Blame
Date:
Sat Aug 1 09:01:52 2020 UTC
Message:
move extended RCODE's out of the RCODE section those are only 0x00 through 0x0F make a section that shows extended RCODE's that are added to a EDNS0 tag.
0001
2016-07-06
pjp
/*
0002
2020-07-16
pjp
* Copyright (c) 2002-2020 Peter J. Philipp
0003
2016-07-06
pjp
* All rights reserved.
0004
2016-07-06
pjp
*
0005
2016-07-06
pjp
* Redistribution and use in source and binary forms, with or without
0006
2016-07-06
pjp
* modification, are permitted provided that the following conditions
0007
2016-07-06
pjp
* are met:
0008
2016-07-06
pjp
* 1. Redistributions of source code must retain the above copyright
0009
2016-07-06
pjp
* notice, this list of conditions and the following disclaimer.
0010
2016-07-06
pjp
* 2. Redistributions in binary form must reproduce the above copyright
0011
2016-07-06
pjp
* notice, this list of conditions and the following disclaimer in the
0012
2016-07-06
pjp
* documentation and/or other materials provided with the distribution.
0013
2016-07-06
pjp
* 3. The name of the author may not be used to endorse or promote products
0014
2016-07-06
pjp
* derived from this software without specific prior written permission
0015
2016-07-06
pjp
*
0016
2016-07-06
pjp
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
0017
2016-07-06
pjp
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
0018
2016-07-06
pjp
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
0019
2016-07-06
pjp
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
0020
2016-07-06
pjp
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
0021
2016-07-06
pjp
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
0022
2016-07-06
pjp
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
0023
2016-07-06
pjp
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
0024
2016-07-06
pjp
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
0025
2016-07-06
pjp
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
0026
2016-07-06
pjp
*
0027
2016-07-06
pjp
*/
0028
2017-10-26
pjp
0029
2017-10-26
pjp
/*
0030
2020-07-27
pjp
* $Id: util.c,v 1.81 2020/07/27 08:23:04 pjp Exp $
0031
2017-10-26
pjp
*/
0032
2017-10-26
pjp
0033
2019-06-06
pjp
#include <sys/types.h>
0034
2019-06-06
pjp
#include <sys/socket.h>
0035
2019-02-24
pjp
0036
2019-06-06
pjp
#include <netinet/in.h>
0037
2020-07-21
pjp
#include <netinet/ip.h>
0038
2020-07-21
pjp
#include <netinet/ip6.h>
0039
2020-07-21
pjp
#include <netinet/udp.h>
0040
2019-06-06
pjp
#include <arpa/inet.h>
0041
2019-06-06
pjp
#include <netdb.h>
0042
2019-06-06
pjp
0043
2019-06-06
pjp
#include <stdio.h>
0044
2019-06-06
pjp
#include <stdlib.h>
0045
2019-06-06
pjp
#include <stdint.h>
0046
2019-06-06
pjp
#include <stdarg.h>
0047
2019-06-06
pjp
#include <string.h>
0048
2019-06-06
pjp
#include <errno.h>
0049
2019-06-06
pjp
#include <syslog.h>
0050
2019-06-06
pjp
#include <unistd.h>
0051
2019-06-06
pjp
#include <ctype.h>
0052
2019-06-06
pjp
0053
2019-06-06
pjp
#ifdef __linux__
0054
2019-06-06
pjp
#include <grp.h>
0055
2019-06-06
pjp
#define __USE_BSD 1
0056
2019-06-06
pjp
#include <endian.h>
0057
2019-06-06
pjp
#include <bsd/stdlib.h>
0058
2019-06-06
pjp
#include <bsd/string.h>
0059
2019-06-06
pjp
#include <bsd/unistd.h>
0060
2019-06-06
pjp
#include <bsd/sys/queue.h>
0061
2019-06-06
pjp
#define __unused
0062
2019-06-06
pjp
#include <bsd/sys/tree.h>
0063
2019-06-06
pjp
#include <bsd/sys/endian.h>
0064
2019-06-06
pjp
#include "imsg.h"
0065
2019-06-06
pjp
#else /* not linux */
0066
2019-06-06
pjp
#include <sys/queue.h>
0067
2019-06-06
pjp
#include <sys/tree.h>
0068
2019-06-06
pjp
#ifdef __FreeBSD__
0069
2019-06-07
pjp
#include <sys/endian.h>
0070
2019-06-06
pjp
#include "imsg.h"
0071
2019-06-06
pjp
#else
0072
2019-06-06
pjp
#include <imsg.h>
0073
2019-06-06
pjp
#endif /* __FreeBSD__ */
0074
2019-06-06
pjp
#endif /* __linux__ */
0075
2019-06-06
pjp
0076
2019-06-06
pjp
#ifndef NTOHS
0077
2019-06-06
pjp
#include "endian.h"
0078
2019-06-06
pjp
#endif
0079
2019-06-06
pjp
0080
2019-02-24
pjp
#include <openssl/evp.h>
0081
2019-02-24
pjp
#include <openssl/hmac.h>
0082
2019-02-24
pjp
0083
2019-06-06
pjp
#include "ddd-dns.h"
0084
2019-06-06
pjp
#include "ddd-db.h"
0085
2019-06-06
pjp
#include "ddd-config.h"
0086
2019-06-06
pjp
0087
2016-07-06
pjp
/* prototypes */
0088
2016-07-06
pjp
0089
2019-12-03
pjp
void pack(char *, char *, int);
0090
2019-12-03
pjp
void pack32(char *, u_int32_t);
0091
2019-12-03
pjp
void pack16(char *, u_int16_t);
0092
2019-12-03
pjp
void pack8(char *, u_int8_t);
0093
2019-12-03
pjp
uint32_t unpack32(char *);
0094
2019-12-03
pjp
uint16_t unpack16(char *);
0095
2019-12-03
pjp
void unpack(char *, char *, int);
0096
2020-07-16
pjp
int lower_dnsname(char *, int);
0097
2020-07-16
pjp
int randomize_dnsname(char *, int);
0098
2019-12-03
pjp
0099
2016-08-28
pjp
int label_count(char *);
0100
2016-07-06
pjp
char * dns_label(char *, int *);
0101
2020-06-25
pjp
void ddd_shutdown(void);
0102
2017-06-26
pjp
int get_record_size(ddDB *, char *, int);
0103
2019-11-11
pjp
struct rbtree * get_soa(ddDB *, struct question *);
0104
2019-11-11
pjp
struct rbtree * get_ns(ddDB *, struct rbtree *, int *);
0105
2020-01-16
pjp
struct rbtree * lookup_zone(ddDB *, struct question *, int *, int *, char *, int);
0106
2019-10-31
pjp
struct rbtree * Lookup_zone(ddDB *, char *, u_int16_t, u_int16_t, int);
0107
2019-02-15
pjp
u_int16_t check_qtype(struct rbtree *, u_int16_t, int, int *);
0108
2019-02-26
pjp
struct question *build_fake_question(char *, int, u_int16_t, char *, int);
0109
2016-07-06
pjp
0110
2016-08-30
pjp
char *get_dns_type(int, int);
0111
2017-01-11
pjp
int memcasecmp(u_char *, u_char *, int);
0112
2019-02-26
pjp
struct question *build_question(char *, int, int, char *);
0113
2019-02-07
pjp
int free_question(struct question *);
0114
2019-02-07
pjp
struct rrtab *rrlookup(char *);
0115
2019-02-24
pjp
char * expand_compression(u_char *, u_char *, u_char *, u_char *, int *, int);
0116
2019-02-24
pjp
void log_diff(char *sha256, char *mac, int len);
0117
2019-10-15
pjp
int tsig_pseudoheader(char *, uint16_t, time_t, HMAC_CTX *);
0118
2019-11-01
pjp
char * bin2hex(char *, int);
0119
2019-11-01
pjp
u_int64_t timethuman(time_t);
0120
2019-11-01
pjp
char * bitmap2human(char *, int);
0121
2020-07-27
pjp
int lookup_axfr(FILE *, int, char *, struct soa *, u_int32_t, char *, char *, int *, int *, int *, struct soa_constraints *);
0122
2019-11-12
pjp
int dn_contains(char *name, int len, char *anchorname, int alen);
0123
2020-07-21
pjp
uint16_t udp_cksum(u_int16_t *, uint16_t, struct ip *, struct udphdr *);
0124
2020-07-21
pjp
uint16_t udp_cksum6(u_int16_t *, uint16_t, struct ip6_hdr *, struct udphdr *);
0125
2016-07-06
pjp
0126
2020-04-11
pjp
0127
2019-11-05
pjp
int bytes_received;
0128
2019-11-02
pjp
0129
2019-11-02
pjp
/* externs */
0130
2016-07-06
pjp
extern int debug;
0131
2016-07-06
pjp
extern int *ptr;
0132
2019-02-24
pjp
extern int tsig;
0133
2020-06-30
pjp
extern int forward;
0134
2020-07-03
pjp
extern int zonecount;
0135
2016-07-06
pjp
0136
2019-02-15
pjp
extern void dolog(int, char *, ...);
0137
2019-02-15
pjp
0138
2019-02-15
pjp
extern struct rbtree * find_rrset(ddDB *db, char *name, int len);
0139
2019-02-15
pjp
extern struct rrset * find_rr(struct rbtree *rbt, u_int16_t rrtype);
0140
2019-02-15
pjp
extern int add_rr(struct rbtree *rbt, char *name, int len, u_int16_t rrtype, void *rdata);
0141
2019-02-15
pjp
extern int display_rr(struct rrset *rrset);
0142
2019-02-18
pjp
extern int check_ent(char *, int);
0143
2019-02-24
pjp
extern int find_tsig_key(char *, int, char *, int);
0144
2019-11-02
pjp
extern int mybase64_decode(char const *, u_char *, size_t);
0145
2019-02-15
pjp
0146
2020-07-08
pjp
extern int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0147
2020-07-08
pjp
extern int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0148
2020-07-08
pjp
extern int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0149
2020-07-08
pjp
extern int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0150
2020-07-08
pjp
extern int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0151
2020-07-08
pjp
extern int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0152
2020-07-08
pjp
extern int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0153
2020-07-08
pjp
extern int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0154
2020-07-08
pjp
extern int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0155
2020-07-08
pjp
extern int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0156
2020-07-08
pjp
extern int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0157
2020-07-08
pjp
extern int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0158
2020-07-08
pjp
extern int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0159
2020-07-08
pjp
extern int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0160
2020-07-08
pjp
extern int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0161
2020-07-23
pjp
extern int raxfr_rp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0162
2020-07-23
pjp
extern int raxfr_caa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0163
2020-07-23
pjp
extern int raxfr_hinfo(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0164
2020-07-08
pjp
extern int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
0165
2019-11-02
pjp
extern u_int16_t raxfr_skip(FILE *, u_char *, u_char *);
0166
2020-07-27
pjp
extern int raxfr_soa(FILE *, u_char *, u_char *, u_char *, struct soa *, int, u_int32_t, u_int16_t, HMAC_CTX *, struct soa_constraints *);
0167
2020-07-27
pjp
extern int raxfr_peek(FILE *, u_char *, u_char *, u_char *, int *, int, u_int16_t *, u_int32_t, HMAC_CTX *, char *, int, int);
0168
2019-11-05
pjp
extern int raxfr_tsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int);
0169
2020-07-16
pjp
extern char *convert_name(char *, int);
0170
2019-02-15
pjp
0171
2019-11-02
pjp
0172
2016-08-30
pjp
/* internals */
0173
2016-08-30
pjp
struct typetable {
0174
2016-08-30
pjp
char *type;
0175
2016-08-30
pjp
int number;
0176
2016-08-30
pjp
} TT[] = {
0177
2016-08-30
pjp
{ "A", DNS_TYPE_A},
0178
2016-08-30
pjp
{ "NS", DNS_TYPE_NS},
0179
2016-08-30
pjp
{ "CNAME", DNS_TYPE_CNAME},
0180
2016-08-30
pjp
{ "SOA", DNS_TYPE_SOA},
0181
2016-08-30
pjp
{ "PTR", DNS_TYPE_PTR},
0182
2016-08-30
pjp
{ "MX", DNS_TYPE_MX},
0183
2016-08-30
pjp
{ "TXT", DNS_TYPE_TXT},
0184
2016-08-30
pjp
{ "AAAA", DNS_TYPE_AAAA},
0185
2016-08-30
pjp
{ "ANY", DNS_TYPE_ANY },
0186
2016-08-30
pjp
{ "SRV", DNS_TYPE_SRV },
0187
2016-08-30
pjp
{ "SSHFP", DNS_TYPE_SSHFP },
0188
2016-08-30
pjp
{ "NAPTR", DNS_TYPE_NAPTR },
0189
2016-08-30
pjp
{ "RRSIG", DNS_TYPE_RRSIG },
0190
2016-08-30
pjp
{ "DNSKEY", DNS_TYPE_DNSKEY },
0191
2016-08-30
pjp
{ "NSEC", DNS_TYPE_NSEC },
0192
2016-08-30
pjp
{ "DS", DNS_TYPE_DS },
0193
2016-08-30
pjp
{ "NSEC3", DNS_TYPE_NSEC3 },
0194
2016-08-30
pjp
{ "NSEC3PARAM", DNS_TYPE_NSEC3PARAM },
0195
2016-08-30
pjp
{ "TLSA", DNS_TYPE_TLSA },
0196
2020-07-23
pjp
{ "RP", DNS_TYPE_RP },
0197
2020-07-23
pjp
{ "HINFO", DNS_TYPE_HINFO },
0198
2020-07-23
pjp
{ "CAA", DNS_TYPE_CAA },
0199
2016-08-30
pjp
{ NULL, 0}
0200
2016-08-30
pjp
};
0201
2016-08-30
pjp
0202
2019-02-15
pjp
static struct rrtab myrrtab[] = {
0203
2019-02-15
pjp
{ "a", DNS_TYPE_A, DNS_TYPE_A } ,
0204
2019-02-15
pjp
{ "aaaa", DNS_TYPE_AAAA, DNS_TYPE_AAAA },
0205
2020-07-23
pjp
{ "caa", DNS_TYPE_CAA, DNS_TYPE_CAA },
0206
2019-02-15
pjp
{ "cname", DNS_TYPE_CNAME, DNS_TYPE_CNAME },
0207
2019-02-15
pjp
{ "delegate", DNS_TYPE_NS, DNS_TYPE_NS },
0208
2019-02-15
pjp
{ "dnskey", DNS_TYPE_DNSKEY, DNS_TYPE_DNSKEY },
0209
2019-02-15
pjp
{ "ds", DNS_TYPE_DS, DNS_TYPE_DS },
0210
2020-07-23
pjp
{ "hinfo", DNS_TYPE_HINFO, DNS_TYPE_HINFO },
0211
2019-02-15
pjp
{ "hint", DNS_TYPE_HINT, DNS_TYPE_NS },
0212
2019-02-15
pjp
{ "mx", DNS_TYPE_MX, DNS_TYPE_MX },
0213
2019-02-15
pjp
{ "naptr", DNS_TYPE_NAPTR, DNS_TYPE_NAPTR },
0214
2019-02-15
pjp
{ "ns", DNS_TYPE_NS, DNS_TYPE_NS },
0215
2019-02-15
pjp
{ "nsec", DNS_TYPE_NSEC, DNS_TYPE_NSEC },
0216
2019-02-15
pjp
{ "nsec3", DNS_TYPE_NSEC3, DNS_TYPE_NSEC3 },
0217
2019-02-15
pjp
{ "nsec3param", DNS_TYPE_NSEC3PARAM, DNS_TYPE_NSEC3PARAM },
0218
2019-02-15
pjp
{ "ptr", DNS_TYPE_PTR, DNS_TYPE_PTR },
0219
2020-07-23
pjp
{ "rp", DNS_TYPE_RP, DNS_TYPE_RP },
0220
2019-02-18
pjp
{ "rrsig", DNS_TYPE_RRSIG, DNS_TYPE_RRSIG },
0221
2019-02-15
pjp
{ "soa", DNS_TYPE_SOA, DNS_TYPE_SOA },
0222
2019-02-15
pjp
{ "srv", DNS_TYPE_SRV, DNS_TYPE_SRV },
0223
2019-02-15
pjp
{ "sshfp", DNS_TYPE_SSHFP, DNS_TYPE_SSHFP },
0224
2019-02-15
pjp
{ "tlsa", DNS_TYPE_TLSA, DNS_TYPE_TLSA },
0225
2019-02-15
pjp
{ "txt", DNS_TYPE_TXT, DNS_TYPE_TXT },
0226
2019-02-07
pjp
};
0227
2019-02-07
pjp
0228
2019-11-02
pjp
0229
2019-11-02
pjp
0230
2019-11-02
pjp
static struct raxfr_logic supported[] = {
0231
2019-11-02
pjp
{ DNS_TYPE_A, 0, raxfr_a },
0232
2019-11-02
pjp
{ DNS_TYPE_NS, 0, raxfr_ns },
0233
2019-11-02
pjp
{ DNS_TYPE_MX, 0, raxfr_mx },
0234
2019-11-02
pjp
{ DNS_TYPE_PTR, 0, raxfr_ptr },
0235
2019-11-02
pjp
{ DNS_TYPE_AAAA, 0, raxfr_aaaa },
0236
2019-11-02
pjp
{ DNS_TYPE_CNAME, 0, raxfr_cname },
0237
2019-11-02
pjp
{ DNS_TYPE_TXT, 0, raxfr_txt },
0238
2019-11-02
pjp
{ DNS_TYPE_DNSKEY, 1, raxfr_dnskey },
0239
2019-11-02
pjp
{ DNS_TYPE_RRSIG, 1, raxfr_rrsig },
0240
2019-11-02
pjp
{ DNS_TYPE_NSEC3PARAM, 1, raxfr_nsec3param },
0241
2019-11-02
pjp
{ DNS_TYPE_NSEC3, 1, raxfr_nsec3 },
0242
2019-11-02
pjp
{ DNS_TYPE_DS, 1, raxfr_ds },
0243
2019-11-02
pjp
{ DNS_TYPE_SSHFP, 0, raxfr_sshfp },
0244
2019-11-02
pjp
{ DNS_TYPE_TLSA, 0, raxfr_tlsa },
0245
2019-11-02
pjp
{ DNS_TYPE_SRV, 0, raxfr_srv },
0246
2019-11-02
pjp
{ DNS_TYPE_NAPTR, 0, raxfr_naptr },
0247
2020-07-23
pjp
{ DNS_TYPE_RP, 0, raxfr_rp },
0248
2020-07-23
pjp
{ DNS_TYPE_HINFO, 0, raxfr_hinfo },
0249
2020-07-23
pjp
{ DNS_TYPE_CAA, 0, raxfr_caa },
0250
2019-11-02
pjp
{ 0, 0, NULL }
0251
2019-11-02
pjp
};
0252
2019-11-02
pjp
0253
2016-07-06
pjp
/*
0254
2016-12-29
pjp
* LABEL_COUNT - count the labels and return that number
0255
2016-08-28
pjp
*/
0256
2016-08-28
pjp
0257
2016-08-28
pjp
int
0258
2016-08-28
pjp
label_count(char *name)
0259
2016-08-28
pjp
{
0260
2016-08-28
pjp
int lc = 0;
0261
2016-12-29
pjp
char *p;
0262
2016-08-28
pjp
0263
2016-08-28
pjp
if (name == NULL)
0264
2016-08-28
pjp
return -1;
0265
2016-08-28
pjp
0266
2016-12-29
pjp
p = name;
0267
2016-12-29
pjp
while (*p != '\0') {
0268
2016-12-29
pjp
lc++;
0269
2016-12-29
pjp
p += (*p + 1);
0270
2016-12-29
pjp
}
0271
2016-08-28
pjp
0272
2016-08-28
pjp
return (lc);
0273
2016-08-28
pjp
}
0274
2016-08-28
pjp
0275
2016-08-28
pjp
/*
0276
2016-07-06
pjp
* DNS_LABEL - build a DNS NAME (with labels) from a canonical name
0277
2016-07-06
pjp
*
0278
2016-07-06
pjp
*/
0279
2016-07-06
pjp
0280
2016-07-06
pjp
char *
0281
2016-07-06
pjp
dns_label(char *name, int *returnlen)
0282
2016-07-06
pjp
{
0283
2016-07-06
pjp
int len, newlen = 0;
0284
2016-07-06
pjp
int i, lc = 0; /* lc = label count */
0285
2016-07-06
pjp
0286
2016-07-06
pjp
char *dnslabel, *p;
0287
2016-07-06
pjp
char *labels[255];
0288
2016-07-06
pjp
char **pl;
0289
2016-12-29
pjp
static char tname[DNS_MAXNAME + 1]; /* 255 bytes + 1*/
0290
2016-07-06
pjp
char *pt = &tname[0];
0291
2016-07-06
pjp
0292
2016-07-06
pjp
0293
2016-07-06
pjp
if (name == NULL)
0294
2016-07-06
pjp
return NULL;
0295
2016-07-06
pjp
0296
2016-07-06
pjp
strlcpy(tname, name, sizeof(tname));
0297
2016-07-06
pjp
0298
2016-07-06
pjp
len = strlen(tname);
0299
2016-07-06
pjp
if (tname[len - 1] == '.')
