예제 #1
0
uint8_t *
ldns_tcp_read_wire_timeout(int sockfd, size_t *size, struct timeval timeout)
{
	uint8_t *wire;
	uint16_t wire_size;
	ssize_t bytes = 0, rc = 0;

	wire = LDNS_XMALLOC(uint8_t, 2);
	if (!wire) {
		*size = 0;
		return NULL;
	}
	
	while (bytes < 2) {
		if(!ldns_sock_wait(sockfd, timeout, 0)) {
			*size = 0;
			LDNS_FREE(wire);
			return NULL;
		}
		rc = recv(sockfd, (void*) (wire + bytes), 
				(size_t) (2 - bytes), 0);
		if (rc == -1 || rc == 0) {
			*size = 0;
			LDNS_FREE(wire);
			return NULL;
		}
                bytes += rc;
	}

	wire_size = ldns_read_uint16(wire);
	
	LDNS_FREE(wire);
	wire = LDNS_XMALLOC(uint8_t, wire_size);
	if (!wire) {
		*size = 0;
		return NULL;
	}
	bytes = 0;

	while (bytes < (ssize_t) wire_size) {
		if(!ldns_sock_wait(sockfd, timeout, 0)) {
			*size = 0;
			LDNS_FREE(wire);
			return NULL;
		}
		rc = recv(sockfd, (void*) (wire + bytes), 
				(size_t) (wire_size - bytes), 0);
		if (rc == -1 || rc == 0) {
			LDNS_FREE(wire);
			*size = 0;
			return NULL;
		}
                bytes += rc;
	}
	
	*size = (size_t) bytes;
	return wire;
}
예제 #2
0
int 
delegpt_rrset_add_ns(struct delegpt* dp, struct regional* region,
        struct ub_packed_rrset_key* ns_rrset, int lame)
{
	struct packed_rrset_data* nsdata = (struct packed_rrset_data*)
		ns_rrset->entry.data;
	size_t i;
	if(nsdata->security == sec_status_bogus)
		dp->bogus = 1;
	for(i=0; i<nsdata->count; i++) {
		if(nsdata->rr_len[i] < 2+1) continue; /* len + root label */
		if(dname_valid(nsdata->rr_data[i]+2, nsdata->rr_len[i]-2) !=
			(size_t)ldns_read_uint16(nsdata->rr_data[i]))
			continue; /* bad format */
		/* add rdata of NS (= wirefmt dname), skip rdatalen bytes */
		if(!delegpt_add_ns(dp, region, nsdata->rr_data[i]+2, lame))
			return 0;
	}
	return 1;
}
/**
 * Check if right hand name in NSEC is within zone
 * @param rrset: the NSEC rrset
 * @param zonename: the zone name.
 * @return true if BAD.
 */
static int sanitize_nsec_is_overreach(struct rrset_parse* rrset,
                                      uint8_t* zonename)
{
    struct rr_parse* rr;
    uint8_t* rhs;
    size_t len;
    log_assert(rrset->type == LDNS_RR_TYPE_NSEC);
    for(rr = rrset->rr_first; rr; rr = rr->next) {
        rhs = rr->ttl_data+4+2;
        len = ldns_read_uint16(rr->ttl_data+4);
        if(!dname_valid(rhs, len)) {
            /* malformed domain name in rdata */
            return 1;
        }
        if(!dname_subdomain_c(rhs, zonename)) {
            /* overreaching */
            return 1;
        }
    }
    /* all NSEC RRs OK */
    return 0;
}
/** get additional name from rrset RR, return false if no name present */
static int
get_additional_name(struct rrset_parse* rrset, struct rr_parse* rr,
                    uint8_t** nm, size_t* nmlen, ldns_buffer* pkt)
{
    size_t offset = 0;
    size_t len, oldpos;
    switch(rrset->type) {
    case LDNS_RR_TYPE_MB:
    case LDNS_RR_TYPE_MD:
    case LDNS_RR_TYPE_MF:
    case LDNS_RR_TYPE_NS:
        offset = 0;
        break;
    case LDNS_RR_TYPE_MX:
    case LDNS_RR_TYPE_KX:
        offset = 2;
        break;
    case LDNS_RR_TYPE_SRV:
        offset = 6;
        break;
    case LDNS_RR_TYPE_NAPTR:
        /* TODO: NAPTR not supported, glue stripped off */
        return 0;
    default:
        return 0;
    }
    len = ldns_read_uint16(rr->ttl_data+sizeof(uint32_t));
    if(len < offset+1)
        return 0; /* rdata field too small */
    *nm = rr->ttl_data+sizeof(uint32_t)+sizeof(uint16_t)+offset;
    oldpos = ldns_buffer_position(pkt);
    ldns_buffer_set_position(pkt, (size_t)(*nm - ldns_buffer_begin(pkt)));
    *nmlen = pkt_dname_len(pkt);
    ldns_buffer_set_position(pkt, oldpos);
    if(*nmlen == 0)
        return 0;
    return 1;
}
예제 #5
0
int
main(int argc, char *argv[])
{
	FILE *keyfp;
	char *keyname;
	ldns_rr *k;
	uint16_t flags;
	char *program = argv[0];
	int nofile = 0;
	ldns_rdf *origin = NULL;
	ldns_status result;

	argv++, argc--;
	while (argc && argv[0][0] == '-') {
		if (strcmp(argv[0], "-n") == 0) {
			nofile=1;
		}
		else {
			usage(stderr, program);
			exit(EXIT_FAILURE);
		}
		argv++, argc--;
	}

	if (argc != 1) {
		usage(stderr, program);
		exit(EXIT_FAILURE);
	}
	keyname = strdup(argv[0]);

	keyfp = fopen(keyname, "r");
	if (!keyfp) {
		fprintf(stderr, "Failed to open public key file %s: %s\n", keyname,
				strerror(errno));
		exit(EXIT_FAILURE);
	}

	result = ldns_rr_new_frm_fp(&k, keyfp, 0, &origin, NULL);
	/* what does this while loop do? */
	while (result == LDNS_STATUS_SYNTAX_ORIGIN) {
		result = ldns_rr_new_frm_fp(&k, keyfp, 0, &origin, NULL);
	}
	if (result != LDNS_STATUS_OK) {
		fprintf(stderr, "Could not read public key from file %s: %s\n", keyname, ldns_get_errorstr_by_id(result));
		exit(EXIT_FAILURE);
	}
	fclose(keyfp);

	flags = ldns_read_uint16(ldns_rdf_data(ldns_rr_dnskey_flags(k)));
	flags |= LDNS_KEY_REVOKE_KEY;

	if (!ldns_rr_dnskey_set_flags(k,
		ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16, flags)))
	{
		fprintf(stderr, "Revocation failed\n");
		exit(EXIT_FAILURE);
	}

	/* print the public key RR to .key */

	if (nofile)
		ldns_rr_print(stdout,k);
	else {
		keyfp = fopen(keyname, "w");
		if (!keyfp) {
			fprintf(stderr, "Unable to open %s: %s\n", keyname,
				strerror(errno));
			exit(EXIT_FAILURE);
		} else {
			ldns_rr_print(keyfp, k);
			fclose(keyfp);
			fprintf(stdout, "DNSKEY revoked\n");
		}
	}

	free(keyname);
	ldns_rr_free(k);

        exit(EXIT_SUCCESS);
}