Commit Diff
Diff:
945f5a4c24cec0fe8e0df65d8657a9b3b32f3f10
0b734eadc998e8efd2a0ca00166e255d9f0e0f8b
Commit:
0b734eadc998e8efd2a0ca00166e255d9f0e0f8b
Tree:
52d3991c7482a170bb81ec29653ab80b13b50847
Author:
pjp <pjp@delphinusdns.org>
Committer:
pjp <pjp@delphinusdns.org>
Date:
Tue Nov 17 08:03:45 2015 UTC
Message:
fill_nsec3 needs to base32hex_decode the nextname first as it came in from the config file, then it's served as binary in the lookups
blob - 1198972152850c72265c1420db6b9b900a1bba9b
blob + 4f0341830e4a68bd9212b6becedf963ebf17e313
--- dnssec.c
+++ dnssec.c
@@ -49,6 +49,8 @@ int count_dots(char *name);
struct domain * find_next_closer(DB *db, char *name, int namelen);
char * hash_name(char *name, int len, struct nsec3param *n3p);
char * base32hex_encode(u_char *input, int len);
+int base32hex_decode(u_char *, u_char *);
+void mysetbit(u_char *, int);
extern int get_record_size(DB *, char *, int);
extern char * dns_label(char *, int *);
@@ -658,6 +660,85 @@ hash_name(char *name, int len, struct nsec3param *n3p)
return (base32hex_encode(md, sizeof(md)));
}
+
+void
+mysetbit(u_char *input, int pos)
+{
+ int bit;
+ int byte;
+
+ byte = pos / 8;
+ bit = pos % 8;
+
+ switch (bit) {
+ case 0:
+ input[byte] |= 128;
+ break;
+ case 1:
+ input[byte] |= 64;
+ break;
+ case 2:
+ input[byte] |= 32;
+ break;
+ case 3:
+ input[byte] |= 16;
+ break;
+ case 4:
+ input[byte] |= 8;
+ break;
+ case 5:
+ input[byte] |= 4;
+ break;
+ case 6:
+ input[byte] |= 2;
+ break;
+ case 7:
+ input[byte] |= 1;
+ break;
+ }
+
+ return;
+}
+
+int
+base32hex_decode(u_char *input, u_char *output)
+{
+ u_int8_t tmp;
+ u_char *character = "0123456789abcdefghijklmnopqrstuv=";
+ u_char *start = character, *p = character;
+ int i, j;
+ int len;
+ int bit = 0;
+
+ len = (strlen(input) * 5) / 8;
+
+ memset(output, 0, len);
+
+ for (i = 0; i < strlen(input); i++) {
+ if (input[i] == '=')
+ continue;
+
+ input[i] = tolower(input[i]);
+ for (p = character; *p && *p != input[i]; p++);
+ if (p == NULL)
+ return 0;
+
+ tmp = (p - start);
+ tmp <<= 3;
+
+ for (j = 0; j < 5; j++) {
+ if (tmp & 128)
+ mysetbit(output, bit);
+
+ bit++;
+ tmp <<= 1;
+ }
+ }
+
+ return (len);
+}
+
+
char *
base32hex_encode(u_char *input, int len)
blob - 2afc2a5d256640d2a03f497a232d9be548dbb0f4
blob + 07b8ed0b1bb5a63f2ac99fdd6a7ac8aee98d7fff
--- parse.y
+++ parse.y
@@ -26,6 +26,7 @@
#include "db.h"
+extern int base32hex_decode(u_char *, u_char *);
extern void dolog(int, char *, ...);
extern char *dns_label(char *, int *);
extern u_int8_t find_region(struct sockaddr_storage *, int);
@@ -105,7 +106,7 @@ typedef struct {
#define YYSTYPE_IS_DECLARED 1
#endif
-static const char rcsid[] = "$Id: parse.y,v 1.28 2015/11/10 11:04:07 pjp Exp $";
+static const char rcsid[] = "$Id: parse.y,v 1.29 2015/11/17 08:03:45 pjp Exp $";
static int version = 0;
static int state = 0;
static uint8_t region = 0;
@@ -2416,8 +2417,6 @@ fill_nsec3(char *name, char *type, u_int32_t myttl, u_
void *sdomain, *tp;
struct domain *ssd;
struct domain_nsec3 *ssd_nsec3;
- int converted_namelen, converted_domainnamelen;
- char *converted_name, *converted_domainname;
int i, rs;
for (i = 0; i < strlen(name); i++) {
@@ -2473,13 +2472,6 @@ fill_nsec3(char *name, char *type, u_int32_t myttl, u_
nextname[i] = tolower((int)nextname[i]);
}
- converted_domainname = check_rr(nextname, type, DNS_TYPE_NSEC3, &converted_domainnamelen);
- if (converted_name == NULL) {
- if (debug)
- dolog(LOG_INFO, "check_rr failed\n");
- return -1;
- }
-
ssd_nsec3 = (struct domain_nsec3 *)find_substruct(ssd, INTERNAL_TYPE_NSEC3);
if (ssd_nsec3 == NULL) {
rs += sizeof(struct domain_nsec3);
@@ -2511,8 +2503,11 @@ fill_nsec3(char *name, char *type, u_int32_t myttl, u_
memcpy(&ssd_nsec3->nsec3.salt, salt, strlen(salt));
}
- memcpy(ssd_nsec3->nsec3.next, converted_domainname, converted_domainnamelen);
- ssd_nsec3->nsec3.nextlen = converted_domainnamelen;
+ ssd_nsec3->nsec3.nextlen = base32hex_decode(nextname, (u_char*)&ssd_nsec3->nsec3.next);
+ if (ssd_nsec3->nsec3.nextlen == 0) {
+ dolog(LOG_INFO, "base32_decode faulty");
+ return -1;
+ }
/* XXX create/manage bitmap */
create_nsec_bitmap(bitmap, ssd_nsec3->nsec3.bitmap, (int *)&ssd_nsec3->nsec3.bitmap_len);
repomaster@centroid.eu