0300
2016-07-06
pjp
tname[len - 1] = '\0';
0301
2016-07-06
pjp
0302
2016-07-06
pjp
for (pl=labels;pl<&labels[254]&&(*pl=strsep(&pt,"."))!= NULL;pl++,lc++)
0303
2016-07-06
pjp
newlen += strlen(*pl);
0304
2016-07-06
pjp
0305
2016-07-06
pjp
newlen += lc; /* add label count to length */
0306
2016-07-06
pjp
0307
2016-07-06
pjp
0308
2016-07-06
pjp
/* make the buffer space, add 1 for trailing NULL */
0309
2016-07-06
pjp
if ((dnslabel = malloc(newlen + 1)) == NULL) {
0310
2016-07-06
pjp
return NULL;
0311
2016-07-06
pjp
}
0312
2016-07-06
pjp
0313
2019-12-04
pjp
pack32((char *)returnlen, (newlen + 1));
0314
2016-07-06
pjp
dnslabel[newlen] = '\0'; /* trailing NULL */
0315
2016-07-06
pjp
0316
2016-07-06
pjp
for (i = 0, p = dnslabel; i < lc; i++) {
0317
2016-07-06
pjp
len = strlen(labels[i]);
0318
2016-07-06
pjp
*p++ = len;
0319
2016-07-06
pjp
strlcpy(p, labels[i], newlen - (p - dnslabel) + 1);
0320
2016-07-06
pjp
p += len;
0321
2016-07-06
pjp
}
0322
2016-07-06
pjp
0323
2016-07-06
pjp
/*
0324
2016-07-06
pjp
* XXX hack to make all DNS names lower case, we only preserve
0325
2016-07-06
pjp
* case on compressed answers..
0326
2016-07-06
pjp
*/
0327
2016-07-06
pjp
0328
2016-07-06
pjp
for (i = 0, p = dnslabel; i < *returnlen; i++) {
0329
2016-07-06
pjp
int c;
0330
2016-07-06
pjp
0331
2016-07-06
pjp
c = *p;
0332
2016-07-06
pjp
if (isalpha(c))
0333
2016-07-06
pjp
*p = tolower(c);
0334
2016-07-06
pjp
p++;
0335
2016-07-06
pjp
}
0336
2016-07-06
pjp
0337
2019-11-04
pjp
#if DEBUG
0338
2016-07-06
pjp
if (debug)
0339
2016-07-06
pjp
dolog(LOG_DEBUG, "converting name= %s\n", name);
0340
2019-11-04
pjp
#endif
0341
2016-07-06
pjp
0342
2016-07-06
pjp
return dnslabel;
0343
2016-07-06
pjp
}
0344
2016-07-06
pjp
/*
0345
2020-06-25
pjp
* ddd_shutdown - delphinusdnsd wishes to shutdown, enter its pid into the
0346
2016-07-06
pjp
* shutdown shared memory and return.
0347
2016-07-06
pjp
*/
0348
2016-07-06
pjp
0349
2016-07-06
pjp
void
0350
2020-06-25
pjp
ddd_shutdown(void)
0351
2016-07-06
pjp
{
0352
2016-07-06
pjp
pid_t pid;
0353
2016-07-06
pjp
0354
2016-07-06
pjp
pid = getpid();
0355
2016-07-06
pjp
0356
2016-07-06
pjp
*ptr = pid;
0357
2016-07-06
pjp
}
0358
2016-07-06
pjp
0359
2016-07-06
pjp
0360
2016-07-06
pjp
/*
0361
2019-02-15
pjp
* LOOKUP_ZONE - look up a zone filling rbtree and returning RR TYPE, if error
0362
2019-02-15
pjp
* occurs returns -1, and sets errno on what type of error.
0363
2016-07-06
pjp
*/
0364
2016-07-06
pjp
0365
2019-02-15
pjp
0366
2019-02-15
pjp
struct rbtree *
0367
2020-01-16
pjp
lookup_zone(ddDB *db, struct question *question, int *returnval, int *lzerrno, char *replystring, int replystringsize)
0368
2016-07-06
pjp
{
0369
2016-07-06
pjp
0370
2019-02-15
pjp
struct rbtree *rbt = NULL;
0371
2019-11-11
pjp
struct rbtree *rbt0 = NULL;
0372
2019-11-12
pjp
struct rrset *rrset = NULL;
0373
2019-11-11
pjp
int plen, splen, error;
0374
2016-07-06
pjp
0375
2019-11-11
pjp
char *p, *sp;
0376
2019-02-15
pjp
0377
2019-02-15
pjp
p = question->hdr->name;
0378
2019-02-15
pjp
plen = question->hdr->namelen;
0379
2016-07-06
pjp
0380
2019-02-15
pjp
*returnval = 0;
0381
2020-06-30
pjp
0382
2020-06-30
pjp
if (forward) {
0383
2020-07-03
pjp
/* short circuit when we have no zones loaded */
0384
2020-07-03
pjp
if (zonecount == 0) {
0385
2020-06-30
pjp
*lzerrno = ERR_FORWARD;
0386
2020-06-30
pjp
*returnval = -1;
0387
2020-06-30
pjp
0388
2020-06-30
pjp
return NULL;
0389
2020-06-30
pjp
}
0390
2020-06-30
pjp
}
0391
2019-10-30
pjp
/* if the find_rrset fails, the find_rr will not get questioned */
0392
2019-02-19
pjp
if ((rbt = find_rrset(db, p, plen)) == NULL ||
0393
2019-11-11
pjp
((ntohs(question->hdr->qtype) != DNS_TYPE_DS) &&
0394
2019-11-11
pjp
(rbt->flags & RBT_GLUE)) ||
0395
2019-11-11
pjp
((rbt->flags & RBT_DNSSEC) && (rrset = find_rr(rbt, DNS_TYPE_NSEC3)) != NULL)) {
0396
2019-11-11
pjp
if (rbt == NULL) {
0397
2019-11-11
pjp
splen = plen;
0398
2019-11-11
pjp
sp = p;
0399
2019-11-11
pjp
0400
2019-11-11
pjp
while ((rbt0 = find_rrset(db, sp, splen)) == NULL) {
0401
2019-11-11
pjp
if (*sp == 0 && splen == 1)
0402
2019-11-11
pjp
break;
0403
2019-11-11
pjp
splen -= (*sp + 1);
0404
2019-11-11
pjp
sp += (*sp + 1);
0405
2019-11-11
pjp
}
0406
2019-11-11
pjp
0407
2019-11-11
pjp
if (rbt0 && rbt0->flags & RBT_GLUE)
0408
2019-11-11
pjp
rbt = rbt0;
0409
2019-11-11
pjp
}
0410
2019-11-11
pjp
/* check our delegations */
0411
2019-11-11
pjp
if (rbt && rbt->flags & RBT_GLUE) {
0412
2019-11-11
pjp
while (rbt && (rbt->flags & RBT_GLUE)) {
0413
2019-11-11
pjp
plen -= (*p + 1);
0414
2019-11-11
pjp
p += (*p + 1);
0415
2019-11-11
pjp
0416
2019-11-11
pjp
while ((rbt0 = find_rrset(db, p, plen)) == NULL) {
0417
2019-11-11
pjp
plen -= (*p + 1);
0418
2019-11-11
pjp
p += (*p + 1);
0419
2019-11-11
pjp
}
0420
2019-11-11
pjp
0421
2019-11-11
pjp
if (rbt0->flags & RBT_GLUE) {
0422
2019-11-11
pjp
rbt = rbt0;
0423
2019-11-11
pjp
} else {
0424
2019-11-11
pjp
/* answer the delegation */
0425
2020-01-16
pjp
snprintf(replystring, replystringsize, "%s", rbt->humanname);
0426
2019-11-11
pjp
*lzerrno = ERR_DELEGATE;
0427
2019-11-11
pjp
*returnval = -1;
0428
2019-11-11
pjp
return (rbt);
0429
2019-11-11
pjp
}
0430
2019-11-11
pjp
}
0431
2019-11-11
pjp
}
0432
2019-11-11
pjp
0433
2019-02-18
pjp
if (check_ent(p, plen) == 1) {
0434
2019-02-18
pjp
*lzerrno = ERR_NODATA;
0435
2019-02-18
pjp
*returnval = -1;
0436
2019-02-24
pjp
0437
2019-02-18
pjp
return NULL;
0438
2019-02-18
pjp
}
0439
2019-10-30
pjp
0440
2019-02-15
pjp
/*
0441
2019-02-15
pjp
* We have a condition where a record does not exist but we
0442
2019-02-15
pjp
* move toward the apex of the record, and there may be
0443
2019-02-15
pjp
* something. We return NXDOMAIN if there is an apex with
0444
2019-02-15
pjp
* SOA if not then we return REFUSED
0445
2019-02-15
pjp
*/
0446
2019-02-15
pjp
while (*p != 0) {
0447
2019-02-15
pjp
plen -= (*p + 1);
0448
2019-02-15
pjp
p = (p + (*p + 1));
0449
2019-02-15
pjp
0450
2019-02-24
pjp
/* rbt was NULL */
0451
2019-02-15
pjp
if ((rbt = find_rrset(db, p, plen)) != NULL) {
0452
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_SOA) != NULL) {
0453
2019-02-15
pjp
*lzerrno = ERR_NXDOMAIN;
0454
2019-02-15
pjp
*returnval = -1;
0455
2019-02-15
pjp
return (rbt);
0456
2019-02-15
pjp
}
0457
2019-10-30
pjp
0458
2019-10-30
pjp
if ((rrset = find_rr(rbt, DNS_TYPE_NS)) != NULL) {
0459
2020-01-16
pjp
snprintf(replystring, replystringsize, "%s", rbt->humanname);
0460
2019-10-30
pjp
*lzerrno = ERR_DELEGATE;
0461
2019-10-30
pjp
*returnval = -1;
0462
2019-10-30
pjp
return (rbt);
0463
2019-10-30
pjp
}
0464
2019-02-24
pjp
0465
2019-02-15
pjp
}
0466
2016-07-21
pjp
}
0467
2020-06-30
pjp
if (forward)
0468
2020-06-30
pjp
*lzerrno = ERR_FORWARD;
0469
2020-06-30
pjp
else
0470
2020-06-30
pjp
*lzerrno = ERR_REFUSED;
0471
2019-02-15
pjp
*returnval = -1;
0472
2019-02-24
pjp
return (NULL);
0473
2016-07-21
pjp
}
0474
2019-02-15
pjp
0475
2020-01-16
pjp
snprintf(replystring, replystringsize, "%s", rbt->humanname);
0476
2016-07-21
pjp
0477
2019-11-12
pjp
if ((ntohs(question->hdr->qtype) != DNS_TYPE_DS) &&
0478
2019-11-12
pjp
(rrset = find_rr(rbt, DNS_TYPE_NS)) != NULL &&
0479
2019-11-12
pjp
! (rbt->flags & RBT_APEX)) {
0480
2019-10-30
pjp
*returnval = -1;
0481
2019-10-30
pjp
*lzerrno = ERR_DELEGATE;
0482
2019-10-30
pjp
return (rbt);
0483
2019-02-15
pjp
}
0484
2016-07-21
pjp
0485
2019-11-12
pjp
0486
2019-02-15
pjp
*returnval = check_qtype(rbt, ntohs(question->hdr->qtype), 0, &error);
0487
2019-02-15
pjp
if (*returnval == 0) {
0488
2019-02-15
pjp
*lzerrno = ERR_NOERROR;
0489
2019-02-15
pjp
*returnval = -1;
0490
2019-02-15
pjp
return (rbt);
0491
2019-02-15
pjp
}
0492
2019-02-15
pjp
0493
2019-02-15
pjp
return(rbt);
0494
2019-02-15
pjp
}
0495
2019-02-15
pjp
0496
2019-11-11
pjp
/*
0497
2019-11-11
pjp
* GET_SOA - get authoritative soa for a particular domain
0498
2019-11-11
pjp
*/
0499
2019-11-11
pjp
0500
2019-11-11
pjp
struct rbtree *
0501
2019-11-11
pjp
get_soa(ddDB *db, struct question *question)
0502
2019-11-11
pjp
{
0503
2019-11-11
pjp
struct rbtree *rbt = NULL;
0504
2019-11-11
pjp
0505
2019-11-11
pjp
int plen;
0506
2019-11-11
pjp
char *p;
0507
2019-11-11
pjp
0508
2019-11-11
pjp
p = question->hdr->name;
0509
2019-11-11
pjp
plen = question->hdr->namelen;
0510
2019-11-11
pjp
0511
2019-11-11
pjp
do {
0512
2019-11-11
pjp
struct rrset *rrset;
0513
2019-11-11
pjp
0514
2019-11-11
pjp
rbt = find_rrset(db, p, plen);
0515
2019-11-11
pjp
if (rbt == NULL) {
0516
2019-11-11
pjp
if (*p == '\0')
0517
2019-11-11
pjp
return (NULL);
0518
2019-11-11
pjp
0519
2019-11-11
pjp
plen -= (*p + 1);
0520
2019-11-11
pjp
p = (p + (*p + 1));
0521
2019-11-11
pjp
continue;
0522
2019-11-11
pjp
}
0523
2019-11-11
pjp
0524
2019-11-11
pjp
rrset = find_rr(rbt, DNS_TYPE_SOA);
0525
2019-11-11
pjp
if (rrset != NULL) {
0526
2019-11-11
pjp
/* we'll take this one */
0527
2019-11-11
pjp
return (rbt);
0528
2019-11-11
pjp
} else {
0529
2019-11-11
pjp
plen -= (*p + 1);
0530
2019-11-11
pjp
p = (p + (*p + 1));
0531
2019-11-11
pjp
}
0532
2019-11-11
pjp
0533
2019-11-11
pjp
} while (*p);
0534
2019-11-11
pjp
0535
2019-11-11
pjp
return (NULL);
0536
2019-11-11
pjp
}
0537
2019-11-11
pjp
0538
2019-11-11
pjp
/*
0539
2019-11-11
pjp
* GET_NS - walk to delegation name
0540
2019-11-11
pjp
*/
0541
2019-11-11
pjp
0542
2019-11-11
pjp
struct rbtree *
0543
2019-11-11
pjp
get_ns(ddDB *db, struct rbtree *rbt, int *delegation)
0544
2019-11-11
pjp
{
0545
2019-11-11
pjp
struct rrset *rrset = NULL;
0546
2019-11-11
pjp
struct rbtree *rbt0;
0547
2019-11-11
pjp
char *p;
0548
2019-11-11
pjp
int len;
0549
2019-11-11
pjp
0550
2019-11-11
pjp
if ((rrset = find_rr(rbt, DNS_TYPE_SOA)) == NULL) {
0551
2019-12-04
pjp
pack32((char *)delegation, 1);
0552
2019-11-11
pjp
} else {
0553
2019-12-04
pjp
pack32((char *)delegation, 0);
0554
2019-11-11
pjp
return (rbt);
0555
2019-11-11
pjp
}
0556
2019-11-11
pjp
0557
2019-11-11
pjp
p = rbt->zone;
0558
2019-11-11
pjp
len = rbt->zonelen;
0559
2019-11-11
pjp
0560
2019-11-11
pjp
while (*p && len > 0) {
0561
2019-11-11
pjp
rbt0 = Lookup_zone(db, p, len, DNS_TYPE_NS, 0);
0562
2019-11-11
pjp
if (rbt0 == NULL) {
0563
2019-11-11
pjp
p += (*p + 1);
0564
2019-11-11
pjp
len -= (*p + 1);
0565
2019-11-11
pjp
0566
2019-11-11
pjp
continue;
0567
2019-11-11
pjp
} else
0568
2019-11-11
pjp
break;
0569
2019-11-11
pjp
}
0570
2019-11-11
pjp
0571
2019-11-11
pjp
if ((rrset = find_rr(rbt0, DNS_TYPE_SOA)) != NULL) {
0572
2019-12-04
pjp
pack32((char *)delegation, 0);
0573
2019-11-11
pjp
return (rbt);
0574
2019-11-11
pjp
}
0575
2019-11-11
pjp
0576
2019-11-11
pjp
return (rbt0);
0577
2019-11-11
pjp
}
0578
2019-11-11
pjp
0579
2019-11-11
pjp
0580
2019-11-11
pjp
0581
2019-11-02
pjp
/*
0582
2019-11-02
pjp
* Lookup_zone: wrapper for lookup_zone() et al. type must be htons()'ed!
