Commit Diff
Diff:
6cd9729860d4b5a8981b50f24da0dec19d048737
4c18c446d65add0d2440bf516862a10b1ee213a7
Commit:
4c18c446d65add0d2440bf516862a10b1ee213a7
Tree:
1d3f785fbacb0156bb02eb284ec65ef4cf410116
Author:
pjp <pjp@delphinusdns.org>
Committer:
pjp <pjp@delphinusdns.org>
Date:
Sat Jul 18 14:10:16 2020 UTC
Message:
handle the AD flag in replies, this still needs reply.c fixes (done next week) fix the fcntl
blob - 58e70b858947fc23826e3a955b0fcf566a4da2f1
blob + c4a089abeb689678576be27cc87ce6cbc8ee7914
--- cache.c
+++ cache.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: cache.c,v 1.8 2020/07/16 12:02:38 pjp Exp $
+ * $Id: cache.c,v 1.9 2020/07/18 14:10:16 pjp Exp $
*/
#include <sys/types.h>
@@ -98,7 +98,7 @@ extern int dnssec;
extern int cache;
int cacheit(u_char *, u_char *, u_char *, struct imsgbuf *, struct imsgbuf *, struct cfg *);
-struct scache * build_cache(u_char *, u_char *, u_char *, uint16_t, char *, int, uint32_t, uint16_t, struct imsgbuf *, struct imsgbuf *, struct cfg *);
+struct scache * build_cache(u_char *, u_char *, u_char *, uint16_t, char *, int, uint32_t, uint16_t, struct imsgbuf *, struct imsgbuf *, struct cfg *, int);
void transmit_rr(struct scache *, void *, int);
@@ -156,7 +156,7 @@ static struct cache_logic supported_cache[] = {
struct scache *
-build_cache(u_char *payload, u_char *estart, u_char *end, uint16_t rdlen, char *name, int namelen, uint32_t dnsttl, uint16_t dnstype, struct imsgbuf *imsgbuf, struct imsgbuf *bimsgbuf, struct cfg *cfg)
+build_cache(u_char *payload, u_char *estart, u_char *end, uint16_t rdlen, char *name, int namelen, uint32_t dnsttl, uint16_t dnstype, struct imsgbuf *imsgbuf, struct imsgbuf *bimsgbuf, struct cfg *cfg, int authentic)
{
static struct scache ret;
@@ -172,6 +172,7 @@ build_cache(u_char *payload, u_char *estart, u_char *e
ret.imsgbuf = imsgbuf;
ret.bimsgbuf = bimsgbuf;
ret.cfg = cfg;
+ ret.authentic = authentic;
return (&ret);
}
@@ -196,6 +197,8 @@ transmit_rr(struct scache *scache, void *rr, int rrsiz
ri.rri_rr.ttl = scache->dnsttl;
ri.rri_rr.rrtype = scache->rrtype;
+ ri.rri_rr.authentic = scache->authentic;
+
memcpy(&ri.rri_rr.un, rr, rrsize);
ri.rri_rr.buflen = rrsize;
@@ -240,9 +243,14 @@ cacheit(u_char *payload, u_char *estart, u_char *end,
uint32_t rrttl;
struct cache_logic *cr;
+ int authentic = 0;
dh = (struct dns_header *)payload;
p += sizeof(struct dns_header); /* skip dns_header */
+
+ /* if the data sent back is authentic by the resolver set dnssecok */
+ if (ntohs(dh->query) & DNS_AD)
+ authentic = 1;
elen = 0,
memset(&expand, 0, sizeof(expand));
@@ -300,7 +308,7 @@ cacheit(u_char *payload, u_char *estart, u_char *end,
pb += 10; /* skip answerd */
- scache = build_cache(pb, estart, end, rdlen, expand, elen, rrttl, rrtype, imsgbuf, bimsgbuf, cfg);
+ scache = build_cache(pb, estart, end, rdlen, expand, elen, rrttl, rrtype, imsgbuf, bimsgbuf, cfg, authentic);
for (cr = supported_cache; cr->rrtype != 0; cr++) {
if (rrtype == cr->rrtype) {
blob - f08368ee86a88accf2f66e2d74c6e551c52235b4
blob + e16a16c1572b3e3a5d1ce920c389395609284c5d
--- ddd-db.h
+++ ddd-db.h
@@ -27,7 +27,7 @@
*/
/*
- * $Id: ddd-db.h,v 1.47 2020/07/15 20:27:15 pjp Exp $
+ * $Id: ddd-db.h,v 1.48 2020/07/18 14:10:16 pjp Exp $
