Commit Diff
Diff:
1dbf2f2bd2bda248ccff35a4c2960d7905b995b7
82ea98372abfb9fa8bbb514455c7b1cf4b74b25a
Commit:
82ea98372abfb9fa8bbb514455c7b1cf4b74b25a
Tree:
71440a05af313b705f0e4ad891837175c15f5a87
Author:
pjp <pjp@delphinusdns.org>
Committer:
pjp <pjp@delphinusdns.org>
Date:
Wed Jan 11 10:14:35 2017 UTC
Message:
ENT support for DNSSEC's reply_noerror() move memcasecmp to util.c create a find_match_nsec3_ent() based on find_match_nsec3() which differs slightly check_ent() in find_match_nsec3() to determine if we are an ENT
blob - 0be8d23bac3de996432d17a65f1e7e527b8c469f
blob + e66ae29dfb7d132698ec926fd368acb9a4a3467e
--- dd-convert/Makefile.freebsd
+++ dd-convert/Makefile.freebsd
@@ -2,7 +2,7 @@
PROG=dd-convert
-SRCS=dd-convert.c parse.y base64.c dnssec.c util.c
+SRCS=dd-convert.c parse.y base64.c dnssec.c util.c ent.c
CFLAGS= -Wall -g -I/usr/local/include/db5 -I${.CURDIR}/..
LDFLAGS= -Wall -g -L/usr/local/lib/db5
blob - 8c2f600d63d305a1bab4f2af6ce6e713421bd7fb
blob + 86c52b503c6017ec160324a9d5c24a8ebb57e320
--- dd-convert/Makefile.netbsd
+++ dd-convert/Makefile.netbsd
@@ -2,7 +2,7 @@
PROG=dd-convert
-SRCS=dd-convert.c parse.y base64.c dnssec.c util.c
+SRCS=dd-convert.c parse.y base64.c dnssec.c util.c ent.c
CFLAGS= -g -I/usr/pkg/include/db5/
CFLAGS+= -I${.CURDIR}/..
blob - a71369d0de34e7167fe7f0cc90e2fffd5c12eacf
blob + 39c82222a38d0493ea84c75c959578f7f9ce1542
--- dd-convert/Makefile.openbsd
+++ dd-convert/Makefile.openbsd
@@ -2,7 +2,7 @@
PROG=dd-convert
-SRCS=dd-convert.c parse.y base64.c dnssec.c util.c
+SRCS=dd-convert.c parse.y base64.c dnssec.c util.c ent.c
CFLAGS= -Wall -g -I/usr/local/include/db4 -I${.CURDIR}/..
LDFLAGS= -Wall -g -L/usr/local/lib/db4
blob - 0ad0c3a7bf27799f33c2eb491a5b43bffa1d70b7
blob + 5bbbf1e1af01252bb9cb65d4ffec576dc31c6adc
--- delphinusdnsd.c
+++ delphinusdnsd.c
@@ -53,6 +53,7 @@ extern void init_filter(void);
extern void init_notifyslave(void);
extern void init_whitelist(void);
extern struct domain * lookup_zone(DB *, struct question *, int *, int *, char *);
+extern int memcasecmp(u_char *, u_char *, int);
extern void recurseloop(int sp, int *, DB *);
extern void receivelog(char *, int);
extern int reply_a(struct sreply *, DB *);
@@ -99,7 +100,6 @@ int lookup_type(int);
void mainloop(struct cfg *);
void master_reload(int);
void master_shutdown(int);
-int memcasecmp(u_char *, u_char *, int);
void recurseheader(struct srecurseheader *, int, struct sockaddr_storage *, struct sockaddr_storage *, int);
void setup_master(DB *, DB_ENV *, char **);
void slave_signal(int);
@@ -170,7 +170,7 @@ static struct tcps {
} *tn1, *tnp, *tntmp;
-static const char rcsid[] = "$Id: delphinusdnsd.c,v 1.8 2017/01/09 14:26:50 pjp Exp $";
+static const char rcsid[] = "$Id: delphinusdnsd.c,v 1.9 2017/01/11 10:14:35 pjp Exp $";
/*
* MAIN - set up arguments, set up database, set up sockets, call mainloop
@@ -1454,38 +1454,6 @@ out:
return (offset);
}
-/*
- * MEMCASECMP - check if buffer is identical to another buffer with
- * one exception if a character is alphabetic it's
- * compared to it's lower case value so that heLLo is
- * the same as hello
- */
-
-int
-memcasecmp(u_char *b1, u_char *b2, int len)
-{
- int i;
- int identical = 1;
-
- for (i = 0; i < len; i++) {
- int c0, c1;
-
- c0 = b1[i];
- c1 = b2[i];
-
- if ((isalpha(c0) ? tolower(c0) : c0) !=
- (isalpha(c1) ? tolower(c1) : c1)) {
- identical = 0;
- break;
- }
- }
-
- if (identical)
- return 0;
-
- return 1; /* XXX */
-}
-
/*