0583
2019-11-02
pjp
*/
0584
2019-11-02
pjp
0585
2019-11-02
pjp
struct rbtree *
0586
2019-11-02
pjp
Lookup_zone(ddDB *db, char *name, u_int16_t namelen, u_int16_t type, int wildcard)
0587
2019-11-02
pjp
{
0588
2019-11-02
pjp
struct rbtree *rbt;
0589
2019-11-11
pjp
struct rrset *rrset = NULL;
0590
2019-11-02
pjp
0591
2019-11-11
pjp
rbt = find_rrset(db, name, namelen);
0592
2019-11-11
pjp
if (rbt != NULL) {
0593
2019-11-11
pjp
rrset = find_rr(rbt, type);
0594
2020-07-06
pjp
if (rrset != NULL) {
0595
2019-11-11
pjp
return (rbt);
0596
2020-07-08
pjp
}
0597
2019-11-02
pjp
}
0598
2019-11-02
pjp
0599
2019-11-11
pjp
return NULL;
0600
2019-11-02
pjp
}
0601
2019-11-02
pjp
0602
2019-10-31
pjp
/*
0603
2016-07-21
pjp
* CHECK_QTYPE - check the query type and return appropriately if we have
0604
2016-07-21
pjp
* such a record in our DB..
0605
2016-07-21
pjp
* returns 0 on error, or the DNS TYPE from 1 through 65535
0606
2016-07-21
pjp
* when the return is 0 the error variable is set with the error
0607
2016-07-21
pjp
* code (-1 or -2)
0608
2016-07-06
pjp
*/
0609
2016-07-06
pjp
0610
2016-07-21
pjp
u_int16_t
0611
2019-02-15
pjp
check_qtype(struct rbtree *rbt, u_int16_t type, int nxdomain, int *error)
0612
2016-07-06
pjp
{
0613
2019-10-30
pjp
u_int16_t returnval = -1;
0614
2016-07-06
pjp
0615
2016-07-06
pjp
switch (type) {
0616
2016-07-21
pjp
0617
2017-08-09
pjp
case DNS_TYPE_IXFR:
0618
2017-08-09
pjp
returnval = DNS_TYPE_IXFR;
0619
2017-08-09
pjp
break;
0620
2017-08-09
pjp
case DNS_TYPE_AXFR:
0621
2017-08-09
pjp
returnval = DNS_TYPE_AXFR;
0622
2017-08-09
pjp
break;
0623
2016-07-21
pjp
case DNS_TYPE_ANY:
0624
2016-07-21
pjp
returnval = DNS_TYPE_ANY;
0625
2016-07-21
pjp
break;
0626
2016-07-21
pjp
0627
2016-07-21
pjp
case DNS_TYPE_A:
0628
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_A) != NULL) {
0629
2016-07-21
pjp
returnval = DNS_TYPE_A;
0630
2016-07-21
pjp
break;
0631
2019-02-15
pjp
} else if (find_rr(rbt, DNS_TYPE_CNAME) != NULL) {
0632
2016-07-21
pjp
returnval = DNS_TYPE_CNAME;
0633
2016-07-21
pjp
break;
0634
2016-07-21
pjp
}
0635
2016-07-21
pjp
0636
2016-07-21
pjp
*error = -1;
0637
2016-07-21
pjp
return 0;
0638
2016-07-21
pjp
case DNS_TYPE_AAAA:
0639
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_AAAA) != NULL) {
0640
2016-07-21
pjp
returnval = DNS_TYPE_AAAA;
0641
2016-07-21
pjp
break;
0642
2019-02-15
pjp
} else if (find_rr(rbt, DNS_TYPE_CNAME) != NULL) {
0643
2016-07-21
pjp
returnval = DNS_TYPE_CNAME;
0644
2016-07-21
pjp
break;
0645
2016-07-21
pjp
}
0646
2016-07-21
pjp
0647
2016-07-21
pjp
*error = -1;
0648
2016-07-21
pjp
return 0;
0649
2016-07-21
pjp
case DNS_TYPE_MX:
0650
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_MX) != NULL) {
0651
2016-07-21
pjp
returnval = DNS_TYPE_MX;
0652
2016-07-21
pjp
break;
0653
2019-02-15
pjp
} else if (find_rr(rbt, DNS_TYPE_CNAME) != NULL) {
0654
2016-07-21
pjp
returnval = DNS_TYPE_CNAME;
0655
2016-07-21
pjp
break;
0656
2016-07-21
pjp
}
0657
2016-07-21
pjp
0658
2016-07-21
pjp
*error = -1;
0659
2016-07-21
pjp
return 0;
0660
2016-07-21
pjp
case DNS_TYPE_PTR:
0661
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_PTR) != NULL) {
0662
2016-07-21
pjp
returnval = DNS_TYPE_PTR;
0663
2016-07-21
pjp
break;
0664
2019-02-15
pjp
} else if (find_rr(rbt, DNS_TYPE_CNAME) != NULL) {
0665
2016-07-21
pjp
returnval = DNS_TYPE_CNAME;
0666
2016-07-21
pjp
break;
0667
2016-07-21
pjp
}
0668
2016-07-21
pjp
0669
2016-07-21
pjp
*error = -1;
0670
2016-07-21
pjp
return 0;
0671
2016-07-21
pjp
0672
2016-07-21
pjp
case DNS_TYPE_SOA:
0673
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_SOA) != NULL) {
0674
2016-07-21
pjp
returnval = DNS_TYPE_SOA;
0675
2016-07-21
pjp
break;
0676
2016-07-21
pjp
}
0677
2016-07-21
pjp
0678
2016-07-21
pjp
if (nxdomain)
0679
2016-07-21
pjp
*error = -2;
0680
2016-07-21
pjp
else
0681
2016-07-21
pjp
*error = -1;
0682
2016-07-21
pjp
0683
2016-07-21
pjp
return 0;
0684
2016-07-21
pjp
0685
2016-07-21
pjp
case DNS_TYPE_TLSA:
0686
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_TLSA) != NULL) {
0687
2016-07-21
pjp
returnval = DNS_TYPE_TLSA;
0688
2016-07-21
pjp
break;
0689
2016-07-21
pjp
}
0690
2016-07-21
pjp
0691
2016-07-21
pjp
*error = -1;
0692
2016-07-21
pjp
return 0;
0693
2016-07-21
pjp
0694
2020-07-23
pjp
case DNS_TYPE_CAA:
0695
2020-07-23
pjp
if (find_rr(rbt, DNS_TYPE_CAA) != NULL) {
0696
2020-07-23
pjp
returnval = DNS_TYPE_CAA;
0697
2020-07-23
pjp
break;
0698
2020-07-23
pjp
}
0699
2020-07-23
pjp
0700
2020-07-23
pjp
*error = -1;
0701
2020-07-23
pjp
return 0;
0702
2020-07-23
pjp
0703
2020-07-23
pjp
case DNS_TYPE_RP:
0704
2020-07-23
pjp
if (find_rr(rbt, DNS_TYPE_RP) != NULL) {
0705
2020-07-23
pjp
returnval = DNS_TYPE_RP;
0706
2020-07-23
pjp
break;
0707
2020-07-23
pjp
}
0708
2020-07-23
pjp
0709
2020-07-23
pjp
*error = -1;
0710
2020-07-23
pjp
return 0;
0711
2020-07-23
pjp
0712
2020-07-23
pjp
case DNS_TYPE_HINFO:
0713
2020-07-23
pjp
if (find_rr(rbt, DNS_TYPE_HINFO) != NULL) {
0714
2020-07-23
pjp
returnval = DNS_TYPE_HINFO;
0715
2020-07-23
pjp
break;
0716
2020-07-23
pjp
}
0717
2020-07-23
pjp
0718
2020-07-23
pjp
*error = -1;
0719
2020-07-23
pjp
return 0;
0720
2020-07-23
pjp
0721
2016-07-21
pjp
case DNS_TYPE_SSHFP:
0722
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_SSHFP) != NULL) {
0723
2016-07-21
pjp
returnval = DNS_TYPE_SSHFP;
0724
2016-07-21
pjp
break;
0725
2016-07-21
pjp
}
0726
2016-07-21
pjp
0727
2016-07-21
pjp
*error = -1;
0728
2016-07-21
pjp
return 0;
0729
2016-07-21
pjp
0730
2016-07-21
pjp
case DNS_TYPE_SRV:
0731
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_SRV) != NULL) {
0732
2016-07-21
pjp
returnval = DNS_TYPE_SRV;
0733
2016-07-21
pjp
break;
0734
2016-07-21
pjp
}
0735
2016-07-21
pjp
0736
2016-07-21
pjp
*error = -1;
0737
2016-07-21
pjp
return 0;
0738
2016-07-21
pjp
0739
2016-07-21
pjp
case DNS_TYPE_NAPTR:
0740
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_NAPTR) != NULL) {
0741
2016-07-21
pjp
returnval = DNS_TYPE_NAPTR;
0742
2016-07-21
pjp
break;
0743
2016-07-21
pjp
}
0744
2016-07-21
pjp
0745
2016-07-21
pjp
*error = -1;
0746
2016-07-21
pjp
return 0;
0747
2016-07-21
pjp
case DNS_TYPE_CNAME:
0748
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_CNAME) != NULL) {
0749
2016-07-21
pjp
returnval = DNS_TYPE_CNAME;
0750
2016-07-21
pjp
break;
0751
2016-07-21
pjp
}
0752
2016-07-21
pjp
0753
2016-07-21
pjp
*error = -1;
0754
2016-07-21
pjp
return 0;
0755
2016-07-21
pjp
0756
2016-07-21
pjp
case DNS_TYPE_NS:
0757
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_NS) != NULL) {
0758
2016-07-21
pjp
returnval = DNS_TYPE_NS;
0759
2016-07-21
pjp
break;
0760
2016-07-21
pjp
}
0761
2016-07-21
pjp
0762
2016-07-21
pjp
*error = -1;
0763
2016-07-21
pjp
return 0;
0764
2016-07-21
pjp
case DNS_TYPE_TXT:
0765
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_TXT) != NULL) {
0766
2016-07-21
pjp
returnval = DNS_TYPE_TXT;
0767
2016-07-21
pjp
break;
0768
2016-07-21
pjp
}
0769
2016-07-21
pjp
0770
2016-07-21
pjp
*error = -1;
0771
2016-07-21
pjp
return 0;
0772
2016-07-21
pjp
case DNS_TYPE_RRSIG:
0773
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_RRSIG) != NULL) {
0774
2016-07-21
pjp
returnval = DNS_TYPE_RRSIG;
0775
2016-07-21
pjp
break;
0776
2016-07-21
pjp
}
0777
2016-07-21
pjp
0778
2016-07-21
pjp
*error = -1;
0779
2016-07-21
pjp
return 0;
0780
2016-07-21
pjp
case DNS_TYPE_NSEC3PARAM:
0781
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_NSEC3PARAM) != NULL) {
0782
2016-07-21
pjp
returnval = DNS_TYPE_NSEC3PARAM;
0783
2016-07-21
pjp
break;
0784
2016-07-21
pjp
}
0785
2016-07-21
pjp
0786
2016-07-21
pjp
*error = -1;
0787
2016-07-21
pjp
return 0;
0788
2016-07-21
pjp
case DNS_TYPE_NSEC3:
0789
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_NSEC3) != NULL) {
0790
2016-07-21
pjp
returnval = DNS_TYPE_NSEC3;
0791
2016-07-21
pjp
break;
0792
2016-07-21
pjp
}
0793
2016-07-21
pjp
0794
2016-07-21
pjp
*error = -1;
0795
2016-07-21
pjp
return 0;
0796
2016-07-21
pjp
case DNS_TYPE_NSEC:
0797
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_NSEC) != NULL) {
0798
2016-07-21
pjp
returnval = DNS_TYPE_NSEC;
0799
2016-07-21
pjp
break;
0800
2016-07-21
pjp
}
0801
2016-07-21
pjp
0802
2016-07-21
pjp
*error = -1;
0803
2016-07-21
pjp
return 0;
0804
2016-07-21
pjp
case DNS_TYPE_DS:
0805
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_DS) != NULL) {
0806
2016-07-21
pjp
returnval = DNS_TYPE_DS;
0807
2016-07-21
pjp
break;
0808
2016-07-21
pjp
}
0809
2016-07-21
pjp
0810
2016-07-21
pjp
*error = -1;
0811
2016-07-21
pjp
return 0;
0812
2016-07-21
pjp
case DNS_TYPE_DNSKEY:
0813
2019-02-15
pjp
if (find_rr(rbt, DNS_TYPE_DNSKEY) != NULL) {
0814
2016-07-21
pjp
returnval = DNS_TYPE_DNSKEY;
0815
2016-07-21
pjp
break;
0816
2016-07-21
pjp
}
0817
2016-07-21
pjp
0818
2016-07-21
pjp
*error = -1;
0819
2016-07-21
pjp
return 0;
0820
2016-07-21
pjp
default: /* RR's that we don't support, but have a zone for */
0821
2016-07-21
pjp
0822
2016-07-21
pjp
*error = -1;
0823
2016-07-21
pjp
return 0;
0824
2016-07-06
pjp
break;
0825
2016-07-21
pjp
}
0826
2016-07-21
pjp
0827
2016-07-21
pjp
return (returnval);
0828
2016-07-21
pjp
}
0829
2016-07-21
pjp
0830
2016-07-21
pjp
/*
0831
2016-07-21
pjp
* BUILD_FAKE_QUESTION - fill the fake question structure with the DNS query.
0832
2016-07-21
pjp
*/
0833
2016-07-21
pjp
0834
2016-07-21
pjp
struct question *
0835
2019-02-26
pjp
build_fake_question(char *name, int namelen, u_int16_t type, char *tsigkey, int tsigkeylen)
0836
2016-07-21
pjp
{
0837
2016-07-21
pjp
struct question *q;
0838
2016-07-21
pjp
0839
2016-07-21
pjp
q = (void *)calloc(1, sizeof(struct question));
0840
2016-07-21
pjp
if (q == NULL) {
0841
2016-07-21
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
0842
2016-07-21
pjp
return NULL;
0843
2016-07-21
pjp
}
0844
2016-07-21
pjp
0845
2016-07-21
pjp
q->hdr = (void *)calloc(1, sizeof(struct dns_question_hdr));
0846
2016-07-21
pjp
if (q->hdr == NULL) {
0847
2016-07-21
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
0848
2016-07-21
pjp
free(q);
0849
2016-07-21
pjp
return NULL;
0850
2016-07-21
pjp
}
0851
2016-07-21
pjp
q->hdr->namelen = namelen;
0852
2016-07-21
pjp
q->hdr->name = (void *) calloc(1, q->hdr->namelen);
0853
2016-07-21
pjp
if (q->hdr->name == NULL) {
0854
2016-07-21
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
0855
2016-07-21
pjp
free(q->hdr);
0856
2016-07-21
pjp
free(q);
0857
2016-07-21
pjp
return NULL;
0858
2016-07-21
pjp
}
0859
2020-07-16
pjp
q->hdr->original_name = (void *) calloc(1, q->hdr->namelen);
0860
2020-07-16
pjp
if (q->hdr->original_name == NULL) {
0861
2020-07-16
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
0862
2020-07-16
pjp
free(q->hdr->name);
0863
2020-07-16
pjp
free(q->hdr);
0864
2020-07-16
pjp
free(q);
0865
2020-07-16
pjp
return NULL;
0866
2020-07-16
pjp
}
0867
2016-07-21
pjp
q->converted_name = NULL;
0868
2016-07-21
pjp
0869
2016-07-21
pjp
/* fill our name into the dns header struct */
0870
2016-07-21
pjp
0871
2020-07-16
pjp
memcpy(q->hdr->original_name, name, q->hdr->namelen);
0872
2020-07-16
pjp
memcpy(q->hdr->name, name, q->hdr->namelen);
0873
2020-07-16
pjp
0874
2020-07-16
pjp
if (lower_dnsname(q->hdr->name, q->hdr->namelen) == -1) {
0875
2020-07-16
pjp
free(q->hdr->original_name);
0876
2020-07-16
pjp
free(q->hdr->name);
0877
2020-07-16
pjp
free(q->hdr);
0878
2020-07-16
pjp
free(q);
0879
2020-07-16
pjp
return NULL;
0880
2020-07-16
pjp
}
0881
2020-07-16
pjp
0882
2016-07-21
pjp
0883
2016-07-21
pjp
q->hdr->qtype = type;
0884
2016-07-21
pjp
q->hdr->qclass = htons(DNS_CLASS_IN);
0885
2016-07-21
pjp
0886
2019-02-26
pjp
if (tsig) {
0887
2019-02-26
pjp
char *alg;
0888
2019-02-26
pjp
int alglen;
0889
2019-02-26
pjp
0890
2019-02-26
pjp
if (tsigkeylen > sizeof(q->tsig.tsigkey)) {
0891
2020-07-16
pjp
free(q->hdr->original_name);
0892
2020-07-16
pjp
free(q->hdr->name);
0893
2019-02-26
pjp
free(q->hdr);
0894
2019-02-26
pjp
free(q);
0895
2019-02-26
pjp
return NULL;
0896
2019-02-26
pjp
}
0897
2019-02-26
pjp
0898
2019-02-26
pjp
memcpy(&q->tsig.tsigkey, tsigkey, tsigkeylen);
0899
2019-02-26
pjp
q->tsig.tsigkeylen = tsigkeylen;
0900
2019-02-26
pjp
0901
2019-02-26
pjp
alg = dns_label("hmac-sha256.", &alglen);
0902
2019-02-26
pjp
0903
2019-02-26
pjp
if (alg != NULL) {
0904
2019-02-26
pjp
memcpy (&q->tsig.tsigalg, alg, alglen);
0905
2019-02-26
pjp
q->tsig.tsigalglen = alglen;
0906
2019-02-26
pjp
0907
2019-02-26
pjp
free(alg);
0908
2019-02-26
pjp
0909
2019-02-26
pjp
q->tsig.tsigmaclen = 32;
0910
2019-02-26
pjp
}
0911
2019-02-26
pjp
}
0912
2019-02-26
pjp
0913
2016-07-21
pjp
return (q);
0914
2019-02-26
pjp
0915
2016-08-30
pjp
}
0916
2016-08-30
pjp
0917
2016-08-30
pjp
/*
0918
2016-08-30
pjp
* GET_DNS_TYPE - take integer and compare to table, then spit back a static
0919
2016-08-30
pjp
* string with the result. This function can't fail.
