interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'develop' into hackathon/zeroconf-dnssec

This commit is contained in:
Willem Toorop 2017-05-12 15:39:02 +02:00
parent edecca8b63 2ac13e0807
commit 67d787d74a
85 changed files with 5294 additions and 1428 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.travis.yml
View File

@ -13,6 +13,7 @@ addons:
- libev-dev
- valgrind
- clang
- wget
script:
- mkdir tests
- cd tests

19
ChangeLog
View File

@ -1,4 +1,17 @@
* 2017-04-??: Version 1.1.0
* 2017-04-13: Version 1.1.0
* bugfix: Check size of tls_auth_name.
* Improvements that came from Visual Studio static analysis
* Fix to compile with libressl. Thanks phicoh.
* Spelling fixes. Thanks Andreas Schulze.
* bugfix: Reschedule request timeout when getting the DNSSEC chain.
* getdns_context_unset_edns_maximum_udp_payload_size() to reset
to default IPv4/IPv6 dependent edns max udp payload size.
* Implement sensible default edns0 padding policy. Thanks DKG.
* Keep connections open with sync requests too.
* Fix of event loops so they do not give up with naked timers with
windows. Thanks Christian Huitema.
* Include peer certificate with DNS-over-TLS in combination with
the return_call_reporting extension.
* More fine grained control over TLS upstream retry and back off
behaviour with getdns_context_set_tls_backoff_time() and
getdns_context_set_tls_connection_retries().
@ -14,7 +27,7 @@
Thanks Neil Cook
* bugfix: authentication failure for self signed cert + only pinset
* bugfix: issue with session re-use making authentication appear to fail
* 2017-01-13: Version 1.0.0
* edns0_cookies extension enabled by default (per RFC7873)
* dnssec_roadblock_avoidance enabled by default (per RFC8027)
@ -167,7 +180,7 @@
'-1' to append suffix only to single label after failure
'-M' to append suffix only to multi label name after failure
'-N' to never append a suffix
'-Z <suffixes>' to set suffixes with the given comma separed list
'-Z <suffixes>' to set suffixes with the given comma separated list
* Better help text for getdns_query (printed with the '-h' option)
* Setting the +specify_class extension with getdns_query
* Return NOT_IMPLEMENTED for not implemented namespaces, and the

8
Makefile.in
View File

@ -97,16 +97,16 @@ doc: FORCE
example:
cd spec/example && $(MAKE) $@
test:
test: default
cd src && $(MAKE) $@
getdns_query:
getdns_query: default
cd src && $(MAKE) $@
stubby:
stubby: getdns_query
cd src && $(MAKE) $@
scratchpad:
scratchpad: default
cd src && $(MAKE) $@
pad: scratchpad

41
README.md
View File

@ -25,15 +25,23 @@ getdns also provides an experimental DNS Privacy enabled client called 'stubby'
The developers are of the opinion that DNSSEC offers a unique global infrastructure for establishing and enhancing cryptographic trust relations. With the development of this API we intend to offer application developers a modern and flexible interface that enables end-to-end trust in the DNS architecture, and which will inspire application developers to implement innovative security solutions in their applications.
### API Documentation
Note that this implementation offers additional functionality to supplement that in the [official getdns API](https://getdnsapi.net/documentation/spec/). Some additions are convenient utility functions but other functionality is experimental prior to be being recommended for inclusion in the official API. The [Doxygen documentation](https://getdnsapi.net/doxygen/modules.html) provides the details of the full API for this implementation.
## License
This implementation is licensed under the New BSD License (BSD-new).
Obtaining and getting started with getdns
=========================================
The project home page at [getdnsapi.net](https://getdnsapi.net) provides documentation, binary downloads, and news regarding the getdns API implementation. This file captures the goals and direction of the project and the current state of the implementation.
The project home page at [getdnsapi.net](https://getdnsapi.net) provides documentation, binary downloads, and news regarding the getdns API implementation. This README file captures the goals and direction of the project and the current state of the implementation.
If you are just getting started with the library take a look at the section below that describes building and handling external dependencies for the library.
### Examples
Once it is built you should take a look at src/examples to see how the library is used.
If you are just getting started with the library take a look at the section below that describes building and handling external dependencies for the library. Once it is built you should take a look at src/examples to see how the library is used.
# Download
@ -99,15 +107,9 @@ The implementation works with a variety of event loops, each built as a separate
## Stubby
* Stubby is an experimental implementation of a DNS Privacy enabled stub resolver. It is currently suitable for advanced/technical users - all feedback is welcome! Also see [dnsprivacy.org](https://dnsprivacy.org) for more information on DNS Privacy and stubby.
* By default stubby will attempt to use 'Opportunistic' Privacy for DNS queries.
* A sample configuration file is available in the source code (src/tools/stubby.conf) which uses 'Strict' Privacy and some of the available test DNS Privacy servers to resolve queries. Note these servers are test servers that offer no service guarantees. The location of a configuration file can be specified with the '-C' flag
* RECOMMENDED: Minimal logging output from Stubby is available (e.g. which servers are used and connection level statistics) by also using the '--enable-debug-daemon' flag when running 'configure'.
To use stubby
* Start stubby from the command line
* Test it by doing, for example, 'dig @127.0.0.1 www.example.com'
* Alter the default DNS resolvers on your system to point at localhost (127.0.0.1, ::1)
* Stubby is an experimental implementation of a DNS Privacy enabled stub resolver than encrypts DNS queries using TLS. It is currently suitable for advanced/technical users - all feedback is welcome!
* Details on how to use Stubby can be found in the [Stubby Reference Guide](https://getdnsapi.net/blog/dns-privacy-daemon-stubby).
* Also see [dnsprivacy.org](https://dnsprivacy.org) for more information on DNS Privacy.
## Regression Tests
@ -136,20 +138,20 @@ execute the following steps as root:
Support
=======
# Mailing lists
## Mailing lists
We have a [getdns users list](https://getdnsapi.net/mailman/listinfo/users) for this implementation.
The [getdns-api mailing list](https://getdnsapi.net/mailman/listinfo/spec) is a good place to engage in discussions regarding the design of the API.
# Tickets and Bug Reports
## Tickets and Bug Reports
Tickets and bug reports should be reported via the [GitHub issues list](https://github.com/getdnsapi/getdns/issues).
Features of this release
========================
# Goals
## Goals
The goals of this implementation of the getdns API are:
@ -165,25 +167,20 @@ Non-goals (things we will not be doing at least initially) include:
* implementation of the traditional DNS related routines (gethostbyname, etc.)
# Official and Additional API
Note that this implementation offers additional functionality to supplement that in the official getdns API. Some additions are convenient utility functions but other functionality is experimental prior to be being recommended for inclusion in the official API. The 'Modules' page in the doxygen documentation provides a guide to both the official API and the additional functionality.
# Language Bindings
## Language Bindings
In parallel, the team is actively developing bindings for various languages.
For more information, visit the
[wiki](https://github.com/getdnsapi/getdns/wiki/Language-Bindings).
# Unsupported getDNS Features
## Unsupported getDNS Features
The following API calls are documented in getDNS but *not supported* by the implementation at this time:
* Disabling following of `CNAME`s with `getdns_context_set_follow_redirects()`
* Detecting changes to resolv.conf and hosts
* MDNS, NIS and NetBIOS namespaces (only DNS and LOCALFILES are supported)
## Minor omissions
### Minor omissions
The following minor implementation omissions are noted:

26
configure.ac
View File

@ -37,7 +37,7 @@ sinclude(./m4/ax_check_compile_flag.m4)
sinclude(./m4/pkg.m4)
AC_INIT([getdns], [1.1.0], [users@getdnsapi.net], [], [https://getdnsapi.net])
AC_SUBST(RELEASE_CANDIDATE, [-rc1])
AC_SUBST(RELEASE_CANDIDATE, [])
# Set current date from system if not set
AC_ARG_WITH([current-date],
@ -47,7 +47,7 @@ AC_ARG_WITH([current-date],
[CURRENT_DATE="`date -u +%Y-%m-%dT%H:%M:%SZ`"])
AC_SUBST(GETDNS_VERSION, ["AC_PACKAGE_VERSION$RELEASE_CANDIDATE"])
AC_SUBST(GETDNS_NUMERIC_VERSION, [0x0100C100])
AC_SUBST(GETDNS_NUMERIC_VERSION, [0x01010000])
AC_SUBST(API_VERSION, ["December 2015"])
AC_SUBST(API_NUMERIC_VERSION, [0x07df0c00])
GETDNS_COMPILATION_COMMENT="AC_PACKAGE_NAME $GETDNS_VERSION configured on $CURRENT_DATE for the $API_VERSION version of the API"
@ -77,7 +77,7 @@ GETDNS_COMPILATION_COMMENT="AC_PACKAGE_NAME $GETDNS_VERSION configured on $CURRE
# getdns-0.5.0 had libversion 4:0:3
# getdns-0.5.1 had libversion 4:1:3 (but should have been getdns-0.6.0)
# getdns-0.9.0 had libversion 5:0:4
# getdns-1.0.0 will have libversion 5:1:4
# getdns-1.0.0 had libversion 5:1:4
# getdns-1.1.0 will have libversion 6:0:0
#
GETDNS_LIBVERSION=6:0:0
@ -149,7 +149,7 @@ fi
])
ACX_ARG_RPATH
AC_ARG_ENABLE(debug-req, AC_HELP_STRING([--enable-debug-req], [Enable request debugging]))
AC_ARG_ENABLE(debug-sched, AC_HELP_STRING([--enable-debug-sched], [Enable scheduling debugging messages]))
AC_ARG_ENABLE(debug-stub, AC_HELP_STRING([--enable-debug-stub], [Enable stub debugging messages]))
AC_ARG_ENABLE(debug-daemon, AC_HELP_STRING([--enable-debug-daemon], [Enable daemon debugging messages]))
@ -159,6 +159,7 @@ AC_ARG_ENABLE(debug-anchor, AC_HELP_STRING([--enable-debug-anchor], [Enable anch
AC_ARG_ENABLE(all-debugging, AC_HELP_STRING([--enable-all-debugging], [Enable scheduling, stub and dnssec debugging]))
case "$enable_all_debugging" in
yes)
enable_debug_req=yes
enable_debug_sched=yes
enable_debug_stub=yes
enable_debug_daemon=yes
@ -169,6 +170,13 @@ case "$enable_all_debugging" in
no|*)
;;
esac
case "$enable_debug_req" in
yes)
AC_DEFINE_UNQUOTED([REQ_DEBUG], [1], [Define this to enable printing of request debugging messages.])
;;
no|*)
;;
esac
case "$enable_debug_sched" in
yes)
AC_DEFINE_UNQUOTED([SCHED_DEBUG], [1], [Define this to enable printing of scheduling debugging messages.])
@ -297,7 +305,7 @@ fi
AC_CHECK_HEADERS([openssl/conf.h],,, [AC_INCLUDES_DEFAULT])
AC_CHECK_HEADERS([openssl/engine.h],,, [AC_INCLUDES_DEFAULT])
AC_CHECK_HEADERS([openssl/bn.h openssl/rsa.h openssl/dsa.h],,, [AC_INCLUDES_DEFAULT])
AC_CHECK_FUNCS([OPENSSL_config EVP_md5 EVP_sha1 EVP_sha224 EVP_sha256 EVP_sha384 EVP_sha512 FIPS_mode ENGINE_load_cryptodev EVP_PKEY_keygen ECDSA_SIG_get0 EVP_MD_CTX_new EVP_PKEY_base_id HMAC_CTX_new HMAC_CTX_free TLS_client_method DSA_SIG_set0 EVP_dss1])
AC_CHECK_FUNCS([OPENSSL_config EVP_md5 EVP_sha1 EVP_sha224 EVP_sha256 EVP_sha384 EVP_sha512 FIPS_mode ENGINE_load_cryptodev EVP_PKEY_keygen ECDSA_SIG_get0 EVP_MD_CTX_new EVP_PKEY_base_id HMAC_CTX_new HMAC_CTX_free TLS_client_method DSA_SIG_set0 EVP_dss1 SSL_CTX_set_min_proto_version])
AC_CHECK_DECLS([SSL_COMP_get_compression_methods,sk_SSL_COMP_pop_free,SSL_CTX_set_ecdh_auto], [], [], [
AC_INCLUDES_DEFAULT
#ifdef HAVE_OPENSSL_ERR_H
@ -1145,6 +1153,7 @@ esac
AC_SUBST(C99COMPATFLAGS)
AC_DEFINE_UNQUOTED([MAX_CNAME_REFERRALS], [100], [The maximum number of cname referrals.])
AC_DEFINE_UNQUOTED([DRAFT_RRTYPES], [1], [Define this to enable all rrtypes in gldns.])
AH_BOTTOM([
@ -1160,9 +1169,14 @@ AH_BOTTOM([
* See: https://support.microsoft.com/en-us/kb/111855
*/
# ifndef FD_SETSIZE
# define FD_SETSIZE 1024
# define FD_SETSIZE 1024
# endif
# define PRIsz "%Iu"
/* Windows wants us to use _strdup instead of strdup */
# ifndef strdup
# define strdup _strdup
# endif
#else
# define PRIsz "%zu"
#endif

2
doc/getdns_address.3.in
View File

@ -33,7 +33,7 @@
-- get ip address(es) for a name
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_cancel_callback.3.in
View File

@ -32,7 +32,7 @@
-- cancel an outstanding asyn getdns request
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

4
doc/getdns_context.3.in
View File

@ -39,7 +39,7 @@
.ad n
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>
@ -141,7 +141,7 @@ in use might have a requirements on this issue. You may need to provide one or
two functions to allow it to function properly. For example before you call
getdns_context_create() you may need to use
the openssl functions CRYPTO_set_id_callback and CRYPTO_set_locking_callback to set up
asyncronous operation (the application calls these functions once for initialisation).
asynchronous operation (the application calls these functions once for initialisation).
Openssl 1.0.0 or later uses the CRYPTO_THREADID_set_callback function.
.HP 3

2
doc/getdns_context_set.3.in
View File

@ -45,7 +45,7 @@
.ad n
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_context_set_context_update_callback.3.in
View File

@ -32,7 +32,7 @@
-- get informed on getdns context updates
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_convert.3.in
View File

@ -34,7 +34,7 @@
-- convert dname between presentation- and wire-format
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_dict.3.in
View File

@ -38,7 +38,7 @@
.ad n
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_dict_get.3.in
View File

@ -38,7 +38,7 @@
-- get value by name from a getdns dict
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_dict_set.3.in
View File

@ -36,7 +36,7 @@
-- set a value by name in a getdns dict
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_display_ip_address.3.in
View File

@ -32,7 +32,7 @@
-- convert an getdns ip address to string
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_general.3.in
View File

@ -33,7 +33,7 @@
-- do a getdns DNS lookup
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_hostname.3.in
View File

@ -33,7 +33,7 @@
-- get hostname by address
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_list.3.in
View File

@ -38,7 +38,7 @@
.ad n
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_list_get.3.in
View File

@ -38,7 +38,7 @@
-- get a value by index from a getdns list
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_list_set.3.in
View File

@ -36,7 +36,7 @@
-- set a value by index from a getdns list
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_pretty_print_dict.3.in
View File

@ -32,7 +32,7 @@
-- return a string representation of a getdns dict
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_root_trust_anchor.3.in
View File

@ -32,7 +32,7 @@
-- return the getdns list of default root trust anchors
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_service.3.in
View File

@ -33,7 +33,7 @@
-- getdns lookup of a service
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

2
doc/getdns_validate_dnssec.3.in
View File

@ -32,7 +32,7 @@
-- DNSSEC validate a given getdns record
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
#include <getdns.h>

4
doc/libgetdns.3.in
View File

@ -32,7 +32,7 @@ libgetdns
-- an implementation of a modern asynchronous DNS API by and for application developers
.SH LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
DNS Resolver library (libgetdns, \-lgetdns)
.SH SYNOPSIS
.B libgetdns
@ -230,7 +230,7 @@ Set to GETDNS_EXTENSION_TRUE to include the DNSSEC status for each DNS record in
.HP 3
"dnssec_return_only_secure" (int)
Set to GETDNS_EXTENSION_TRUE to cause only records that the API can validate as secure withe DNSSEC to be returned in the
Set to GETDNS_EXTENSION_TRUE to cause only records that the API can validate as secure with DNSSEC to be returned in the
.I replies_tree
and
.I replies_full lists

4
project-doc/cachedesign.txt
View File

@ -13,10 +13,10 @@ Recursive Resolver Cache
Caching is arguably an important feature for most recursive resolvers.
In this case we are not intending a replacement for the fully
functional recursive resolvers already available (BIND, Unbound, etc.)
so we shoudl limit a cache implementation to behaviors important to
so we should limit a cache implementation to behaviors important to
proper operation of a recursive resolver.
DNSSEC validation can potentially triggers more queries than a simple
DNSSEC validation can potentially trigger more queries than a simple
request for a A RR so I think it makes sense to cache root and TLD
data. Once we have gone that far it isn't much of a reach to cache
at each layer in the hierarchy (depth will not increase the coding

