/**
* Fill CH class answer into buffer. Keeps query.
* @param pkt: buffer
* @param str: string to put into text record (<255).
* @param edns: edns reply information.
*/
static void
chaos_replystr(ldns_buffer* pkt, const char* str, struct edns_data* edns)
{
size_t len = strlen(str);
unsigned int rd = LDNS_RD_WIRE(ldns_buffer_begin(pkt));
unsigned int cd = LDNS_CD_WIRE(ldns_buffer_begin(pkt));
if(len>255) len=255; /* cap size of TXT record */
ldns_buffer_clear(pkt);
ldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip id */
ldns_buffer_write_u16(pkt, (uint16_t)(BIT_QR|BIT_RA));
if(rd) LDNS_RD_SET(ldns_buffer_begin(pkt));
if(cd) LDNS_CD_SET(ldns_buffer_begin(pkt));
ldns_buffer_write_u16(pkt, 1); /* qdcount */
ldns_buffer_write_u16(pkt, 1); /* ancount */
ldns_buffer_write_u16(pkt, 0); /* nscount */
ldns_buffer_write_u16(pkt, 0); /* arcount */
(void)query_dname_len(pkt); /* skip qname */
ldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip qtype */
ldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip qclass */
ldns_buffer_write_u16(pkt, 0xc00c); /* compr ptr to query */
ldns_buffer_write_u16(pkt, LDNS_RR_TYPE_TXT);
ldns_buffer_write_u16(pkt, LDNS_RR_CLASS_CH);
ldns_buffer_write_u32(pkt, 0); /* TTL */
ldns_buffer_write_u16(pkt, sizeof(uint8_t) + len);
ldns_buffer_write_u8(pkt, len);
ldns_buffer_write(pkt, str, len);
ldns_buffer_flip(pkt);
edns->edns_version = EDNS_ADVERTISED_VERSION;
edns->udp_size = EDNS_ADVERTISED_SIZE;
edns->bits &= EDNS_DO;
attach_edns_record(pkt, edns);
}
ldns_status
ldns_rr2buffer_wire(ldns_buffer *buffer, const ldns_rr *rr, int section)
{
uint16_t i;
uint16_t rdl_pos = 0;
if (ldns_rr_owner(rr)) {
(void) ldns_dname2buffer_wire(buffer, ldns_rr_owner(rr));
}
if (ldns_buffer_reserve(buffer, 4)) {
(void) ldns_buffer_write_u16(buffer, ldns_rr_get_type(rr));
(void) ldns_buffer_write_u16(buffer, ldns_rr_get_class(rr));
}
if (section != LDNS_SECTION_QUESTION) {
if (ldns_buffer_reserve(buffer, 6)) {
ldns_buffer_write_u32(buffer, ldns_rr_ttl(rr));
/* remember pos for later */
rdl_pos = ldns_buffer_position(buffer);
ldns_buffer_write_u16(buffer, 0);
}
for (i = 0; i < ldns_rr_rd_count(rr); i++) {
(void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr, i));
}
if (rdl_pos != 0) {
ldns_buffer_write_u16_at(buffer, rdl_pos,
ldns_buffer_position(buffer)
- rdl_pos - 2);
}
}
return ldns_buffer_status(buffer);
}
static ldns_status
ldns_tsig_mac_new(ldns_rdf **tsig_mac, uint8_t *pkt_wire, size_t pkt_wire_size,
const char *key_data, ldns_rdf *key_name_rdf, ldns_rdf *fudge_rdf,
ldns_rdf *algorithm_rdf, ldns_rdf *time_signed_rdf, ldns_rdf *error_rdf,
ldns_rdf *other_data_rdf, ldns_rdf *orig_mac_rdf, int tsig_timers_only)
{
ldns_status status;
char *wireformat;
int wiresize;
unsigned char *mac_bytes = NULL;
unsigned char *key_bytes = NULL;
int key_size;
const EVP_MD *digester;
char *algorithm_name = NULL;
unsigned int md_len = EVP_MAX_MD_SIZE;
ldns_rdf *result = NULL;
ldns_buffer *data_buffer = NULL;
ldns_rdf *canonical_key_name_rdf = NULL;
ldns_rdf *canonical_algorithm_rdf = NULL;
if (key_name_rdf == NULL || algorithm_rdf == NULL) {
return LDNS_STATUS_NULL;
}
canonical_key_name_rdf = ldns_rdf_clone(key_name_rdf);
if (canonical_key_name_rdf == NULL) {
return LDNS_STATUS_MEM_ERR;
