Commit Diff
Diff:
5e42f1230dc527b3ba00c1f133e5bc8de0b4b4c6
9053d5942f361f8aa34220ea404616bf1f787415
Commit:
9053d5942f361f8aa34220ea404616bf1f787415
Tree:
1f8585ea76d3224178f41c24eb856a31c6100503
Author:
pjp <pjp@delphinusdns.org>
Committer:
pjp <pjp@delphinusdns.org>
Date:
Sat Nov 9 07:53:45 2019 UTC
Message:
give correct answers on a signed delegation add additional_ds()
blob - ca3c72b3301fcd9cf964f5e068682329bee973cf
blob + 624de4c622b805a61c683683d481423df3f66890
--- additional.c
+++ additional.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: additional.c,v 1.28 2019/06/07 04:25:50 pjp Exp $
+ * $Id: additional.c,v 1.29 2019/11/09 07:53:45 pjp Exp $
*/
#include <sys/types.h>
@@ -69,6 +69,7 @@
int additional_a(char *, int, struct rbtree *, char *, int, int, int *);
int additional_aaaa(char *, int, struct rbtree *, char *, int, int, int *);
int additional_mx(char *, int, struct rbtree *, char *, int, int, int *);
+int additional_ds(char *, int, struct rbtree *, char *, int, int, int *);
int additional_opt(struct question *, char *, int, int);
int additional_ptr(char *, int, struct rbtree *, char *, int, int, int *);
int additional_rrsig(char *, int, int, struct rbtree *, char *, int, int, int);
@@ -938,4 +939,89 @@ additional_nsec3(char *name, int namelen, int inttype,
out:
return (offset);
+}
+
+/*
+ * ADDITIONAL_DS() - replies a DNS question (*q) on socket (so)
+ * based on additional_mx()
+ *
+ */
+
+int
+additional_ds(char *name, int namelen, struct rbtree *rbt, char *reply, int replylen, int offset, int *retcount)
+{
+ int ds_count = 0;
+ int tmplen;
+ int rroffset = offset;
+
+ struct answer {
+ u_int16_t type;
+ u_int16_t class;
+ u_int32_t ttl;
+ u_int16_t rdlength;
+ u_int16_t key_tag;
+ u_int8_t algorithm;
+ u_int8_t digest_type;
+
+ } __attribute__((packed));
+
+ struct answer *answer;
+ struct rrset *rrset = NULL;
+ struct rr *rrp = NULL;
+
+ *retcount = 0;
+
+ if ((rrset = find_rr(rbt, DNS_TYPE_DS)) == NULL)
+ return 0;
+
+
+ TAILQ_FOREACH(rrp, &rrset->rr_head, entries) {
+ rroffset = offset;
+
+ if ((offset + namelen) > replylen)
+ return 0;
+
+ memcpy(&reply[offset], name, namelen);
+ offset += namelen;
+ tmplen = compress_label((u_char*)reply, offset, namelen);
+
+ if (tmplen != 0) {
+ offset = tmplen;
+ }
+
+ if ((offset + sizeof(struct answer)) > replylen) {
+ offset = rroffset;
+ return 0;
+ }
+
+ answer = (struct answer *)&reply[offset];
+
+ answer->type = htons(DNS_TYPE_DS);
+ answer->class = htons(DNS_CLASS_IN);
+ answer->ttl = htonl(((struct ds *)rrp->rdata)->ttl);
+ answer->key_tag = htons(((struct ds *)rrp->rdata)->key_tag);
+ answer->algorithm = ((struct ds *)rrp->rdata)->algorithm;
+ answer->digest_type = ((struct ds *)rrp->rdata)->digest_type;
+
+ offset += sizeof(struct answer);
+
+ if ((offset + ((struct ds *)rrp->rdata)->digestlen) > replylen) {
+ offset = rroffset;
+ return 0;
+ }
+
+ memcpy(&reply[offset], ((struct ds *)rrp->rdata)->digest,
+ ((struct ds *)rrp->rdata)->digestlen);
+
+ offset += ((struct ds *)rrp->rdata)->digestlen;
+