2501
src/Doxyfile.in
View File

File diff suppressed because it is too large Load Diff

8
src/Makefile.in
View File

@ -157,16 +157,16 @@ libgetdns_ext_ev.la: libgetdns.la libev.lo
libgetdns.la: $(GETDNS_OBJ) version.lo context.lo $(DEFAULT_EVENTLOOP_OBJ) $(GLDNS_OBJ) $(COMPAT_OBJ) $(UTIL_OBJ) $(JSMN_OBJ)
$(LIBTOOL) --tag=CC --mode=link $(CC) -o $@ $(GETDNS_OBJ) version.lo context.lo $(DEFAULT_EVENTLOOP_OBJ) $(GLDNS_OBJ) $(COMPAT_OBJ) $(UTIL_OBJ) $(JSMN_OBJ) $(LDFLAGS) -rpath $(libdir) -version-info $(libversion) -no-undefined -export-symbols $(srcdir)/libgetdns.symbols
test: all
test: default
cd test && $(MAKE) $@
getdns_query: all
getdns_query: default
cd tools && $(MAKE) $@
stubby: all
stubby: getdns_query
cd tools && $(MAKE) $@
scratchpad: all
scratchpad: default
cd test && $(MAKE) $@
pad: scratchpad

3
src/const-info.c
View File

@ -244,6 +244,7 @@ static struct const_name_info consts_name_info[] = {
{ "GETDNS_RRTYPE_ANY", 255 },
{ "GETDNS_RRTYPE_APL", 42 },
{ "GETDNS_RRTYPE_ATMA", 34 },
{ "GETDNS_RRTYPE_AVC", 258 },
{ "GETDNS_RRTYPE_AXFR", 252 },
{ "GETDNS_RRTYPE_CAA", 257 },
{ "GETDNS_RRTYPE_CDNSKEY", 60 },
@ -283,6 +284,7 @@ static struct const_name_info consts_name_info[] = {
{ "GETDNS_RRTYPE_NINFO", 56 },
{ "GETDNS_RRTYPE_NS", 2 },
{ "GETDNS_RRTYPE_NSAP", 22 },
{ "GETDNS_RRTYPE_NSAP_PTR", 23 },
{ "GETDNS_RRTYPE_NSEC", 47 },
{ "GETDNS_RRTYPE_NULL", 10 },
{ "GETDNS_RRTYPE_NXT", 30 },
@ -296,6 +298,7 @@ static struct const_name_info consts_name_info[] = {
{ "GETDNS_RRTYPE_RT", 21 },
{ "GETDNS_RRTYPE_SIG", 24 },
{ "GETDNS_RRTYPE_SINK", 40 },
{ "GETDNS_RRTYPE_SMIMEA", 53 },
{ "GETDNS_RRTYPE_SOA", 6 },
{ "GETDNS_RRTYPE_SPF", 99 },
{ "GETDNS_RRTYPE_SRV", 33 },

109
src/context.c
View File

@ -153,8 +153,6 @@ static getdns_return_t set_ub_dns_transport(struct getdns_context*);
static void set_ub_limit_outstanding_queries(struct getdns_context*,
uint16_t);
static void set_ub_dnssec_allowed_skew(struct getdns_context*, uint32_t);
static void set_ub_edns_maximum_udp_payload_size(struct getdns_context*,
int);
#endif
/* Stuff to make it compile pedantically */
@ -691,7 +689,10 @@ _getdns_upstreams_dereference(getdns_upstreams *upstreams)
while (upstream->finished_dnsreqs) {
dnsreq = upstream->finished_dnsreqs;
upstream->finished_dnsreqs = dnsreq->finished_next;
_getdns_context_cancel_request(dnsreq);
if (!dnsreq->internal_cb) { /* Not part of chain */
debug_req("Destroy ", *dnsreq->netreqs);
_getdns_context_cancel_request(dnsreq);
}
}
if (upstream->tls_session != NULL)
SSL_SESSION_free(upstream->tls_session);
@ -1437,7 +1438,7 @@ getdns_context_create_with_extended_memory_functions(
result->edns_version = 0;
result->edns_do_bit = 0;
result->edns_client_subnet_private = 0;
result->tls_query_padding_blocksize = 1; /* default is to not try to pad */
result->tls_query_padding_blocksize = 1; /* default is to pad queries sensibly */
result->tls_ctx = NULL;
result->extension = &result->default_eventloop.loop;
@ -1799,9 +1800,9 @@ rebuild_ub_ctx(struct getdns_context* context) {
"target-fetch-policy:", "0 0 0 0 0");
#endif
set_ub_dnssec_allowed_skew(context,
context->dnssec_allowed_skew);
set_ub_edns_maximum_udp_payload_size(context,
context->edns_maximum_udp_payload_size);
context->dnssec_allowed_skew);
set_ub_number_opt(context, "edns-buffer-size:",
context->edns_maximum_udp_payload_size);
set_ub_dns_transport(context);
context->ub_event.userarg = context;
@ -2211,18 +2212,38 @@ getdns_context_set_timeout(struct getdns_context *context, uint64_t timeout)
*
*/
getdns_return_t
getdns_context_set_idle_timeout(struct getdns_context *context, uint64_t timeout)
getdns_context_set_idle_timeout(getdns_context *context, uint64_t timeout)
{
RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER);
size_t i;
/* Shuold we enforce maximum based on edns-tcp-keepalive spec? */
/* 0 should be allowed as that is the default.*/
if (!context)
return GETDNS_RETURN_INVALID_PARAMETER;
context->idle_timeout = timeout;
/* Shuold we enforce maximum based on edns-tcp-keepalive spec? */
/* 0 should be allowed as that is the default.*/
dispatch_updated(context, GETDNS_CONTEXT_CODE_IDLE_TIMEOUT);
context->idle_timeout = timeout;
return GETDNS_RETURN_GOOD;
dispatch_updated(context, GETDNS_CONTEXT_CODE_IDLE_TIMEOUT);
if (timeout)
return GETDNS_RETURN_GOOD;
/* If timeout == 0, call scheduled idle timeout events */
for (i = 0; i < context->upstreams->count; i++) {
getdns_upstream *upstream =
&context->upstreams->upstreams[i];
if (!upstream->event.ev ||
!upstream->event.timeout_cb ||
upstream->event.read_cb ||
upstream->event.write_cb)
continue;
GETDNS_CLEAR_EVENT(upstream->loop, &upstream->event);
upstream->event.timeout_cb(upstream->event.userarg);
}
return GETDNS_RETURN_GOOD;
} /* getdns_context_set_timeout */
@ -2777,12 +2798,21 @@ getdns_context_set_upstream_recursive_servers(struct getdns_context *context,
if (getdns_upstream_transports[j] == GETDNS_TRANSPORT_TLS) {
getdns_list *pubkey_pinset = NULL;
if (dict && (r = getdns_dict_get_bindata(
dict, "tls_auth_name", &tls_auth_name)) == GETDNS_RETURN_GOOD) {
/*TODO: VALIDATE THIS STRING!*/
dict, "tls_auth_name", &tls_auth_name)) == GETDNS_RETURN_GOOD) {
if (tls_auth_name->size >= sizeof(upstream->tls_auth_name)) {
/* tls_auth_name's are just
* domain names and should
* thus not be larger than 256
* bytes.
*/
goto invalid_parameter;
}
memcpy(upstream->tls_auth_name,
(char *)tls_auth_name->data,
tls_auth_name->size);
upstream->tls_auth_name[tls_auth_name->size] = '\0';
upstream->tls_auth_name
[tls_auth_name->size] = '\0';
}
if (dict && (r = getdns_dict_get_list(dict, "tls_pubkey_pinset",
&pubkey_pinset)) == GETDNS_RETURN_GOOD) {
@ -2834,15 +2864,26 @@ error:
} /* getdns_context_set_upstream_recursive_servers */
/*
* getdns_context_unset_edns_maximum_udp_payload_size
*
*/
getdns_return_t
getdns_context_unset_edns_maximum_udp_payload_size(getdns_context *context)
{
if (!context)
return GETDNS_RETURN_INVALID_PARAMETER;
#ifdef HAVE_LIBUNBOUND
static void
set_ub_edns_maximum_udp_payload_size(struct getdns_context* context,
int value) {
/* edns-buffer-size */
if (value >= 512 && value <= 65535)
set_ub_number_opt(context, "edns-buffer-size:", (uint16_t)value);
}
set_ub_number_opt(context, "edns-buffer-size:", 4096);
#endif
if (context->edns_maximum_udp_payload_size != -1) {
context->edns_maximum_udp_payload_size = -1;
dispatch_updated(context,
GETDNS_CONTEXT_CODE_EDNS_MAXIMUM_UDP_PAYLOAD_SIZE);
}
return GETDNS_RETURN_GOOD;
} /* getdns_context_set_edns_maximum_udp_payload_size */
/*
* getdns_context_set_edns_maximum_udp_payload_size
@ -2855,12 +2896,8 @@ getdns_context_set_edns_maximum_udp_payload_size(struct getdns_context *context,
if (!context)
return GETDNS_RETURN_INVALID_PARAMETER;
/* check for < 512. uint16_t won't let it go above max) */
if (value < 512)
value = 512;
#ifdef HAVE_LIBUNBOUND
set_ub_edns_maximum_udp_payload_size(context, value);
set_ub_number_opt(context, "edns-buffer-size:", value);
#endif
if (value != context->edns_maximum_udp_payload_size) {
context->edns_maximum_udp_payload_size = value;
@ -3082,13 +3119,17 @@ getdns_cancel_callback(getdns_context *context,
getdns_context_request_count_changed(context);
debug_req("CB Cancel ", *dnsreq->netreqs);
if (dnsreq->user_callback) {
dnsreq->context->processing = 1;
dnsreq->user_callback(dnsreq->context, GETDNS_CALLBACK_CANCEL,
NULL, dnsreq->user_pointer, dnsreq->trans_id);
dnsreq->context->processing = 0;
}
_getdns_context_cancel_request(dnsreq);
if (!dnsreq->internal_cb) { /* Not part of chain */
debug_req("Destroy ", *dnsreq->netreqs);
_getdns_context_cancel_request(dnsreq);
}
return GETDNS_RETURN_GOOD;
} /* getdns_cancel_callback */
@ -3097,6 +3138,7 @@ _getdns_context_request_timed_out(getdns_dns_req *dnsreq)
{
DEBUG_SCHED("%s(%p)\n", __FUNC__, (void *)dnsreq);
debug_req("CB Timeout ", *dnsreq->netreqs);
if (dnsreq->user_callback) {
dnsreq->context->processing = 1;
dnsreq->user_callback(dnsreq->context, GETDNS_CALLBACK_TIMEOUT,
@ -3348,7 +3390,7 @@ _getdns_context_prepare_for_resolution(struct getdns_context *context,
if(context->tls_ctx == NULL)
return GETDNS_RETURN_BAD_CONTEXT;
# ifdef HAVE_TLS_CLIENT_METHOD
# ifdef HAVE_SSL_CTX_SET_MIN_PROTO_VERSION
if (!SSL_CTX_set_min_proto_version(
context->tls_ctx, TLS1_2_VERSION)) {
SSL_CTX_free(context->tls_ctx);
@ -4153,7 +4195,8 @@ getdns_context_get_edns_maximum_udp_payload_size(getdns_context *context,
uint16_t* value) {
RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER);
RETURN_IF_NULL(value, GETDNS_RETURN_INVALID_PARAMETER);
*value = context->edns_maximum_udp_payload_size;
*value = context->edns_maximum_udp_payload_size == -1 ? 0
: context->edns_maximum_udp_payload_size;
return GETDNS_RETURN_GOOD;
}
@ -4265,7 +4308,7 @@ static getdns_return_t _get_list_or_read_file(const getdns_dict *config_dict,
break; \
X[i] = (getdns_ ## T ## _t)n; \
} \
r = getdns_context_set_ ##X (context, count, X); \
r = getdns_context_set_ ##X (context, i, X); \
}
#define EXTENSION_SETTING_BOOL(X) \

25
src/convert.c
View File

@ -57,15 +57,6 @@
#include "convert.h"
#include "debug.h"
/* strdup is marked deprecated by the Windows compiler */
#ifndef STRDUP
#ifdef GETDNS_ON_WINDOWS
#define STRDUP(x) _strdup(x)
#else
#define STRDUP(x) strdup(x)
#endif
#endif
getdns_return_t
getdns_convert_dns_name_to_fqdn(
const getdns_bindata *dns_name_wire_fmt, char **fqdn_as_string)
@ -212,7 +203,7 @@ getdns_display_ip_address(const struct getdns_bindata
buff,
256);
if (ipStr) {
return STRDUP(ipStr);
return strdup(ipStr);
}
} else if (bindata_of_ipv4_or_ipv6_address->size == 16) {
const char *ipStr = inet_ntop(AF_INET6,
@ -220,7 +211,7 @@ getdns_display_ip_address(const struct getdns_bindata
buff,
256);
if (ipStr) {
return STRDUP(ipStr);
return strdup(ipStr);
}
}
return NULL;
@ -1682,8 +1673,18 @@ getdns_str2dict(const char *str, getdns_dict **dict)
str++;
if (*str != '{') {
char value_buf[3072], *value_str = value_buf;
if (strlen(str) > sizeof(value_str) - 1)
value_str = strdup(str);
else
(void)strncpy(value_buf, str, sizeof(value_buf));
getdns_dict *dict_r = _getdns_ipaddr_dict_mf(
&_getdns_plain_mem_funcs, str);
&_getdns_plain_mem_funcs, value_str);
if (value_str != value_buf)
free(value_str);
if (dict_r) {
*dict = dict_r;

29
src/debug.h
View File

@ -36,7 +36,6 @@
#define DEBUG_H
#include "config.h"
#define STUB_DEBUG_ENTRY "=> ENTRY: "
#define STUB_DEBUG_SETUP "--- SETUP: "
#define STUB_DEBUG_SETUP_TLS "--- SETUP(TLS): "
@ -91,6 +90,31 @@
#define DEBUG_OFF(...) do {} while (0)
#if defined(REQ_DEBUG) && REQ_DEBUG
#include <time.h>
#define DEBUG_REQ(...) DEBUG_ON(__VA_ARGS__)
#include "gldns/wire2str.h"
#include "rr-dict.h"
#include "types-internal.h"
static inline void debug_req(const char *msg, getdns_network_req *netreq)
{
char str[1024];
struct timeval tv;
uint64_t t;
(void) gettimeofday(&tv, NULL);
t = tv.tv_sec * 1000 + tv.tv_usec / 1000;
t = t >= netreq->owner->expires ? 0 : netreq->owner->expires - t;
(void) gldns_wire2str_dname_buf(netreq->owner->name,
netreq->owner->name_len, str, sizeof(str));
DEBUG_REQ("NETREQ %s %4"PRIu64" %s %s\n", msg, t,
str, _getdns_rr_type_name(netreq->request_type));
}
#else
#define DEBUG_REQ(...) DEBUG_OFF(__VA_ARGS__)
#define debug_req(...) DEBUG_OFF(__VA_ARGS__)
#endif
#if defined(SCHED_DEBUG) && SCHED_DEBUG
#include <time.h>
#define DEBUG_SCHED(...) DEBUG_ON(__VA_ARGS__)
@ -146,7 +170,8 @@
#define DEBUG_ANCHOR(...) DEBUG_OFF(__VA_ARGS__)
#endif
#if (defined(SCHED_DEBUG) && SCHED_DEBUG) || \
#if (defined(REQ_DEBUG) && REQ_DEBUG) || \
(defined(SCHED_DEBUG) && SCHED_DEBUG) || \
(defined(STUB_DEBUG) && STUB_DEBUG) || \
(defined(DAEMON_DEBUG) && DAEMON_DEBUG) || \
(defined(SEC_DEBUG) && SEC_DEBUG) || \

2
src/dict.c
View File

@ -66,7 +66,7 @@ static char *_json_ptr_first(const struct mem_funcs *mf,
if (!(next_ref = strchr(jptr, '/')))
next_ref = strchr(jptr, '\0');
if ((unsigned)(next_ref - jptr + 1) > first_sz || !first)
if ((ssize_t)(next_ref - jptr + 1) > first_sz || !first)
first = GETDNS_XMALLOC(*mf, char, next_ref - jptr + 1);
for (j = first, k = jptr; k < next_ref; j++, k++)