*/
#ifndef _DB_H
@@ -442,6 +442,7 @@ struct scache {
int namelen;
uint32_t dnsttl;
uint16_t rrtype;
+ int authentic;
struct imsgbuf *imsgbuf;
struct imsgbuf *bimsgbuf;
struct cfg *cfg;
@@ -495,11 +496,12 @@ struct rr_imsg {
int namelen; /* 260 */
uint16_t rrtype; /* 262 */
uint32_t ttl; /* 266 */
+ int authentic;
- uint16_t buflen; /* 268 */
+ uint16_t buflen;
char un[0];
- } rr; /* 288 */
+ } rr;
} s;
char pad[8192];
blob - df2fe26fbf8df2d71a39596967e79762a391330f
blob + d58f3fdae5b71444314963e2c38aaa703f36fdf1
--- ddd-dns.h
+++ ddd-dns.h
@@ -27,7 +27,7 @@
*/
/*
- * $Id: ddd-dns.h,v 1.24 2020/07/16 06:35:55 pjp Exp $
+ * $Id: ddd-dns.h,v 1.25 2020/07/18 14:10:16 pjp Exp $
*/
#ifndef _DNS_H
@@ -118,6 +118,8 @@ struct dns_question_hdr {
#define DNS_TRUNC 0x200 /* Truncated (TC) */
#define DNS_RECURSE 0x100 /* if set Recursion Desired (RD) */
#define DNS_RECAVAIL 0x80 /* if set Recursion Available (RA) */
+#define DNS_AD 0x20 /* if set, Authentic Data (AD), RFC 2535 */
+#define DNS_CD 0x10 /* if set, Checking Disabled (CD), RFC 2535 */
#define DNS_BADVERS 0x10 /* RCODE (16) BADVERS RFC 2671 p. 6 */
#define DNS_NOTZONE 0xA /* RCODE - Not within zone section RFC 2136 */
#define DNS_NOTAUTH 0x9 /* RCODE - Not Authenticated RFC 2845 */
@@ -150,6 +152,8 @@ struct dns_question_hdr {
#define SET_DNS_TRUNCATION(x) ((x)->query |= (DNS_TRUNC))
#define SET_DNS_RECURSION(x) ((x)->query |= (DNS_RECURSE))
#define SET_DNS_RECURSION_AVAIL(x) ((x)->query |= (DNS_RECAVAIL))
+#define SET_DNS_AUTHENTIC_DATA(x) ((x)->query |= (DNS_AD))
+#define SET_DNS_CHECKING_DISABLED(x) ((x)->query |= (DNS_CD))
#define SET_DNS_RCODE_REFUSED(x) ((x)->query |= (DNS_REFUSED))
#define SET_DNS_RCODE_NOTIMPL(x) ((x)->query |= (DNS_NOTIMPL))
#define SET_DNS_RCODE_NAMEERR(x) ((x)->query |= (DNS_NAMEERR))
@@ -165,6 +169,8 @@ struct dns_question_hdr {
#define UNSET_DNS_TRUNCATION(x) ((x)->query &= ~(DNS_TRUNC))
#define UNSET_DNS_RECURSION(x) ((x)->query &= ~(DNS_RECURSE))
#define UNSET_DNS_RECURSION_AVAIL(x) ((x)->query &= ~(DNS_RECAVAIL))
+#define UNSET_DNS_AUTHENTIC_DATA(x) ((x)->query &= ~(DNS_AD))
+#define UNSET_DNS_CHECKING_DISABLED(x) ((x)->query &= ~(DNS_CD))
#define UNSET_DNS_RCODE_REFUSED(x) ((x)->query &= ~(DNS_REFUSED))
#define UNSET_DNS_RCODE_NOTIMPL(x) ((x)->query &= ~(DNS_NOTIMPL))
#define UNSET_DNS_RCODE_NAMEERR(x) ((x)->query &= ~(DNS_NAMEERR))
blob - a5b04f86aa07463d4ec391c647ea31c442aaac9a
blob + 742e2432efda25dc20283e7a9f04eaa5450920eb
--- forward.c
+++ forward.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: forward.c,v 1.35 2020/07/18 10:44:11 pjp Exp $
+ * $Id: forward.c,v 1.36 2020/07/18 14:10:16 pjp Exp $
*/
#include <sys/types.h>
@@ -644,7 +644,9 @@ drop:
pack32((char *)&ri->u.s.read, 1);
continue;
}
- flag_rr(rbt);
+
+ if (unpack32((char *)&ri->rri_rr.authentic) == 1)
+ flag_rr(rbt);
pack32((char *)&ri->u.s.read, 1);
} /* if */
@@ -1930,7 +1932,7 @@ fwdparseloop(struct imsgbuf *ibuf, struct imsgbuf *bib
dolog(LOG_INFO, "fcntl: %s\n", strerror(errno));
} else {
flags |= O_NONBLOCK;
- if (fcntl(bibuf->fd, F_SETFL, &flags, sizeof(flags)) < 0) {
+ if (fcntl(bibuf->fd, F_SETFL, &flags) < 0) {
dolog(LOG_INFO, "fcntl: %s\n", strerror(errno));
}
}
repomaster@centroid.eu