Commit Diff
Diff:
987ce2160c85b95de5b60b891d5f11ebcdb94b6f
0fbf42207e6c9fcf6cf2065ff60e5cd7a0af79eb
Commit:
0fbf42207e6c9fcf6cf2065ff60e5cd7a0af79eb
Tree:
19aba8afeec8de152b0f147a1e68dc39eeb6560b
Author:
pjp <pjp@delphinusdns.org>
Committer:
pjp <pjp@delphinusdns.org>
Date:
Thu Jul 16 09:03:20 2020 UTC
Message:
build_fake_question takes a dnsname and its len not an entire packet. This was a big bug! give tcp packets the original queried name as well make sure that buffer changes don't leak back in build_fake_question()
blob - b157355fd667c7a81217d221afa21c2dd7596218
blob + 1e6f1eb2531fa0627327d79a41c2faf6a0596a41
--- delphinusdnsd.c
+++ delphinusdnsd.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: delphinusdnsd.c,v 1.129 2020/07/16 06:35:55 pjp Exp $
+ * $Id: delphinusdnsd.c,v 1.130 2020/07/16 09:03:20 pjp Exp $
*/
@@ -3215,7 +3215,7 @@ forwardtcp:
break;
}
- memcpy(&sforward->buf, question->hdr->name, question->hdr->namelen);
+ memcpy(&sforward->buf, question->hdr->original_name, question->hdr->namelen);
sforward->buflen = question->hdr->namelen;
memcpy((char *)&sforward->header, pbuf, sizeof(struct dns_header));
blob - 2f83d9ba3ca956c6887b8c21ee36a3aa77c9ddc6
blob + c7b06ce58e05b7041bb29207037f86969d749289
--- forward.c
+++ forward.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: forward.c,v 1.30 2020/07/16 07:27:32 pjp Exp $
+ * $Id: forward.c,v 1.31 2020/07/16 09:03:20 pjp Exp $
*/
#include <sys/types.h>
@@ -99,6 +99,7 @@ struct forwardentry {
SLIST_HEAD(, forwardqueue) fwqhead;
struct forwardqueue {
+ char orig_dnsname[DNS_MAXNAME]; /* what we reply with */
char dnsname[DNS_MAXNAME]; /* the request name */
char dnsnamelen; /* the len of dnsname */
uint32_t longid; /* a long identifier */
@@ -904,7 +905,6 @@ newqueue:
* our dns question a little bit...
*/
- randomize_dnsname(sforward->buf, sforward->buflen);
TAILQ_FOREACH(fw2, &forwardhead, forward_entry) {
if (fw2->active == 1)
@@ -932,6 +932,10 @@ newqueue:
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
return;
}
+ memcpy(&fwq1->orig_dnsname, sforward->buf, sforward->buflen);
+
+ randomize_dnsname(sforward->buf, sforward->buflen);
+
memcpy(&fwq1->dnsname, sforward->buf, sforward->buflen);
fwq1->dnsnamelen = sforward->buflen;
@@ -1030,8 +1034,10 @@ sendit(struct forwardqueue *fwq, struct sforward *sfor
{
struct dns_header *dh;
struct question *q;
+
char *buf, *p, *packet;
char *tsigname;
+
int len = 0, outlen;
int tsignamelen = 0;
@@ -1053,7 +1059,7 @@ sendit(struct forwardqueue *fwq, struct sforward *sfor
tsignamelen = 0;
}
- q = build_fake_question(sforward->buf, sforward->buflen, sforward->type, tsigname, tsignamelen);
+ q = build_fake_question(fwq->orig_dnsname, fwq->dnsnamelen, sforward->type, tsigname, tsignamelen);
if (q == NULL) {
dolog(LOG_INFO, "build_fake_question failed\n");
@@ -1207,6 +1213,7 @@ returnit(ddDB *db, struct cfg *cfg, struct forwardqueu
}
}
+
/* send it on to our sandbox */
if (pi == NULL) {
pi = (struct pkt_imsg *)calloc(1, sizeof(struct pkt_imsg));
@@ -1405,9 +1412,12 @@ endimsg:
SET_DNS_RECURSION(dh);
SET_DNS_RECURSION_AVAIL(dh);
HTONS(dh->query);
+
+ /* restore any possible 0x20 caseings, must be after TSIG checks */
+ memcpy((char *)&dh[1], fwq->orig_dnsname, fwq->dnsnamelen);
if (fwq->haveoldmac) {
- q = build_fake_question(p, rlen, DNS_TYPE_A, fwq->oldkeyname, fwq->oldkeynamelen);
+ q = build_fake_question(fwq->orig_dnsname, fwq->dnsnamelen, DNS_TYPE_A, fwq->oldkeyname, fwq->oldkeynamelen);
if (q == NULL) {
dolog(LOG_INFO, "build_fake_question failed\n");
blob - 4e34503e48d54a8043846681dc1afc9e821cc324
blob + 18e43390857568d46c715f4c33b956a0d58c526b
--- util.c
+++ util.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: util.c,v 1.69 2020/07/16 07:27:32 pjp Exp $
+ * $Id: util.c,v 1.70 2020/07/16 09:03:20 pjp Exp $
*/
#include <sys/types.h>
@@ -824,9 +824,9 @@ build_fake_question(char *name, int namelen, u_int16_t
/* fill our name into the dns header struct */
memcpy(q->hdr->original_name, name, q->hdr->namelen);
-
- lower_dnsname(name, namelen);
memcpy(q->hdr->name, name, q->hdr->namelen);
+
+ lower_dnsname(q->hdr->name, q->hdr->namelen);
q->hdr->qtype = type;
q->hdr->qclass = htons(DNS_CLASS_IN);
repomaster@centroid.eu