50
src/dnssec.c
View File

@ -559,7 +559,7 @@ static chain_head *add_rrset2val_chain(struct mem_funcs *mf,
if (! _dname_is_parent(*label, head->rrset.name))
break;
}
if ((unsigned)(label - labels) > max_labels) {
if ((ssize_t)(label - labels) > max_labels) {
max_labels = label - labels;
max_head = head;
}
@ -1104,10 +1104,8 @@ static void val_chain_node_soa_cb(getdns_dns_req *dnsreq)
; i = _getdns_rrset_iter_next(i)) {
rrset = _getdns_rrset_iter_value(i);
if (rrset->rr_type == GETDNS_RRTYPE_SOA)
break;
}
if (i) {
if (rrset->rr_type != GETDNS_RRTYPE_SOA)
continue;
while (node &&
! _dname_equal(node->ds.name, rrset->name))
@ -1124,8 +1122,9 @@ static void val_chain_node_soa_cb(getdns_dns_req *dnsreq)
val_chain_sched_soa_node(node->parent);
}
}
} else if (node->parent) {
break;
}
if (!i && node->parent) {
node->lock++;
val_chain_sched_soa_node(node->parent);
}
@ -3113,6 +3112,43 @@ static void check_chain_complete(chain_head *chain)
_getdns_call_user_callback(dnsreq, response_dict);
}
void _getdns_validation_chain_timeout(getdns_dns_req *dnsreq)
{
chain_head *head = dnsreq->chain, *next;
chain_node *node;
size_t node_count;
while (head) {
next = head->next;
for ( node_count = head->node_count, node = head->parent
; node_count
; node_count--, node = node->parent ) {
if (!_getdns_netreq_finished(node->dnskey_req)) {
_getdns_context_cancel_request(
node->dnskey_req->owner);
node->dnskey_req = NULL;
}
if (!_getdns_netreq_finished(node->ds_req)) {
_getdns_context_cancel_request(
node->ds_req->owner);
node->ds_req = NULL;
}
if (!_getdns_netreq_finished(node->soa_req)) {
_getdns_context_cancel_request(
node->soa_req->owner);
node->soa_req = NULL;
}
}
head = next;
}
dnsreq->request_timed_out = 1;
check_chain_complete(dnsreq->chain);
}
void _getdns_cancel_validation_chain(getdns_dns_req *dnsreq)
{
chain_head *head = dnsreq->chain, *next;

1
src/dnssec.h
View File

@ -47,6 +47,7 @@
/* Do some additional requests to fetch the complete validation chain */
void _getdns_get_validation_chain(getdns_dns_req *dns_req);
void _getdns_cancel_validation_chain(getdns_dns_req *dns_req);
void _getdns_validation_chain_timeout(getdns_dns_req *dns_req);
uint16_t _getdns_parse_ta_file(time_t *ta_mtime, gldns_buffer *gbuf);

6
src/extension/poll_eventloop.c
View File

@ -30,8 +30,10 @@
#ifdef HAVE_SYS_POLL_H
#include <sys/poll.h>
#else
#ifndef USE_WINSOCK
#include <poll.h>
#endif
#endif
#ifdef HAVE_SYS_RESOURCE_H
#include <sys/resource.h>
#endif
@ -402,6 +404,10 @@ poll_eventloop_run_once(getdns_eventloop *loop, int blocking)
, poll_timeout
);
#ifdef USE_WINSOCK
if (poll_loop->fd_events_free == 0)
{
Sleep(poll_timeout);
} else
if (WSAPoll(poll_loop->pfds, poll_loop->fd_events_free, poll_timeout) < 0) {
#else
if (poll(poll_loop->pfds, poll_loop->fd_events_free, poll_timeout) < 0) {

10
src/extension/select_eventloop.c
View File

@ -234,6 +234,16 @@ select_eventloop_run_once(getdns_eventloop *loop, int blocking)
tv.tv_sec = (long)((timeout - now) / 1000000);
tv.tv_usec = (long)((timeout - now) % 1000000);
}
#ifdef USE_WINSOCK
if (max_fd == -1)
{
if (timeout != TIMEOUT_FOREVER)
{
uint32_t timeout_ms = (tv.tv_usec / 1000) + (tv.tv_sec * 1000);
Sleep(timeout_ms);
}
} else
#endif
if (select(max_fd + 1, &readfds, &writefds, NULL,
(timeout == TIMEOUT_FOREVER ? NULL : &tv)) < 0) {
perror("select() failed");

31
src/general.c
View File

@ -53,6 +53,7 @@
#include "stub.h"
#include "dict.h"
#include "mdns.h"
#include "debug.h"
void _getdns_call_user_callback(getdns_dns_req *dnsreq, getdns_dict *response)
{
@ -61,8 +62,9 @@ void _getdns_call_user_callback(getdns_dns_req *dnsreq, getdns_dict *response)
if (dnsreq->user_callback) {
dnsreq->context->processing = 1;
dnsreq->user_callback(dnsreq->context,
(response ? GETDNS_CALLBACK_COMPLETE
: GETDNS_CALLBACK_ERROR),
( ! response ? GETDNS_CALLBACK_ERROR
: dnsreq->request_timed_out ? GETDNS_CALLBACK_TIMEOUT
: GETDNS_CALLBACK_COMPLETE ),
response, dnsreq->user_pointer, dnsreq->trans_id);
dnsreq->context->processing = 0;
}
@ -186,6 +188,14 @@ _getdns_check_dns_req_complete(getdns_dns_req *dns_req)
return;
}
}
#if defined(REQ_DEBUG) && REQ_DEBUG
if (dns_req->internal_cb)
debug_req("CB Internal", *dns_req->netreqs);
else if (results_found)
debug_req("CB Complete", *dns_req->netreqs);
else
debug_req("CB Error ", *dns_req->netreqs);
#endif
if (dns_req->internal_cb) {
_getdns_context_clear_outbound_request(dns_req);
dns_req->internal_cb(dns_req);
@ -206,9 +216,20 @@ _getdns_check_dns_req_complete(getdns_dns_req *dns_req)
dns_req->dnssec_return_all_statuses
))
#endif
))
)) {
/* Reschedule timeout for this DNS request
*/
if (dns_req->timeout.timeout_cb && dns_req->timeout.ev)
GETDNS_CLEAR_EVENT(dns_req->loop, &dns_req->timeout);
GETDNS_SCHEDULE_EVENT(dns_req->loop, -1,
_getdns_ms_until_expiry2(dns_req->expires, &now_ms),
getdns_eventloop_event_init(&dns_req->timeout, dns_req,
NULL, NULL, (getdns_eventloop_callback)
_getdns_validation_chain_timeout));
_getdns_get_validation_chain(dns_req);
else
} else
_getdns_call_user_callback(
dns_req, _getdns_create_getdns_response(dns_req));
}
@ -373,6 +394,8 @@ _getdns_submit_netreq(getdns_network_req *netreq, uint64_t *now_ms)
}
_getdns_netreq_change_state(netreq, NET_REQ_IN_FLIGHT);
debug_req("Submitting ", netreq);
#ifdef STUB_NATIVE_DNSSEC
# ifdef DNSSEC_ROADBLOCK_AVOIDANCE

658
src/getdns/getdns.h.in
View File

File diff suppressed because it is too large Load Diff

16
src/getdns/getdns_ext_libev.h
View File

@ -48,7 +48,21 @@ struct ev_loop;
/**
* \ingroup eventloops
*/
/* For libevent, which we are using for these examples */
/**
* Associate the libev ev_loop with the context, so that all
* asynchronous requests will schedule Input/Output with it.
* Synchronous requests will still use a default eventloop based on `poll()`.
* Applications need to @code #include <getdns/getdns_ext_libev.h> @endcode
* and link with libgetdns_ext_ev to use this function.
* getdns needs to have been configured with --with-libev for this
* extension to be available.
* @param context The context to configure
* @param ev_loop The libev event loop to associate with this context.
* @return GETDNS_RETURN_GOOD when successful
* @return GETDNS_RETURN_BAD_CONTEXT when context is NULL
* @return GETDNS_RETURN_INVALID_PARAMETER when ev_loop is NULL
* @return GETDNS_RETURN_MEMORY_ERROR when memory could not be allocated
*/
getdns_return_t
getdns_extension_set_libev_loop(struct getdns_context *context,
struct ev_loop *ev_loop);

16
src/getdns/getdns_ext_libevent.h
View File

@ -47,7 +47,21 @@ struct event_base;
/**
* \ingroup eventloops
*/
/* For libevent, which we are using for these examples */
/**
* Associate the libevent event_base with the context, so that all
* asynchronous requests will schedule Input/Output with it.
* Synchronous requests will still use a default eventloop based on `poll()`.
* Applications need to @code #include <getdns/getdns_ext_libevent.h> @endcode
* and link with libgetdns_ext_event to use this function.
* getdns needs to have been configured with --with-libevent for this
* extension to be available.
* @param context The context to configure
* @param this_event_base The libevent event base to associate with this context.
* @return GETDNS_RETURN_GOOD when successful
* @return GETDNS_RETURN_BAD_CONTEXT when context is NULL
* @return GETDNS_RETURN_INVALID_PARAMETER when this_event_base is NULL
* @return GETDNS_RETURN_MEMORY_ERROR when memory could not be allocated
*/
getdns_return_t
getdns_extension_set_libevent_base(struct getdns_context *context,
struct event_base *this_event_base);

16
src/getdns/getdns_ext_libuv.h
View File

@ -47,7 +47,21 @@ struct uv_loop_s;
/**
* \ingroup eventloops
*/
/* For libevent, which we are using for these examples */
/**
* Associate the libuv uv_loop with the context, so that all
* asynchronous requests will schedule Input/Output with it.
* Synchronous requests will still use a default eventloop based on `poll()`.
* Applications need to @code #include <getdns/getdns_ext_libuv.h> @endcode
* and link with libgetdns_ext_uv to use this function.
* getdns needs to have been configured with --with-libuv for this
* extension to be available.
* @param context The context to configure
* @param uv_loop The libuv event loop to associate with this context.
* @return GETDNS_RETURN_GOOD when successful
* @return GETDNS_RETURN_BAD_CONTEXT when context is NULL
* @return GETDNS_RETURN_INVALID_PARAMETER when uv_loop is NULL
* @return GETDNS_RETURN_MEMORY_ERROR when memory could not be allocated
*/
getdns_return_t
getdns_extension_set_libuv_loop(struct getdns_context *context,
struct uv_loop_s *uv_loop);

794
src/getdns/getdns_extra.h.in
View File

File diff suppressed because it is too large Load Diff

24
src/gldns/gbuffer.h
View File

@ -469,6 +469,30 @@ gldns_buffer_write_at(gldns_buffer *buffer, size_t at, const void *data, size_t
memcpy(buffer->_data + at, data, count);
}
/**
* set the given byte to the buffer at the specified position
* \param[in] buffer the buffer
* \param[in] at the position (in number of bytes) to write the data at
* \param[in] c the byte to set to the buffer
* \param[in] count the number of bytes of bytes to write
*/
INLINE void
gldns_buffer_set_at(gldns_buffer *buffer, size_t at, int c, size_t count)
{
if (!buffer->_vfixed)
assert(gldns_buffer_available_at(buffer, at, count));
else if (gldns_buffer_remaining_at(buffer, at) == 0)
return;
else if (count > gldns_buffer_remaining_at(buffer, at)) {
memset(buffer->_data + at, c,
gldns_buffer_remaining_at(buffer, at));
return;
}
memset(buffer->_data + at, c, count);
}
/**
* writes count bytes of data to the current position of the buffer
* \param[in] buffer the buffer

4
src/gldns/parse.c
View File

@ -120,6 +120,10 @@ gldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *l
if (line_nr) {
*line_nr = *line_nr + 1;
}
if (limit > 0 && (i >= limit || (size_t)(t-token) >= limit)) {
*t = '\0';
return -1;
}
*t++ = ' ';
prev_c = c;
continue;

16
src/gldns/rrdef.c
View File

@ -175,7 +175,7 @@ static const gldns_rdf_type type_tkey_wireformat[] = {
GLDNS_RDF_TYPE_TIME,
GLDNS_RDF_TYPE_TIME,
GLDNS_RDF_TYPE_INT16,
GLDNS_RDF_TYPE_INT16,
GLDNS_RDF_TYPE_TSIGERROR,
GLDNS_RDF_TYPE_INT16_DATA,
GLDNS_RDF_TYPE_INT16_DATA,
};
@ -185,7 +185,7 @@ static const gldns_rdf_type type_tsig_wireformat[] = {
GLDNS_RDF_TYPE_INT16,
GLDNS_RDF_TYPE_INT16_DATA,
GLDNS_RDF_TYPE_INT16,
GLDNS_RDF_TYPE_INT16,
GLDNS_RDF_TYPE_TSIGERROR,
GLDNS_RDF_TYPE_INT16_DATA
};
static const gldns_rdf_type type_tlsa_wireformat[] = {
@ -341,8 +341,12 @@ static gldns_rr_descriptor rdata_field_descriptors[] = {
{GLDNS_RR_TYPE_NSEC3PARAM, "NSEC3PARAM", 4, 4, type_nsec3param_wireformat, GLDNS_RDF_TYPE_NONE, GLDNS_RR_NO_COMPRESS, 0 },
/* 52 */
{GLDNS_RR_TYPE_TLSA, "TLSA", 4, 4, type_tlsa_wireformat, GLDNS_RDF_TYPE_NONE, GLDNS_RR_NO_COMPRESS, 0 },
/*53 */
#ifdef DRAFT_RRTYPES
{GLDNS_RR_TYPE_SMIMEA, "SMIMEA", 4, 4, type_tlsa_wireformat, GLDNS_RDF_TYPE_NONE, GLDNS_RR_NO_COMPRESS, 0 },
#else
{GLDNS_RR_TYPE_NULL, "TYPE53", 1, 1, type_0_wireformat, GLDNS_RDF_TYPE_NONE, GLDNS_RR_NO_COMPRESS, 0 },
#endif
{GLDNS_RR_TYPE_NULL, "TYPE54", 1, 1, type_0_wireformat, GLDNS_RDF_TYPE_NONE, GLDNS_RR_NO_COMPRESS, 0 },
/* 55
* Hip ends with 0 or more Rendezvous Servers represented as dname's.
@ -600,6 +604,12 @@ static gldns_rr_descriptor rdata_field_descriptors[] = {
{GLDNS_RR_TYPE_URI, "URI", 3, 3, type_uri_wireformat, GLDNS_RDF_TYPE_NONE, GLDNS_RR_NO_COMPRESS, 0 },
/* 257 */
{GLDNS_RR_TYPE_CAA, "CAA", 3, 3, type_caa_wireformat, GLDNS_RDF_TYPE_NONE, GLDNS_RR_NO_COMPRESS, 0 },
#ifdef DRAFT_RRTYPES
/* 258 */
{GLDNS_RR_TYPE_TXT, "AVC", 1, 0, NULL, GLDNS_RDF_TYPE_STR, GLDNS_RR_NO_COMPRESS, 0 },
#else
{GLDNS_RR_TYPE_NULL, "TYPE258", 1, 1, type_0_wireformat, GLDNS_RDF_TYPE_NONE, GLDNS_RR_NO_COMPRESS, 0 },
#endif
/* split in array, no longer contiguous */

17
src/gldns/rrdef.h
View File

@ -38,7 +38,7 @@ extern "C" {
#define GLDNS_KEY_REVOKE_KEY 0x0080 /* used to revoke KSK, rfc 5011 */
/* The first fields are contiguous and can be referenced instantly */
#define GLDNS_RDATA_FIELD_DESCRIPTORS_COMMON 258
#define GLDNS_RDATA_FIELD_DESCRIPTORS_COMMON 259
/** lookuptable for rr classes */
extern struct gldns_struct_lookup_table* gldns_rr_classes;
@ -226,6 +226,7 @@ enum gldns_enum_rr_type
GLDNS_RR_TYPE_ANY = 255,
GLDNS_RR_TYPE_URI = 256, /* RFC 7553 */
GLDNS_RR_TYPE_CAA = 257, /* RFC 6844 */
GLDNS_RR_TYPE_AVC = 258,
/** DNSSEC Trust Authorities */
GLDNS_RR_TYPE_TA = 32768,
@ -350,6 +351,9 @@ enum gldns_enum_rdf_type
*/
GLDNS_RDF_TYPE_LONG_STR,
/** TSIG extended 16bit error value */
GLDNS_RDF_TYPE_TSIGERROR,
/* Aliases */
GLDNS_RDF_TYPE_BITMAP = GLDNS_RDF_TYPE_NSEC
};
@ -422,7 +426,7 @@ enum gldns_enum_edns_option
GLDNS_EDNS_DAU = 5, /* RFC6975 */
GLDNS_EDNS_DHU = 6, /* RFC6975 */
GLDNS_EDNS_N3U = 7, /* RFC6975 */
GLDNS_EDNS_CLIENT_SUBNET = 8, /* draft-vandergaast-edns-client-subnet */
GLDNS_EDNS_CLIENT_SUBNET = 8, /* RFC7871 */
GLDNS_EDNS_KEEPALIVE = 11, /* draft-ietf-dnsop-edns-tcp-keepalive*/
GLDNS_EDNS_PADDING = 12 /* RFC7830 */
};
@ -430,6 +434,15 @@ typedef enum gldns_enum_edns_option gldns_edns_option;
#define GLDNS_EDNS_MASK_DO_BIT 0x8000
/** TSIG and TKEY extended rcodes (16bit), 0-15 are the normal rcodes. */
#define GLDNS_TSIG_ERROR_NOERROR 0
#define GLDNS_TSIG_ERROR_BADSIG 16
#define GLDNS_TSIG_ERROR_BADKEY 17
#define GLDNS_TSIG_ERROR_BADTIME 18
#define GLDNS_TSIG_ERROR_BADMODE 19
#define GLDNS_TSIG_ERROR_BADNAME 20
#define GLDNS_TSIG_ERROR_BADALG 21
/**
* Contains all information about resource record types.
*

