020-07-06
pjp
if (authoritative)
0938
2020-07-06
pjp
answer->ttl = htonl(rrset->ttl);
0939
2020-07-06
pjp
else
0940
2020-07-06
pjp
answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
0941
2020-07-06
pjp
0942
2019-02-15
pjp
answer->rdlength = htons(6 + ((struct nsec3 *)rrp->rdata)->saltlen +
0943
2019-02-15
pjp
((struct nsec3 *)rrp->rdata)->nextlen +
0944
2019-02-15
pjp
((struct nsec3 *)rrp->rdata)->bitmap_len);
0945
2019-02-15
pjp
answer->algorithm = ((struct nsec3 *)rrp->rdata)->algorithm;
0946
2019-02-15
pjp
answer->flags = ((struct nsec3 *)rrp->rdata)->flags;
0947
2019-02-15
pjp
answer->iterations = htons(((struct nsec3 *)rrp->rdata)->iterations);
0948
2019-02-15
pjp
answer->saltlen = ((struct nsec3 *)rrp->rdata)->saltlen;
0949
2015-07-01
pjp
0950
2015-07-01
pjp
offset += sizeof(*answer);
0951
2015-07-01
pjp
0952
2019-02-15
pjp
if (((struct nsec3 *)rrp->rdata)->saltlen) {
0953
2019-02-15
pjp
memcpy(&reply[offset], &((struct nsec3 *)rrp->rdata)->salt,
0954
2019-02-15
pjp
((struct nsec3 *)rrp->rdata)->saltlen);
0955
2019-02-15
pjp
offset += ((struct nsec3 *)rrp->rdata)->saltlen;
0956
2015-09-12
pjp
}
0957
2015-07-01
pjp
0958
2015-09-12
pjp
somelen = (u_int8_t *)&reply[offset];
0959
2019-02-15
pjp
*somelen = ((struct nsec3 *)rrp->rdata)->nextlen;
0960
2015-07-01
pjp
0961
2015-09-12
pjp
offset += 1;
0962
2015-07-01
pjp
0963
2019-02-15
pjp
memcpy(&reply[offset], ((struct nsec3 *)rrp->rdata)->next,
0964
2019-02-15
pjp
((struct nsec3 *)rrp->rdata)->nextlen);
0965
2015-07-01
pjp
0966
2019-02-15
pjp
offset += ((struct nsec3 *)rrp->rdata)->nextlen;
0967
2015-09-12
pjp
0968
2019-02-15
pjp
memcpy(&reply[offset], ((struct nsec3 *)rrp->rdata)->bitmap,
0969
2019-02-15
pjp
((struct nsec3 *)rrp->rdata)->bitmap_len);
0970
2019-02-15
pjp
offset += ((struct nsec3 *)rrp->rdata)->bitmap_len;
0971
2015-09-12
pjp
0972
2020-07-06
pjp
tmplen = additional_rrsig(name, namelen, DNS_TYPE_NSEC3, rbt, reply, replylen, offset, &retcount, authoritative);
0973
2015-09-12
pjp
0974
2015-07-01
pjp
if (tmplen == 0) {
0975
2019-12-27
pjp
return 0;
0976
2015-07-01
pjp
}
0977
2015-07-01
pjp
0978
2015-07-01
pjp
offset = tmplen;
0979
2020-04-01
pjp
*count = retcount + 1;
0980
2015-07-01
pjp
0981
2015-06-20
pjp
out:
0982
2015-06-20
pjp
return (offset);
0983
2015-06-20
pjp
0984
2019-11-09
pjp
}
0985
2019-11-09
pjp
0986
2019-11-09
pjp
/*
0987
2019-11-09
pjp
* ADDITIONAL_DS() - replies a DNS question (*q) on socket (so)
0988
2019-11-09
pjp
* based on additional_mx()
0989
2019-11-09
pjp
*
0990
2019-11-09
pjp
*/
0991
2019-11-09
pjp
0992
2019-11-09
pjp
int
0993
2019-11-09
pjp
additional_ds(char *name, int namelen, struct rbtree *rbt, char *reply, int replylen, int offset, int *retcount)
0994
2019-11-09
pjp
{
0995
2019-11-09
pjp
int ds_count = 0;
0996
2019-11-09
pjp
int tmplen;
0997
2019-11-09
pjp
int rroffset = offset;
0998
2019-11-09
pjp
0999
2019-11-09
pjp
struct answer {
1000
2019-11-09
pjp
u_int16_t type;
1001
