// When a service is started or a browse is started with the Anonymous data, we allocate a new random // number and based on that allocate a new NSEC3 resource record whose hash is a function of random number (salt) and // the anonymous data. // // If we receive a packet with the NSEC3 option, we need to cache that along with the resource record so that we can // check against the question to see whether it answers them or not. In that case, we pass the "rr" that we received. mDNSexport AnonymousInfo *AllocateAnonInfo(const domainname *service, const mDNSu8 *data, int len, const ResourceRecord *rr) { AnonymousInfo *ai; ai = (AnonymousInfo *)mDNSPlatformMemAllocate(sizeof(AnonymousInfo)); if (!ai) { return mDNSNULL; } mDNSPlatformMemZero(ai, sizeof(AnonymousInfo)); if (rr) { if (!CopyNSEC3ResourceRecord(ai, rr)) { mDNSPlatformMemFree(ai); return mDNSNULL; } return ai; } ai->salt = mDNSRandom(0xFFFFFFFF); ai->AnonData = mDNSPlatformMemAllocate(len); if (!ai->AnonData) { mDNSPlatformMemFree(ai); return mDNSNULL; } ai->AnonDataLen = len; mDNSPlatformMemCopy(ai->AnonData, data, len); ai->nsec3RR = ConstructNSEC3Record(service, data, len, ai->salt); if (!ai->nsec3RR) { mDNSPlatformMemFree(ai); return mDNSNULL; } return ai; }
// Send a DNSSEC probe just for the sake of collecting DNSSEC statistics. mDNSexport void DNSSECProbe(mDNS *const m) { mDNSu32 rand; if (DNSSECProbeQuestion.ThisQInterval != -1) return; rand = mDNSRandom(0x3FFFFFFF) % 100; // Probe 5% of the time if (rand > 5) return; mDNS_DropLockBeforeCallback(); InitializeQuestion(m, &DNSSECProbeQuestion, mDNSInterface_Any, (const domainname *)"\003com", kDNSType_DS, DNSSECProbeCallback, mDNSNULL); DNSSECProbeQuestion.ValidatingResponse = 0; DNSSECProbeQuestion.ValidationRequired = DNSSEC_VALIDATION_SECURE; BumpDNSSECStats(m, kStatsActionIncrement, kStatsTypeProbe, 1); mDNS_StartQuery(m, &DNSSECProbeQuestion); mDNS_ReclaimLockAfterCallback(); }