68
src/gldns/str2wire.c
View File

@ -664,6 +664,14 @@ rrinternal_parse_rdata(gldns_buffer* strbuf, char* token, size_t token_len,
&pre_data_pos, delimiters,
rdftype, &token_strlen))
break;
} else if(rdftype == GLDNS_RDF_TYPE_INT16_DATA &&
strcmp(token, "0")!=0) {
/* affix len and b64 fields */
if(!gldns_affix_token(strbuf, token,
&token_len, &quoted, &parens,
&pre_data_pos, delimiters,
rdftype, &token_strlen))
break;
}
/* normal RR */
@ -940,6 +948,8 @@ int gldns_str2wire_rdf_buf(const char* str, uint8_t* rd, size_t* len,
return gldns_str2wire_time_buf(str, rd, len);
case GLDNS_RDF_TYPE_PERIOD:
return gldns_str2wire_period_buf(str, rd, len);
case GLDNS_RDF_TYPE_TSIGTIME:
return gldns_str2wire_tsigtime_buf(str, rd, len);
case GLDNS_RDF_TYPE_LOC:
return gldns_str2wire_loc_buf(str, rd, len);
case GLDNS_RDF_TYPE_WKS:
@ -964,6 +974,8 @@ int gldns_str2wire_rdf_buf(const char* str, uint8_t* rd, size_t* len,
return gldns_str2wire_tag_buf(str, rd, len);
case GLDNS_RDF_TYPE_LONG_STR:
return gldns_str2wire_long_str_buf(str, rd, len);
case GLDNS_RDF_TYPE_TSIGERROR:
return gldns_str2wire_tsigerror_buf(str, rd, len);
case GLDNS_RDF_TYPE_HIP:
return gldns_str2wire_hip_buf(str, rd, len);
case GLDNS_RDF_TYPE_INT16_DATA:
@ -1341,6 +1353,21 @@ int gldns_str2wire_alg_buf(const char* str, uint8_t* rd, size_t* len)
return GLDNS_WIREPARSE_ERR_OK;
}
int gldns_str2wire_tsigerror_buf(const char* str, uint8_t* rd, size_t* len)
{
gldns_lookup_table *lt = gldns_lookup_by_name(gldns_tsig_errors, str);
if(*len < 2)
return GLDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL;
if(lt) {
gldns_write_uint16(rd, (uint16_t)lt->id);
*len = 2;
} else {
/* try as-is (a number) */
return gldns_str2wire_int16_buf(str, rd, len);
}
return GLDNS_WIREPARSE_ERR_OK;
}
int gldns_str2wire_time_buf(const char* str, uint8_t* rd, size_t* len)
{
/* convert a time YYYYDDMMHHMMSS to wireformat */
@ -1383,6 +1410,24 @@ int gldns_str2wire_time_buf(const char* str, uint8_t* rd, size_t* len)
return GLDNS_WIREPARSE_ERR_OK;
}
int gldns_str2wire_tsigtime_buf(const char* str, uint8_t* rd, size_t* len)
{
char* end;
uint64_t t = (uint64_t)strtol((char*)str, &end, 10);
uint16_t high;
uint32_t low;
if(*end != 0)
return RET_ERR(GLDNS_WIREPARSE_ERR_SYNTAX_TIME, end-str);
if(*len < 6)
return GLDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL;
high = (uint16_t)(t>>32);
low = (uint32_t)(t);
gldns_write_uint16(rd, high);
gldns_write_uint32(rd+2, low);
*len = 6;
return GLDNS_WIREPARSE_ERR_OK;
}
int gldns_str2wire_period_buf(const char* str, uint8_t* rd, size_t* len)
{
const char* end;
@ -2008,16 +2053,29 @@ int gldns_str2wire_hip_buf(const char* str, uint8_t* rd, size_t* len)
int gldns_str2wire_int16_data_buf(const char* str, uint8_t* rd, size_t* len)
{
size_t sz = gldns_b64_pton_calculate_size(strlen(str));
char* s;
int n;
if(*len < sz+2)
n = strtol(str, &s, 10);
if(*len < ((size_t)n)+2)
return GLDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL;
if(sz > 65535)
if(n > 65535)
return GLDNS_WIREPARSE_ERR_LABEL_OVERFLOW;
n = gldns_b64_pton(str, rd+2, (*len)-2);
if(n == 0) {
gldns_write_uint16(rd, 0);
*len = 2;
return GLDNS_WIREPARSE_ERR_OK;
}
if(*s != ' ')
return RET_ERR(GLDNS_WIREPARSE_ERR_SYNTAX_INT, s-(char*)str);
s++;
while(*s == ' ')
s++;
n = gldns_b64_pton(s, rd+2, (*len)-2);
if(n < 0)
return GLDNS_WIREPARSE_ERR_SYNTAX_B64;
gldns_write_uint16(rd, (uint16_t)n);
*len = (size_t)n;
*len = ((size_t)n)+2;
return GLDNS_WIREPARSE_ERR_OK;
}

18
src/gldns/str2wire.h
View File

@ -417,6 +417,24 @@ int gldns_str2wire_time_buf(const char* str, uint8_t* rd, size_t* len);
*/
int gldns_str2wire_period_buf(const char* str, uint8_t* rd, size_t* len);
/**
* Convert rdf of type GLDNS_RDF_TYPE_TSIGTIME from string to wireformat.
* @param str: the text to convert for this rdata element.
* @param rd: rdata buffer for the wireformat.
* @param len: length of rd buffer on input, used length on output.
* @return 0 on success, error on failure.
*/
int gldns_str2wire_tsigtime_buf(const char* str, uint8_t* rd, size_t* len);
/**
* Convert rdf of type GLDNS_RDF_TYPE_TSIGERROR from string to wireformat.
* @param str: the text to convert for this rdata element.
* @param rd: rdata buffer for the wireformat.
* @param len: length of rd buffer on input, used length on output.
* @return 0 on success, error on failure.
*/
int gldns_str2wire_tsigerror_buf(const char* str, uint8_t* rd, size_t* len);
/**
* Convert rdf of type GLDNS_RDF_TYPE_LOC from string to wireformat.
* @param str: the text to convert for this rdata element.

57
src/gldns/wire2str.c
View File

@ -173,6 +173,28 @@ static gldns_lookup_table gldns_edns_options_data[] = {
};
gldns_lookup_table* gldns_edns_options = gldns_edns_options_data;
static gldns_lookup_table gldns_tsig_errors_data[] = {
{ GLDNS_TSIG_ERROR_NOERROR, "NOERROR" },
{ GLDNS_RCODE_FORMERR, "FORMERR" },
{ GLDNS_RCODE_SERVFAIL, "SERVFAIL" },
{ GLDNS_RCODE_NXDOMAIN, "NXDOMAIN" },
{ GLDNS_RCODE_NOTIMPL, "NOTIMPL" },
{ GLDNS_RCODE_REFUSED, "REFUSED" },
{ GLDNS_RCODE_YXDOMAIN, "YXDOMAIN" },
{ GLDNS_RCODE_YXRRSET, "YXRRSET" },
{ GLDNS_RCODE_NXRRSET, "NXRRSET" },
{ GLDNS_RCODE_NOTAUTH, "NOTAUTH" },
{ GLDNS_RCODE_NOTZONE, "NOTZONE" },
{ GLDNS_TSIG_ERROR_BADSIG, "BADSIG" },
{ GLDNS_TSIG_ERROR_BADKEY, "BADKEY" },
{ GLDNS_TSIG_ERROR_BADTIME, "BADTIME" },
{ GLDNS_TSIG_ERROR_BADMODE, "BADMODE" },
{ GLDNS_TSIG_ERROR_BADNAME, "BADNAME" },
{ GLDNS_TSIG_ERROR_BADALG, "BADALG" },
{ 0, NULL }
};
gldns_lookup_table* gldns_tsig_errors = gldns_tsig_errors_data;
char* gldns_wire2str_pkt(uint8_t* data, size_t len)
{
size_t slen = (size_t)gldns_wire2str_pkt_buf(data, len, NULL, 0);
@ -273,6 +295,12 @@ int gldns_wire2str_rcode_buf(int rcode, char* s, size_t slen)
return gldns_wire2str_rcode_print(&s, &slen, rcode);
}
int gldns_wire2str_opcode_buf(int opcode, char* s, size_t slen)
{
/* use arguments as temporary variables */
return gldns_wire2str_opcode_print(&s, &slen, opcode);
}
int gldns_wire2str_dname_buf(uint8_t* d, size_t dlen, char* s, size_t slen)
{
/* use arguments as temporary variables */
@ -970,6 +998,8 @@ int gldns_wire2str_rdf_scan(uint8_t** d, size_t* dlen, char** s, size_t* slen,
return gldns_wire2str_tag_scan(d, dlen, s, slen);
case GLDNS_RDF_TYPE_LONG_STR:
return gldns_wire2str_long_str_scan(d, dlen, s, slen);
case GLDNS_RDF_TYPE_TSIGERROR:
return gldns_wire2str_tsigerror_scan(d, dlen, s, slen);
}
/* unknown rdf type */
return -1;
@ -1568,6 +1598,7 @@ int gldns_wire2str_hip_scan(uint8_t** d, size_t* dl, char** s, size_t* sl)
int gldns_wire2str_int16_data_scan(uint8_t** d, size_t* dl, char** s, size_t* sl)
{
int w;
uint16_t n;
if(*dl < 2)
return -1;
@ -1576,7 +1607,12 @@ int gldns_wire2str_int16_data_scan(uint8_t** d, size_t* dl, char** s, size_t* sl
return -1;
(*d)+=2;
(*dl)-=2;
return gldns_wire2str_b64_scan_num(d, dl, s, sl, n);
if(n == 0) {
return gldns_str_print(s, sl, "0");
}
w = gldns_str_print(s, sl, "%u ", (unsigned)n);
w += gldns_wire2str_b64_scan_num(d, dl, s, sl, n);
return w;
}
int gldns_wire2str_nsec3_next_owner_scan(uint8_t** d, size_t* dl, char** s,
@ -1633,10 +1669,10 @@ int gldns_wire2str_tag_scan(uint8_t** d, size_t* dl, char** s, size_t* sl)
if(*dl < 1+n)
return -1;
for(i=0; i<n; i++)
if(!isalnum((unsigned char)(*d)[i]))
if(!isalnum((unsigned char)(*d)[i+1]))
return -1;
for(i=0; i<n; i++)
w += gldns_str_print(s, sl, "%c", (char)(*d)[i]);
w += gldns_str_print(s, sl, "%c", (char)(*d)[i+1]);
(*d)+=n+1;
(*dl)-=(n+1);
return w;
@ -1655,6 +1691,21 @@ int gldns_wire2str_long_str_scan(uint8_t** d, size_t* dl, char** s, size_t* sl)
return w;
}
int gldns_wire2str_tsigerror_scan(uint8_t** d, size_t* dl, char** s, size_t* sl)
{
gldns_lookup_table *lt;
int data, w;
if(*dl < 2) return -1;
data = (int)gldns_read_uint16(*d);
lt = gldns_lookup_by_id(gldns_tsig_errors, data);
if(lt && lt->name)
w = gldns_str_print(s, sl, "%s", lt->name);
else w = gldns_str_print(s, sl, "%d", data);
(*dl)-=2;
(*d)+=2;
return w;
}
int gldns_wire2str_edns_llq_print(char** s, size_t* sl, uint8_t* data,
size_t len)
{

26
src/gldns/wire2str.h
View File

@ -38,6 +38,8 @@ extern struct gldns_struct_lookup_table* gldns_edns_flags;
extern struct gldns_struct_lookup_table* gldns_edns_options;
/** error string from wireparse */
extern struct gldns_struct_lookup_table* gldns_wireparse_errors;
/** tsig errors are the rcodes with extra (higher) values */
extern struct gldns_struct_lookup_table* gldns_tsig_errors;
/**
* Convert wireformat packet to a string representation
@ -441,6 +443,17 @@ int gldns_wire2str_class_buf(uint16_t rrclass, char* str, size_t len);
*/
int gldns_wire2str_rcode_buf(int rcode, char* str, size_t len);
/**
* Convert host format opcode to a string. 'QUERY', 'NOTIFY', 'UPDATE'.
* With user buffer.
* @param opcode: opcode as integer in host order
* @param str: the string to write to.
* @param len: length of str.
* @return the number of characters for this element, excluding zerobyte.
* Is larger or equal than str_len if output was truncated.
*/
int gldns_wire2str_opcode_buf(int opcode, char* str, size_t len);
/**
* Convert wire dname to a string, "example.com.". With user buffer.
* @param dname: the dname in uncompressed wireformat.
@ -796,6 +809,19 @@ int gldns_wire2str_hip_scan(uint8_t** data, size_t* data_len, char** str,
int gldns_wire2str_int16_data_scan(uint8_t** data, size_t* data_len, char** str,
size_t* str_len);
/**
* Scan wireformat tsigerror field to string, with user buffers.
* It shifts the arguments to move along (see gldns_wire2str_pkt_scan).
* @param data: wireformat data.
* @param data_len: length of data buffer.
* @param str: string buffer.
* @param str_len: length of string buffer.
* @return number of characters (except null) needed to print.
* Can return -1 on failure.
*/
int gldns_wire2str_tsigerror_scan(uint8_t** data, size_t* data_len, char** str,
size_t* str_len);
/**
* Scan wireformat nsec3_next_owner field to string, with user buffers.
* It shifts the arguments to move along (see gldns_wire2str_pkt_scan).

1
src/libgetdns.symbols
View File

@ -69,6 +69,7 @@ getdns_context_set_tls_query_padding_blocksize
getdns_context_set_update_callback
getdns_context_set_upstream_recursive_servers
getdns_context_set_use_threads
getdns_context_unset_edns_maximum_udp_payload_size
getdns_convert_alabel_to_ulabel
getdns_convert_dns_name_to_fqdn
getdns_convert_fqdn_to_dns_name

2
src/mk-symfiles.sh
View File

@ -3,7 +3,7 @@
write_symbols() {
OUTPUT=$1
shift
grep 'getdns_[0-9a-zA-Z_]*(' $* | grep -v '^#' | grep -v 'INLINE' \
grep 'getdns_[0-9a-zA-Z_]*(' $* | grep -v '^#' | grep -v 'INLINE' | grep -v 'getdns_extra\.h\.in: \* if' \
| sed -e 's/(.*$//g' -e 's/^.*getdns_/getdns_/g' | LC_ALL=C sort | uniq > $OUTPUT
}

1
src/request-internal.c
View File

@ -944,6 +944,7 @@ _getdns_dns_req_new(getdns_context *context, getdns_eventloop *loop,
result->freed = NULL;
result->validating = 0;
result->is_dns_request = 1;
result->request_timed_out = 0;
result->chain = NULL;
network_req_init(result->netreqs[0], result,