0920
2016-08-30
pjp
*/
0921
2016-08-30
pjp
0922
2016-08-30
pjp
char *
0923
2016-08-30
pjp
get_dns_type(int dnstype, int withbracket)
0924
2016-08-30
pjp
{
0925
2016-08-30
pjp
static char type[128];
0926
2016-08-30
pjp
struct typetable *t;
0927
2016-08-30
pjp
0928
2016-08-30
pjp
t = TT;
0929
2016-08-30
pjp
0930
2016-08-30
pjp
while (t->type != NULL) {
0931
2016-08-30
pjp
if (dnstype == t->number)
0932
2016-08-30
pjp
break;
0933
2016-08-30
pjp
0934
2016-08-30
pjp
t = (t + 1);
0935
2016-08-30
pjp
}
0936
2016-08-30
pjp
0937
2016-08-30
pjp
if (t->type == NULL) {
0938
2016-08-30
pjp
snprintf(type, sizeof(type) - 1, "%u", dnstype);
0939
2016-08-30
pjp
} else {
0940
2016-08-30
pjp
if (withbracket)
0941
2016-08-30
pjp
snprintf(type, sizeof(type) - 1, "%s(%u)", t->type, dnstype);
0942
2016-08-30
pjp
else
0943
2016-08-30
pjp
snprintf(type, sizeof(type) - 1, "%s", t->type);
0944
2016-08-30
pjp
}
0945
2016-08-30
pjp
0946
2016-08-30
pjp
return (type);
0947
2016-08-30
pjp
}
0948
2016-08-30
pjp
0949
2017-01-11
pjp
/*
0950
2017-01-11
pjp
* MEMCASECMP - check if buffer is identical to another buffer with
0951
2017-01-11
pjp
* one exception if a character is alphabetic it's
0952
2017-01-11
pjp
* compared to it's lower case value so that heLLo is
0953
2017-01-11
pjp
* the same as hello
0954
2017-01-11
pjp
*/
0955
2017-01-11
pjp
0956
2017-01-11
pjp
int
0957
2017-01-11
pjp
memcasecmp(u_char *b1, u_char *b2, int len)
0958
2017-01-11
pjp
{
0959
2017-01-11
pjp
int i;
0960
2017-01-11
pjp
int identical = 1;
0961
2017-01-11
pjp
0962
2017-01-11
pjp
for (i = 0; i < len; i++) {
0963
2017-01-11
pjp
int c0, c1;
0964
2017-01-11
pjp
0965
2017-01-11
pjp
c0 = b1[i];
0966
2017-01-11
pjp
c1 = b2[i];
0967
2017-01-11
pjp
0968
2017-01-11
pjp
if ((isalpha(c0) ? tolower(c0) : c0) !=
0969
2017-01-11
pjp
(isalpha(c1) ? tolower(c1) : c1)) {
0970
2017-01-11
pjp
identical = 0;
0971
2017-01-11
pjp
break;
0972
2017-01-11
pjp
}
0973
2017-01-11
pjp
}
0974
2017-01-11
pjp
0975
2017-01-11
pjp
if (identical)
0976
2017-01-11
pjp
return 0;
0977
2017-01-11
pjp
0978
2017-01-11
pjp
return 1; /* XXX */
0979
2019-02-07
pjp
}
0980
2019-02-07
pjp
0981
2019-02-07
pjp
/*
0982
2019-02-07
pjp
* BUILD_QUESTION - fill the question structure with the DNS query.
0983
2019-02-07
pjp
*/
0984
2019-02-07
pjp
0985
2019-02-07
pjp
struct question *
0986
2019-02-26
pjp
build_question(char *buf, int len, int additional, char *mac)
0987
2019-02-07
pjp
{
0988
2019-02-24
pjp
char pseudo_packet[4096]; /* for tsig */
0989
2019-02-24
pjp
u_int rollback, i;
0990
2019-12-03
pjp
u_int16_t qtype, qclass;
0991
2019-02-07
pjp
u_int32_t ttl;
0992
2019-02-28
pjp
u_int64_t timefudge;
0993
2020-07-16
pjp
int elen = 0;
0994
2019-02-07
pjp
0995
2020-07-16
pjp
char *end_name = NULL;
0996
2020-07-16
pjp
char *pb = NULL;
0997
2019-12-03
pjp
char *o;
0998
2020-07-16
pjp
char expand[DNS_MAXNAME + 1];
0999
2019-02-07
pjp
1000
2019-02-24
pjp
struct dns_tsigrr *tsigrr = NULL;
1001
2019-02-07
pjp
struct dns_optrr *opt = NULL;
1002
2019-02-07
pjp
struct question *q = NULL;
1003
2019-02-07
pjp
struct dns_header *hdr = (struct dns_header *)buf;
1004
2019-02-07
pjp
1005
2019-02-07
pjp
/* find the end of name */
1006
2020-07-16
pjp
elen = 0;
1007
2020-07-16
pjp
memset(&expand, 0, sizeof(expand));
1008
2020-07-16
pjp
end_name = expand_compression((u_char *)&buf[sizeof(struct dns_header)], (u_char *)buf, (u_char *)&buf[len], (u_char *)&expand, &elen, sizeof(expand));
1009
2019-02-07
pjp
if (end_name == NULL) {
1010
2020-07-16
pjp
dolog(LOG_ERR, "expand_compression() failed, bad formatted question name\n");
1011
2019-02-07
pjp
return NULL;
1012
2019-02-07
pjp
}
1013
2019-02-07
pjp
1014
2020-07-16
pjp
if ((end_name - buf) < elen) {
1015
2020-07-16
pjp
dolog(LOG_ERR, "compression in question #1\n");
1016
2019-02-07
pjp
return NULL;
1017
2019-02-07
pjp
}
1018
2019-02-07
pjp
1019
2020-07-16
pjp
i = (end_name - &buf[0]);
1020
2019-02-07
pjp
1021
2019-02-07
pjp
1022
2019-02-07
pjp
/* check if there is space for qtype and qclass */
1023
2019-02-07
pjp
if (len < ((end_name - &buf[0]) + (2 * sizeof(u_int16_t)))) {
1024
2019-02-07
pjp
dolog(LOG_INFO, "question rr is truncated\n");
1025
2019-02-07
pjp
return NULL;
1026
2019-02-07
pjp
}
1027
2020-07-19
pjp
/* check the class type so that $IP is erroring earlier */
1028
2020-07-19
pjp
1029
2020-07-19
pjp
o = (end_name + sizeof(uint16_t));
1030
2020-07-19
pjp
qclass = ntohs(unpack16(o));
1031
2020-07-19
pjp
1032
2020-07-19
pjp
switch (qclass) {
1033
2020-07-19
pjp
case DNS_CLASS_ANY:
1034
2020-07-19
pjp
case DNS_CLASS_NONE:
1035
2020-07-19
pjp
case DNS_CLASS_HS:
1036
2020-07-19
pjp
case DNS_CLASS_CH:
1037
2020-07-19
pjp
case DNS_CLASS_IN:
1038
2020-07-19
pjp
break;
1039
2020-07-19
pjp
default:
1040
2020-07-19
pjp
dolog(LOG_INFO, "unsupported class %d\n", qclass);
1041
2020-07-19
pjp
return NULL;
1042
2020-07-19
pjp
break;
1043
2020-07-19
pjp
}
1044
2019-02-07
pjp
1045
2019-02-07
pjp
q = (void *)calloc(1, sizeof(struct question));
1046
2019-02-07
pjp
if (q == NULL) {
1047
2019-02-07
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
1048
2019-02-07
pjp
return NULL;
1049
2019-02-07
pjp
}
1050
2019-02-07
pjp
q->hdr = (void *)calloc(1, sizeof(struct dns_question_hdr));
1051
2019-02-07
pjp
if (q->hdr == NULL) {
1052
2019-02-07
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
1053
2019-02-07
pjp
free(q);
1054
2019-02-07
pjp
return NULL;
1055
2019-02-07
pjp
}
1056
2020-07-16
pjp
q->hdr->namelen = (end_name - &buf[sizeof(struct dns_header)]);
1057
2019-02-07
pjp
q->hdr->name = (void *) calloc(1, q->hdr->namelen);
1058
2019-02-07
pjp
if (q->hdr->name == NULL) {
1059
2019-02-07
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
1060
2019-02-07
pjp
free(q->hdr);
1061
2019-02-07
pjp
free(q);
1062
2019-02-07
pjp
return NULL;
1063
2019-02-07
pjp
}
1064
2020-07-16
pjp
q->hdr->original_name = (void *)calloc(1, q->hdr->namelen);
1065
2020-07-16
pjp
if (q->hdr->original_name == NULL) {
1066
2020-07-16
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
1067
2019-02-07
pjp
free(q->hdr->name);
1068
2019-02-07
pjp
free(q->hdr);
1069
2019-02-07
pjp
free(q);
1070
2019-02-07
pjp
return NULL;
1071
2019-02-07
pjp
}
1072
2020-07-16
pjp
1073
2020-07-16
pjp
/* XXX the below line can fail */
1074
2020-07-16
pjp
(void)lower_dnsname(expand, elen);
1075
2020-07-16
pjp
1076
2020-07-16
pjp
if ((q->converted_name = convert_name(expand, elen)) == NULL) {
1077
2020-07-16
pjp
dolog(LOG_INFO, "error in convert_name()\n");
1078
2020-07-16
pjp
free(q->hdr->name);
1079
2020-07-16
pjp
free(q->hdr->original_name);
1080
2020-07-16
pjp
free(q->hdr);
1081
2020-07-16
pjp
free(q);
1082
2020-07-16
pjp
return NULL;
1083
2019-02-27
pjp
}
1084
2019-02-07
pjp
1085
2020-07-16
pjp
i += (2 * sizeof(u_int16_t)); /* type,class*/
1086
2019-02-07
pjp
1087
2019-02-27
pjp
/* in IXFR an additional SOA entry is tacked on, we want to skip this */
1088
2019-02-27
pjp
do {
1089
2019-12-03
pjp
u_int16_t val16;
1090
2019-12-03
pjp
u_int32_t val32;
1091
2019-02-07
pjp
1092
2019-02-27
pjp
rollback = i;
1093
2019-02-07
pjp
1094
2019-02-27
pjp
elen = 0;
1095
2019-02-27
pjp
memset(&expand, 0, sizeof(expand));
1096
2019-02-27
pjp
pb = expand_compression((u_char *)&buf[i], (u_char *)buf, (u_char *)&buf[len], (u_char *)&expand, &elen, sizeof(expand));
1097
2019-02-27
pjp
if (pb == NULL) {
1098
2019-02-27
pjp
i = rollback;
1099
2019-02-27
pjp
break;
1100
2019-02-27
pjp
}
1101
2019-02-27
pjp
i = (pb - buf);
1102
2019-02-07
pjp
1103
2019-02-27
pjp
if (i + 10 > len) { /* type + class + ttl + rdlen == 10 */
1104
2019-02-27
pjp
i = rollback;
1105
2019-02-27
pjp
break;
1106
2019-02-27
pjp
}
1107
2019-02-07
pjp
1108
2019-02-27
pjp
/* type */
1109
2019-12-03
pjp
o = &buf[i];
1110
2019-12-03
pjp
val16 = unpack16(o);
1111
2019-12-03
pjp
if (ntohs(val16) != DNS_TYPE_SOA) {
1112
2019-02-27
pjp
i = rollback;
1113
2019-02-27
pjp
break;
1114
2019-02-07
pjp
}
1115
2019-02-27
pjp
i += 2;
1116
2019-12-03
pjp
o += 2;
1117
2019-02-27
pjp
/* class */
1118
2019-12-03
pjp
val16 = unpack16(o);
1119
2019-12-03
pjp
if (ntohs(val16) != DNS_CLASS_IN) {
1120
2019-02-27
pjp
i = rollback;
1121
2019-02-27
pjp
break;
1122
2019-02-27
pjp
}
1123
2019-02-27
pjp
i += 2;
1124
2019-12-03
pjp
o += 2;
1125
2019-02-27
pjp
/* ttl */
1126
2019-12-03
pjp
val32 = unpack32(o);
1127
2019-02-27
pjp
i += 4;
1128
2019-12-03
pjp
o += 4;
1129
2019-12-03
pjp
val16 = unpack16(o);
1130
2019-02-27
pjp
i += 2;
1131
2019-02-07
pjp
1132
2019-12-03
pjp
if (i + ntohs(val16) > len) { /* rdlen of SOA */
1133
2019-02-27
pjp
i = rollback;
1134
2019-02-27
pjp
break;
1135
2019-02-27
pjp
}
1136
2019-02-07
pjp
1137
2019-12-03
pjp
i += ntohs(val16);
1138
2019-12-03
pjp
o += ntohs(val16);
1139
2019-02-27
pjp
} while (0);
1140
2019-02-07
pjp
1141
2019-02-07
pjp
/* check for edns0 opt rr */
1142
2019-02-07
pjp
do {
1143
2019-02-07
pjp
/* if we don't have an additional section, break */
1144
2019-02-24
pjp
if (additional < 1)
1145
2019-02-07
pjp
break;
1146
2019-02-07
pjp
1147
2019-02-24
pjp
rollback = i;
1148
2019-02-07
pjp
1149
2019-02-07
pjp
/* check that the minimum optrr fits */
1150
2019-02-07
pjp
/* 10 */
1151
2019-02-24
pjp
if (i + sizeof(struct dns_optrr) > len) {
1152
2019-02-24
pjp
i = rollback;
1153
2019-02-07
pjp
break;
1154
2019-02-24
pjp
}
1155
2019-02-07
pjp
1156
2019-02-07
pjp
opt = (struct dns_optrr *)&buf[i];
1157
2019-02-24
pjp
if (opt->name[0] != 0) {
1158
2019-02-24
pjp
i = rollback;
1159
2019-02-07
pjp
break;
1160
2019-02-24
pjp
}
1161
2019-02-07
pjp
1162
2019-02-24
pjp
if (ntohs(opt->type) != DNS_TYPE_OPT) {
1163
2019-02-24
pjp
i = rollback;
1164
2019-02-07
pjp
break;
1165
2019-02-24
pjp
}
1166
2019-02-07
pjp
1167
2019-02-07
pjp
/* RFC 3225 */
1168
2019-02-07
pjp
ttl = ntohl(opt->ttl);
1169
2019-02-07
pjp
if (((ttl >> 16) & 0xff) != 0)
1170
2019-02-07
pjp
q->ednsversion = (ttl >> 16) & 0xff;
1171
2019-02-07
pjp
1172
2019-02-07
pjp
q->edns0len = ntohs(opt->class);
1173
2019-02-07
pjp
if (q->edns0len < 512)
1174
2019-02-07
pjp
q->edns0len = 512; /* RFC 6891 - page 10 */
1175
2019-02-07
pjp
1176
2019-02-07
pjp
if (ttl & DNSSEC_OK)
1177
2019-02-07
pjp
q->dnssecok = 1;
1178
2019-02-24
pjp
1179
2019-02-24
pjp
i += 11 + ntohs(opt->rdlen);
1180
2019-02-24
pjp
additional--;
1181
2019-02-07
pjp
} while (0);
1182
2019-02-24
pjp
/* check for TSIG rr */
1183
2019-02-24
pjp
do {
1184
2019-12-03
pjp
u_int16_t val16, tsigerror, tsigotherlen;
1185
2019-02-24
pjp
u_int16_t fudge;
1186
2019-12-03
pjp
u_int32_t val32;
1187
2019-02-24
pjp
int elen, tsignamelen;
1188
2019-02-24
pjp
char *pb;
1189
2019-02-24
pjp
char expand[DNS_MAXNAME + 1];
1190
2019-02-24
pjp
char tsigkey[512];
1191
2019-02-24
pjp
u_char sha256[32];
1192
2019-02-24
pjp
u_int shasize = sizeof(sha256);
1193
2019-02-24
pjp
time_t now, tsigtime;
1194
2019-02-24
pjp
int pseudolen1, pseudolen2, ppoffset = 0;
1195
2019-02-24
pjp
int pseudolen3 , pseudolen4;
1196
2019-02-07
pjp
1197
2019-02-24
pjp
q->tsig.have_tsig = 0;
1198
2019-02-24
pjp
q->tsig.tsigerrorcode = 1;
1199
2019-02-24
pjp
1200
2019-02-24
pjp
/* if we don't have an additional section, break */
1201
2019-02-24
pjp
if (additional < 1) {
1202
2019-02-24
pjp
break;
1203
2019-02-24
pjp
}
1204
2019-02-24
pjp
1205
2019-02-24
pjp
memset(q->tsig.tsigkey, 0, sizeof(q->tsig.tsigkey));
1206
2019-02-24
pjp
memset(q->tsig.tsigalg, 0, sizeof(q->tsig.tsigalg));
1207
2019-02-24
pjp
memset(q->tsig.tsigmac, 0, sizeof(q->tsig.tsigmac));
1208
2019-02-24
pjp
q->tsig.tsigkeylen = q->tsig.tsigalglen = q->tsig.tsigmaclen = 0;
1209
2019-02-24
pjp
1210
2019-02-24
pjp
/* the key name is parsed here */
1211
2019-02-24
pjp
rollback = i;
1212
2019-02-24
pjp
elen = 0;
1213
2019-02-24
pjp
memset(&expand, 0, sizeof(expand));
1214
2019-02-24
pjp
pb = expand_compression((u_char *)&buf[i], (u_char *)buf, (u_char *)&buf[len], (u_char *)&expand, &elen, sizeof(expand));
1215
2019-02-24
pjp
if (pb == NULL) {
1216
2019-02-24
pjp
free_question(q);
1217
2020-07-19
pjp
dolog(LOG_INFO, "expand_compression() failed, tsig keyname\n");
1218
2019-02-24
pjp
return NULL;
1219
2019-02-24
pjp
}
1220
2019-02-24
pjp
i = (pb - buf);
1221
2019-02-24
pjp
pseudolen1 = i;
1222
2019-02-24
pjp
1223
2019-02-24
pjp
memcpy(q->tsig.tsigkey, expand, elen);
1224
2019-02-24
pjp
q->tsig.tsigkeylen = elen;
1225
2019-02-24
pjp
1226
2019-02-24
pjp
1227
2019-02-24
pjp
if (i + 10 > len) { /* type + class + ttl + rdlen == 10 */
1228
2019-02-24
pjp
i = rollback;
1229
2019-02-24
pjp
break;
1230
2019-02-24
pjp
}
1231
2019-02-24
pjp
1232
2019-02-24
pjp
/* type */
1233
2019-12-03
pjp
o = &buf[i];
1234
2019-12-03
pjp
val16 = unpack16(o);
1235
2019-12-03
pjp
if (ntohs(val16) != DNS_TYPE_TSIG) {
1236
2019-02-24
pjp
i = rollback;
1237
2019-02-24
pjp
break;
1238
2019-02-24
pjp
}
1239
2019-02-24
pjp
i += 2;
1240
2019-12-03
pjp
o += 2;
1241
2019-02-24
pjp
pseudolen2 = i;
1242
2019-02-24
pjp
1243
2019-02-24
pjp
q->tsig.have_tsig = 1;
1244
2019-02-24
pjp
1245
2019-02-24
pjp
/* we don't have any tsig keys configured, no auth done */
1246
2019-02-24
pjp
if (tsig == 0) {
1247
2019-02-24
pjp
i = rollback;
1248
2019-11-05
pjp
#if 0
1249
2019-11-03
pjp
dolog(LOG_INFO, "build_question(): received a TSIG request, but tsig is not turned on for this IP range, this could result in a '1' error reply\n");
1250
2019-11-05
pjp
#endif
1251
2019-02-24
pjp
break;
1252
2019-02-24
pjp
}
1253
2019-02-24
pjp
1254
2019-02-24
pjp
q->tsig.tsigerrorcode = DNS_BADKEY;
1255
2019-02-24
pjp
1256
2019-02-24
pjp
/* class */
1257
2019-12-03
pjp
val16 = unpack16(o);
1258
2019-12-03
pjp
if (ntohs(val16) != DNS_CLASS_ANY) {
1259
2019-02-24
pjp
i = rollback;
1260
2019-02-24
pjp
break;
1261
2019-02-24
pjp
}
1262
2019-02-24
pjp
i += 2;
1263
2019-12-03
pjp
o += 2;
1264
2019-02-24
pjp
1265
2019-02-24
pjp
/* ttl */
1266
2019-12-03
pjp
val32 = unpack32(o);
1267
2019-12-03
pjp
if (ntohl(val32) != 0) {
1268
2019-02-24
pjp
i = rollback;
1269
2019-02-24
pjp
break;
1270
2019-02-24
pjp
}
1271
2019-02-24
pjp
i += 4;
1272
2019-12-03
pjp
o += 4;
1273
2019-02-24
pjp
1274
2019-02-24
pjp
/* rdlen */
1275
2019-12-03
pjp
val16 = unpack16(o);
1276
2019-12-03
pjp
if (ntohs(val16) != (len - (i + 2))) {
1277
2019-02-24
pjp
i = rollback;
1278
2019-02-24
pjp
break;
1279
2019-02-24
pjp
}
1280
2019-02-24
pjp
i += 2;
1281
2019-12-03
pjp
o += 2;
1282
2019-02-24
pjp
pseudolen3 = i;
1283
2019-02-24
pjp
1284
2019-02-24
pjp
/* the algorithm name is parsed here */
1285
2019-02-24
pjp
elen = 0;
1286
2019-02-24
pjp
memset(&expand, 0, sizeof(expand));
1287
2019-02-24
pjp
pb = expand_compression((u_char *)&buf[i], (u_char *)buf, (u_char *)&buf[len], (u_char *)&expand, &elen, sizeof(expand));
1288
2019-02-24
pjp
if (pb == NULL) {
1289
2019-02-24
pjp
free_question(q);
1290
2020-07-19
pjp
dolog(LOG_INFO, "expand_compression() failed, tsig algorithm name\n");
1291
2019-02-24
pjp
return NULL;
1292
2019-02-24
pjp
}
1293
2019-02-24
pjp
i = (pb - buf);
1294
2019-02-24
pjp
pseudolen4 = i;
1295
2019-02-24
pjp
1296
2019-02-24
pjp
memcpy(q->tsig.tsigalg, expand, elen);
1297
2019-02-24
pjp
q->tsig.tsigalglen = elen;
1298
2019-02-24
pjp
1299
2019-02-24
pjp
/* now check for MAC type, since it's given once again */
1300
2019-02-24
pjp
if (elen == 11) {
1301
2019-02-24
pjp
if (expand[0] != 9 ||
1302
2019-02-24
pjp
memcasecmp(&expand[1], "hmac-sha1", 9) != 0) {
1303
2019-02-24
pjp
break;
1304
2019-02-24
pjp
}
1305
2019-02-24
pjp
} else if (elen == 13) {
1306
2019-02-24
pjp
if (expand[0] != 11 ||
1307
2019-02-24
pjp
memcasecmp(&expand[1], "hmac-sha256", 11) != 0) {
1308
2019-02-24
pjp
break;
1309
2019-02-24
pjp
}
1310
2019-02-24
pjp
} else if (elen == 26) {
1311
2019-02-24
pjp
if (expand[0] != 8 ||
1312
2019-02-24
pjp
memcasecmp(&expand[1], "hmac-md5", 8) != 0) {
1313
2019-02-24
pjp
break;
1314
2019-02-24
pjp
}
1315
2019-02-24
pjp
} else {
1316
2019-02-24
pjp
break;
1317
2019-02-24
pjp
}
1318
2019-02-24
pjp
1319
2019-02-24
pjp
/*
1320
2019-02-24
pjp
* this is a delayed (moved down) check of the key, we don't
1321
2019-02-24
pjp
* know if this is a TSIG packet until we've chekced the TSIG
1322
2019-02-24
pjp
* type, that's why it's delayed...
