/** * Fill CH class answer into buffer. Keeps query. * @param pkt: buffer * @param str: string to put into text record (<255). * @param edns: edns reply information. */ static void chaos_replystr(ldns_buffer* pkt, const char* str, struct edns_data* edns) { size_t len = strlen(str); unsigned int rd = LDNS_RD_WIRE(ldns_buffer_begin(pkt)); unsigned int cd = LDNS_CD_WIRE(ldns_buffer_begin(pkt)); if(len>255) len=255; /* cap size of TXT record */ ldns_buffer_clear(pkt); ldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip id */ ldns_buffer_write_u16(pkt, (uint16_t)(BIT_QR|BIT_RA)); if(rd) LDNS_RD_SET(ldns_buffer_begin(pkt)); if(cd) LDNS_CD_SET(ldns_buffer_begin(pkt)); ldns_buffer_write_u16(pkt, 1); /* qdcount */ ldns_buffer_write_u16(pkt, 1); /* ancount */ ldns_buffer_write_u16(pkt, 0); /* nscount */ ldns_buffer_write_u16(pkt, 0); /* arcount */ (void)query_dname_len(pkt); /* skip qname */ ldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip qtype */ ldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip qclass */ ldns_buffer_write_u16(pkt, 0xc00c); /* compr ptr to query */ ldns_buffer_write_u16(pkt, LDNS_RR_TYPE_TXT); ldns_buffer_write_u16(pkt, LDNS_RR_CLASS_CH); ldns_buffer_write_u32(pkt, 0); /* TTL */ ldns_buffer_write_u16(pkt, sizeof(uint8_t) + len); ldns_buffer_write_u8(pkt, len); ldns_buffer_write(pkt, str, len); ldns_buffer_flip(pkt); edns->edns_version = EDNS_ADVERTISED_VERSION; edns->udp_size = EDNS_ADVERTISED_SIZE; edns->bits &= EDNS_DO; attach_edns_record(pkt, edns); }
ldns_status ldns_rr2buffer_wire(ldns_buffer *buffer, const ldns_rr *rr, int section) { uint16_t i; uint16_t rdl_pos = 0; if (ldns_rr_owner(rr)) { (void) ldns_dname2buffer_wire(buffer, ldns_rr_owner(rr)); } if (ldns_buffer_reserve(buffer, 4)) { (void) ldns_buffer_write_u16(buffer, ldns_rr_get_type(rr)); (void) ldns_buffer_write_u16(buffer, ldns_rr_get_class(rr)); } if (section != LDNS_SECTION_QUESTION) { if (ldns_buffer_reserve(buffer, 6)) { ldns_buffer_write_u32(buffer, ldns_rr_ttl(rr)); /* remember pos for later */ rdl_pos = ldns_buffer_position(buffer); ldns_buffer_write_u16(buffer, 0); } for (i = 0; i < ldns_rr_rd_count(rr); i++) { (void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr, i)); } if (rdl_pos != 0) { ldns_buffer_write_u16_at(buffer, rdl_pos, ldns_buffer_position(buffer) - rdl_pos - 2); } } return ldns_buffer_status(buffer); }
static ldns_status ldns_tsig_mac_new(ldns_rdf **tsig_mac, uint8_t *pkt_wire, size_t pkt_wire_size, const char *key_data, ldns_rdf *key_name_rdf, ldns_rdf *fudge_rdf, ldns_rdf *algorithm_rdf, ldns_rdf *time_signed_rdf, ldns_rdf *error_rdf, ldns_rdf *other_data_rdf, ldns_rdf *orig_mac_rdf, int tsig_timers_only) { ldns_status status; char *wireformat; int wiresize; unsigned char *mac_bytes = NULL; unsigned char *key_bytes = NULL; int key_size; const EVP_MD *digester; char *algorithm_name = NULL; unsigned int md_len = EVP_MAX_MD_SIZE; ldns_rdf *result = NULL; ldns_buffer *data_buffer = NULL; ldns_rdf *canonical_key_name_rdf = NULL; ldns_rdf *canonical_algorithm_rdf = NULL; if (key_name_rdf == NULL || algorithm_rdf == NULL) { return LDNS_STATUS_NULL; } canonical_key_name_rdf = ldns_rdf_clone(key_name_rdf); if (canonical_key_name_rdf == NULL) { return