blob - d02b6067403a5cd7f787941e15a202e6dc161aa6
blob + ea0adaaaa1c4a07f71a7fb3cc114bbcc07ef1da7
--- dnssec.c
+++ dnssec.c
@@ -38,6 +38,7 @@ int insert_apex(char *zonename, char *zone, int zonele
int insert_nsec3(char *zonename, char *domainname, char *dname, int dnamelen);
char * find_next_closer_nsec3(char *zonename, int zonelen, char *hashname);
char * find_match_nsec3(char *zonename, int zonelen, char *hashname);
+char * find_match_nsec3_ent(char *zonename, int zonelen, char *hashname);
struct domain * find_nsec(char *name, int namelen, struct domain *sd, DB *db);
struct domain * find_nsec3_match_qname(char *name, int namelen, struct domain *sd, DB *db);
struct domain * find_nsec3_match_closest(char *name, int namelen, struct domain *sd, DB *db);
@@ -60,8 +61,9 @@ extern int checklabel(DB *, struct domain
extern struct question *build_fake_question(char *, int, u_int16_t);
extern int free_question(struct question *);
extern void * find_substruct(struct domain *, u_int16_t);
+extern int check_ent(char *, int);
+extern int memcasecmp(u_char *, u_char *, int);
-
SLIST_HEAD(listhead, dnssecentry) dnssechead;
static struct nsec3entry {
@@ -210,6 +212,48 @@ find_next_closer_nsec3(char *zonename, int zonelen, ch
}
char *
+find_match_nsec3_ent(char *zonename, int zonelen, char *hashname)
+{
+ int hashlen;
+ int count;
+
+ hashlen = strlen(hashname);
+
+ SLIST_FOREACH(dnp, &dnssechead, dnssec_entry) {
+ if (zonelen == dnp->zonelen &&
+ (memcasecmp(dnp->zone, zonename, zonelen) == 0))
+ break;
+ }
+
+ if (dnp == NULL)
+ return NULL;
+
+ /* we have found the zone, now find the next closer hash for nsec3 */
+
+ count = 0;
+ TAILQ_FOREACH(n3, &dnp->nsec3head, nsec3_entries) {
+ if (strncasecmp(hashname, n3->domainname, hashlen) < 0) {
+ if (count == 0)
+ n3 = TAILQ_LAST(&dnp->nsec3head, a);
+ else
+ n3 = TAILQ_PREV(n3, a, nsec3_entries);
+ break;
+ }
+ count++;
+ }
+
+ if (n3 == NULL) {
+ return NULL;
+ }
+
+#ifdef DEBUG
+ dolog(LOG_INFO, "resolved at %s\n", n3->domainname);
+#endif
+
+ return (n3->domainname);
+}
+
+char *
find_match_nsec3(char *zonename, int zonelen, char *hashname)
{
int hashlen;
@@ -1194,8 +1238,11 @@ find_nsec3_match_qname(char *name, int namelen, struct
#if DEBUG
dolog(LOG_INFO, "hashname = %s\n", hashname);
#endif
-
- dname = find_match_nsec3(sd->zone, sd->zonelen, hashname);
+
+ if (check_ent(name, namelen))
+ dname = find_match_nsec3_ent(sd->zone, sd->zonelen, hashname);
+ else
+ dname = find_match_nsec3(sd->zone, sd->zonelen, hashname);
if (dname == NULL)
return NULL;
blob - 3e75f5be1ff21164ae80085ccb9390c641db2635
blob + 7ae6b43d4e44f2fbd93cb16d7f45b2d5daba73d5
--- util.c
+++ util.c
@@ -44,6 +44,7 @@ struct question *build_fake_question(char *, int, u_i
extern void dolog(int, char *, ...);
char *get_dns_type(int, int);
+int memcasecmp(u_char *, u_char *, int);
/* externs */
@@ -743,3 +744,34 @@ get_dns_type(int dnstype, int withbracket)
return (type);
}
+/*
+ * MEMCASECMP - check if buffer is identical to another buffer with
+ * one exception if a character is alphabetic it's
+ * compared to it's lower case value so that heLLo is
+ * the same as hello
+ */
+
+int
+memcasecmp(u_char *b1, u_char *b2, int len)
+{
+ int i;
+ int identical = 1;
+
+ for (i = 0; i < len; i++) {
+ int c0, c1;
+
+ c0 = b1[i];
+ c1 = b2[i];
+
+ if ((isalpha(c0) ? tolower(c0) : c0) !=
+ (isalpha(c1) ? tolower(c1) : c1)) {
+ identical = 0;
+ break;
+ }
+ }
+
+ if (identical)
+ return 0;
+
+ return 1; /* XXX */
+}
repomaster@centroid.eu