206
src/rr-dict.c
View File

@ -56,11 +56,6 @@ apl_n_wire2dict(getdns_dict *dict, const uint8_t *rdf)
return getdns_dict_set_int(dict, "n", (*rdf >> 7));
}
static getdns_return_t
apl_n_wire2list(getdns_list *list, const uint8_t *rdf)
{
return _getdns_list_append_int(list, (*rdf >> 7));
}
static getdns_return_t
apl_n_2wire(uint32_t value, uint8_t *rdata, uint8_t *rdf, size_t *rdf_len)
{
(void)rdata; /* unused parameter */
@ -85,22 +80,10 @@ apl_n_dict2wire(const getdns_dict *dict,
else
return apl_n_2wire(value, rdata, rdf, rdf_len);
}
static getdns_return_t
apl_n_list2wire(const getdns_list *list, size_t i,
uint8_t *rdata, uint8_t *rdf, size_t *rdf_len)
{
getdns_return_t r;
uint32_t value;
if ((r = getdns_list_get_int(list, i, &value)))
return r;
else
return apl_n_2wire(value, rdata, rdf, rdf_len);
}
static _getdns_rdf_special apl_n = {
apl_n_rdf_end,
apl_n_wire2dict, apl_n_wire2list,
apl_n_dict2wire, apl_n_list2wire
apl_n_wire2dict, NULL,
apl_n_dict2wire, NULL
};
static const uint8_t *
@ -118,11 +101,6 @@ apl_afdpart_wire2dict(getdns_dict *dict, const uint8_t *rdf)
dict, "afdpart", (rdf[-1] & 0x7F), rdf);
}
static getdns_return_t
apl_afdpart_wire2list(getdns_list *list, const uint8_t *rdf)
{
return _getdns_list_append_const_bindata(list, (rdf[-1] & 0x7F), rdf);
}
static getdns_return_t
apl_afdpart_2wire(
const getdns_bindata *value, uint8_t *rdata, uint8_t *rdf, size_t *rdf_len)
{
@ -156,22 +134,10 @@ apl_afdpart_dict2wire(
else
return apl_afdpart_2wire(value, rdata, rdf, rdf_len);
}
static getdns_return_t
apl_afdpart_list2wire(const getdns_list *list,
size_t i, uint8_t *rdata, uint8_t *rdf, size_t *rdf_len)
{
getdns_return_t r;
getdns_bindata *value;
if ((r = getdns_list_get_bindata(list, i, &value)))
return r;
else
return apl_afdpart_2wire(value, rdata, rdf, rdf_len);
}
static _getdns_rdf_special apl_afdpart = {
apl_afdpart_rdf_end,
apl_afdpart_wire2dict, apl_afdpart_wire2list,
apl_afdpart_dict2wire, apl_afdpart_list2wire
apl_afdpart_wire2dict, NULL,
apl_afdpart_dict2wire, NULL
};
static const uint8_t *
@ -246,30 +212,12 @@ ipseckey_gateway_wire2dict(getdns_dict *dict, const uint8_t *rdf)
return _getdns_dict_set_const_bindata(dict, "gateway", size, data);
}
static getdns_return_t
ipseckey_gateway_wire2list(getdns_list *list, const uint8_t *rdf)
{
size_t size;
const uint8_t *data;
if (ipseckey_gateway_equip_const_bindata(rdf, &size, &data))
return GETDNS_RETURN_GENERIC_ERROR;
else if (!size)
return GETDNS_RETURN_GOOD;
else
return _getdns_list_append_const_bindata(list, size, data);
}
static getdns_return_t
ipseckey_gateway_2wire(
const getdns_bindata *value, uint8_t *rdata, uint8_t *rdf, size_t *rdf_len)
{
if (rdf - 2 < rdata)
return GETDNS_RETURN_GENERIC_ERROR;
assert(rdf - 2 >= rdata && rdf[-2] > 0);
switch (rdf[-2]) {
case 0: if (value && value->size > 0)
return GETDNS_RETURN_INVALID_PARAMETER;
break;
case 1: if (!value || value->size != 4)
return GETDNS_RETURN_INVALID_PARAMETER;
if (*rdf_len < 4) {
@ -310,27 +258,22 @@ ipseckey_gateway_dict2wire(
getdns_return_t r;
getdns_bindata *value;
if ((r = getdns_dict_get_bindata(dict, "gateway", &value)))
return r;
else
return ipseckey_gateway_2wire(value, rdata, rdf, rdf_len);
}
static getdns_return_t
ipseckey_gateway_list2wire(const getdns_list *list,
size_t i, uint8_t *rdata, uint8_t *rdf, size_t *rdf_len)
{
getdns_return_t r;
getdns_bindata *value;
if (rdf - 2 < rdata)
return GETDNS_RETURN_GENERIC_ERROR;
if ((r = getdns_list_get_bindata(list, i, &value)))
else if (rdf[-2] == 0) {
*rdf_len = 0;
return GETDNS_RETURN_GOOD;
}
else if ((r = getdns_dict_get_bindata(dict, "gateway", &value)))
return r;
else
return ipseckey_gateway_2wire(value, rdata, rdf, rdf_len);
}
static _getdns_rdf_special ipseckey_gateway = {
ipseckey_gateway_rdf_end,
ipseckey_gateway_wire2dict, ipseckey_gateway_wire2list,
ipseckey_gateway_dict2wire, ipseckey_gateway_list2wire
ipseckey_gateway_wire2dict, NULL,
ipseckey_gateway_dict2wire, NULL
};
static const uint8_t *
@ -348,11 +291,6 @@ hip_pk_algorithm_wire2dict(getdns_dict *dict, const uint8_t *rdf)
return getdns_dict_set_int(dict, "pk_algorithm", rdf[1]);
}
static getdns_return_t
hip_pk_algorithm_wire2list(getdns_list *list, const uint8_t *rdf)
{
return _getdns_list_append_int(list, rdf[1]);
}
static getdns_return_t
hip_pk_algorithm_2wire(uint32_t value, uint8_t *rdata, uint8_t *rdf, size_t *rdf_len)
{
if (rdata != rdf)
@ -379,22 +317,10 @@ hip_pk_algorithm_dict2wire(
else
return hip_pk_algorithm_2wire(value, rdata, rdf, rdf_len);
}
static getdns_return_t
hip_pk_algorithm_list2wire(const getdns_list *list,
size_t i, uint8_t *rdata, uint8_t *rdf, size_t *rdf_len)
{
getdns_return_t r;
uint32_t value;
if ((r = getdns_list_get_int(list, i, &value)))
return r;
else
return hip_pk_algorithm_2wire(value, rdata, rdf, rdf_len);
}
static _getdns_rdf_special hip_pk_algorithm = {
hip_pk_algorithm_rdf_end,
hip_pk_algorithm_wire2dict, hip_pk_algorithm_wire2list,
hip_pk_algorithm_dict2wire, hip_pk_algorithm_list2wire
hip_pk_algorithm_wire2dict, NULL,
hip_pk_algorithm_dict2wire, NULL
};
static const uint8_t *
@ -411,11 +337,6 @@ hip_hit_wire2dict(getdns_dict *dict, const uint8_t *rdf)
return _getdns_dict_set_const_bindata(dict, "hit", rdf[-1], rdf + 3);
}
static getdns_return_t
hip_hit_wire2list(getdns_list *list, const uint8_t *rdf)
{
return _getdns_list_append_const_bindata(list, rdf[-1], rdf + 3);
}
static getdns_return_t
hip_hit_2wire(
const getdns_bindata *value, uint8_t *rdata, uint8_t *rdf, size_t *rdf_len)
{
@ -449,22 +370,10 @@ hip_hit_dict2wire(
else
return hip_hit_2wire(value, rdata, rdf, rdf_len);
}
static getdns_return_t
hip_hit_list2wire(const getdns_list *list,
size_t i, uint8_t *rdata, uint8_t *rdf, size_t *rdf_len)
{
getdns_return_t r;
getdns_bindata *value;
if ((r = getdns_list_get_bindata(list, i, &value)))
return r;
else
return hip_hit_2wire(value, rdata, rdf, rdf_len);
}
static _getdns_rdf_special hip_hit = {
hip_hit_rdf_end,
hip_hit_wire2dict, hip_hit_wire2list,
hip_hit_dict2wire, hip_hit_list2wire
hip_hit_wire2dict, NULL,
hip_hit_dict2wire, NULL
};
static const uint8_t *
@ -483,12 +392,6 @@ hip_public_key_wire2dict(getdns_dict *dict, const uint8_t *rdf)
dict, "public_key", gldns_read_uint16(rdf), rdf + 2 + rdf[-2]);
}
static getdns_return_t
hip_public_key_wire2list(getdns_list *list, const uint8_t *rdf)
{
return _getdns_list_append_const_bindata(
list, gldns_read_uint16(rdf), rdf + 2 + rdf[-2]);
}
static getdns_return_t
hip_public_key_2wire(
const getdns_bindata *value, uint8_t *rdata, uint8_t *rdf, size_t *rdf_len)
{
@ -522,22 +425,10 @@ hip_public_key_dict2wire(
else
return hip_public_key_2wire(value, rdata, rdf, rdf_len);
}
static getdns_return_t
hip_public_key_list2wire(
const getdns_list *list, size_t i, uint8_t *rdata, uint8_t *rdf, size_t *rdf_len)
{
getdns_return_t r;
getdns_bindata *value;
if ((r = getdns_list_get_bindata(list, i, &value)))
return r;
else
return hip_public_key_2wire(value, rdata, rdf, rdf_len);
}
static _getdns_rdf_special hip_public_key = {
hip_public_key_rdf_end,
hip_public_key_wire2dict, hip_public_key_wire2list,
hip_public_key_dict2wire, hip_public_key_list2wire
hip_public_key_wire2dict, NULL,
hip_public_key_dict2wire, NULL
};
@ -596,6 +487,8 @@ static _getdns_rdata_def rt_rdata[] = {
{ "intermediate_host" , GETDNS_RDF_N , NULL }};
static _getdns_rdata_def nsap_rdata[] = {
{ "nsap" , GETDNS_RDF_X , NULL }};
static _getdns_rdata_def nsap_ptr_rdata[] = {
{ "owner" , GETDNS_RDF_S , NULL }};
static _getdns_rdata_def sig_rdata[] = {
{ "sig_obsolete" , GETDNS_RDF_X , NULL }};
static _getdns_rdata_def key_rdata[] = {
@ -614,6 +507,10 @@ static _getdns_rdata_def loc_rdata[] = {
{ "loc_obsolete" , GETDNS_RDF_X , NULL }};
static _getdns_rdata_def nxt_rdata[] = {
{ "nxt_obsolete" , GETDNS_RDF_X , NULL }};
static _getdns_rdata_def eid_rdata[] = {
{ "endpoint_identifier" , GETDNS_RDF_X , NULL }};
static _getdns_rdata_def nimloc_rdata[] = {
{ "nimrod_locator" , GETDNS_RDF_X , NULL }};
static _getdns_rdata_def srv_rdata[] = {
{ "priority" , GETDNS_RDF_I2 , NULL },
{ "weight" , GETDNS_RDF_I2 , NULL },
@ -707,6 +604,11 @@ static _getdns_rdata_def hip_rdata[] = {
{ "hit" , GETDNS_RDF_SPECIAL, &hip_hit },
{ "public_key" , GETDNS_RDF_SPECIAL, &hip_public_key },
{ "rendezvous_servers" , GETDNS_RDF_N_M , NULL }};
static _getdns_rdata_def talink_rdata[] = {
{ "previous" , GETDNS_RDF_N , NULL },
{ "next" , GETDNS_RDF_N , NULL }};
static _getdns_rdata_def openpgpkey_rdata[] = {
{ "transferable_public_key" , GETDNS_RDF_B , NULL }};
static _getdns_rdata_def csync_rdata[] = {
{ "serial" , GETDNS_RDF_I4 , NULL },
{ "flags" , GETDNS_RDF_I2 , NULL },
@ -782,17 +684,17 @@ static _getdns_rr_def _getdns_rr_defs[] = {
{ "X25", x25_rdata, ALEN( x25_rdata) },
{ "ISDN", isdn_rdata, ALEN( isdn_rdata) },
{ "RT", rt_rdata, ALEN( rt_rdata) },
{ "NSAP", nsap_rdata, ALEN( nsap_rdata) }, /* - 22 */
{ NULL, NULL, 0 },
{ "SIG", sig_rdata, ALEN( sig_rdata) }, /* 24 - */
{ "NSAP", nsap_rdata, ALEN( nsap_rdata) },
{ "NSAP_PTR", nsap_ptr_rdata, ALEN( nsap_ptr_rdata) },
{ "SIG", sig_rdata, ALEN( sig_rdata) },
{ "KEY", key_rdata, ALEN( key_rdata) },
{ "PX", px_rdata, ALEN( px_rdata) },
{ "GPOS", gpos_rdata, ALEN( gpos_rdata) },
{ "AAAA", aaaa_rdata, ALEN( aaaa_rdata) },
{ "LOC", loc_rdata, ALEN( loc_rdata) },
{ "NXT", nxt_rdata, ALEN( nxt_rdata) },
{ "EID", UNKNOWN_RDATA, 0 },
{ "NIMLOC", UNKNOWN_RDATA, 0 },
{ "EID", eid_rdata, ALEN( eid_rdata) },
{ "NIMLOC", nimloc_rdata, ALEN( nimloc_rdata) },
{ "SRV", srv_rdata, ALEN( srv_rdata) },
{ "ATMA", atma_rdata, ALEN( atma_rdata) },
{ "NAPTR", naptr_rdata, ALEN( naptr_rdata) },
@ -812,16 +714,16 @@ static _getdns_rr_def _getdns_rr_defs[] = {
{ "DHCID", dhcid_rdata, ALEN( dhcid_rdata) },
{ "NSEC3", nsec3_rdata, ALEN( nsec3_rdata) },
{ "NSEC3PARAM", nsec3param_rdata, ALEN(nsec3param_rdata) },
{ "TLSA", tlsa_rdata, ALEN( tlsa_rdata) }, /* - 52 */
{ NULL, NULL, 0 },
{ "TLSA", tlsa_rdata, ALEN( tlsa_rdata) },
{ "SMIMEA", tlsa_rdata, ALEN( tlsa_rdata) }, /* - 53 */
{ NULL, NULL, 0 },
{ "HIP", hip_rdata, ALEN( hip_rdata) }, /* 55 - */
{ "NINFO", UNKNOWN_RDATA, 0 },
{ "RKEY", UNKNOWN_RDATA, 0 },
{ "TALINK", UNKNOWN_RDATA, 0 },
{ "TALINK", talink_rdata, ALEN( talink_rdata) },
{ "CDS", ds_rdata, ALEN( ds_rdata) },
{ "CDNSKEY", dnskey_rdata, ALEN( dnskey_rdata) },
{ "OPENPGPKEY", UNKNOWN_RDATA, 0 }, /* 61 - */
{ "OPENPGPKEY", openpgpkey_rdata, ALEN(openpgpkey_rdata) }, /* 61 - */
{ "CSYNC", csync_rdata, ALEN( csync_rdata) }, /* - 62 */
{ NULL, NULL, 0 },
{ NULL, NULL, 0 },
@ -1017,20 +919,21 @@ static _getdns_rr_def _getdns_rr_defs[] = {
{ "MAILA", UNKNOWN_RDATA, 0 }, /* - 254 */
{ NULL, NULL, 0 },
{ "URI", uri_rdata, ALEN( uri_rdata) }, /* 256 - */
{ "CAA", caa_rdata, ALEN( caa_rdata) }, /* - 257 */
{ "TA", UNKNOWN_RDATA, 0 }, /* 32768 */
{ "CAA", caa_rdata, ALEN( caa_rdata) },
{ "AVC", txt_rdata, ALEN( txt_rdata) }, /* - 258 */
{ "TA", ds_rdata, ALEN( ds_rdata) }, /* 32768 */
{ "DLV", dlv_rdata, ALEN( dlv_rdata) } /* 32769 */
};
const _getdns_rr_def *
_getdns_rr_def_lookup(uint16_t rr_type)
{
if (rr_type <= 257)
if (rr_type <= 258)
return &_getdns_rr_defs[rr_type];
else if (rr_type == 32768)
return &_getdns_rr_defs[258];
else if (rr_type == 32769)
return &_getdns_rr_defs[259];
else if (rr_type == 32769)
return &_getdns_rr_defs[260];
return _getdns_rr_defs;
}
@ -1120,7 +1023,12 @@ write_rdata_field(gldns_buffer *buf, uint8_t *rdata_start,
return GETDNS_RETURN_GENERIC_ERROR;
} else if (!(rd_def->type & GETDNS_RDF_REPEAT)) {
/*
* Non repetitive special rdatafield,
* We must have a dict2wire function
*/
assert(rd_def->special->dict2wire);
rdf_len = gldns_buffer_remaining(buf);
r = rd_def->special->dict2wire(rdata, rdata_start,
gldns_buffer_current(buf), &rdf_len);
@ -1130,12 +1038,21 @@ write_rdata_field(gldns_buffer *buf, uint8_t *rdata_start,
if (r)
return r;
/* We do not have repetitive special rdata fields (yet)
*
* LCOV_EXCL_START
*/
} else if ((r = getdns_dict_get_list(rdata, rd_def->name, &list))) {
return r == GETDNS_RETURN_NO_SUCH_DICT_NAME
? GETDNS_RETURN_GOOD : r;
} else for ( i = 0; r == GETDNS_RETURN_GOOD; i++ ) {
/*
* A repetitive special rdata field must have the list2wire
* function.
*/
assert(rd_def->special->list2wire);
rdf_len = gldns_buffer_remaining(buf);
r = rd_def->special->list2wire(list, i, rdata_start,
@ -1144,6 +1061,7 @@ write_rdata_field(gldns_buffer *buf, uint8_t *rdata_start,
r == GETDNS_RETURN_NEED_MORE_SPACE)
gldns_buffer_skip(buf, rdf_len);
}
/* LCOV_EXCL_STOP */
return r != GETDNS_RETURN_NO_SUCH_LIST_ITEM ? r : GETDNS_RETURN_GOOD;
}