}
canonical_algorithm_rdf = ldns_rdf_clone(algorithm_rdf);
if (canonical_algorithm_rdf == NULL) {
ldns_rdf_deep_free(canonical_key_name_rdf);
return LDNS_STATUS_MEM_ERR;
}
/*
* prepare the digestable information
*/
data_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
if (!data_buffer) {
status = LDNS_STATUS_MEM_ERR;
goto clean;
}
/* if orig_mac is not NULL, add it too */
if (orig_mac_rdf) {
(void) ldns_rdf2buffer_wire(data_buffer, orig_mac_rdf);
}
ldns_buffer_write(data_buffer, pkt_wire, pkt_wire_size);
if (!tsig_timers_only) {
ldns_dname2canonical(canonical_key_name_rdf);
(void)ldns_rdf2buffer_wire(data_buffer,
canonical_key_name_rdf);
ldns_buffer_write_u16(data_buffer, LDNS_RR_CLASS_ANY);
ldns_buffer_write_u32(data_buffer, 0);
ldns_dname2canonical(canonical_algorithm_rdf);
(void)ldns_rdf2buffer_wire(data_buffer,
canonical_algorithm_rdf);
}
(void)ldns_rdf2buffer_wire(data_buffer, time_signed_rdf);
(void)ldns_rdf2buffer_wire(data_buffer, fudge_rdf);
if (!tsig_timers_only) {
(void)ldns_rdf2buffer_wire(data_buffer, error_rdf);
(void)ldns_rdf2buffer_wire(data_buffer, other_data_rdf);
}
wireformat = (char *) data_buffer->_data;
wiresize = (int) ldns_buffer_position(data_buffer);
algorithm_name = ldns_rdf2str(algorithm_rdf);
if(!algorithm_name) {
status = LDNS_STATUS_MEM_ERR;
goto clean;
}
/* prepare the key */
key_bytes = LDNS_XMALLOC(unsigned char,
ldns_b64_pton_calculate_size(strlen(key_data)));
if(!key_bytes) {
status = LDNS_STATUS_MEM_ERR;
goto clean;
}
key_size = ldns_b64_pton(key_data, key_bytes,
ldns_b64_pton_calculate_size(strlen(key_data)));
if (key_size < 0) {
status = LDNS_STATUS_INVALID_B64;
goto clean;
}
/* hmac it */
/* 2 spare bytes for the length */
mac_bytes = LDNS_XMALLOC(unsigned char, md_len+2);
if(!mac_bytes) {
status = LDNS_STATUS_MEM_ERR;
goto clean;
}
memset(mac_bytes, 0, md_len+2);
digester = ldns_digest_function(algorithm_name);
if (digester) {
(void) HMAC(digester, key_bytes, key_size, (void *)wireformat,
(size_t) wiresize, mac_bytes + 2, &md_len);
ldns_write_uint16(mac_bytes, md_len);
result = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT16_DATA, md_len + 2,
mac_bytes);
} else {
status = LDNS_STATUS_CRYPTO_UNKNOWN_ALGO;
goto clean;
}
*tsig_mac = result;
status = LDNS_STATUS_OK;
clean:
LDNS_FREE(mac_bytes);
LDNS_FREE(key_bytes);
LDNS_FREE(algorithm_name);
ldns_buffer_free(data_buffer);
ldns_rdf_deep_free(canonical_algorithm_rdf);
ldns_rdf_deep_free(canonical_key_name_rdf);
return status;
}
ldns_status
ldns_rr2buffer_wire_canonical(ldns_buffer *buffer,
const ldns_rr *rr,
int section)
{
uint16_t i;
uint16_t rdl_pos = 0;
bool pre_rfc3597 = false;
switch (ldns_rr_get_type(rr)) {
case LDNS_RR_TYPE_NS:
case LDNS_RR_TYPE_MD:
case LDNS_RR_TYPE_MF:
case LDNS_RR_TYPE_CNAME:
case LDNS_RR_TYPE_SOA:
case LDNS_RR_TYPE_MB:
case LDNS_RR_TYPE_MG:
case LDNS_RR_TYPE_MR:
case LDNS_RR_TYPE_PTR:
case LDNS_RR_TYPE_HINFO:
case LDNS_RR_TYPE_MINFO:
case LDNS_RR_TYPE_MX:
case LDNS_RR_TYPE_RP:
case LDNS_RR_TYPE_AFSDB:
case LDNS_RR_TYPE_RT:
case LDNS_RR_TYPE_SIG:
case LDNS_RR_TYPE_PX:
case LDNS_RR_TYPE_NXT:
case LDNS_RR_TYPE_NAPTR:
case LDNS_RR_TYPE_KX:
case LDNS_RR_TYPE_SRV:
case LDNS_RR_TYPE_DNAME:
case LDNS_RR_TYPE_A6:
pre_rfc3597 = true;
break;
default:
break;
}
if (ldns_rr_owner(rr)) {
(void) ldns_rdf2buffer_wire_canonical(buffer, ldns_rr_owner(rr));
}
if (ldns_buffer_reserve(buffer, 4)) {
(void) ldns_buffer_write_u16(buffer, ldns_rr_get_type(rr));
(void) ldns_buffer_write_u16(buffer, ldns_rr_get_class(rr));
}
if (section != LDNS_SECTION_QUESTION) {
if (ldns_buffer_reserve(buffer, 6)) {
ldns_buffer_write_u32(buffer, ldns_rr_ttl(rr));
/* remember pos for later */
rdl_pos = ldns_buffer_position(buffer);
ldns_buffer_write_u16(buffer, 0);
}
for (i = 0; i < ldns_rr_rd_count(rr); i++) {
if (pre_rfc3597) {
(void) ldns_rdf2buffer_wire_canonical(buffer,
ldns_rr_rdf(rr, i));
} else {
(void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr, i));
}
}
if (rdl_pos != 0) {
ldns_buffer_write_u16_at(buffer, rdl_pos,
ldns_buffer_position(buffer)
- rdl_pos - 2);
}
}
return ldns_buffer_status(buffer);
}
/** store rrset in buffer in wireformat, return RETVAL_* */
static int
packed_rrset_encode(struct ub_packed_rrset_key* key, ldns_buffer* pkt,
uint16_t* num_rrs, uint32_t timenow, struct regional* region,
int do_data, int do_sig, struct compress_tree_node** tree,
ldns_pkt_section s, uint16_t qtype, int dnssec, size_t rr_offset)
{
size_t i, j, owner_pos;
int r, owner_labs;
uint16_t owner_ptr = 0;
struct packed_rrset_data* data = (struct packed_rrset_data*)
key->entry.data;
/* does this RR type belong in the answer? */
if(!rrset_belongs_in_reply(s, ntohs(key->rk.type), qtype, dnssec))
return RETVAL_OK;
owner_labs = dname_count_labels(key->rk.dname);
owner_pos = ldns_buffer_position(pkt);
if(do_data) {
const ldns_rr_descriptor* c = type_rdata_compressable(key);
for(i=0; i<data->count; i++) {
/* rrset roundrobin */
j = (i + rr_offset) % data->count;
if((r=compress_owner(key, pkt, region, tree,
owner_pos, &owner_ptr, owner_labs))
!= RETVAL_OK)
return r;
ldns_buffer_write(pkt, &key->rk.type, 2);
ldns_buffer_write(pkt, &key->rk.rrset_class, 2);
if(data->rr_ttl[j] < timenow)
ldns_buffer_write_u32(pkt, 0);
else ldns_buffer_write_u32(pkt,
data->rr_ttl[j]-timenow);
if(c) {
if((r=compress_rdata(pkt, data->rr_data[j],
data->rr_len[j], region, tree, c))
!= RETVAL_OK)
return r;
} else {
if(ldns_buffer_remaining(pkt) < data->rr_len[j])
return RETVAL_TRUNC;
ldns_buffer_write(pkt, data->rr_data[j],
data->rr_len[j]);
}
}
}
/* insert rrsigs */
if(do_sig && dnssec) {
size_t total = data->count+data->rrsig_count;
for(i=data->count; i<total; i++) {
if(owner_ptr && owner_labs != 1) {
if(ldns_buffer_remaining(pkt) <
2+4+4+data->rr_len[i])
return RETVAL_TRUNC;
ldns_buffer_write(pkt, &owner_ptr, 2);
} else {
if((r=compress_any_dname(key->rk.dname,
pkt, owner_labs, region, tree))
!= RETVAL_OK)
return r;
if(ldns_buffer_remaining(pkt) <
4+4+data->rr_len[i])
return RETVAL_TRUNC;
}
ldns_buffer_write_u16(pkt, LDNS_RR_TYPE_RRSIG);
ldns_buffer_write(pkt, &key->rk.rrset_class, 2);
if(data->rr_ttl[i] < timenow)
ldns_buffer_write_u32(pkt, 0);
else ldns_buffer_write_u32(pkt,
data->rr_ttl[i]-timenow);
/* rrsig rdata cannot be compressed, perform 100+ byte
* memcopy. */
ldns_buffer_write(pkt, data->rr_data[i],
data->rr_len[i]);
}
}
/* change rrnum only after we are sure it fits */
if(do_data)
*num_rrs += data->count;
if(do_sig && dnssec)
*num_rrs += data->rrsig_count;
return RETVAL_OK;
}