1323
2019-02-24
pjp
*/
1324
2019-02-24
pjp
1325
2019-02-24
pjp
if ((tsignamelen = find_tsig_key(q->tsig.tsigkey, q->tsig.tsigkeylen, (char *)&tsigkey, sizeof(tsigkey))) < 0) {
1326
2019-02-24
pjp
/* we don't have the name configured, let it pass */
1327
2019-02-24
pjp
i = rollback;
1328
2019-02-24
pjp
break;
1329
2019-02-24
pjp
}
1330
2019-02-07
pjp
1331
2019-02-24
pjp
if (i + sizeof(struct dns_tsigrr) > len) {
1332
2019-02-24
pjp
i = rollback;
1333
2019-02-24
pjp
break;
1334
2019-02-24
pjp
}
1335
2019-02-24
pjp
1336
2019-02-24
pjp
tsigrr = (struct dns_tsigrr *)&buf[i];
1337
2019-02-28
pjp
/* XXX */
1338
2019-06-12
pjp
#ifndef __OpenBSD__
1339
2019-04-25
pjp
timefudge = be64toh(tsigrr->timefudge);
1340
2019-04-25
pjp
#else
1341
2019-02-28
pjp
timefudge = betoh64(tsigrr->timefudge);
1342
2019-04-25
pjp
#endif
1343
2019-02-28
pjp
fudge = (u_int16_t)(timefudge & 0xffff);
1344
2019-02-28
pjp
tsigtime = (u_int64_t)(timefudge >> 16);
1345
2019-02-24
pjp
1346
2019-02-24
pjp
q->tsig.tsig_timefudge = tsigrr->timefudge;
1347
2019-02-24
pjp
1348
2019-02-24
pjp
i += (8 + 2); /* timefudge + macsize */
1349
2019-02-24
pjp
1350
2019-02-24
pjp
if (ntohs(tsigrr->macsize) != 32) {
1351
2019-02-24
pjp
q->tsig.tsigerrorcode = DNS_BADSIG;
1352
2019-02-24
pjp
break;
1353
2019-02-24
pjp
}
1354
2019-02-24
pjp
1355
2019-02-24
pjp
i += ntohs(tsigrr->macsize);
1356
2019-02-07
pjp
1357
2019-02-07
pjp
1358
2019-02-24
pjp
/* now get the MAC from packet with length rollback */
1359
2019-02-24
pjp
NTOHS(hdr->additional);
1360
2019-02-24
pjp
hdr->additional--;
1361
2019-02-24
pjp
HTONS(hdr->additional);
1362
2019-02-07
pjp
1363
2019-02-24
pjp
/* origid */
1364
2019-12-03
pjp
o = &buf[i];
1365
2019-12-03
pjp
val16 = unpack16(o);
1366
2019-02-24
pjp
i += 2;
1367
2019-12-03
pjp
o += 2;
1368
2019-12-03
pjp
if (hdr->id != val16)
1369
2019-12-03
pjp
hdr->id = val16;
1370
2019-12-03
pjp
q->tsig.tsigorigid = val16;
1371
2019-02-24
pjp
1372
2019-02-24
pjp
/* error */
1373
2019-12-03
pjp
tsigerror = unpack16(o);
1374
2019-02-24
pjp
i += 2;
1375
2019-12-03
pjp
o += 2;
1376
2019-02-24
pjp
1377
2019-02-24
pjp
/* other len */
1378
2019-12-03
pjp
tsigotherlen = unpack16(o);
1379
2019-02-24
pjp
i += 2;
1380
2019-12-03
pjp
o += 2;
1381
2019-02-24
pjp
1382
2019-02-26
pjp
ppoffset = 0;
1383
2019-02-26
pjp
1384
2019-02-26
pjp
/* check if we have a request mac, this means it's an answer */
1385
2019-02-26
pjp
if (mac) {
1386
2019-12-03
pjp
o = &pseudo_packet[ppoffset];
1387
2019-12-03
pjp
pack16(o, htons(32));
1388
2019-02-26
pjp
ppoffset += 2;
1389
2019-02-26
pjp
1390
2019-02-26
pjp
memcpy(&pseudo_packet[ppoffset], mac, 32);
1391
2019-02-26
pjp
ppoffset += 32;
1392
2019-02-26
pjp
}
1393
2019-02-26
pjp
1394
2019-02-26
pjp
memcpy(&pseudo_packet[ppoffset], buf, pseudolen1);
1395
2019-02-26
pjp
ppoffset += pseudolen1;
1396
2019-02-24
pjp
memcpy((char *)&pseudo_packet[ppoffset], &buf[pseudolen2], 6);
1397
2019-02-24
pjp
ppoffset += 6;
1398
2019-02-24
pjp
1399
2019-02-24
pjp
memcpy((char *)&pseudo_packet[ppoffset], &buf[pseudolen3], pseudolen4 - pseudolen3);
1400
2019-02-24
pjp
ppoffset += (pseudolen4 - pseudolen3);
1401
2019-02-24
pjp
1402
2019-02-24
pjp
memcpy((char *)&pseudo_packet[ppoffset], (char *)&tsigrr->timefudge, 8);
1403
2019-02-24
pjp
ppoffset += 8;
1404
2019-02-24
pjp
1405
2019-12-03
pjp
o = &pseudo_packet[ppoffset];
1406
2019-12-03
pjp
pack16(o, tsigerror);
1407
2019-02-24
pjp
ppoffset += 2;
1408
2019-12-03
pjp
o += 2;
1409
2019-02-24
pjp
1410
2019-12-03
pjp
o = &pseudo_packet[ppoffset];
1411
2019-12-03
pjp
pack16(o, tsigotherlen);
1412
2019-02-24
pjp
ppoffset += 2;
1413
2019-12-03
pjp
o += 2;
1414
2019-02-24
pjp
1415
2019-02-24
pjp
memcpy(&pseudo_packet[ppoffset], &buf[i], len - i);
1416
2019-02-24
pjp
ppoffset += (len - i);
1417
2019-02-24
pjp
1418
2019-03-01
pjp
/* check for BADTIME before the HMAC memcmp as per RFC 2845 */
1419
2019-03-01
pjp
now = time(NULL);
1420
2019-03-01
pjp
/* outside our fudge window */
1421
2019-03-01
pjp
if (tsigtime < (now - fudge) || tsigtime > (now + fudge)) {
1422
2019-03-01
pjp
q->tsig.tsigerrorcode = DNS_BADTIME;
1423
2019-03-01
pjp
break;
1424
2019-03-01
pjp
}
1425
2019-02-26
pjp
1426
2019-02-24
pjp
HMAC(EVP_sha256(), tsigkey, tsignamelen, (unsigned char *)pseudo_packet,
1427
2019-02-24
pjp
ppoffset, (unsigned char *)&sha256, &shasize);
1428
2019-02-24
pjp
1429
2019-02-24
pjp
1430
2019-02-24
pjp
1431
2019-02-26
pjp
#if __OpenBSD__
1432
2019-02-26
pjp
if (timingsafe_memcmp(sha256, tsigrr->mac, sizeof(sha256)) != 0) {
1433
2019-02-26
pjp
#else
1434
2019-02-24
pjp
if (memcmp(sha256, tsigrr->mac, sizeof(sha256)) != 0) {
1435
2019-02-26
pjp
#endif
1436
2019-02-24
pjp
#if DEBUG
1437
2019-02-24
pjp
dolog(LOG_INFO, "HMAC did not verify\n");
1438
2019-02-24
pjp
#endif
1439
2019-02-24
pjp
q->tsig.tsigerrorcode = DNS_BADSIG;
1440
2019-02-24
pjp
break;
1441
2019-02-24
pjp
}
1442
2019-02-24
pjp
1443
2019-02-24
pjp
/* copy the mac for error coding */
1444
2019-02-24
pjp
memcpy(q->tsig.tsigmac, tsigrr->mac, sizeof(q->tsig.tsigmac));
1445
2019-02-24
pjp
q->tsig.tsigmaclen = 32;
1446
2019-02-24
pjp
1447
2019-02-24
pjp
/* we're now authenticated */
1448
2019-02-24
pjp
q->tsig.tsigerrorcode = 0;
1449
2019-02-24
pjp
q->tsig.tsigverified = 1;
1450
2019-02-24
pjp
1451
2019-02-24
pjp
} while (0);
1452
2019-02-24
pjp
1453
2019-02-24
pjp
/* fill our name into the dns header struct */
1454
2019-02-24
pjp
1455
2019-02-24
pjp
memcpy(q->hdr->name, &buf[sizeof(struct dns_header)], q->hdr->namelen);
1456
2020-07-16
pjp
memcpy(q->hdr->original_name, &buf[sizeof(struct dns_header)], q->hdr->namelen);
1457
2019-02-24
pjp
1458
2020-07-16
pjp
/* make hdr->name lower case */
1459
2019-02-24
pjp
1460
2020-07-16
pjp
if (lower_dnsname(q->hdr->name, q->hdr->namelen) == -1) {
1461
2020-07-16
pjp
dolog(LOG_INFO, "lower_dnsname failed\n");
1462
2020-07-16
pjp
free(q->hdr->name);
1463
2020-07-16
pjp
free(q->hdr->original_name);
1464
2020-07-16
pjp
free(q->hdr);
1465
2020-07-16
pjp
free(q);
1466
2020-07-16
pjp
return NULL;
1467
2019-02-07
pjp
}
1468
2019-02-07
pjp
1469
2019-02-07
pjp
/* parse type and class from the question */
1470
2019-02-07
pjp
1471
2020-07-16
pjp
o = (end_name);
1472
2019-12-03
pjp
qtype = unpack16(o);
1473
2020-07-16
pjp
o = (end_name + sizeof(uint16_t));
1474
2019-12-03
pjp
qclass = unpack16(o);
1475
2019-02-07
pjp
1476
2019-12-03
pjp
memcpy((char *)&q->hdr->qtype, (char *)&qtype, sizeof(u_int16_t));
1477
2019-12-03
pjp
memcpy((char *)&q->hdr->qclass, (char *)&qclass, sizeof(u_int16_t));
1478
2019-02-07
pjp
1479
2019-02-07
pjp
/* make note of whether recursion is desired */
1480
2019-02-07
pjp
q->rd = ((ntohs(hdr->query) & DNS_RECURSE) == DNS_RECURSE);
1481
2019-02-07
pjp
1482
2019-10-25
pjp
/* are we a notify packet? */
1483
2019-12-03
pjp
if ((ntohs(qtype) == DNS_TYPE_SOA) && (ntohs(qclass) == DNS_CLASS_IN))
1484
2019-10-25
pjp
q->notify = ((ntohs(hdr->query) & (DNS_NOTIFY | DNS_AUTH)) \
1485
2019-10-25
pjp
== (DNS_NOTIFY | DNS_AUTH));
1486
2019-10-25
pjp
else
1487
2019-10-25
pjp
q->notify = 0;
1488
2019-10-25
pjp
1489
2019-02-07
pjp
return (q);
1490
2019-02-07
pjp
}
1491
2019-02-07
pjp
1492
2019-02-07
pjp
/*
1493
2019-02-07
pjp
* FREE_QUESTION - free a question struct
1494
2019-02-07
pjp
*
1495
2019-02-07
pjp
*/
1496
2019-02-07
pjp
1497
2019-02-07
pjp
int
1498
2019-02-07
pjp
free_question(struct question *q)
1499
2019-02-07
pjp
{
1500
2019-02-07
pjp
free(q->hdr->name);
1501
2020-07-16
pjp
free(q->hdr->original_name);
1502
2019-02-07
pjp
free(q->hdr);
1503
2019-02-07
pjp
free(q->converted_name);
1504
2019-02-07
pjp
free(q);
1505
2019-02-07
pjp
1506
2019-02-07
pjp
return 0;
1507
2019-02-07
pjp
}
1508
2019-02-07
pjp
1509
2019-02-07
pjp
/* probably Copyright 2012 Kenneth R Westerback <krw@openbsd.org> */
1510
2019-02-07
pjp
1511
2019-02-07
pjp
static int
1512
2019-02-07
pjp
kw_cmp(const void *k, const void *e)
1513
2019-02-07
pjp
{
1514
2019-02-07
pjp
return (strcasecmp(k, ((const struct rrtab *)e)->name));
1515
2019-02-07
pjp
}
1516
2019-02-07
pjp
1517
2019-02-07
pjp
1518
2019-02-07
pjp
struct rrtab *
1519
2019-02-07
pjp
rrlookup(char *keyword)
1520
2019-02-07
pjp
{
1521
2019-02-07
pjp
static struct rrtab *p;
1522
2019-02-07
pjp
1523
2020-04-27
pjp
/* safety */
1524
2020-04-27
pjp
if (keyword == NULL)
1525
2020-04-27
pjp
return NULL;
1526
2020-04-27
pjp
1527
2019-02-07
pjp
p = bsearch(keyword, myrrtab, sizeof(myrrtab)/sizeof(myrrtab[0]),
1528
2019-02-07
pjp
sizeof(myrrtab[0]), kw_cmp);
1529
2019-02-07
pjp
1530
2019-02-07
pjp
return (p);
1531
2019-02-07
pjp
}
1532
2019-02-24
pjp
1533
2019-02-24
pjp
/*
1534
2019-02-24
pjp
* parse a domain name through a compression scheme and stay inside the bounds
1535
2019-02-24
pjp
* returns NULL on error and pointer to the next object;
1536
2019-02-24
pjp
*/
1537
2019-02-24
pjp
1538
2019-02-24
pjp
char *
1539
2019-02-24
pjp
expand_compression(u_char *p, u_char *estart, u_char *end, u_char *expand, int *elen, int max)
1540
2019-02-24
pjp
{
1541
2019-02-24
pjp
u_short tlen;
1542
2019-02-24
pjp
u_char *save = NULL;
1543
2019-12-03
pjp
u_int16_t offset;
1544
2019-02-24
pjp
1545
2019-02-24
pjp
/* expand name */
1546
2019-02-24
pjp
while ((u_char)*p && p <= end) {
1547
2019-02-24
pjp
/* test for compression */
1548
2019-02-24
pjp
if ((*p & 0xc0) == 0xc0) {
1549
2019-02-24
pjp
/* do not allow recursive compress pointers */
1550
2019-02-24
pjp
if (! save) {
1551
2019-02-24
pjp
save = p + 2;
1552
2019-02-24
pjp
}
1553
2019-12-03
pjp
offset = unpack16(p);
1554
2020-07-16
pjp
/* offsets into the dns header are a nono */
1555
2020-07-16
pjp
if ((ntohs(offset) & (~0xc000)) < sizeof(struct dns_header))
1556
2020-07-16
pjp
return NULL;
1557
2020-07-16
pjp
1558
2019-02-24
pjp
/* do not allow forwards jumping */
1559
2019-12-03
pjp
if ((p - estart) <= (ntohs(offset) & (~0xc000))) {
1560
2019-02-24
pjp
return NULL;
1561
2019-02-24
pjp
}
1562
2019-02-24
pjp
1563
2019-12-03
pjp
p = (estart + (ntohs(offset) & (~0xc000)));
1564
2019-02-24
pjp
} else {
1565
2019-02-24
pjp
if (*elen + 1 >= max) {
1566
2019-02-24
pjp
return NULL;
1567
2019-02-24
pjp
}
1568
2019-02-24
pjp
expand[(*elen)] = *p;
1569
2019-02-24
pjp
(*elen)++;
1570
2019-02-24
pjp
tlen = *p;
1571
2019-02-24
pjp
p++;
1572
2019-02-24
pjp
memcpy(&expand[*elen], p, tlen);
1573
2019-02-24
pjp
p += tlen;
1574
2019-02-24
pjp
if (*elen + tlen >= max) {
1575
2019-02-24
pjp
return NULL;
1576
2019-02-24
pjp
}
1577
2019-02-24
pjp
*elen += tlen;
1578
2019-02-24
pjp
}
1579
2019-02-24
pjp
}
1580
2019-02-24
pjp
1581
2019-02-24
pjp
if (p > end) {
1582
2019-02-24
pjp
return NULL;
1583
2019-02-24
pjp
}
1584
2019-02-24
pjp
1585
2019-02-24
pjp
if (save == NULL) {
1586
2019-02-24
pjp
p++;
1587
2019-02-24
pjp
(*elen)++;
1588
2019-02-24
pjp
return (p);
1589
2019-02-24
pjp
} else {
1590
2019-02-24
pjp
(*elen)++;
1591
2019-02-24
pjp
return (save);
1592
2019-02-24
pjp
}
1593
2019-02-24
pjp
}
1594
2019-02-24
pjp
1595
2019-02-24
pjp
void
1596
2019-02-24
pjp
log_diff(char *sha256, char *mac, int len)
1597
2019-02-24
pjp
{
1598
2019-02-24
pjp
char buf[512];
1599
2019-02-24
pjp
char tbuf[16];
1600
2019-02-24
pjp
int i;
1601
2019-02-24
pjp
1602
2019-02-24
pjp
memset(&buf, 0, sizeof(buf));
1603
2019-02-24
pjp
for (i = 0; i < 32; i++) {
1604
2019-02-24
pjp
snprintf(tbuf, sizeof(tbuf), "%02x", sha256[i] & 0xff);
1605
2019-02-24
pjp
strlcat(buf, tbuf, sizeof(buf));
1606
2019-02-24
pjp
}
1607
2019-02-24
pjp
1608
2019-02-24
pjp
strlcat(buf, "\n", sizeof(buf));
1609
2019-02-24
pjp
1610
2019-02-24
pjp
dolog(LOG_INFO, "our HMAC = %s\n", buf);
1611
2019-02-24
pjp
1612
2019-02-24
pjp
memset(&buf, 0, sizeof(buf));
1613
2019-02-24
pjp
for (i = 0; i < 32; i++) {
1614
2019-02-24
pjp
snprintf(tbuf, sizeof(tbuf), "%02x", mac[i] & 0xff);
1615
2019-02-24
pjp
strlcat(buf, tbuf, sizeof(buf));
1616
2019-02-24
pjp
}
1617
2019-02-24
pjp
1618
2019-02-24
pjp
strlcat(buf, "\n", sizeof(buf));
1619
2019-02-24
pjp
1620
2019-02-24
pjp
dolog(LOG_INFO, "given HMAC = %s\n", buf);
1621
2019-02-24
pjp
1622
2019-10-15
pjp
}
1623
2019-10-15
pjp
1624
2019-10-15
pjp
/*
1625
2019-10-15
pjp
* TSIG_PSEUDOHEADER - assemble a pseudoheader and with a HMAC_CTX * and
1626
2019-10-15
pjp
* update it within this function...