10
src/rr-iter.c
View File

@ -518,8 +518,16 @@ rdf_iter_find_nxt(_getdns_rdf_iter *i)
/* Empty rdata fields are only allowed in case of non-repeating
* remaining data. So only the GETDNS_RDF_BINDATA bit is set.
*
* There is one exception, the IPSECKEY has an empty special rdata
* field "gateway" when another rdata field, "gateway_type" is 0.
* In general, the special wire2dict or list functions should
* handle this case themselves, so allow for 0 sized RDF_SPECIAL
* typed rdata fields too.
*/
(i->nxt > i->pos || (i->rdd_pos->type == GETDNS_RDF_BINDATA)))
( i->nxt > i->pos
|| i->rdd_pos->type == GETDNS_RDF_BINDATA
|| i->rdd_pos->type == GETDNS_RDF_SPECIAL))
return i;
done:
i->pos = NULL;

65
src/stub.c
View File

@ -32,11 +32,21 @@
*/
#include "config.h"
/* Intercept and do not sent out COM DS queries with TLS
* For debugging purposes only. Never commit with this turned on.
*/
#define INTERCEPT_COM_DS 0
#ifdef USE_POLL_DEFAULT_EVENTLOOP
# ifdef HAVE_SYS_POLL_H
# include <sys/poll.h>
# else
#ifdef USE_WINSOCK
#define poll(fdarray, nbsockets, timer) WSAPoll(fdarray, nbsockets, timer)
#else
# include <poll.h>
#endif
# endif
#endif
#include "debug.h"
@ -740,7 +750,7 @@ stub_tcp_read(int fd, getdns_tcp_state *tcp, struct mem_funcs *mf)
/* stub_tcp_write(fd, tcp, netreq)
* will return STUB_TCP_AGAIN when we need to come back again,
* STUB_TCP_ERROR on error and a query_id on successfull sent.
* STUB_TCP_ERROR on error and a query_id on successful sent.
*/
static int
stub_tcp_write(int fd, getdns_tcp_state *tcp, getdns_network_req *netreq)
@ -1280,12 +1290,15 @@ stub_tls_write(getdns_upstream *upstream, getdns_tcp_state *tcp,
return STUB_OUT_OF_OPTIONS;
netreq->keepalive_sent = 1;
}
if (netreq->owner->tls_query_padding_blocksize > 1) {
if (netreq->owner->tls_query_padding_blocksize > 0) {
uint16_t blksz = netreq->owner->tls_query_padding_blocksize;
if (blksz == 1) /* use a sensible default policy */
blksz = 128;
pkt_len = netreq->response - netreq->query;
pkt_len += 4; /* this accounts for the OPTION-CODE and OPTION-LENGTH of the padding */
padding_sz = pkt_len % netreq->owner->tls_query_padding_blocksize;
padding_sz = pkt_len % blksz;
if (padding_sz)
padding_sz = netreq->owner->tls_query_padding_blocksize - padding_sz;
padding_sz = blksz - padding_sz;
if (_getdns_network_req_add_upstream_option(netreq,
EDNS_PADDING_OPCODE,
padding_sz, NULL))
@ -1299,10 +1312,39 @@ stub_tls_write(getdns_upstream *upstream, getdns_tcp_state *tcp,
/* TODO[TLS]: Handle error cases, partial writes, renegotiation etc. */
ERR_clear_error();
written = SSL_write(tls_obj, netreq->query - 2, pkt_len + 2);
if (written <= 0)
return STUB_TCP_ERROR;
#if INTERCEPT_COM_DS
/* Intercept and do not sent out COM DS queries. For debugging
* purposes only. Never commit with this turned on.
*/
if (netreq->request_type == GETDNS_RRTYPE_DS &&
netreq->owner->name_len == 5 &&
netreq->owner->name[0] == 3 &&
(netreq->owner->name[1] & 0xDF) == 'C' &&
(netreq->owner->name[2] & 0xDF) == 'O' &&
(netreq->owner->name[3] & 0xDF) == 'M' &&
netreq->owner->name[4] == 0) {
debug_req("Intercepting", netreq);
written = pkt_len + 2;
} else
#endif
written = SSL_write(tls_obj, netreq->query - 2, pkt_len + 2);
if (written <= 0) {
/* SSL_write will not do partial writes, because
* SSL_MODE_ENABLE_PARTIAL_WRITE is not default,
* but the write could fail because of renegotiation.
* In that case SSL_get_error() will return
* SSL_ERROR_WANT_READ or, SSL_ERROR_WANT_WRITE.
* Return for retry in such cases.
*/
switch (SSL_get_error(tls_obj, written)) {
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
return STUB_TCP_AGAIN;
default:
return STUB_TCP_ERROR;
}
}
/* We were able to write everything! Start reading. */
return (int) query_id;
@ -1675,9 +1717,8 @@ upstream_write_cb(void *userarg)
default:
if (netreq->owner->return_call_reporting &&
netreq->upstream->tls_obj &&
netreq->debug_tls_peer_cert.data == NULL &&
(cert = SSL_get_peer_certificate(netreq->upstream->tls_obj))) {
assert(netreq->debug_tls_peer_cert.data == NULL);
netreq->debug_tls_peer_cert.size = i2d_X509(
cert, &netreq->debug_tls_peer_cert.data);
X509_free(cert);
@ -2073,6 +2114,12 @@ upstream_reschedule_events(getdns_upstream *upstream, uint64_t idle_timeout) {
else {
DEBUG_STUB("%s %-35s: FD: %d Connection idle - timeout is %d\n",
STUB_DEBUG_SCHEDULE, __FUNC__, upstream->fd, (int)idle_timeout);
/* TODO: Schedule a read also anyway,
* to digest timed out answers.
* Dont forget to schedule with upstream->fd then!
*
* upstream->event.read_cb = upstream_read_cb;
*/
upstream->event.timeout_cb = upstream_idle_timeout_cb;
if (upstream->conn_state != GETDNS_CONN_OPEN)
idle_timeout = 0;

4
src/test/tests_transports.sh
View File

@ -10,7 +10,7 @@ TLS_SERVER_KEY="foxZRnIh9gZpWnl+zEiKa0EJ2rdCGroMWm02gaxSc9S="
TLS_SERVER_SS_KEY="pOXrpUt9kgPgbWxBFFcBTbRH2heo2wHwXp1fd4AEVXI="
TLS_SERVER_WRONG_KEY="foxZRnIh9gZpWnl+zEiKa0EJ2rdCGroMWm02gaxSc1S="
GOOD_RESULT_SYNC="Status was: At least one response was returned"
GOOD_RESULT_ASYNC="successfull"
GOOD_RESULT_ASYNC="successful"
BAD_RESULT_SYNC="1 'Generic error'"
BAD_RESULT_ASYNC="callback_type of 703"
NUM_ARGS=3
@ -196,4 +196,4 @@ done
echo
echo "Finished transport test: did $COUNT queries, $GOOD_COUNT passes, $FAIL_COUNT failures"
echo
echo

13
src/test/tpkg/070-coding-practice.tpkg/070-coding-practice.test
View File

@ -33,6 +33,19 @@ rm -f report.txt
echo ""
fi
) >> report.txt
(
cd ${SRCROOT}/src
if [ `grep '^#define[ ]*INTERCEPT_COM_DS[ ]*1' stub.c | wc -l` -gt 0 ]
then
echo "*** "
echo "*** The repo contained the COM DS queries interception"
echo "*** with TLS transports turned on, this should be off"
echo "*** "
grep -n '^#define[ ]INTERCEPT_COM_DS[ ]*1' stub.c
echo ""
fi
) >> report.txt
if [ -s report.txt ]
then

15
src/test/tpkg/080-iana-rr-types.tpkg/080-iana-rr-types.dsc Normal file
View File

@ -0,0 +1,15 @@
BaseName: 080-iana-rr-types
Version: 1.0
Description: Fetch dns-parameters.xml from iana and check all RR types
CreationDate: di 2 mei 2017 15:11:53 CEST
Maintainer: Willem Toorop
Category:
Component:
Depends:
CmdDepends: wget, grep
Pre:
Post:
Test: 080-iana-rr-types.test
AuxFiles:
Passed:
Failure:

51
src/test/tpkg/080-iana-rr-types.tpkg/080-iana-rr-types.test Normal file
View File

@ -0,0 +1,51 @@
# source the master var file when it's there
[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
# use .tpkg.var.test for in test variable passing
[ -f .tpkg.var.test ] && source .tpkg.var.test
# svnserve resets the path, you may need to adjust it, like this:
PATH=$PATH:/usr/sbin:/sbin:/usr/local/bin:/usr/local/sbin:.
# first arg is the build dir
TPKG_BUILD=$1
PARAM_XML="dns-parameters.xml"
PARAM_URL="http://www.iana.org/assignments/dns-parameters/$PARAM_XML"
if [ -f $PARAM_XML ]
then
mv $PARAM_XML ${PARAM_XML}.aandekant
fi
if which wget
then
wget "$PARAM_URL"
elif ! ( echo quit | ftp "$PARAM_URL" )
then
echo "Don't have wget or ftp to get $PARAM_URL"
exit -1
fi
EXIT_STATUS=0
for TYPE_VAL in `awk '/<type>[^<>]*<\/type>/{ a=$1; getline; b=$1; print a""b }' dns-parameters.xml | sed -e 's/<type>//g' -e 's/<\/type>//g' -e 's/<value>/:/g' -e 's/<\/value>//g'|egrep -v '^(Unassigned|Private|Reserved)'`
do
TYPE=${TYPE_VAL%:*}
VALUE=${TYPE_VAL#*:}
case "x$TYPE" in
x\*) TYPE="ANY"
;;
xNSAP-PTR) TYPE="NSAP_PTR"
;;
esac
if ! grep -q "LDNS_RR_TYPE_${TYPE} = ${VALUE}" ${SRCROOT}/src/gldns/rrdef.h
then
echo "RR type ${TYPE} (value ${VALUE}) not in rrdef.h"
EXIT_STATUS=1
fi
if ! grep -q "GETDNS_RRTYPE_${TYPE}[ ][ ]*${VALUE}" ${SRCROOT}/src/getdns/getdns.h.in
then
echo "RR type ${TYPE} (value ${VALUE}) not in getdns.h.in"
EXIT_STATUS=1
fi
done
exit $EXIT_STATUS

2
src/test/tpkg/225-stub-only-valgrind-checks.tpkg/225-stub-only-valgrind-checks.dsc
View File

@ -6,7 +6,7 @@ Maintainer: Willem Toorop
Category:
Component:
CmdDepends: valgrind
Depends: 110-link.tpkg
Depends: 210-stub-only-link.tpkg
Help:
Pre:
Post:

10
src/test/tpkg/260-conversion-functions.tpkg/260-conversion-functions.c
View File

@ -70,6 +70,7 @@ int main(int argc, char const * const argv[])
FILE *in;
uint8_t wire_buf[8200];
size_t i;
size_t uavailable;
int available;
char str_buf[10000];
int str_len = sizeof(str_buf);
@ -300,15 +301,20 @@ int main(int argc, char const * const argv[])
* Then fill a string buffer with those rr_dicts.
*/
available = wire - wire_buf;
if (available < 0) {
fprintf(stderr, "Negative sized buffer!\n");
exit(EXIT_FAILURE);
}
uavailable = available;
wire = wire_buf;
str = str_buf;
str_len = sizeof(str_buf);
while (available > 0 && str_len > 0) {
while (uavailable > 0 && str_len > 0) {
rr_dict = NULL;
if ((r = getdns_wire2rr_dict_scan(
(const uint8_t **)&wire, &available, &rr_dict)))
(const uint8_t **)&wire, &uavailable, &rr_dict)))
FAIL_r("getdns_wire2rr_dict_scan");
if ((r = getdns_rr_dict2str_scan(rr_dict, &str, &str_len)))

2
src/test/tpkg/260-conversion-functions.tpkg/260-conversion-functions.good
View File

@ -1478,6 +1478,7 @@ apl.net-dns.org. 3600 IN APL 1:192.168.42.0/26 1:192.168.42.64/26 !1:192.168.42.
"algorithm": 10,
"gateway_type": 0,
"precedence": 2,
"public_key": <bindata of 0x010351537986ed35533b6064478eeeb2...>,
"rdata_raw": <bindata of 0x0a0002010351537986ed35533b606447...>
},
"ttl": 30,
@ -1536,6 +1537,7 @@ apl.net-dns.org. 3600 IN APL 1:192.168.42.0/26 1:192.168.42.64/26 !1:192.168.42.
"algorithm": 10,
"gateway_type": 0,
"precedence": 2,
"public_key": <bindata of 0x010351537986ed35533b6064478eeeb2...>,
"rdata_raw": <bindata of 0x0a0002010351537986ed35533b606447...>
},
"ttl": 30,

15
src/test/tpkg/265-supported-rrs.tpkg/265-supported-rrs.Makefile Normal file
View File

@ -0,0 +1,15 @@
builddir = @BUILDDIR@
testname = @TPKG_NAME@
LIBTOOL = $(builddir)/libtool
CFLAGS=-I$(builddir)/src
LDLIBS=$(builddir)/src/libgetdns.la
.SUFFIXES: .c .o .a .lo .h
.c.lo:
$(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -c $< -o $@
$(testname): $(testname).lo
$(LIBTOOL) --tag=CC --mode=link $(CC) $(LDLIBS) $(LDFLAGS) -o $(testname) $(testname).lo

127
src/test/tpkg/265-supported-rrs.tpkg/265-supported-rrs.c Normal file
View File

@ -0,0 +1,127 @@
#include <stdio.h>
#include <ctype.h>
#include <arpa/inet.h>
#include <getdns/getdns.h>
#include <getdns/getdns_extra.h>
#define FAIL(...) do { \
fprintf(stderr, "ERROR in %s:%d, ", __FILE__, __LINE__); \
fprintf(stderr, __VA_ARGS__); \
fprintf(stderr, "\n"); \
exit(EXIT_FAILURE); \
} while (0)
#define FAIL_r(function_name) FAIL( "%s returned %d: %s", function_name \
, (int)r, getdns_get_errorstr_by_id(r));
void print_dict(getdns_dict *rr_dict)
{
char *str = getdns_pretty_print_dict(rr_dict);
printf("%s\n", str);
free(str);
}
void print_list(getdns_list *rr_list)
{
char *str = getdns_pretty_print_list(rr_list);
printf("%s\n", str);
free(str);
}
void print_wire(uint8_t *wire, size_t wire_len)
{
size_t pos, i;
for (pos = 0; pos < wire_len; pos += 16) {
printf("%.4zx", pos);
for (i = 0; i < 16; i++) {
if (i % 8 == 0)
printf(" ");
if (pos + i < wire_len)
printf(" %.2x", (int)wire[pos + i]);
else
printf(" ");
}
printf(" ");
for (i = 0; i < 16; i++) {
if (i % 8 == 0)
printf(" ");
if (pos + i < wire_len && isprint(wire[pos + i]))
printf("%c", wire[pos + i]);
else
printf(".");
}
printf("\n");
}
}
int main(int argc, char const * const argv[])
{
getdns_return_t r;
getdns_list *rr_list;
FILE *in;
uint8_t wirebuf[16384];
uint8_t *bufptr = wirebuf;
int bufsz = sizeof(wirebuf);
int msgsz;
size_t rr_list_len;
getdns_dict *rr_dict;
size_t i;
getdns_dict *msg_dict;
char *msg_str;
if (!(in = fopen(argv[1], "r")))
FAIL("Could not fopen %s\n", argv[1]);
if ((r = getdns_fp2rr_list(in, &rr_list, NULL, 0)))
FAIL_r("getdns_fp2rr_list");
fclose(in);
print_list(rr_list);
if ((r = getdns_list_get_length(rr_list, &rr_list_len)))
FAIL_r("getdns_list_get_length");
*bufptr++ = 0; *bufptr++ = 0;
*bufptr++ = 0; *bufptr++ = 0;
*bufptr++ = 0; *bufptr++ = 0;
*(uint16_t *)bufptr = htons((uint16_t)rr_list_len); bufptr += 2;
*bufptr++ = 0; *bufptr++ = 0;
*bufptr++ = 0; *bufptr++ = 0;
bufsz -= 12;
for (i = 0; i < rr_list_len; i++) {
if ((r = getdns_list_get_dict(rr_list, i, &rr_dict)))
FAIL_r("getdns_list_get_dict");
if ((r = getdns_dict_remove_name(rr_dict, "/rdata/rdata_raw")))
FAIL_r("getdns_dict_remove_name");
if ((r = getdns_rr_dict2wire_scan(rr_dict, &bufptr, &bufsz))) {
char *rr_dict_str = getdns_pretty_print_dict(rr_dict);
fprintf(stderr, "getdns_rr_dict2wire_scan failed: %s"
" with rr_dict %s\n"
, getdns_get_errorstr_by_id(r)
, rr_dict_str );
free(rr_dict_str);
}
/* printf("bufptr: %p, bufsz: %d\n", bufptr, bufsz); */
}
msgsz = sizeof(wirebuf) - bufsz;
if ((r = getdns_wire2msg_dict(wirebuf, msgsz, &msg_dict)))
FAIL_r("getdns_wire2msg_dict");
if ((r = getdns_msg_dict2str(msg_dict, &msg_str)))
FAIL_r("getdns_msg_dict2str");
printf("%s\n", msg_str);
free(msg_str);
getdns_dict_destroy(msg_dict);
getdns_list_destroy(rr_list);
exit(EXIT_SUCCESS);
}