2019-11-09
pjp
u_int16_t class;
1002
2019-11-09
pjp
u_int32_t ttl;
1003
2019-11-09
pjp
u_int16_t rdlength;
1004
2019-11-09
pjp
u_int16_t key_tag;
1005
2019-11-09
pjp
u_int8_t algorithm;
1006
2019-11-09
pjp
u_int8_t digest_type;
1007
2019-11-09
pjp
1008
2019-11-09
pjp
} __attribute__((packed));
1009
2019-11-09
pjp
1010
2019-11-09
pjp
struct answer *answer;
1011
2019-11-09
pjp
struct rrset *rrset = NULL;
1012
2019-11-09
pjp
struct rr *rrp = NULL;
1013
2019-12-04
pjp
int tmpcount = 0;
1014
2019-11-09
pjp
1015
2019-12-04
pjp
pack32((char *)retcount, 0);
1016
2019-11-09
pjp
1017
2019-11-09
pjp
if ((rrset = find_rr(rbt, DNS_TYPE_DS)) == NULL)
1018
2019-11-09
pjp
return 0;
1019
2019-11-09
pjp
1020
2019-11-09
pjp
1021
2019-11-09
pjp
TAILQ_FOREACH(rrp, &rrset->rr_head, entries) {
1022
2019-11-09
pjp
rroffset = offset;
1023
2019-11-09
pjp
1024
2019-11-09
pjp
if ((offset + namelen) > replylen)
1025
2019-11-09
pjp
return 0;
1026
2019-11-09
pjp
1027
2019-11-09
pjp
memcpy(&reply[offset], name, namelen);
1028
2019-11-09
pjp
offset += namelen;
1029
2019-11-09
pjp
tmplen = compress_label((u_char*)reply, offset, namelen);
1030
2019-11-09
pjp
1031
2019-11-09
pjp
if (tmplen != 0) {
1032
2019-11-09
pjp
offset = tmplen;
1033
2019-11-09
pjp
}
1034
2019-11-09
pjp
1035
2019-11-09
pjp
if ((offset + sizeof(struct answer)) > replylen) {
1036
2019-11-09
pjp
offset = rroffset;
1037
2019-11-09
pjp
return 0;
1038
2019-11-09
pjp
}
1039
2019-11-09
pjp
1040
2019-11-09
pjp
answer = (struct answer *)&reply[offset];
1041
2019-11-09
pjp
1042
2019-11-09
pjp
answer->type = htons(DNS_TYPE_DS);
1043
2019-11-09
pjp
answer->class = htons(DNS_CLASS_IN);
1044
2020-05-07
pjp
answer->ttl = htonl(rrset->ttl);
1045
2019-11-09
pjp
answer->key_tag = htons(((struct ds *)rrp->rdata)->key_tag);
1046
2019-11-09
pjp
answer->algorithm = ((struct ds *)rrp->rdata)->algorithm;
1047
2019-11-09
pjp
answer->digest_type = ((struct ds *)rrp->rdata)->digest_type;
1048
2019-11-09
pjp
1049
2019-11-09
pjp
offset += sizeof(struct answer);
1050
2019-11-09
pjp
1051
2019-11-09
pjp
if ((offset + ((struct ds *)rrp->rdata)->digestlen) > replylen) {
1052
2019-11-09
pjp
offset = rroffset;
1053
2019-11-09
pjp
return 0;
1054
2019-11-09
pjp
}
1055
2019-11-09
pjp
1056
2019-11-09
pjp
memcpy(&reply[offset], ((struct ds *)rrp->rdata)->digest,
1057
2019-11-09
pjp
((struct ds *)rrp->rdata)->digestlen);
1058
2019-11-09
pjp
1059
2019-11-09
pjp
offset += ((struct ds *)rrp->rdata)->digestlen;
1060
2019-11-09
pjp
1061
2019-11-09
pjp
answer->rdlength = htons(((struct ds *)rrp->rdata)->digestlen + sizeof(u_int16_t) + sizeof(u_int8_t) + sizeof(u_int8_t));
1062
2019-11-09
pjp
1063
2019-11-09
pjp
1064
2019-12-04
pjp
tmpcount++;
1065
2019-11-09
pjp
1066
2019-11-09
pjp
ds_count++;
1067
2019-11-09
pjp
}
1068
2019-12-04
pjp
1069
2019-12-04
pjp
pack32((char *)retcount, tmpcount);
1070
2019-11-09
pjp
1071
2019-11-09
pjp
return (offset);
1072
2014-11-14
pjp
}
repomaster@centroid.eu