1627
2019-10-15
pjp
*/
1628
2019-10-15
pjp
1629
2019-10-15
pjp
int
1630
2019-10-15
pjp
tsig_pseudoheader(char *tsigkeyname, uint16_t fudge, time_t now, HMAC_CTX *ctx)
1631
2019-10-15
pjp
{
1632
2019-10-15
pjp
char pseudo_packet[512];
1633
2019-10-15
pjp
char *keyname = NULL;
1634
2019-10-15
pjp
1635
2019-12-11
pjp
int ppoffset = 0;
1636
2019-10-15
pjp
int len;
1637
2019-10-15
pjp
1638
2019-12-03
pjp
char *p;
1639
2019-10-15
pjp
1640
2019-10-15
pjp
keyname = dns_label(tsigkeyname, &len);
1641
2019-10-15
pjp
if (keyname == NULL) {
1642
2019-10-15
pjp
return -1;
1643
2019-10-15
pjp
}
1644
2019-10-15
pjp
1645
2019-10-15
pjp
/* name of key */
1646
2019-10-15
pjp
memcpy(&pseudo_packet, keyname, len);
1647
2019-10-15
pjp
ppoffset += len;
1648
2019-12-03
pjp
p = &pseudo_packet[len];
1649
2019-10-15
pjp
1650
2019-10-15
pjp
free(keyname);
1651
2019-10-15
pjp
1652
2019-10-15
pjp
/* class */
1653
2019-12-03
pjp
pack16(p, htons(DNS_CLASS_ANY));
1654
2019-10-15
pjp
ppoffset += 2;
1655
2019-12-03
pjp
p += 2;
1656
2019-10-15
pjp
1657
2019-10-15
pjp
/* TTL */
1658
2019-12-03
pjp
pack32(p, 0);
1659
2019-10-15
pjp
ppoffset += 4;
1660
2019-12-03
pjp
p += 4;
1661
2019-10-15
pjp
1662
2019-10-15
pjp
keyname = dns_label("hmac-sha256", &len);
1663
2019-10-15
pjp
if (keyname == NULL) {
1664
2019-10-15
pjp
return -1;
1665
2019-10-15
pjp
}
1666
2019-10-15
pjp
1667
2019-10-15
pjp
/* alg name */
1668
2019-10-15
pjp
memcpy(&pseudo_packet[ppoffset], keyname, len);
1669
2019-10-15
pjp
ppoffset += len;
1670
2019-12-03
pjp
p += len;
1671
2019-10-15
pjp
1672
2019-10-15
pjp
free(keyname);
1673
2019-10-15
pjp
1674
2019-10-15
pjp
/* time 1 and 2 */
1675
2019-10-15
pjp
now = time(NULL);
1676
2019-12-06
pjp
if (sizeof(time_t) == 4) /* 32-bit time_t */
1677
2019-12-06
pjp
pack16(p, 0);
1678
2019-12-06
pjp
else
1679
2019-12-06
pjp
pack16(p, htons((now >> 32) & 0xffff));
1680
2019-10-15
pjp
ppoffset += 2;
1681
2019-12-03
pjp
p += 2;
1682
2019-10-15
pjp
1683
2019-12-03
pjp
pack32(p, htonl((now & 0xffffffff)));
1684
2019-10-15
pjp
ppoffset += 4;
1685
2019-12-03
pjp
p += 4;
1686
2019-10-15
pjp
1687
2019-10-15
pjp
/* fudge */
1688
2019-12-03
pjp
pack16(p, htons(fudge));
1689
2019-10-15
pjp
ppoffset += 2;
1690
2019-12-03
pjp
p += 2;
1691
2019-10-15
pjp
1692
2019-10-15
pjp
/* error */
1693
2019-10-15
pjp
1694
2019-12-03
pjp
pack16(p, 0);
1695
2019-10-15
pjp
ppoffset += 2;
1696
2019-12-03
pjp
p += 2;
1697
2019-10-15
pjp
1698
2019-10-15
pjp
/* other len */
1699
2019-10-15
pjp
1700
2019-12-03
pjp
pack16(p, 0);
1701
2019-10-15
pjp
ppoffset += 2;
1702
2019-12-03
pjp
p += 2;
1703
2019-10-15
pjp
1704
2019-10-15
pjp
HMAC_Update(ctx, pseudo_packet, ppoffset);
1705
2019-10-15
pjp
1706
2019-10-15
pjp
return 0;
1707
2019-11-01
pjp
}
1708
2019-11-01
pjp
1709
2019-11-01
pjp
1710
2019-11-01
pjp
char *
1711
2019-11-01
pjp
bin2hex(char *bin, int len)
1712
2019-11-01
pjp
{
1713
2019-11-01
pjp
static char hex[4096];
1714
2019-11-01
pjp
char *p;
1715
2019-11-01
pjp
int i;
1716
2019-11-01
pjp
1717
2019-11-01
pjp
memset(&hex, 0, sizeof(hex));
1718
2019-11-01
pjp
p = &hex[0];
1719
2019-11-01
pjp
1720
2019-11-01
pjp
for (i = 0; i < len; i++) {
1721
2019-11-01
pjp
snprintf(p, sizeof(hex), "%02x", bin[i] & 0xff);
1722
2019-11-01
pjp
p += 2;
1723
2019-11-01
pjp
}
1724
2019-11-01
pjp
1725
2019-11-01
pjp
return ((char *)&hex);
1726
2019-11-01
pjp
}
1727
2019-11-01
pjp
1728
2019-11-01
pjp
u_int64_t
1729
2019-11-01
pjp
timethuman(time_t timet)
1730
2019-11-01
pjp
{
1731
2019-11-01
pjp
char timebuf[512];
1732
2019-11-01
pjp
struct tm *tm;
1733
2019-11-01
pjp
u_int64_t retbuf;
1734
2019-11-01
pjp
1735
2019-11-01
pjp
tm = gmtime((time_t *)&timet);
1736
2019-11-01
pjp
strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%S", tm);
1737
2019-11-01
pjp
retbuf = atoll(timebuf);
1738
2019-11-01
pjp
1739
2019-11-01
pjp
return(retbuf);
1740
2019-11-01
pjp
}
1741
2019-11-01
pjp
1742
2019-11-01
pjp
1743
2019-11-01
pjp
char *
1744
2019-11-01
pjp
bitmap2human(char *bitmap, int len)
1745
2019-11-01
pjp
{
1746
2019-11-01
pjp
static char human[4096];
1747
2019-11-01
pjp
char expanded_bitmap[32];
1748
2019-11-01
pjp
u_int16_t bit;
1749
2019-11-01
pjp
int i, j, block, bitlen;
1750
2019-11-01
pjp
int x;
1751
2019-11-01
pjp
char *p;
1752
2019-11-01
pjp
1753
2019-11-01
pjp
memset(&human, 0, sizeof(human));
1754
2019-11-01
pjp
1755
2019-11-01
pjp
for (i = 0, p = bitmap; i < len;) {
1756
2019-11-01
pjp
block = *p;
1757
2019-11-01
pjp
p++;
1758
2019-11-01
pjp
i++;
1759
2019-11-01
pjp
memset(&expanded_bitmap, 0, sizeof(expanded_bitmap));
1760
2019-11-01
pjp
bitlen = *p;
1761
2019-11-01
pjp
p++;
1762
2019-11-01
pjp
i++;
1763
2019-11-01
pjp
memcpy(&expanded_bitmap, p, bitlen);
1764
2019-11-01
pjp
p += bitlen;
1765
2019-11-01
pjp
i += bitlen;
1766
2019-11-01
pjp
for (j = 0; j < 32; j++) {
1767
2019-11-01
pjp
if (expanded_bitmap[j] & 0x80) {
1768
2019-11-01
pjp
x = 0;
1769
2020-07-23
pjp
bit = (block * 256) + ((j * 8) + x);
1770
2019-11-01
pjp
strlcat(human, get_dns_type(bit, 0), sizeof(human));
1771
2019-11-01
pjp
strlcat(human, " ", sizeof(human));
1772
2019-11-01
pjp
}
1773
2019-11-01
pjp
if (expanded_bitmap[j] & 0x40) {
1774
2019-11-01
pjp
x = 1;
1775
2020-07-23
pjp
bit = (block * 256) + ((j * 8) + x);
1776
2019-11-01
pjp
strlcat(human, get_dns_type(bit, 0), sizeof(human));
1777
2019-11-01
pjp
strlcat(human, " ", sizeof(human));
1778
2019-11-01
pjp
}
1779
2019-11-01
pjp
if (expanded_bitmap[j] & 0x20) {
1780
2019-11-01
pjp
x = 2;
1781
2020-07-23
pjp
bit = (block * 256) + ((j * 8) + x);
1782
2019-11-01
pjp
strlcat(human, get_dns_type(bit, 0), sizeof(human));
1783
2019-11-01
pjp
strlcat(human, " ", sizeof(human));
1784
2019-11-01
pjp
}
1785
2019-11-01
pjp
if (expanded_bitmap[j] & 0x10) {
1786
2019-11-01
pjp
x = 3;
1787
2020-07-23
pjp
bit = (block * 256) + ((j * 8) + x);
1788
2019-11-01
pjp
strlcat(human, get_dns_type(bit, 0), sizeof(human));
1789
2019-11-01
pjp
strlcat(human, " ", sizeof(human));
1790
2019-11-01
pjp
}
1791
2019-11-01
pjp
if (expanded_bitmap[j] & 0x8) {
1792
2019-11-01
pjp
x = 4;
1793
2020-07-23
pjp
bit = (block * 256) + ((j * 8) + x);
1794
2019-11-01
pjp
strlcat(human, get_dns_type(bit, 0), sizeof(human));
1795
2019-11-01
pjp
strlcat(human, " ", sizeof(human));
1796
2019-11-01
pjp
}
1797
2019-11-01
pjp
if (expanded_bitmap[j] & 0x4) {
1798
2019-11-01
pjp
x = 5;
1799
2020-07-23
pjp
bit = (block * 256) + ((j * 8) + x);
1800
2019-11-01
pjp
strlcat(human, get_dns_type(bit, 0), sizeof(human));
1801
2019-11-01
pjp
strlcat(human, " ", sizeof(human));
1802
2019-11-01
pjp
}
1803
2019-11-01
pjp
if (expanded_bitmap[j] & 0x2) {
1804
2019-11-01
pjp
x = 6;
1805
2020-07-23
pjp
bit = (block * 256) + ((j * 8) + x);
1806
2019-11-01
pjp
strlcat(human, get_dns_type(bit, 0), sizeof(human));
1807
2019-11-01
pjp
strlcat(human, " ", sizeof(human));
1808
2019-11-01
pjp
}
1809
2019-11-01
pjp
if (expanded_bitmap[j] & 0x1) {
1810
2019-11-01
pjp
x = 7;
1811
2020-07-23
pjp
bit = (block * 256) + ((j * 8) + x);
1812
2019-11-01
pjp
strlcat(human, get_dns_type(bit, 0), sizeof(human));
1813
2019-11-01
pjp
strlcat(human, " ", sizeof(human));
1814
2019-11-01
pjp
}
1815
2019-11-01
pjp
1816
2019-11-01
pjp
}
1817
2019-11-01
pjp
}
1818
2019-11-01
pjp
1819
2019-11-01
pjp
if (human[strlen(human) - 1] == ' ')
1820
2019-11-01
pjp
human[strlen(human) - 1] = '\0';
1821
2019-11-01
pjp
1822
2019-11-01
pjp
return ((char *)&human);
1823
2019-11-02
pjp
}
1824
2019-11-02
pjp
1825
2019-11-02
pjp
1826
2019-11-02
pjp
int
1827
2020-07-27
pjp
lookup_axfr(FILE *f, int so, char *zonename, struct soa *mysoa, u_int32_t format, char *tsigkey, char *tsigpass, int *segment, int *answers, int *additionalcount, struct soa_constraints *constraints)
1828
2019-11-02
pjp
{
1829
2019-11-02
pjp
char query[512];
1830
2019-11-02
pjp
char pseudo_packet[512];
1831
2019-11-02
pjp
char shabuf[32];
1832
2019-11-02
pjp
char *reply;
1833
2019-11-02
pjp
struct timeval tv, savetv;
1834
2019-11-02
pjp
struct question *q;
1835
2019-11-02
pjp
struct whole_header {
1836
2019-11-02
pjp
u_int16_t len;
1837
2019-11-02
pjp
struct dns_header dh;
1838
2019-11-02
pjp
} *wh, *rwh;
1839
2019-11-02
pjp
struct raxfr_logic *sr;
1840
2019-11-02
pjp
1841
2019-11-02
pjp
u_char *p, *name, *keyname;
1842
2019-11-02
pjp
1843
2019-11-02
pjp
u_char *end, *estart;
1844
2019-11-02
pjp
int len, totallen, zonelen, rrlen, rrtype;
1845
2019-11-02
pjp
int soacount = 0;
1846
2019-11-02
pjp
int elen = 0;
1847
2019-11-02
pjp
int segmentcount = 0;
1848
2019-11-02
pjp
int count = 0;
1849
2019-12-03
pjp
u_int16_t rdlen, *plen;
1850
2019-11-02
pjp
u_int16_t tcplen;
1851
2019-11-02
pjp
1852
2019-11-02
pjp
HMAC_CTX *ctx;
1853
2019-11-02
pjp
time_t now = 0;
1854
2019-11-02
pjp
socklen_t sizetv;
1855
2019-11-05
pjp
int sacount = 0;
1856
2019-11-02
pjp
1857
2019-11-02
pjp
if (!(format & TCP_FORMAT))
1858
2019-11-02
pjp
return -1;
1859
2019-11-02
pjp
1860
2019-11-02
pjp
memset(&query, 0, sizeof(query));
1861
2019-11-02
pjp
1862
2019-11-02
pjp
wh = (struct whole_header *)&query[0];
1863
2019-11-02
pjp
1864
2019-11-02
pjp
wh->dh.id = htons(arc4random() & 0xffff);
1865
2019-11-02
pjp
wh->dh.query = 0;
1866
2019-11-02
pjp
wh->dh.question = htons(1);
1867
2019-11-02
pjp
wh->dh.answer = 0;
1868
2019-11-02
pjp
wh->dh.nsrr = 0;
1869
2019-11-02
pjp
wh->dh.additional = htons(0);
1870
2019-11-02
pjp
1871
2019-11-02
pjp
1872
2019-11-02
pjp
SET_DNS_QUERY(&wh->dh);
1873
2019-11-02
pjp
SET_DNS_RECURSION(&wh->dh);
1874
2019-11-02
pjp
HTONS(wh->dh.query);
1875
2019-11-02
pjp
1876
2019-11-02
pjp
totallen = sizeof(struct whole_header);
1877
2019-11-02
pjp
1878
2019-11-02
pjp
name = dns_label(zonename, &len);
1879
2019-11-02
pjp
if (name == NULL) {
1880
2019-11-02
pjp
return -1;
1881
2019-11-02
pjp
}
1882
2019-11-02
pjp
1883
2019-11-02
pjp
zonelen = len;
1884
2019-11-02
pjp
1885
2019-11-02
pjp
p = (char *)&wh[1];
1886
2019-11-02
pjp
1887
2019-11-02
pjp
memcpy(p, name, len);
1888
2019-11-02
pjp
totallen += len;
1889
2019-12-03
pjp
p += len;
1890
2019-11-02
pjp
1891
2019-12-03
pjp
pack16(p, htons(DNS_TYPE_AXFR));
1892
2019-11-02
pjp
totallen += sizeof(u_int16_t);
1893
2019-12-03
pjp
p += sizeof(u_int16_t);
1894
2019-11-02
pjp
1895
2019-12-03
pjp
pack16(p, htons(DNS_CLASS_IN));
1896
2019-11-02
pjp
totallen += sizeof(u_int16_t);
1897
2019-12-03
pjp
p += sizeof(u_int16_t);
1898
2019-11-02
pjp
1899
2019-11-02
pjp
/* we have a key, attach a TSIG payload */
1900
2019-11-02
pjp
if (tsigkey) {
1901
2019-11-02
pjp
1902
2019-11-02
pjp
if ((len = mybase64_decode(tsigpass, (u_char *)&pseudo_packet, sizeof(pseudo_packet))) < 0) {
1903
2019-11-02
pjp
fprintf(stderr, "bad base64 password\n");
1904
2019-11-02
pjp
return -1;
1905
2019-11-02
pjp
}
1906
2019-11-02
pjp
1907
2019-11-02
pjp
ctx = HMAC_CTX_new();
1908
2019-11-02
pjp
HMAC_Init_ex(ctx, pseudo_packet, len, EVP_sha256(), NULL);
1909
2019-11-02
pjp
HMAC_Update(ctx, &query[2], totallen - 2);
1910
2019-11-02
pjp
1911
2019-11-02
pjp
now = time(NULL);
1912
2019-12-11
pjp
if (tsig_pseudoheader(tsigkey, DEFAULT_TSIG_FUDGE, now, ctx) < 0) {
1913
2019-11-02
pjp
fprintf(stderr, "tsig_pseudoheader failed\n");
1914
2019-11-02
pjp
return -1;
1915
2019-11-02