+ answer->rdlength = htons(((struct ds *)rrp->rdata)->digestlen + sizeof(u_int16_t) + sizeof(u_int8_t) + sizeof(u_int8_t));
+
+
+ (*retcount)++;
+
+ ds_count++;
+ }
+
+ return (offset);
}
blob - 08d4d9aa4d7860f0e81797724cf0b03eb9f96f40
blob + 8c61c164e160e803b9f52b7097d959fa43766e57
--- reply.c
+++ reply.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: reply.c,v 1.86 2019/10/31 16:34:35 pjp Exp $
+ * $Id: reply.c,v 1.87 2019/11/09 07:53:45 pjp Exp $
*/
#include <sys/types.h>
@@ -75,6 +75,7 @@ extern int additional_nsec3(char *, int, int, struct
extern int additional_a(char *, int, struct rbtree *, char *, int, int, int *);
extern int additional_aaaa(char *, int, struct rbtree *, char *, int, int, int *);
extern int additional_mx(char *, int, struct rbtree *, char *, int, int, int *);
+extern int additional_ds(char *, int, struct rbtree *, char *, int, int, int *);
extern int additional_ptr(char *, int, struct rbtree *, char *, int, int, int *);
extern int additional_opt(struct question *, char *, int, int);
extern int additional_tsig(struct question *, char *, int, int, int, int, HMAC_CTX *);
@@ -1929,6 +1930,7 @@ reply_ns(struct sreply *sreply, ddDB *db)
u_int16_t rollback;
int ns_type;
int delegation, addiscount;
+ int addcount = 0;
SLIST_HEAD(, addis) addishead;
struct addis {
@@ -2061,16 +2063,16 @@ reply_ns(struct sreply *sreply, ddDB *db)
}
if (delegation) {
- rbt0 = get_soa(db, q);
- if (rbt0 == NULL) {
- free(rbt1);
- return -1;
- }
+ tmplen = additional_ds(rbt1->zone, rbt1->zonelen, rbt1, reply, replysize, outlen, &addcount);
+ if (tmplen != 0) {
+ outlen = tmplen;
- nrbt = find_nsec3_match_qname(rbt1->zone, rbt1->zonelen, rbt0, db);
- if (nrbt != NULL) {
- tmplen = additional_nsec3(nrbt->zone, nrbt->zonelen, DNS_TYPE_NSEC3, nrbt, reply, replysize, outlen);
+ NTOHS(odh->nsrr);
+ odh->nsrr += addcount;
+ HTONS(odh->nsrr);
+ tmplen = additional_rrsig(rbt1->zone, rbt1->zonelen, DNS_TYPE_DS, rbt1, reply, replysize, outlen, 0);
+
if (tmplen == 0) {
NTOHS(odh->query);
SET_DNS_TRUNCATION(odh);
@@ -2084,23 +2086,46 @@ reply_ns(struct sreply *sreply, ddDB *db)
outlen = tmplen;
- /* additional_nsec3 adds an RRSIG automatically */
- if (delegation) {
+ NTOHS(odh->nsrr);
+ odh->nsrr += 1;
+ HTONS(odh->nsrr);
+
+ } else {
+ rbt0 = get_soa(db, q);
+ if (rbt0 == NULL) {
+ free(rbt1);
+ return -1;
+ }
+
+ nrbt = find_nsec3_match_qname(rbt1->zone, rbt1->zonelen, rbt0, db);
+ if (nrbt != NULL) {
+ tmplen = additional_nsec3(nrbt->zone, nrbt->zonelen, DNS_TYPE_NSEC3, nrbt, reply, replysize, outlen);
+
+ if (tmplen == 0) {
+ NTOHS(odh->query);
+ SET_DNS_TRUNCATION(odh);
+ HTONS(odh->query);
+ odh->answer = 0;
+ odh->nsrr = 0;
+ odh->additional = 0;
+ outlen = rollback;
+ goto out;
+ }
+
+ outlen = tmplen;
+
+ /* additional_nsec3 adds an RRSIG automatically */
NTOHS(odh->nsrr);
odh->nsrr += 2;
HTONS(odh->nsrr);
- } else {
- NTOHS(odh->answer);
- odh->answer += 2;
- HTONS(odh->answer);
+
+ free(nrbt);
}
- free(nrbt);
- }
-
free(rbt0);
- }
- }
+ } /* nrbt != NULL */
+ } /* else tmplen != 0 */
+ } /* if delegation */
if (delegation)
free(rbt1);
repomaster@centroid.eu