16
src/test/tpkg/265-supported-rrs.tpkg/265-supported-rrs.dsc Normal file
View File

@ -0,0 +1,16 @@
BaseName: 265-supported-rrs
Version: 1.0
Description: Test supported resource records
CreationDate: do 20 apr 2017 11:31:29 CEST
Maintainer: Hoda Rohani
Category:
Component:
CmdDepends:
Depends: 200-stub-only-compile.tpkg
Help:
Pre: 265-supported-rrs.pre
Post:
Test: 265-supported-rrs.test
AuxFiles:
Passed:
Failure:

1097
src/test/tpkg/265-supported-rrs.tpkg/265-supported-rrs.good Normal file
View File

File diff suppressed because it is too large Load Diff

107
src/test/tpkg/265-supported-rrs.tpkg/265-supported-rrs.net-dns.org Normal file
View File

@ -0,0 +1,107 @@
; Note that the contents of RRsets are only intended to test the RRType itself and
; are not necessarily valid.
$ORIGIN .
$TTL 30 ; 30 seconds
net-dns.org IN SOA ns.nlnetlabs.nl. sysadmin.nlnetlabs.nl. (
2015081800 ; serial
450 ; refresh (7 minutes 30 seconds)
600 ; retry (10 minutes)
345600 ; expire (4 days)
300 ; minimum (5 minutes)
)
NS ns.nlnetlabs.nl
A 185.49.140.22
AAAA 2a04:b900::2:0:0:22
MX 10 dicht.nlnetlabs.nl.
TXT "Net::DNS domain"
$ORIGIN net-dns.org.
a A 10.0.1.128
;aa A 010.010.010.11 leading zeros not allowed?
www A 185.49.140.22
aaaa AAAA 2a04:b900::2:0:0:23
;a6 A6 0 2345:00C0:: ;obsolete
afsdb AFSDB 12 getdnsapi.net-dns.org.
apl APL 1:192.168.42.0/26 1:192.168.42.64/26 !1:192.168.42.128/25 1:224.0.0.0/4 2:FF00:0:0:0:0:0:0:0/8
atm-host ATMA 47.0079.00010200000000000000.00a03e000002.00
caa CAA 0 issue "ca.net-dns.org"
cdnskey CDNSKEY 256 3 RSASHA1 AQOraLfzarHAlFskVGwAGnX0LRjlcOiO6y5WM4Kz+QvZ9vX28h4lOvnfd5tkxnZm7ERLTAJoFq+1w/wl7VXs2Isz75BSZ7LQh3OT2xXnS6VT5ZxXko/UCOdoGiKZZ63jHZ0jNSTCYy8+5rfvwRD8s3gGuErp5KcHg3V8VLUKSDNNEQ== ; {id = 42860, size = 1024b}
cds CDS 13026 DSA 1 0259f20021
cert CERT PKIX 65535 RSAMD5 AQOppkQvFlPFLiWZc0NXX5/QY44jphv3vfX0dscHNmThNtfx0TUgfBb1YQKJX6MNrzu/vvtV3xpLcCJ+tIP8ADDiMaUYT5Gh6kmn22V7FgHPlCHRJ+AcudQbeYgw1KCYS9D46oEvBR8mQ4HFTEkdWg+PETATQk77P1CmmURdogcmzZqZIer+VAs6uusIdxrmWeP8j2aYRvozdjvgzmHXSabDDxrnuIbnL4r4qAoc6Q9DAybYA7Ya52gtH06dFOkaQr1dvHu1iJES16H0SL/OlhsOVrZmM1RFcwDGXcnxiKZ4TdtFeXQ/6VN3JegLR5t2FyKzoKYb4klpdZM8JVuVtc/n
cname CNAME a
csync CSYNC 66 3 A NS AAAA
dhcid DHCID ( AAIBY2/AuCccgoJbsaxcQc9TUapptP69lOjxfNuVAA2kjEA= )
dlv DLV 13026 DSA 1 0259f20021a0f2ff8bbbd8ab6174ac2412fdf363
dname DNAME net-dns.net.
dnskey DNSKEY 256 3 RSASHA1 AQOraLfzarHAlFskVGwAGnX0LRjlcOiO6y5WM4Kz+QvZ9vX28h4lOvnfd5tkxnZm7ERLTAJoFq+1w/wl7VXs2Isz75BSZ7LQh3OT2xXnS6VT5ZxXko/UCOdoGiKZZ63jHZ0jNSTCYy8+5rfvwRD8s3gGuErp5KcHg3V8VLUKSDNNEQ== ; {id = 42860, size = 1024b}
ds DS 13026 DSA 1 0259f20021a0f2ff8bbbd8ab6174ac2412fdf363
eid EID E32C 6F78 164A 9348
eui48 EUI48 00-00-5e-00-53-2a
eui64 EUI64 00-00-5e-ef-10-00-00-2a
;gid GID ;IANA-Reserved
gpos GPOS -32.6882 116.8652 10.0
hinfo HINFO "CPU" "OS"
hip HIP ( 2 200100107B1A74DF365639CC39F1D578 AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D )
ipseckey0 IPSECKEY 10 0 2 . AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
ipseckey1 IPSECKEY 10 1 2 192.0.2.38 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
ipseckey2 IPSECKEY 10 2 2 2001:0DB8:0:8002::2000:1 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
ipseckey3 IPSECKEY 10 3 2 mygateway.example.com. AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
ipseckey IPSECKEY 10 0 2 . AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
IPSECKEY 10 1 2 192.0.2.38 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
IPSECKEY 10 2 2 2001:0DB8:0:8002::2000:1 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
IPSECKEY 10 3 2 mygateway.example.com. AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
isdn ISDN 150862028003217 004
key KEY ( 256 3 3 BOPdJjdc/ZQWCVA/ONz6LjvugMnB2KKL3F1D2i9GdrpircWRKS2DfRn5KiMM2HQXBHv0ZdkFs/tmjg7rYxrN+bzBNrlwfU5RMjioi67PthD07EHbZjwoZ5sKC2BZ/M596hygfx5JAvbIWBQVF+ztiuCnWCkbGvVXwsmE+odINCur+o+EjA9hF06LqTviUJKqTxisQO5OHM/0ufNenzIbijJPTXbUcF3vW+CMlX+AUPLSag7YnhWaEu7BLCKfg3vJVw9mtaN2W3oWPRdebGUf/QfyVKXoWD6zDLByCZh4wKvpcwgAsel4bO5LVe7s8qstSxqrwzmvaZ5XYOMZFbN7CXtutiswAkb0pkehIYime6IRkDwWDG+14H5yriRuCDK3m7GvwxMo+ggV0k3Po9LD5wWSIi1N ) ; key id = 22004
kx KX 10 services.
loc LOC 42 21 54.000 N 71 06 18.000 W -24m 30m 10000m 10m
lp LP 10 l64-subnet1
l32 L32 10 10.1.2.0 ;10.1.02.0 example in rfc not working??!!
l64 L64 10 2001:0DB8:1140:1000
;maila MAILA ;obsolete
;mailb MAILB ;obsolete
mb MB services
md MD services
mf MF services
mg MG services
minfo MINFO getdnsapi.net-dns.org. info.getdnsapi.net-dns.org.
mr MR services
mx MX 10 a
naptr NAPTR 100 100 "s" "http+I2R" "" _https._tcp
nid NID 10 0014:4fff:ff20:ef64
nimloc NIMLOC 3225 1B 03 0067
;ninfo NINFO
nsap NSAP 0x47.0005.80.005a00.0000.0001.e133.ffffff000161.00
444433332222111199990123000000ff NSAP-PTR host ; instead of name of type number is shown
nsec NSEC host.net-dns.org. ( A MX NSEC )
nsec3 NSEC3 1 0 5 fd5eeade2ba67b64 92qfhk1g2m21l1j89pju33nrm9586bpu A NS SOA MX RRSIG DNSKEY NSEC3PARAM
nsec3param NSEC3PARAM 1 0 5 fd5eeade2ba67b64
;null NULL 656D7330312E796F75722D66726565646F6D2E64653B55533B36362E39302E37332E34363B303B313232363B64656661756C742C766F6C756D652C6E6F727468616D65726963612C696E7465726163746976652C766F69702C6F70656E76706E2C707074702C736F636B73353B
;nxt NXT OPENPGPKEY NXT
3fa2675708e4613939a03a3a8f3517118fe470e519d634a763d89037._openpgpkey OPENPGPKEY mQENBFTTiU4BCADdIc4NQ6vZqyDJtKVqXabvj66t3V+OTvoDrceeTjmwtUoFIU2p5xQPmeHQcT+YPLOJC7rKI/raNBe/sQ9+WKanWko9xVzki3l2YqHCuioUAdgbtZMrSnkSTnCyST/rAuxxQYMHo5Ck/0g4b9Z0jZnRIACd8oxX89CRH5zu1KP6X7Df7aGpnNlFBUWTdODTkrUapLXLdn3dHJmsMxwBL1xLJvhWRmIvk27L18ix50IDLw/JHiraCCClyDXfDXkahWAR2GTFxp9iZ0FS1G+f+EFsGhP72LAuiLsBgauDuekPf01xnbn3PgMi8NSNsrJJMFQKfCLx0iPy5KCKvWL2KW7nABEBAAG0H0hvZGEgUm9oYW5pIDxob2RhQG5sbmV0bGFicy5ubD6JATgEEwECACIFAlTTiU4CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEBS2RC1wiYvnD88H/0kwmg5HcisUjwquaOSaybp8MQ46KNVZO+CI3csyhHlmOdYk3BDUDMWTzs0JvHAOIS5tyRBVaXdbxtth7sIbI1CwdHf2jwSs16rApJs4XC5kndF3Z6uk8QHyNanvTxLL+CSZX7I/GAx4dLgN/3v7kx/bKNtXRKy525KHbbl3AqPVRcynqJ/yLuiA47jEUfR5ZI3awrtdlVtmq/9Zv4tw3mRM/GVvOCPBfzWHe57BI4D+PeIgRmTpLCSwtQwfbGvf/wufaVXX+fCqUuGGpNda8F1BQPdoTMIS+rQVjOSFKNWOIRauNsDWQHYQTSafRuCk0p1FSzmsWjXQJCpXIzmwZP+5AQ0EVNOJTgEIALxEVGUggMZFzr732mGrUjmDK25eVwZ5KDaFnn3RvtvbW1Dg7VaeI+V0foLQGqzge1p/kvLQHMY1MJMZYWSK3MqL4hnavSklDnOQTUAeMZ6k2+1njE1kcYM2DeZGqPufRB6jeaa2SYvGLL4EUbaCzW5r0pv3rgewUzmMvzOf+SgsHQFfRPQZOtGGIVrLTn9G9uFIE80RSV316oYTvXgUVbTSGObpfxWY5i9UwMQgsNgzN1TpAj2ktjROY0c85DxoY/HBTEsAh+jHyNKH+z1Dng2luWY1P/w7wAZNEqPrqk3AUkGt9jDbACbcr3Cyu/6GKsxpJbjPIzal33sunwEZ4+EAEQEAAYkBHwQYAQIACQUCVNOJTgIbDAAKCRAUtkQtcImL5/6ZCACj2HPhLyCJNB7ozf39SuuAdI1PgUfNSx3adOZeMQ03itGnY+YKDiSOcWlUwYvbX4PMiXjHiL+bOlMNAN6Lxfsfqj6Lef7r6s5I+m0VW+/wcb0J1+V0ObGDux69kxPwsozu1Khbpamsj1S8AiGtdUA1Qc0/qXzkEjW7MQ5YwYr0vL4nAlOoxD4l/U8PrLIo1ftwShf1cTXu2TlFAzaUzyfSLqkqQLQtMZ/3yx5w4uvRXElbOVbRi9bebAzLrUx12JUTDNzWv3qDH0hJnQxSrpu9gy21VRwlyfWz4Nz3GhsmRn1pbmzaUclEL6Rk/zv4gy6Z/X0CK1eepZ/JAEwkRCvq
128.1.0.10.in-addr.arpa. PTR a
px PX 2 map822. mapx400.
;rkey RKEY
rp RP a.getdnsapi.net-dns.org. getdnsapi.net-dns.org.
rrsig RRSIG SOA 8 1 3600 20170417161124 20170403085720 13156 net-dns.org. U2lxZcqlOQ6d8pbMAhEZwPTjPpSkXoKcZAb43B6dIRPNPZXvm4VGPB37BbTqq/zCWmNv/E2OoVwFncqq21bnSxrx6t/KnlrO1keFiopS+uTJreCJzI6U1zOhgHViN5Z/5yLJG1w5jjbRmJ3FMEVwfgLwjPOUPtq6/zqAH19mvtU=
rt RT 0 services.
sig SIG ( A 3 3 1285 20170327122207 20170226122207 22004 net-dns.org. BMTLR80WnKndatr77OirBtprR9SLKoZUiPWXU5kViDi+5amYW/GFCp0= )
;sink SINK
;MNUHE2LT._smimeacert SMIMEA ( 0 0 1 d2abde240d7cd3ee6b4b28c54df034b97983a1d16e8a410e4561cb106618e971 )
spf SPF "v=spf1 +mx a:colo.nlnetlabs.nl/28 -all"
srv SRV 0 5 80 www
sshfp SSHFP 1 1 450c7d19d5da9a3a5b7c19992d1fbde15d8dad44
;ta TA
talink TALINK h0 h2
;tkey TKEY
_443._tcp TLSA 3 1 1 274c6f96c9885c8050e8a05ad1c3162c1d51752c35b6196474e3f05ad31cd923
_443._tcp.www TLSA 3 1 1 274c6f96c9885c8050e8a05ad1c3162c1d51752c35b6196474e3f05ad31cd923
;tsig TSIG
dynup TXT "fooFoo2" "Bla \; Foo"
default._domainkey TXT "v=DKIM1; r=postmaster; g=*; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVG/lfF5GtPlMOcSGnfbp5u+EWM+OOg/f6QmbDXOW/zKQkRIRIZ+BtfSYchP8MeFPfMvUZtdRPzCWg1G7OdD7qaTUqc6kV84on6/8kPVMgdDLyLl2DeU/Lts9hfVHVDSpWuChwDAFXnbnW8jpp54zuof9OIbWSWIxZqLL8flgOsQIDAQAB" ; ----- DKIM default for example.com
;uid UID ;IANA-Reserved
;uinfo UINFO ;IANA-Reserved
;unspec UNSPEC ;IANA-Reserved
uri URI 10 1 "ftp://ftp1.net-dns.org/public"
wks WKS 195.169.215.155 tcp domain
x25 X25 "1234567"

14
src/test/tpkg/265-supported-rrs.tpkg/265-supported-rrs.pre Normal file
View File

@ -0,0 +1,14 @@
# #-- 265-supported-rrs.test --#
# source the master var file when it's there
[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
# use .tpkg.var.test for in test variable passing
[ -f .tpkg.var.test ] && source .tpkg.var.test
(
grep '^CC=' "${BUILDDIR}/build-stub-only/src/Makefile"
grep '^LDFLAGS=' "${BUILDDIR}/build-stub-only/src/Makefile"
BUILDDIR4SED=`echo "${BUILDDIR}/build-stub-only" | sed 's/\//\\\\\//g'`
sed -e "s/@BUILDDIR@/${BUILDDIR4SED}/g" \
-e "s/@TPKG_NAME@/${TPKG_NAME}/g" "${TPKG_NAME}.Makefile"
) > Makefile

15
src/test/tpkg/265-supported-rrs.tpkg/265-supported-rrs.test Normal file
View File

@ -0,0 +1,15 @@
# #-- 265-supported-rrs.test --#
# source the master var file when it's there
[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
# use .tpkg.var.test for in test variable passing
[ -f .tpkg.var.test ] && source .tpkg.var.test
if ! make
then
exit 1
elif ! ( "./${TPKG_NAME}" "${TPKG_NAME}.net-dns.org" | tee out )
then
exit 1
else
diff out "${TPKG_NAME}.good"
fi

17
src/test/tpkg/275-server-capabilities.tpkg/275-server-capabilities.Makefile Normal file
View File

@ -0,0 +1,17 @@
builddir = @BUILDDIR@
testname = @TPKG_NAME@
LIBTOOL = $(builddir)/libtool
CFLAGS=-Wall -Wextra -I$(builddir)/src -g
LDLIBS=$(builddir)/src/libgetdns.la
.SUFFIXES: .c .o .a .lo .h
.c.lo:
$(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -c $< -o $@
$(testname): $(testname).lo
$(LIBTOOL) --tag=CC --mode=link $(CC) $(LDLIBS) $(LDFLAGS) -o $(testname) $(testname).lo
clean:
rm -f $(testname).lo $(testname).o $(testname)