pjp
}
1916
2019-11-02
pjp
1917
2019-11-02
pjp
HMAC_Final(ctx, shabuf, &len);
1918
2019-11-02
pjp
1919
2019-11-02
pjp
if (len != 32) {
1920
2019-11-02
pjp
fprintf(stderr, "not expected len != 32\n");
1921
2019-11-02
pjp
return -1;
1922
2019-11-02
pjp
}
1923
2019-11-02
pjp
1924
2019-11-02
pjp
HMAC_CTX_free(ctx);
1925
2019-11-02
pjp
1926
2019-11-02
pjp
keyname = dns_label(tsigkey, &len);
1927
2019-11-02
pjp
if (keyname == NULL) {
1928
2019-11-02
pjp
return -1;
1929
2019-11-02
pjp
}
1930
2019-11-02
pjp
1931
2019-11-02
pjp
memcpy(&query[totallen], keyname, len);
1932
2019-11-02
pjp
totallen += len;
1933
2019-11-02
pjp
1934
2019-12-03
pjp
p = &query[totallen];
1935
2019-12-03
pjp
pack16(p, htons(DNS_TYPE_TSIG));
1936
2019-11-02
pjp
totallen += 2;
1937
2019-12-03
pjp
p += 2;
1938
2019-11-02
pjp
1939
2019-12-03
pjp
pack16(p, htons(DNS_CLASS_ANY));
1940
2019-11-02
pjp
totallen += 2;
1941
2019-12-03
pjp
p += 2;
1942
2019-11-02
pjp
1943
2019-12-03
pjp
pack32(p, htonl(0));
1944
2019-11-02
pjp
totallen += 4;
1945
2019-12-03
pjp
p += 4;
1946
2019-11-02
pjp
1947
2019-11-02
pjp
keyname = dns_label("hmac-sha256", &len);
1948
2019-11-02
pjp
if (keyname == NULL) {
1949
2019-11-02
pjp
return -1;
1950
2019-11-02
pjp
}
1951
2019-11-02
pjp
1952
2019-11-02
pjp
/* rdlen */
1953
2019-12-03
pjp
pack16(p, htons(len + 2 + 4 + 2 + 2 + 32 + 2 + 2 + 2));
1954
2019-11-02
pjp
totallen += 2;
1955
2019-12-03
pjp
p += 2;
1956
2019-11-02
pjp
1957
2019-11-02
pjp
/* algorithm name */
1958
2019-11-02
pjp
memcpy(&query[totallen], keyname, len);
1959
2019-11-02
pjp
totallen += len;
1960
2019-12-03
pjp
p += len;
1961
2019-11-02
pjp
1962
2019-11-02
pjp
/* time 1 */
1963
2019-12-06
pjp
if (sizeof(time_t) == 4) /* 32-bit time-t */
1964
2019-12-06
pjp
pack16(p, 0);
1965
2019-12-06
pjp
else
1966
2019-12-06
pjp
pack16(p, htons((now >> 32) & 0xffff));
1967
2019-11-02
pjp
totallen += 2;
1968
2019-12-03
pjp
p += 2;
1969
2019-11-02
pjp
1970
2019-11-02
pjp
/* time 2 */
1971
2019-12-03
pjp
pack32(p, htonl(now & 0xffffffff));
1972
2019-11-02
pjp
totallen += 4;
1973
2019-12-03
pjp
p += 4;
1974
2019-11-02
pjp
1975
2019-11-02
pjp
/* fudge */
1976
2019-12-11
pjp
pack16(p, htons(DEFAULT_TSIG_FUDGE));
1977
2019-11-02
pjp
totallen += 2;
1978
2019-12-03
pjp
p += 2;
1979
2019-11-02
pjp
1980
2019-11-02
pjp
/* hmac size */
1981
2019-12-03
pjp
pack16(p, htons(sizeof(shabuf)));
1982
2019-11-02
pjp
totallen += 2;
1983
2019-12-03
pjp
p += 2;
1984
2019-11-02
pjp
1985
2019-11-02
pjp
/* hmac */
1986
2019-11-02
pjp
memcpy(&query[totallen], shabuf, sizeof(shabuf));
1987
2019-11-02
pjp
totallen += sizeof(shabuf);
1988
2019-12-03
pjp
p += sizeof(shabuf);
1989
2019-11-02
pjp
1990
2019-11-02
pjp
/* original id */
1991
2019-12-03
pjp
pack16(p, wh->dh.id);
1992
2019-11-02
pjp
totallen += 2;
1993
2019-12-03
pjp
p += 2;
1994
2019-11-02
pjp
1995
2019-11-02
pjp
/* error */
1996
2019-12-03
pjp
pack16(p, 0);
1997
2019-11-02
pjp
totallen += 2;
1998
2019-12-03
pjp
p += 2;
1999
2019-11-02
pjp
2000
2019-11-02
pjp
/* other len */
2001
2019-12-03
pjp
pack16(p, 0);
2002
2019-11-02
pjp
totallen += 2;
2003
2019-12-03
pjp
p += 2;
2004
2019-11-02
pjp
2005
2019-11-02
pjp
wh->dh.additional = htons(1);
2006
2019-11-02
pjp
}
2007
2019-11-02
pjp
2008
2019-11-02
pjp
2009
2019-11-02
pjp
wh->len = htons(totallen - 2);
2010
2019-11-02
pjp
2011
2019-11-02
pjp
if (send(so, query, totallen, 0) < 0) {
2012
2019-11-02
pjp
perror("send");
2013
2019-11-02
pjp
return -1;
2014
2019-11-02
pjp
}
2015
2019-11-02
pjp
2016
2019-11-02
pjp
/* catch reply */
2017
2019-11-02
pjp
2018
2019-11-02
pjp
reply = calloc(1, 0xffff + 2);
2019
2019-11-02
pjp
if (reply == NULL) {
2020
2019-11-02
pjp
perror("calloc");
2021
2019-11-02
pjp
return -1;
2022
2019-11-02
pjp
}
2023
2019-11-02
pjp
2024
2019-11-02
pjp
if (tsigkey) {
2025
2019-11-02
pjp
uint16_t maclen;
2026
2019-11-02
pjp
2027
2019-11-02
pjp
if ((len = mybase64_decode(tsigpass, (u_char *)&pseudo_packet, sizeof(pseudo_packet))) < 0) {
2028
2019-11-02
pjp
fprintf(stderr, "bad base64 password\n");
2029
2019-11-02
pjp
return -1;
2030
2019-11-02
pjp
}
2031
2019-11-02
pjp
2032
2019-11-02
pjp
ctx = HMAC_CTX_new();
2033
2019-11-02
pjp
HMAC_Init_ex(ctx, pseudo_packet, len, EVP_sha256(), NULL);
2034
2019-11-02
pjp
maclen = htons(32);
2035
2019-11-05
pjp
HMAC_Update(ctx, (char *)&maclen, sizeof(maclen));
2036
2019-11-02
pjp
HMAC_Update(ctx, shabuf, sizeof(shabuf));
2037
2019-11-02
pjp
} else
2038
2019-11-02
pjp
ctx = NULL;
2039
2019-11-02
pjp
2040
2019-11-02
pjp
q = build_question((char *)&wh->dh, wh->len, wh->dh.additional, (tsigkey == NULL) ? NULL : shabuf);
2041
2019-11-02
pjp
if (q == NULL) {
2042
2019-11-02
pjp
fprintf(stderr, "failed to build_question\n");
2043
2019-11-02
pjp
return -1;
2044
2019-11-02
pjp
}
2045
2019-11-02
pjp
2046
2019-11-02
pjp
for (;;) {
2047
2019-11-06
pjp
sizetv = sizeof(struct timeval);
2048
2019-11-02
pjp
if (getsockopt(so, SOL_SOCKET, SO_RCVTIMEO, &savetv, &sizetv) < 0) {
2049
2019-11-02
pjp
perror("getsockopt");
2050
2019-11-02
pjp
}
2051
2019-11-02
pjp
2052
2019-11-02
pjp
tv.tv_sec = 1;
2053
2019-11-02
pjp
tv.tv_usec = 0;
2054
2019-11-02
pjp
2055
2019-11-02
pjp
if (setsockopt(so, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)) < 0) {
2056
2019-11-06
pjp
dolog(LOG_DEBUG, "setsockopt failed with sec 1, usec 0: %s\n", strerror(errno));
2057
2019-11-02
pjp
}
2058
2019-11-06
pjp
2059
2019-11-02
pjp
len = recv(so, reply, 2, MSG_PEEK | MSG_WAITALL);
2060
2019-11-02
pjp
if (len <= 0)
2061
2019-11-02
pjp
break;
2062
2019-11-02
pjp
2063
2019-11-02
pjp
plen = (u_int16_t *)reply;
2064
2019-11-02
pjp
tcplen = ntohs(*plen) + 2;
2065
2019-11-02
pjp
2066
2019-11-06
pjp
/* restore original timeout values */
2067
2019-11-02
pjp
if (setsockopt(so, SOL_SOCKET, SO_RCVTIMEO, &savetv, sizeof(savetv)) < 0) {
2068
2019-11-02
pjp
perror("setsockopt");
2069
2019-11-02
pjp
}
2070
2019-11-02
pjp
2071
2019-11-02
pjp
len = recv(so, reply, tcplen, MSG_WAITALL);
2072
2019-11-02
pjp
if (len < 0) {
2073
2019-11-02
pjp
perror("recv");
2074
2019-11-02
pjp
return -1;
2075
2019-11-02
pjp
}
2076
2019-11-02
pjp
rwh = (struct whole_header *)&reply[0];
2077
2019-11-02
pjp
bytes_received += ntohs(rwh->len);
2078
2019-11-02
pjp
2079
2019-11-02
pjp
end = &reply[len];
2080
2019-11-02
pjp
len = rwh->len;
2081
2019-11-02
pjp
2082
2019-11-02
pjp
if (rwh->dh.id != wh->dh.id) {
2083
2019-11-02
pjp
fprintf(stderr, "DNS ID mismatch\n");
2084
2019-11-02
pjp
return -1;
2085
2019-11-02
pjp
}
2086
2019-11-02
pjp
2087
2019-11-02
pjp
if (!(htons(rwh->dh.query) & DNS_REPLY)) {
2088
2019-11-02
pjp
fprintf(stderr, "NOT a DNS reply\n");
2089
2019-11-02
pjp
return -1;
2090
2019-11-02
pjp
}
2091
2019-11-02
pjp
2092
2019-11-02
pjp
if (ntohs(rwh->dh.answer) < 1) {
2093
2019-11-02
pjp
fprintf(stderr, "NO ANSWER provided\n");
2094
2019-11-02
pjp
return -1;
2095
2019-11-02
pjp
}
2096
2019-11-02
pjp
2097
2019-11-02
pjp
segmentcount = ntohs(rwh->dh.answer);
2098
2019-11-02
pjp
if (tsigkey) {
2099
2019-11-02
pjp
segmentcount += ntohs(rwh->dh.additional);
2100
2019-11-05
pjp
*additionalcount += ntohs(rwh->dh.additional);
2101
2019-11-05
pjp
#if 0
2102
2019-11-05
pjp
printf("additional = %d\n", ntohs(rwh->dh.additional));
2103
2019-11-05
pjp
// rwh->dh.additional = 0;
2104
2019-11-05
pjp
#endif
2105
2019-11-02
pjp
}
2106
2019-11-05
pjp
*answers += segmentcount;
2107
2019-11-02
pjp
2108
2019-11-02
pjp
2109
2019-11-02
pjp
if (memcmp(q->hdr->name, name, q->hdr->namelen) != 0) {
2110
2019-11-02
pjp
fprintf(stderr, "question name not for what we asked\n");
2111
2019-11-02
pjp
return -1;
2112
2019-11-02
pjp
}
2113
2019-11-02
pjp
2114
2019-11-02
pjp
if (q->hdr->qclass != htons(DNS_CLASS_IN) || q->hdr->qtype != htons(DNS_TYPE_AXFR)) {
2115
2019-11-02
pjp
fprintf(stderr, "wrong class or type\n");
2116
2019-11-02
pjp
return -1;
2117
2019-11-02
pjp
}
2118
2019-11-02
pjp
2119
2019-11-02
pjp
p = (char *)&rwh[1];
2120
2019-11-02
pjp
p += q->hdr->namelen;
2121
2019-11-02
pjp
p += sizeof(u_int16_t); /* type */
2122
2019-11-02
pjp
p += sizeof(u_int16_t); /* class */
2123
2019-11-02
pjp
/* end of question */
2124
2019-11-02
pjp
2125
2019-11-02
pjp
estart = (u_char *)&rwh->dh;
2126
2019-11-02
pjp
2127
2019-11-02
pjp
if (tsigkey) {
2128
2019-11-05
pjp
uint16_t saveadd;
2129
2019-11-05
pjp
2130
2019-11-05
pjp
saveadd = rwh->dh.additional;
2131
2019-11-05
pjp
NTOHS(rwh->dh.additional);
2132
2019-11-19
pjp
if (rwh->dh.additional)
2133
2019-11-19
pjp
rwh->dh.additional--;
2134
2019-11-05
pjp
HTONS(rwh->dh.additional);
2135
2019-11-02
pjp
HMAC_Update(ctx, estart, (p - estart));
2136
2019-11-05
pjp
rwh->dh.additional = saveadd;
2137
2019-11-02
pjp
}
2138
2019-11-02
pjp
2139
2019-11-04
pjp
(*segment)++;
2140
2019-11-02
pjp
2141
2019-11-02
pjp
for (count = 0; count < segmentcount; count++) {
2142
2019-11-02
pjp
char mac[32];
2143
2019-11-02
pjp
elen = 0;
2144
2019-11-02
pjp
2145
2020-07-27
pjp
if ((rrlen = raxfr_peek(f, p, estart, end, &rrtype, soacount, &rdlen, format, ctx, name, zonelen, 1)) < 0) {
2146
2019-11-02
pjp
fprintf(stderr, "not a SOA reply, or ERROR\n");
2147
2019-11-02
pjp
return -1;
2148
2019-11-02
pjp
}
2149
2019-11-02
pjp
2150
2019-11-02
pjp
if (tsigkey && (rrtype == DNS_TYPE_TSIG)) {
2151
2019-11-02
pjp
uint16_t maclen;
2152
2019-11-02
pjp
2153
2019-11-02
pjp
/* do tsig checks here */
2154
2019-11-05
pjp
if ((len = raxfr_tsig(f,p,estart,end,mysoa,rdlen,ctx, (char *)&mac, (sacount++ == 0) ? 1 : 0)) < 0) {
2155
2019-11-02
pjp
fprintf(stderr, "error with TSIG record\n");
2156
2019-11-02
pjp
return -1;
2157
2019-11-02
pjp
}
2158
2019-11-02
pjp
2159
2019-11-02
pjp
p = (estart + len);
2160
2019-11-02
pjp
2161
2019-11-02
pjp
if ((len = mybase64_decode(tsigpass, (u_char *)&pseudo_packet, sizeof(pseudo_packet))) < 0) {
2162
2019-11-02
pjp
fprintf(stderr, "bad base64 password\n");
2163
2019-11-02
pjp
return -1;
2164
2019-11-02
pjp
}
2165
2019-11-02
pjp
2166
2019-11-19
pjp
if (HMAC_CTX_reset(ctx) != 1) {
2167
2019-11-19
pjp
fprintf(stderr, "HMAC_CTX_reset failed!\n");
2168
2019-11-19
pjp
return -1;
2169
2019-11-19
pjp
}
2170
2019-11-19
pjp
if (HMAC_Init_ex(ctx, pseudo_packet, len, EVP_sha256(), NULL) != 1) {
2171
2019-11-19
pjp
fprintf(stderr, "HMAC_Init_ex failed!\n");
2172
2019-11-19
pjp
return -1;
2173
2019-11-19
pjp
}
2174
2019-11-02
pjp
maclen = htons(32);
2175
2019-11-05
pjp
HMAC_Update(ctx, (char *)&maclen, sizeof(maclen));
2176
2019-11-05
pjp
HMAC_Update(ctx, mac, sizeof(mac));
2177
2019-11-02
pjp
2178
2019-11-02
pjp
if (soacount > 1)
2179
2019-11-02
pjp
goto out;
2180
2019-11-02
pjp
} else
2181
2019-11-02
pjp
p = (estart + rrlen);
2182
2019-11-02
pjp
2183
2019-11-02
pjp
if (rrtype == DNS_TYPE_SOA) {
2184
2020-07-27
pjp
if ((len = raxfr_soa(f, p, estart, end, mysoa, soacount, format, rdlen, ctx, constraints)) < 0) {
2185
2019-11-02
pjp
fprintf(stderr, "raxfr_soa failed\n");
2186
2019-11-02
pjp
return -1;
2187
2019-11-02
pjp
}
2188
2019-11-02
pjp
p = (estart + len);
2189
2019-11-02
pjp
soacount++;
2190
2019-11-02
pjp
2191
2019-11-02
pjp
/*
2192
2019-11-02
pjp
* the envelopes are done because we have
2193
2019-11-02
pjp
* two SOA's, continue here to catch the
2194
2019-11-02
pjp
* TSIG.