LDNS_STATUS_MEM_ERR; } canonical_algorithm_rdf = ldns_rdf_clone(algorithm_rdf); if (canonical_algorithm_rdf == NULL) { ldns_rdf_deep_free(canonical_key_name_rdf); return LDNS_STATUS_MEM_ERR; } /* * prepare the digestable information */ data_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN); if (!data_buffer) { status = LDNS_STATUS_MEM_ERR; goto clean; } /* if orig_mac is not NULL, add it too */ if (orig_mac_rdf) { (void) ldns_rdf2buffer_wire(data_buffer, orig_mac_rdf); } ldns_buffer_write(data_buffer, pkt_wire, pkt_wire_size); if (!tsig_timers_only) { ldns_dname2canonical(canonical_key_name_rdf); (void)ldns_rdf2buffer_wire(data_buffer, canonical_key_name_rdf); ldns_buffer_write_u16(data_buffer, LDNS_RR_CLASS_ANY); ldns_buffer_write_u32(data_buffer, 0); ldns_dname2canonical(canonical_algorithm_rdf); (void)ldns_rdf2buffer_wire(data_buffer, canonical_algorithm_rdf); } (void)ldns_rdf2buffer_wire(data_buffer, time_signed_rdf); (void)ldns_rdf2buffer_wire(data_buffer, fudge_rdf); if (!tsig_timers_only) { (void)ldns_rdf2buffer_wire(data_buffer, error_rdf); (void)ldns_rdf2buffer_wire(data_buffer, other_data_rdf); } wireformat = (char *) data_buffer->_data; wiresize = (int) ldns_buffer_position(data_buffer); algorithm_name = ldns_rdf2str(algorithm_rdf); if(!algorithm_name) { status = LDNS_STATUS_MEM_ERR; goto clean; } /* prepare the key */ key_bytes = LDNS_XMALLOC(unsigned char, ldns_b64_pton_calculate_size(strlen(key_data))); if(!key_bytes) { status = LDNS_STATUS_MEM_ERR; goto clean; } key_size = ldns_b64_pton(key_data, key_bytes, ldns_b64_pton_calculate_size(strlen(key_data))); if (key_size < 0) { status = LDNS_STATUS_INVALID_B64; goto clean; } /* hmac it */ /* 2 spare bytes for the length */ mac_bytes = LDNS_XMALLOC(unsigned char, md_len+2); if(!mac_bytes) { status = LDNS_STATUS_MEM_ERR; goto clean; } memset(mac_bytes, 0, md_len+2); digester = ldns_digest_function(algorithm_name); if (digester) { (void) HMAC(digester, key_bytes, key_size, (void *)wireformat, (size_t) wiresize, mac_bytes + 2, &md_len); ldns_write_uint16(mac_bytes, md_len); result = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT16_DATA, md_len + 2, mac_bytes); } else { status = LDNS_STATUS_CRYPTO_UNKNOWN_ALGO; goto clean; } *tsig_mac = result; status = LDNS_STATUS_OK; clean: LDNS_FREE(mac_bytes); LDNS_FREE(key_bytes); LDNS_FREE(algorithm_name); ldns_buffer_free(data_buffer); ldns_rdf_deep_free(canonical_algorithm_rdf); ldns_rdf_deep_free(canonical_key_name_rdf); return status; }
ldns_status ldns_rr2buffer_wire_canonical(ldns_buffer *buffer, const ldns_rr *rr, int section) { uint16_t i; uint16_t rdl_pos = 0; bool pre_rfc3597 = false; switch (ldns_rr_get_type(rr)) { case LDNS_RR_TYPE_NS: case LDNS_RR_TYPE_MD: case LDNS_RR_TYPE_MF: case LDNS_RR_TYPE_CNAME: case LDNS_RR_TYPE_SOA: case LDNS_RR_TYPE_MB: case LDNS_RR_TYPE_MG: case LDNS_RR_TYPE_MR: case LDNS_RR_TYPE_PTR: case LDNS_RR_TYPE_HINFO: case LDNS_RR_TYPE_MINFO: case LDNS_RR_TYPE_MX: case LDNS_RR_TYPE_RP: case LDNS_RR_TYPE_AFSDB: case LDNS_RR_TYPE_RT: case LDNS_RR_TYPE_SIG: case LDNS_RR_TYPE_PX: case LDNS_RR_TYPE_NXT: case LDNS_RR_TYPE_NAPTR: case LDNS_RR_TYPE_KX: case LDNS_RR_TYPE_SRV: case LDNS_RR_TYPE_DNAME: case LDNS_RR_TYPE_A6: pre_rfc3597 = true; break; default: break; } if (ldns_rr_owner(rr)) { (void) ldns_rdf2buffer_wire_canonical(buffer, ldns_rr_owner(rr)); } if (ldns_buffer_reserve(buffer, 4)) { (void) ldns_buffer_write_u16(buffer, ldns_rr_get_type(rr)); (void) ldns_buffer_write_u16(buffer, ldns_rr_get_class(rr)); } if (section != LDNS_SECTION_QUESTION) { if (ldns_buffer_reserve(buffer, 6)) { ldns_buffer_write_u32(buffer, ldns_rr_ttl(rr)); /* remember pos for later */ rdl_pos = ldns_buffer_position(buffer); ldns_buffer_write_u16(buffer, 0); } for (i = 0; i < ldns_rr_rd_count(rr); i++) { if (pre_rfc3597) { (void) ldns_rdf2buffer_wire_canonical(buffer, ldns_rr_rdf(rr, i)); } else { (void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr, i)); } } if (rdl_pos != 0) { ldns_buffer_write_u16_at(buffer, rdl_pos, ldns_buffer_position(buffer) - rdl_pos - 2); } } return ldns_buffer_status(buffer); }
/** store rrset in buffer in wireformat, return RETVAL_* */ static int packed_rrset_encode(struct ub_packed_rrset_key* key, ldns_buffer* pkt, uint16_t* num_rrs, uint32_t timenow, struct regional* region, int do_data, int do_sig, struct compress_tree_node** tree, ldns_pkt_section s, uint16_t qtype, int dnssec, size_t rr_offset) { size_t i, j, owner_pos; int r, owner_labs; uint16_t owner_ptr = 0; struct packed_rrset_data* data = (struct packed_rrset_data*) key->entry.data; /* does this RR type belong in the answer? */ if(!rrset_belongs_in_reply(s, ntohs(key->rk.type), qtype, dnssec)) return RETVAL_OK; owner_labs = dname_count_labels(key->rk.dname); owner_pos = ldns_buffer_position(pkt); if(do_data) { const ldns_rr_descriptor* c = type_rdata_compressable(key); for(i=0; i<data->count; i++) { /* rrset roundrobin */ j = (i + rr_offset) % data->count; if((r=compress_owner(key, pkt, region, tree, owner_pos, &owner_ptr, owner_labs)) != RETVAL_OK) return r; ldns_buffer_write(pkt, &key->rk.type, 2); ldns_buffer_write(pkt, &key->rk.rrset_class, 2); if(data->rr_ttl[j] < timenow) ldns_buffer_write_u32(pkt, 0); else ldns_buffer_write_u32(pkt, data->rr_ttl[j]-timenow); if(c) { if((r=compress_rdata(pkt, data->rr_data[j], data->rr_len[j], region, tree, c)) != RETVAL_OK) return r; } else { if(ldns_buffer_remaining(pkt) < data->rr_len[j]) return RETVAL_TRUNC; ldns_buffer_write(pkt, data->rr_data[j], data->rr_len[j]); } } } /* insert rrsigs */ if(do_sig && dnssec) { size_t total = data->count+data->rrsig_count; for(i=data->count; i<total; i++) { if(owner_ptr && owner_labs != 1) { if(ldns_buffer_remaining(pkt) < 2+4+4+data->rr_len[i]) return RETVAL_TRUNC; ldns_buffer_write(pkt, &owner_ptr, 2); } else { if((r=compress_any_dname(key->rk.dname, pkt, owner_labs, region, tree)) != RETVAL_OK) return r; if(ldns_buffer_remaining(pkt) < 4+4+data->rr_len[i]) return RETVAL_TRUNC; } ldns_buffer_write_u16(pkt, LDNS_RR_TYPE_RRSIG); ldns_buffer_write(pkt, &key->rk.rrset_class, 2); if(data->rr_ttl[i] < timenow) ldns_buffer_write_u32(pkt, 0); else ldns_buffer_write_u32(pkt, data->rr_ttl[i]-timenow); /* rrsig rdata cannot be compressed, perform 100+ byte * memcopy. */ ldns_buffer_write(pkt, data->rr_data[i], data->rr_len[i]); } } /* change rrnum only after we are sure it fits */ if(do_data) *num_rrs += data->count; if(do_sig && dnssec) *num_rrs += data->rrsig_count; return RETVAL_OK; }