131
src/test/tpkg/275-server-capabilities.tpkg/275-server-capabilities.c Normal file
View File

@ -0,0 +1,131 @@
/*
* capabilities.c - A DNS server for testing server capabilities
*
* Copyright (c) 2016, NLnet Labs. All rights reserved.
*
* This software is open source.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* Neither the name of the NLNET LABS nor the names of its contributors may
* be used to endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <getdns/getdns_extra.h>
#include <stdio.h>
#include <string.h>
void handler(getdns_context *context, getdns_callback_type_t callback_type,
getdns_dict *request, void *userarg, getdns_transaction_t request_id)
{
getdns_bindata *qname;
char ans_str[] = "Some answer";
getdns_bindata ans_bd = { sizeof(ans_str) - 1, (void *)ans_str };
(void) userarg; (void)callback_type;
if (getdns_dict_get_bindata(request, "/question/qname", &qname) ||
getdns_dict_set_bindata(request, "/answer/0/name", qname) ||
getdns_dict_set_int(request, "/answer/0/type", GETDNS_RRTYPE_TXT) ||
getdns_dict_set_int(request, "/header/tc", 1) ||
getdns_dict_set_bindata(request, "/answer/0/rdata/txt_strings/-", &ans_bd))
fprintf(stderr, "Request init error\n");
else if (qname->size >= 8 && qname->data[0] == 6 &&
qname->data[1] == 'c' && qname->data[2] == 'a' &&
qname->data[3] == 'n' && qname->data[4] == 'c' &&
qname->data[5] == 'e' && qname->data[6] == 'l') {
(void) getdns_reply(context, NULL, request_id);
getdns_dict_destroy(request);
return;
} else if (qname->size >= 6 && qname->data[0] == 4 &&
qname->data[1] == 'q' && qname->data[2] == 'u' &&
qname->data[3] == 'i' && qname->data[4] == 't') {
(void) getdns_dict_set_int(request, "/header/tc", 0);
(void) getdns_reply(context, request, request_id);
(void) getdns_context_set_listen_addresses(context, NULL, NULL, NULL);
getdns_dict_destroy(request);
return;
} else {
if (getdns_reply(context, request, request_id))
getdns_reply(context, NULL, request_id);
getdns_dict_destroy(request);
return;
}
getdns_dict_destroy(request);
exit(EXIT_FAILURE);
}
int main()
{
getdns_context *context = NULL;
getdns_list *listeners = NULL;
getdns_dict *address = NULL;
getdns_dict *address2 = NULL;
uint32_t port1 = 18000;
uint32_t port2 = 18000;
getdns_return_t r;
if ((r = getdns_str2list("[ 127.0.0.1:18000 ]", &listeners)) ||
(r = getdns_str2dict("127.0.0.1:18000", &address2)) ||
(r = getdns_list_get_dict(listeners, 0, &address)) ||
(r = getdns_context_create(&context, 0)))
fprintf(stderr, "Error initializing: ");
else while (++port1 < 18200 &&
!(r = getdns_dict_set_int(address, "port", port1)) &&
(r = getdns_context_set_listen_addresses(
context, listeners, NULL, handler)))
; /* pass */
if (!r &&
((r = getdns_list_set_dict(listeners, 1, address2)) ||
(r = getdns_list_get_dict(listeners, 1, &address))))
fprintf(stderr, "Error initializing 2nd address: ");
if (r) fprintf(stderr, "%s\n", getdns_get_errorstr_by_id(r));
else {
port2 = port1;
while (++port2 < 18200 &&
!(r = getdns_dict_set_int(address, "port", port2)) &&
(r = getdns_context_set_listen_addresses(
context, listeners, NULL, handler)))
; /* pass */
fprintf(stdout, "%d\n", (int)port2);
fprintf(stdout, "%d\n", (int)port1);
fflush(stdout);
getdns_context_run(context);
}
getdns_list_destroy(listeners);
getdns_dict_destroy(address2);
getdns_context_destroy(context);
return r;
}

4
src/test/tpkg/275-server-capabilities.tpkg/275-server-capabilities.clean.sh Executable file
View File

@ -0,0 +1,4 @@
#!/bin/sh
make clean || true
rm -fr .libs Makefile *_out valgrind.log

16
src/test/tpkg/275-server-capabilities.tpkg/275-server-capabilities.dsc Normal file
View File

@ -0,0 +1,16 @@
BaseName: 275-server-capabilities
Version: 1.0
Description: Test server capabilities (TCP, canceling requests etc.)
CreationDate: wo 19 apr 2017 10:01:58 CEST
Maintainer: Hoda Rohani
Category:
Component:
CmdDepends:
Depends: 210-stub-only-link.tpkg
Help:
Pre: 275-server-capabilities.pre
Post:
Test: 275-server-capabilities.test
AuxFiles:
Passed:
Failure:

14
src/test/tpkg/275-server-capabilities.tpkg/275-server-capabilities.pre Normal file
View File

@ -0,0 +1,14 @@
# #-- 275-server-capabilities.test --#
# source the master var file when it's there
[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
# use .tpkg.var.test for in test variable passing
[ -f .tpkg.var.test ] && source .tpkg.var.test
(
grep '^CC=' "${BUILDDIR}/build-stub-only/src/Makefile"
grep '^LDFLAGS=' "${BUILDDIR}/build-stub-only/src/Makefile"
BUILDDIR4SED=`echo "${BUILDDIR}/build-stub-only" | sed 's/\//\\\\\//g'`
sed -e "s/@BUILDDIR@/${BUILDDIR4SED}/g" \
-e "s/@TPKG_NAME@/${TPKG_NAME}/g" "${TPKG_NAME}.Makefile"
) > Makefile

43
src/test/tpkg/275-server-capabilities.tpkg/275-server-capabilities.test Normal file
View File

@ -0,0 +1,43 @@
# #-- 275-server-capabilities.test --#
# source the master var file when it's there
[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
# use .tpkg.var.test for in test variable passing
[ -f .tpkg.var.test ] && source .tpkg.var.test
make && "${BUILDDIR}/build/libtool" exec valgrind -v --log-file=valgrind.log --leak-check=full --error-exitcode=1 --track-origins=yes "./${TPKG_NAME}" | (
read PORT
read PORT2
${GETDNS_STUB_QUERY} -s -t 1000 @127.0.0.1:$PORT TXT cancel. +return_call_reporting 2>&1 > time_out
${GETDNS_STUB_QUERY} -s @127.0.0.1:$PORT TXT test +return_call_reporting 2>&1 > tcp_out
${GETDNS_STUB_QUERY} -s -q @127.0.0.1:$PORT TXT quit.
)
if grep -q 'definitely lost: [^0]' valgrind.log
then
cat valgrind.log
echo "error: Memory loss!"
exit 1
fi
if ! grep -q '"status": GETDNS_RESPSTATUS_ALL_TIMEOUT' time_out
then
cat time_out
echo 'error: Query was answered (i think)!'
exit 1
elif ! grep -q '"transport": GETDNS_TRANSPORT_TCP' tcp_out
then
cat tcp_out
echo 'error: Query was not over TCP!'
exit 1
elif ! grep -q '"Some answer"' tcp_out
then
cat tcp_out
echo 'error: Query was not answered!'
exit 1
else
exit 0
fi

2
src/test/tpkg/clean.sh
View File

@ -3,5 +3,5 @@
export SRCDIR=`dirname $0`
( cd $SRCDIR
./tpkg clean
rm -fr build build-stub-only build-event-loops install scan-build-reports .tpkg.var.master
rm -fr build build-stub-only build-event-loops install scan-build-reports .tpkg.var.master *.info
)

18
src/tools/getdns_query.c
View File

@ -54,7 +54,7 @@ static const char *default_stubby_config =
", dns_transport_list: [ GETDNS_TRANSPORT_TLS, GETDNS_TRANSPORT_UDP, GETDNS_TRANSPORT_TCP ]"
", idle_timeout: 10000"
", listen_addresses: [ 127.0.0.1@53, 0::1@53 ]"
", tls_query_padding_blocksize: 256"
", tls_query_padding_blocksize: 1"
", edns_client_subnet_private : 1"
"}";
static int clear_listen_list_on_arg = 0;
@ -92,7 +92,7 @@ static int get_rrtype(const char *t)
if (strlen(t) > sizeof(buf) - 15)
return -1;
for (i = 14; *t && i < sizeof(buf) - 1; i++, t++)
buf[i] = toupper(*t);
buf[i] = *t == '-' ? '_' : toupper(*t);
buf[i] = '\0';
if (!getdns_str2int(buf, &rrtype))
@ -219,7 +219,7 @@ print_usage(FILE *out, const char *progname)
}
fprintf(out, "\t-D\tSet edns0 do bit\n");
fprintf(out, "\t-d\tclear edns0 do bit\n");
fprintf(out, "\t-e <idle_timeout>\tSet idle timeout in miliseconds\n");
fprintf(out, "\t-e <idle_timeout>\tSet idle timeout in milliseconds\n");
if (!i_am_stubby)
fprintf(out, "\t-F <filename>\tread the queries from the specified file\n");
fprintf(out, "\t-f <filename>\tRead DNSSEC trust anchors from <filename>\n");
@ -243,7 +243,8 @@ print_usage(FILE *out, const char *progname)
fprintf(out, "\t-n\tSet TLS authentication mode to NONE (default)\n");
fprintf(out, "\t-m\tSet TLS authentication mode to REQUIRED\n");
fprintf(out, "\t-p\tPretty print response dict\n");
fprintf(out, "\t-P <blocksize>\tPad TLS queries to a multiple of blocksize\n");
fprintf(out, "\t-P <blocksize>\tPad TLS queries to a multiple of blocksize\n"
"\t\t(special values: 0: no padding, 1: sensible default policy)\n");
fprintf(out, "\t-q\tQuiet mode - don't print response\n");
fprintf( out, "\t-r\tSet recursing resolution type%s\n"
, i_am_stubby ? "(default = stub)" : "");
@ -252,7 +253,7 @@ print_usage(FILE *out, const char *progname)
, i_am_stubby ? "" : "(default = recursing)" );
if (!i_am_stubby)
fprintf(out, "\t-S\tservice lookup (<type> is ignored)\n");
fprintf(out, "\t-t <timeout>\tSet timeout in miliseconds\n");
fprintf(out, "\t-t <timeout>\tSet timeout in milliseconds\n");
fprintf(out, "\t-v\tPrint getdns release version\n");
fprintf(out, "\t-x\tDo not follow redirects\n");
fprintf(out, "\t-X\tFollow redirects (default)\n");
@ -262,7 +263,7 @@ print_usage(FILE *out, const char *progname)
fprintf(out, "\t-1\tAppend suffix only to single label after failure\n");
fprintf(out, "\t-M\tAppend suffix only to multi label name after failure\n");
fprintf(out, "\t-N\tNever append a suffix\n");
fprintf(out, "\t-Z <suffixes>\tSet suffixes with the given comma separed list\n");
fprintf(out, "\t-Z <suffixes>\tSet suffixes with the given comma separated list\n");
fprintf(out, "\t-T\tSet transport to TCP only\n");
fprintf(out, "\t-O\tSet transport to TCP only keep connections open\n");
@ -271,7 +272,7 @@ print_usage(FILE *out, const char *progname)
fprintf(out, "\t-u\tSet transport to UDP with TCP fallback (default)\n");
fprintf(out, "\t-U\tSet transport to UDP only\n");
fprintf(out, "\t-l <transports>\tSet transport list. List can contain 1 of each of the characters\n");
fprintf(out, "\t\t\t U T L S for UDP, TCP or TLS e.g 'UT' or 'LTU' \n");
fprintf(out, "\t\t\t U T L for UDP, TCP or TLS e.g 'UT' or 'LTU' \n");
fprintf(out, "\t-z <listen address>\n");
fprintf(out, "\t\tListen for DNS requests on the given IP address\n");
fprintf(out, "\t\t<listen address> is in the same format as upstreams.\n");
@ -383,7 +384,7 @@ void callback(getdns_context *context, getdns_callback_type_t callback_type,
}
if (callback_type == GETDNS_CALLBACK_COMPLETE) {
printf("Response code was: GOOD. Status was: Callback with ID %"PRIu64" was successfull.\n",
printf("Response code was: GOOD. Status was: Callback with ID %"PRIu64" was successful.\n",
trans_id);
} else if (callback_type == GETDNS_CALLBACK_CANCEL)
@ -1229,6 +1230,7 @@ void read_line_cb(void *userarg)
if (listen_count)
(void) getdns_context_set_listen_addresses(
context, NULL, NULL, NULL);
(void) getdns_context_set_idle_timeout(context, 0);
return;
}
if (query_file)

10
src/tools/stubby.conf
View File

@ -21,7 +21,7 @@
, value: cE2ecALeE5B+urJhDrJlVFmf38cJLAvqekONvjvpqUA=
} ]
},
{ address_data: 185.49.141.38
{ address_data: 185.49.141.37
, tls_auth_name: "getdnsapi.net"
, tls_pubkey_pinset:
[ { digest: "sha256"
@ -42,7 +42,7 @@
, value: cE2ecALeE5B+urJhDrJlVFmf38cJLAvqekONvjvpqUA=
} ]
},
{ address_data: 2a04:b900:0:100::38
{ address_data: 2a04:b900:0:100::37
, tls_auth_name: "getdnsapi.net"
, tls_pubkey_pinset:
[ { digest: "sha256"
@ -60,6 +60,12 @@
[ { digest: "sha256"
, value: pOXrpUt9kgPgbWxBFFcBTbRH2heo2wHwXp1fd4AEVXI=
} ]
},
{ address_data: 89.233.43.71
, tls_auth_name: "unicast.censurfridns.dk"
},
{ address_data: 2a01:3a0:53:53::
, tls_auth_name: "unicast.censurfridns.dk"
}
]
}

3
src/types-internal.h
View File

@ -314,6 +314,7 @@ typedef struct getdns_dns_req {
unsigned dnssec_ok_checking_disabled : 1;
unsigned is_sync_request : 1;
unsigned is_dns_request : 1;
unsigned request_timed_out : 1;
/* The validating and freed variables are used to make sure a single
* code path is followed while processing a DNS request, even when
@ -344,7 +345,7 @@ typedef struct getdns_dns_req {
/* the transaction id */
getdns_transaction_t trans_id;
/* Absolute time (in miliseconds since epoch),
/* Absolute time (in milliseconds since epoch),
* after which this dns request is expired; i.e. timed out
*/
uint64_t expires;

13
src/util-internal.c
View File

@ -340,10 +340,22 @@ _getdns_rr_iter2rr_dict_canonical(
repeat_list, bin_size, bin_data))
goto rdata_error;
break;
/* Repetitive special types do not exist (yet)
*
* LCOV_EXCL_START
*/
case wf_special:
/* Repetitive special types
* must have this function
*/
assert(rdf->rdd_pos->special->wire2list);
if (rdf->rdd_pos->special->wire2list(
repeat_list, rdf->pos))
goto rdata_error;
/* LCOV_EXCL_STOP */
default:
break;
}
@ -1263,6 +1275,7 @@ _getdns_create_getdns_response(getdns_dns_req *completed_request)
GETDNS_FREE(context->mf, srvs.rrs);
}
if (getdns_dict_set_int(result, GETDNS_STR_KEY_STATUS,
completed_request->request_timed_out ||
nreplies == 0 ? GETDNS_RESPSTATUS_ALL_TIMEOUT :
completed_request->dnssec_return_only_secure && nsecure == 0 && ninsecure > 0
? GETDNS_RESPSTATUS_NO_SECURE_ANSWERS :

16
systemd/README.md Normal file
View File

@ -0,0 +1,16 @@
Stubby integration with systemd
===============================
For GNU/Linux operating systems which use systemd as a process
manager, you might want to run stubby as a system service.
This directory provides recommended systemd unit files.
This setup assumes that there is a system-level user named "stubby"
which is in group "stubby", and try to limit the privileges of the
running daemon to that user as closely as possible.
Normally, a downstream distributor will install them as:
/usr/lib/tmpfiles.d/stubby.conf
/lib/systemd/system/stubby.service

2
systemd/stubby.conf Normal file
View File

@ -0,0 +1,2 @@
# tmpfiles.d (5) for use with stubby.service
d /run/stubby 0750 root stubby - -

12
systemd/stubby.service Normal file
View File

@ -0,0 +1,12 @@
[Unit]
Description=stubby DNS resolver
[Service]
WorkingDirectory=/run/stubby
ExecStart=/usr/bin/stubby
AmbientCapabilities=CAP_NET_BIND_SERVICE
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
User=stubby
[Install]
WantedBy=multi-user.target