2195
2019-11-02
pjp
*/
2196
2019-11-02
pjp
if (soacount > 1)
2197
2019-11-02
pjp
continue;
2198
2019-11-02
pjp
} else {
2199
2019-11-02
pjp
for (sr = supported; sr->rrtype != 0; sr++) {
2200
2019-11-02
pjp
if (rrtype == sr->rrtype) {
2201
2020-07-08
pjp
if ((len = (*sr->raxfr)(f, p, estart, end, mysoa, rdlen, ctx)) < 0) {
2202
2019-11-02
pjp
fprintf(stderr, "error with rrtype %d\n", sr->rrtype);
2203
2019-11-02
pjp
return -1;
2204
2019-11-02
pjp
}
2205
2019-11-02
pjp
p = (estart + len);
2206
2019-11-02
pjp
break;
2207
2019-11-02
pjp
}
2208
2019-11-02
pjp
}
2209
2019-11-02
pjp
2210
2019-11-02
pjp
if (sr->rrtype == 0) {
2211
2019-11-02
pjp
if (rrtype != DNS_TYPE_TSIG) {
2212
2019-11-02
pjp
fprintf(stderr, "unsupported RRTYPE %d\n", rrtype);
2213
2019-11-02
pjp
return -1;
2214
2019-11-02
pjp
}
2215
2019-11-02
pjp
}
2216
2019-11-02
pjp
}
2217
2019-11-02
pjp
}
2218
2019-11-02
pjp
}
2219
2019-11-02
pjp
2220
2019-11-02
pjp
if ((len = recv(so, reply, 0xffff, 0)) > 0) {
2221
2019-11-02
pjp
fprintf(stderr, ";; WARN: received %d more bytes.\n", len);
2222
2019-11-02
pjp
}
2223
2019-11-02
pjp
2224
2019-11-02
pjp
out:
2225
2019-11-02
pjp
2226
2019-11-02
pjp
if (tsigkey) {
2227
2019-11-02
pjp
HMAC_CTX_free(ctx);
2228
2019-11-02
pjp
}
2229
2019-11-02
pjp
2230
2020-07-26
pjp
#if 0
2231
2019-11-02
pjp
if (f != NULL) {
2232
2019-11-02
pjp
if ((format & ZONE_FORMAT))
2233
2019-11-02
pjp
fprintf(f, "}\n");
2234
2019-11-02
pjp
}
2235
2020-07-26
pjp
#endif
2236
2019-11-02
pjp
2237
2019-11-02
pjp
free_question(q);
2238
2019-11-02
pjp
2239
2019-11-02
pjp
return 0;
2240
2019-11-02
pjp
2241
2019-11-02
pjp
}
2242
2019-11-02
pjp
2243
2019-11-12
pjp
/*
2244
2019-11-12
pjp
* DN_CONTAINS - is anchorname contained in name?
2245
2019-11-12
pjp
*/
2246
2019-11-02
pjp
2247
2019-11-12
pjp
int
2248
2019-11-12
pjp
dn_contains(char *name, int len, char *anchorname, int alen)
2249
2019-11-12
pjp
{
2250
2019-11-12
pjp
char *p = name;
2251
2019-11-12
pjp
int plen = len;
2252
2019-11-12
pjp
2253
2019-11-12
pjp
while (plen >= alen) {
2254
2019-11-12
pjp
if (plen == alen &&
2255
2019-11-12
pjp
memcasecmp(p, anchorname, alen) == 0) {
2256
2019-11-12
pjp
return 1;
2257
2019-11-12
pjp
}
2258
2019-11-12
pjp
2259
2019-11-12
pjp
plen -= (*p + 1);
2260
2019-11-12
pjp
p += (*p + 1);
2261
2019-11-12
pjp
}
2262
2019-11-12
pjp
2263
2019-11-12
pjp
return 0;
2264
2019-12-03
pjp
}
2265
2019-12-03
pjp
2266
2019-12-03
pjp
/* pack functions */
2267
2019-12-03
pjp
2268
2019-12-03
pjp
void
2269
2019-12-03
pjp
pack32(char *buf, u_int32_t value)
2270
2019-12-03
pjp
{
2271
2019-12-03
pjp
pack(buf, (char *)&value, sizeof(uint32_t));
2272
2019-12-03
pjp
}
2273
2019-12-03
pjp
2274
2019-12-03
pjp
void
2275
2019-12-03
pjp
pack16(char *buf, u_int16_t value)
2276
2019-12-03
pjp
{
2277
2019-12-03
pjp
pack(buf, (char *)&value, sizeof(uint16_t));
2278
2019-12-03
pjp
}
2279
2019-12-03
pjp
2280
2019-12-03
pjp
void
2281
2019-12-03
pjp
pack8(char *buf, u_int8_t value)
2282
2019-12-03
pjp
{
2283
2019-12-03
pjp
u_int8_t *p;
2284
2019-12-03
pjp
2285
2019-12-03
pjp
p = (u_int8_t *)buf;
2286
2019-12-03
pjp
*p = value;
2287
2019-12-03
pjp
}
2288
2019-12-03
pjp
2289
2019-12-03
pjp
void
2290
2019-12-03
pjp
pack(char *buf, char *input, int len)
2291
2019-12-03
pjp
{
2292
2019-12-03
pjp
memcpy(buf, input, len);
2293
2019-12-03
pjp
}
2294
2019-12-03
pjp
2295
2019-12-03
pjp
uint32_t
2296
2019-12-03
pjp
unpack32(char *buf)
2297
2019-12-03
pjp
{
2298
2019-12-03
pjp
uint32_t ret = 0;
2299
2019-12-03
pjp
2300
2019-12-03
pjp
unpack((char *)&ret, buf, sizeof(uint32_t));
2301
2019-12-03
pjp
2302
2019-12-03
pjp
return (ret);
2303
2019-12-03
pjp
}
2304
2019-12-03
pjp
2305
2019-12-03
pjp
uint16_t
2306
2019-12-03
pjp
unpack16(char *buf)
2307
2019-12-03
pjp
{
2308
2019-12-03
pjp
uint16_t ret = 0;
2309
2019-12-03
pjp
2310
2019-12-03
pjp
unpack((char *)&ret, buf, sizeof(uint16_t));
2311
2019-12-03
pjp
2312
2019-12-03
pjp
return (ret);
2313
2019-12-03
pjp
}
2314
2019-12-03
pjp
2315
2019-12-03
pjp
void
2316
2019-12-03
pjp
unpack(char *buf, char *input, int len)
2317
2019-12-03
pjp
{
2318
2019-12-03
pjp
memcpy(buf, input, len);
2319
2020-07-16
pjp
}
2320
2020-07-16
pjp
2321
2020-07-16
pjp
/* https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 */
2322
2020-07-16
pjp
int
2323
2020-07-16
pjp
randomize_dnsname(char *buf, int len)
2324
2020-07-16
pjp
{
2325
2020-07-16
pjp
char save[DNS_MAXNAME];
2326
2020-07-16
pjp
char randompad[DNS_MAXNAME];
2327
2020-07-16
pjp
char *p, *q;
2328
2020-07-16
pjp
uint offset, labellen;
2329
2020-07-16
pjp
int i;
2330
2020-07-16
pjp
char ch;
2331
2020-07-16
pjp
2332
2020-07-16
pjp
if (len > sizeof(save))
2333
2020-07-16
pjp
return (-1);
2334
2020-07-16
pjp
2335
2020-07-16
pjp
memcpy(save, buf, len);
2336
2020-07-16
pjp
arc4random_buf(randompad, sizeof(randompad));
2337
2020-07-16
pjp
2338
2020-07-16
pjp
q = &buf[0];
2339
2020-07-16
pjp
for (p = q, offset = 0; offset <= len && *p != 0; offset += (*p + 1), p += (*p + 1)) {
2340
2020-07-16
pjp
labellen = *p;
2341
2020-07-16
pjp
2342
2020-07-16
pjp
if (labellen > DNS_MAXLABEL)
2343
2020-07-16
pjp
goto err;
2344
2020-07-16
pjp
2345
2020-07-16
pjp
for (i = 1; i < (1 + labellen); i++) {
2346
2020-07-16
pjp
ch = q[offset + i];
2347
2020-07-16
pjp
q[offset + i] = (randompad[offset + i] & 1) ? toupper(ch) : ch;
2348
2020-07-16
pjp
}
2349
2020-07-16
pjp
}
2350
2020-07-16
pjp
2351
2020-07-16
pjp
if (offset > len)
2352
2020-07-16
pjp
goto err;
2353
2020-07-16
pjp
2354
2020-07-16
pjp
return (0);
2355
2020-07-16
pjp
2356
2020-07-16
pjp
err:
2357
2020-07-16
pjp
/* error condition, restore original buf */
2358
2020-07-16
pjp
memcpy(buf, save, len);
2359
2020-07-16
pjp
return (-1);
2360
2020-07-16
pjp
}
2361
2020-07-16
pjp
2362
2020-07-16
pjp
int
2363
2020-07-16
pjp
lower_dnsname(char *buf, int len)
2364
2020-07-16
pjp
{
2365
2020-07-16
pjp
char *p, *q;
2366
2020-07-16
pjp
char save[DNS_MAXNAME];
2367
2020-07-16
pjp
uint offset, labellen;
2368
2020-07-16
pjp
int i;
2369
2020-07-16
pjp
char ch;
2370
2020-07-16
pjp
2371
2020-07-16
pjp
if (len > sizeof(save))
2372
2020-07-16
pjp
return (-1);
2373
2020-07-16
pjp
2374
2020-07-16
pjp
memcpy(save, buf, len);
2375
2020-07-16
pjp
2376
2020-07-16
pjp
q = &buf[0];
2377
2020-07-16
pjp
for (p = q, offset = 0; offset <= len && *p != 0; offset += (*p + 1), p += (*p + 1)) {
2378
2020-07-16
pjp
labellen = *p;
2379
2020-07-16
pjp
if (labellen > DNS_MAXLABEL)
2380
2020-07-16
pjp
goto err;
2381
2020-07-16
pjp
2382
2020-07-16
pjp
for (i = 1; i < (1 + labellen); i++) {
2383
2020-07-16
pjp
ch = tolower(q[offset + i]);
2384
2020-07-16
pjp
q[offset + i] = ch;
2385
2020-07-16
pjp
}
2386
2020-07-16
pjp
}
2387
2020-07-16
pjp
2388
2020-07-16
pjp
if (offset > len)
2389
2020-07-16
pjp
goto err;
2390
2020-07-16
pjp
2391
2020-07-16
pjp
return (0);
2392
2020-07-16
pjp
2393
2020-07-16
pjp
err:
2394
2020-07-16
pjp
/* restore the old */
2395
2020-07-16
pjp
2396
2020-07-16
pjp
memcpy(buf, save, len);
2397
2020-07-16
pjp
return (-1);
2398
2020-07-21
pjp
}
2399
2020-07-21
pjp
2400
2020-07-21
pjp
2401
2020-07-21
pjp
/*
2402
2020-07-21
pjp
* Copyright (c) 1988, 1992, 1993
2403
2020-07-21
pjp
* The Regents of the University of California. All rights reserved.
2404
2020-07-21
pjp
*
2405
2020-07-21
pjp
* Redistribution and use in source and binary forms, with or without
2406
2020-07-21
pjp
* modification, are permitted provided that the following conditions
2407
2020-07-21
pjp
* are met:
2408
2020-07-21
pjp
* 1. Redistributions of source code must retain the above copyright
2409
2020-07-21
pjp
* notice, this list of conditions and the following disclaimer.
2410
2020-07-21
pjp
* 2. Redistributions in binary form must reproduce the above copyright
2411
2020-07-21
pjp
* notice, this list of conditions and the following disclaimer in the
2412
2020-07-21
pjp
* documentation and/or other materials provided with the distribution.
2413
2020-07-21
pjp
* 3. Neither the name of the University nor the names of its contributors
2414
2020-07-21
pjp
* may be used to endorse or promote products derived from this software
2415
2020-07-21
pjp
* without specific prior written permission.
2416
2020-07-21
pjp
*
2417
2020-07-21
pjp
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
2418
2020-07-21
pjp
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
2419
2020-07-21
pjp
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
2420
2020-07-21
pjp
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
2421
2020-07-21
pjp
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
2422
2020-07-21
pjp
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
2423
2020-07-21
pjp
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
2424
2020-07-21
pjp
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
2425
2020-07-21
pjp
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
2426
2020-07-21
pjp
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
2427
2020-07-21
pjp
* SUCH DAMAGE.
2428
2020-07-21
pjp
*
2429
2020-07-21
pjp
* @(#)in_cksum.c 8.1 (Berkeley) 6/10/93
2430
2020-07-21
pjp
*/
2431
2020-07-21
pjp
2432
2020-07-21
pjp
/*
2433
2020-07-21
pjp
* UDP_CKSUM - compute the ones complement sum of the ones complement of 16 bit
2434
2020-07-21
pjp
* numbers
2435
2020-07-21
pjp
*/
2436
2020-07-21
pjp
2437
2020-07-21
pjp
2438
2020-07-21
pjp
2439
2020-07-21
pjp
/*
2440
2020-07-21
pjp
* UDP_CKSUM - compute the checksum with a pseudo header of the UDP packet
2441
2020-07-21
pjp
*
2442
2020-07-21
pjp
*/
2443
2020-07-21
pjp
2444
2020-07-21
pjp
uint16_t
2445
2020-07-21
pjp
udp_cksum(u_int16_t *addr, uint16_t len, struct ip *ip, struct udphdr *uh)
2446
2020-07-21
pjp
{
2447
2020-07-21
pjp
union {
2448
2020-07-21
pjp
struct ph {
2449
2020-07-21
pjp
in_addr_t src;
2450
2020-07-21
pjp
in_addr_t dst;
2451
2020-07-21
pjp
u_int8_t pad;
2452
2020-07-21
pjp
u_int8_t proto;
2453
2020-07-21
pjp
u_int16_t len;
2454
2020-07-21
pjp
} s __attribute__((packed));
2455
2020-07-21
pjp
2456
2020-07-21
pjp
u_int16_t i[6];
2457
2020-07-21
pjp
} ph;
2458
2020-07-21
pjp
2459
2020-07-21
pjp
int nleft = len - sizeof(struct udphdr); /* we pass the udp header */
2460
2020-07-21
pjp
int sum = 0;
2461
2020-07-21
pjp
u_int16_t *w = &ph.i[0];
2462
2020-07-21
pjp
u_int16_t *u = (u_int16_t *)uh;
2463
2020-07-21
pjp
uint16_t answer;
2464
2020-07-21
pjp
2465
2020-07-21
pjp
memset(&ph, 0, sizeof(ph));
2466
2020-07-21
pjp
memcpy(&ph.s.src, &ip->ip_src.s_addr, sizeof(in_addr_t));
2467
2020-07-21
pjp
memcpy(&ph.s.dst, &ip->ip_dst.s_addr, sizeof(in_addr_t));
2468
2020-07-21
pjp
ph.s.pad = 0;
2469
2020-07-21
pjp
ph.s.proto = ip->ip_p;
2470
2020-07-21
pjp
ph.s.len = uh->uh_ulen;
2471
2020-07-21
pjp
sum = w[0] + w[1] + w[2] + w[3] + w[4] + w[5] + u[0] + u[1] + u[2];
2472
2020-07-21
pjp
w = addr;
2473
2020-07-21
pjp
2474
2020-07-21
pjp
while (nleft > 1) {
2475
2020-07-21
pjp
sum += *w++;
2476
2020-07-21
pjp
nleft -= 2;
2477
2020-07-21
pjp
}
2478
2020-07-21
pjp
if (nleft == 1) {
2479
2020-07-21
pjp
sum += htons(*(u_char *)w << 8);
2480
2020-07-21
pjp
}
2481
2020-07-21
pjp
2482
2020-07-21
pjp
sum = (sum >> 16) + (sum & 0xffff);
2483
2020-07-21
pjp
sum += (sum >> 16);
2484
2020-07-21
pjp
answer = ~sum;
2485
2020-07-21
pjp
return (answer);
2486
2020-07-21
pjp
}
2487
2020-07-21
pjp
2488
2020-07-21
pjp
/*
2489
2020-07-21
pjp
* UDP_CKSUM6 - compute the checksum with a pseudo header of the UDP6 packet
2490
2020-07-21
pjp
* RFC 8200 section 8.1
2491
2020-07-21
pjp
*/
2492
2020-07-21
pjp
2493
2020-07-21
pjp
uint16_t
2494
2020-07-21
pjp
udp_cksum6(u_int16_t *addr, uint16_t len, struct ip6_hdr *ip6, struct udphdr *uh)
2495
2020-07-21
pjp
{
2496
2020-07-21
pjp
union {
2497
2020-07-21
pjp
struct ph {
2498
2020-07-21
pjp
struct in6_addr src;
2499
2020-07-21
pjp
struct in6_addr dst;
2500
2020-07-21
pjp
u_int32_t len;
2501
2020-07-21
pjp
u_int8_t pad[3];
2502
2020-07-21
pjp
u_int8_t nxt;
2503
2020-07-21
pjp
} s __attribute__((packed));
2504
2020-07-21
pjp
2505
2020-07-21
pjp
u_int16_t i[20];
2506
2020-07-21
pjp
} ph;
2507
2020-07-21
pjp
2508
2020-07-21
pjp
int nleft = len - sizeof(struct udphdr); /* we pass the udp header */
2509
2020-07-21
pjp
int sum;
2510
2020-07-21
pjp
u_int16_t *w = &ph.i[0];
2511
2020-07-21
pjp
u_int16_t *u = (u_int16_t *)uh;
2512
2020-07-21
pjp
uint16_t answer;
2513
2020-07-21
pjp
2514
2020-07-21
pjp
memset(&ph, 0, sizeof(ph));
2515
2020-07-21
pjp
memcpy(&ph.s.src, &ip6->ip6_src, sizeof(struct in6_addr));
2516
2020-07-21
pjp
memcpy(&ph.s.dst, &ip6->ip6_dst, sizeof(struct in6_addr));
2517
2020-07-21
pjp
ph.s.len = htonl(len);
2518
2020-07-21
pjp
ph.s.nxt = ip6->ip6_nxt;
2519
2020-07-21
pjp
2520
2020-07-21
pjp
sum = w[0] + w[1] + w[2] + w[3] + w[4] + w[5] + \
2521
2020-07-21
pjp
w[6] + w[7] + w[8] + w[9] + w[10] + \
2522
2020-07-21
pjp
w[11] + w[12] + w[13] + w[14] + w[15] + \
2523
2020-07-21
pjp
w[16] + w[17] + w[18] + w[19] + u[0] + u[1] + u[2];
2524
2020-07-21
pjp
2525
2020-07-21
pjp
w = addr;
2526
2020-07-21
pjp
2527
2020-07-21
pjp
while (nleft > 1) {
2528
2020-07-21
pjp
sum += *w++;
2529
2020-07-21
pjp
nleft -= 2;
2530
2020-07-21
pjp
}
2531
2020-07-21
pjp
if (nleft == 1) {
2532
2020-07-21
pjp
sum += htons(*(u_char *)w << 8);
2533
2020-07-21
pjp
}
2534
2020-07-21
pjp
2535
2020-07-21
pjp
sum = (sum >> 16) + (sum & 0xffff);
2536
2020-07-21
pjp
sum += (sum >> 16);
2537
2020-07-21
pjp
answer = ~sum;
2538
2020-07-21
pjp
return (answer);
2539
2019-11-12
pjp
}
repomaster@centroid.eu