uint8_t *
ldns_tcp_read_wire_timeout(int sockfd, size_t *size, struct timeval timeout)
{
uint8_t *wire;
uint16_t wire_size;
ssize_t bytes = 0, rc = 0;
wire = LDNS_XMALLOC(uint8_t, 2);
if (!wire) {
*size = 0;
return NULL;
}
while (bytes < 2) {
if(!ldns_sock_wait(sockfd, timeout, 0)) {
*size = 0;
LDNS_FREE(wire);
return NULL;
}
rc = recv(sockfd, (void*) (wire + bytes),
(size_t) (2 - bytes), 0);
if (rc == -1 || rc == 0) {
*size = 0;
LDNS_FREE(wire);
return NULL;
}
bytes += rc;
}
wire_size = ldns_read_uint16(wire);
LDNS_FREE(wire);
wire = LDNS_XMALLOC(uint8_t, wire_size);
if (!wire) {
*size = 0;
return NULL;
}
bytes = 0;
while (bytes < (ssize_t) wire_size) {
if(!ldns_sock_wait(sockfd, timeout, 0)) {
*size = 0;
LDNS_FREE(wire);
return NULL;
}
rc = recv(sockfd, (void*) (wire + bytes),
(size_t) (wire_size - bytes), 0);
if (rc == -1 || rc == 0) {
LDNS_FREE(wire);
*size = 0;
return NULL;
}
bytes += rc;
}
*size = (size_t) bytes;
return wire;
}
int
delegpt_rrset_add_ns(struct delegpt* dp, struct regional* region,
struct ub_packed_rrset_key* ns_rrset, int lame)
{
struct packed_rrset_data* nsdata = (struct packed_rrset_data*)
ns_rrset->entry.data;
size_t i;
if(nsdata->security == sec_status_bogus)
dp->bogus = 1;
for(i=0; i<nsdata->count; i++) {
if(nsdata->rr_len[i] < 2+1) continue; /* len + root label */
if(dname_valid(nsdata->rr_data[i]+2, nsdata->rr_len[i]-2) !=
(size_t)ldns_read_uint16(nsdata->rr_data[i]))
continue; /* bad format */
/* add rdata of NS (= wirefmt dname), skip rdatalen bytes */
if(!delegpt_add_ns(dp, region, nsdata->rr_data[i]+2, lame))
return 0;
}
return 1;
}
/**
* Check if right hand name in NSEC is within zone
* @param rrset: the NSEC rrset
* @param zonename: the zone name.
* @return true if BAD.
*/
static int sanitize_nsec_is_overreach(struct rrset_parse* rrset,
uint8_t* zonename)
{
struct rr_parse* rr;
uint8_t* rhs;
size_t len;
log_assert(rrset->type == LDNS_RR_TYPE_NSEC);
for(rr = rrset->rr_first; rr; rr = rr->next) {
rhs = rr->ttl_data+4+2;
len = ldns_read_uint16(rr->ttl_data+4);
if(!dname_valid(rhs, len)) {
/* malformed domain name in rdata */
return 1;
}
if(!dname_subdomain_c(rhs, zonename)) {
/* overreaching */
return 1;
}
}
/* all NSEC RRs OK */
return 0;
}
/** get additional name from rrset RR, return false if no name present */
static int
get_additional_name(struct rrset_parse* rrset, struct rr_parse* rr,
uint8_t** nm, size_t* nmlen, ldns_buffer* pkt)
{
size_t offset = 0;
size_t len, oldpos;
switch(rrset->type) {
case LDNS_RR_TYPE_MB:
case LDNS_RR_TYPE_MD:
case LDNS_RR_TYPE_MF:
case LDNS_RR_TYPE_NS:
offset = 0;
break;
case LDNS_RR_TYPE_MX:
case LDNS_RR_TYPE_KX:
offset = 2;
break;
case LDNS_RR_TYPE_SRV:
offset = 6;
break;
case LDNS_RR_TYPE_NAPTR:
/* TODO: NAPTR not supported, glue stripped off */
return 0;
default:
return 0;
}
len = ldns_read_uint16(rr->ttl_data+sizeof(uint32_t));
if(len < offset+1)
return 0; /* rdata field too small */
*nm = rr->ttl_data+sizeof(uint32_t)+sizeof(uint16_t)+offset;
oldpos = ldns_buffer_position(pkt);
ldns_buffer_set_position(pkt, (size_t)(*nm - ldns_buffer_begin(pkt)));
*nmlen = pkt_dname_len(pkt);
ldns_buffer_set_position(pkt, oldpos);
if(*nmlen == 0)
return 0;
return 1;
}
int
main(int argc, char *argv[])
{
FILE *keyfp;
char *keyname;
ldns_rr *k;
uint16_t flags;
char *program = argv[0];
int nofile = 0;
ldns_rdf *origin = NULL;
ldns_status result;
argv++, argc--;
while (argc && argv[0][0] == '-') {
if (strcmp(argv[0], "-n") == 0) {
nofile=1;
}
else {
usage(stderr, program);
exit(EXIT_FAILURE);
}
argv++, argc--;
}
if (argc != 1) {
usage(stderr, program);
exit(EXIT_FAILURE);
}
keyname = strdup(argv[0]);
keyfp = fopen(keyname, "r");
if (!keyfp) {
fprintf(stderr, "Failed to open public key file %s: %s\n", keyname,
strerror(errno));
exit(EXIT_FAILURE);
}
result = ldns_rr_new_frm_fp(&k, keyfp, 0, &origin, NULL);
/* what does this while loop do? */
while (result == LDNS_STATUS_SYNTAX_ORIGIN) {
result = ldns_rr_new_frm_fp(&k, keyfp, 0, &origin, NULL);
}
if (result != LDNS_STATUS_OK) {
fprintf(stderr, "Could not read public key from file %s: %s\n", keyname, ldns_get_errorstr_by_id(result));
exit(EXIT_FAILURE);
}
fclose(keyfp);
flags = ldns_read_uint16(ldns_rdf_data(ldns_rr_dnskey_flags(k)));
flags |= LDNS_KEY_REVOKE_KEY;
if (!ldns_rr_dnskey_set_flags(k,
ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16, flags)))
{
fprintf(stderr, "Revocation failed\n");
exit(EXIT_FAILURE);
}
/* print the public key RR to .key */
if (nofile)
ldns_rr_print(stdout,k);
else {
keyfp = fopen(keyname, "w");
if (!keyfp) {
fprintf(stderr, "Unable to open %s: %s\n", keyname,
strerror(errno));
exit(EXIT_FAILURE);
} else {
ldns_rr_print(keyfp, k);
fclose(keyfp);
fprintf(stdout, "DNSKEY revoked\n");
}
}
free(keyname);
ldns_rr_free(k);
exit(EXIT_SUCCESS);
}
