mirror of
https://github.com/NLnetLabs/unbound.git
synced 2024-09-21 06:37:08 +00:00
- Changes from DNS64:
strcpy changed to memmove. arraybound check fixed from prefix_net/8/4 to prefix_net/8+4. allocation of result consistently in the correct region. time_t is now used for ttl in unbound (since the patch's version). git-svn-id: file:///svn/unbound/trunk@3199 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards
parent
45022b6add
commit
04bacd679b
44
Makefile.in
44
Makefile.in
@ -692,7 +692,7 @@ modstack.lo modstack.o: $(srcdir)/services/modstack.c config.h $(srcdir)/service
|
||||
$(srcdir)/util/module.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \
|
||||
$(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h \
|
||||
$(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/netevent.h $(srcdir)/util/tube.h \
|
||||
$(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/iterator/iterator.h \
|
||||
$(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/dns64/dns64.h $(srcdir)/iterator/iterator.h \
|
||||
$(srcdir)/services/outbound_list.h $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h
|
||||
outbound_list.lo outbound_list.o: $(srcdir)/services/outbound_list.c config.h \
|
||||
$(srcdir)/services/outbound_list.h $(srcdir)/services/outside_network.h $(srcdir)/util/rbtree.h \
|
||||
@ -730,13 +730,13 @@ fptr_wlist.lo fptr_wlist.o: $(srcdir)/util/fptr_wlist.c config.h $(srcdir)/util/
|
||||
$(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/services/modstack.h $(srcdir)/util/mini_event.h \
|
||||
$(srcdir)/util/rbtree.h $(srcdir)/services/outside_network.h $(srcdir)/services/localzone.h \
|
||||
$(srcdir)/services/cache/infra.h $(srcdir)/util/rtt.h $(srcdir)/services/cache/rrset.h \
|
||||
$(srcdir)/util/storage/slabhash.h $(srcdir)/iterator/iterator.h $(srcdir)/services/outbound_list.h \
|
||||
$(srcdir)/iterator/iter_fwd.h $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h \
|
||||
$(srcdir)/validator/val_anchor.h $(srcdir)/validator/val_nsec3.h $(srcdir)/validator/val_sigcrypt.h \
|
||||
$(srcdir)/validator/val_kentry.h $(srcdir)/validator/val_neg.h $(srcdir)/validator/autotrust.h \
|
||||
$(srcdir)/util/storage/dnstree.h $(srcdir)/libunbound/libworker.h $(srcdir)/libunbound/context.h \
|
||||
$(srcdir)/util/alloc.h $(srcdir)/libunbound/unbound.h $(srcdir)/libunbound/worker.h $(srcdir)/ldns/sbuffer.h \
|
||||
$(srcdir)/util/config_file.h
|
||||
$(srcdir)/util/storage/slabhash.h $(srcdir)/dns64/dns64.h $(srcdir)/iterator/iterator.h \
|
||||
$(srcdir)/services/outbound_list.h $(srcdir)/iterator/iter_fwd.h $(srcdir)/validator/validator.h \
|
||||
$(srcdir)/validator/val_utils.h $(srcdir)/validator/val_anchor.h $(srcdir)/validator/val_nsec3.h \
|
||||
$(srcdir)/validator/val_sigcrypt.h $(srcdir)/validator/val_kentry.h $(srcdir)/validator/val_neg.h \
|
||||
$(srcdir)/validator/autotrust.h $(srcdir)/util/storage/dnstree.h $(srcdir)/libunbound/libworker.h \
|
||||
$(srcdir)/libunbound/context.h $(srcdir)/util/alloc.h $(srcdir)/libunbound/unbound.h \
|
||||
$(srcdir)/libunbound/worker.h $(srcdir)/ldns/sbuffer.h $(srcdir)/util/config_file.h
|
||||
locks.lo locks.o: $(srcdir)/util/locks.c config.h $(srcdir)/util/locks.h $(srcdir)/util/log.h
|
||||
log.lo log.o: $(srcdir)/util/log.c config.h $(srcdir)/util/log.h $(srcdir)/util/locks.h $(srcdir)/ldns/sbuffer.h
|
||||
mini_event.lo mini_event.o: $(srcdir)/util/mini_event.c config.h $(srcdir)/util/mini_event.h $(srcdir)/util/rbtree.h \
|
||||
@ -759,8 +759,7 @@ net_help.lo net_help.o: $(srcdir)/util/net_help.c config.h $(srcdir)/util/net_he
|
||||
$(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/regional.h $(srcdir)/ldns/parseutil.h \
|
||||
$(srcdir)/ldns/wire2str.h \
|
||||
|
||||
random.lo random.o: $(srcdir)/util/random.c config.h $(srcdir)/util/random.h $(srcdir)/util/log.h \
|
||||
|
||||
random.lo random.o: $(srcdir)/util/random.c config.h $(srcdir)/util/random.h $(srcdir)/util/log.h
|
||||
rbtree.lo rbtree.o: $(srcdir)/util/rbtree.c config.h $(srcdir)/util/log.h $(srcdir)/util/fptr_wlist.h \
|
||||
$(srcdir)/util/netevent.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \
|
||||
$(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h \
|
||||
@ -861,6 +860,13 @@ val_utils.lo val_utils.o: $(srcdir)/validator/val_utils.c config.h $(srcdir)/val
|
||||
$(srcdir)/validator/val_nsec.h $(srcdir)/validator/val_neg.h $(srcdir)/services/cache/rrset.h \
|
||||
$(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/dns.h $(srcdir)/util/data/dname.h \
|
||||
$(srcdir)/util/net_help.h $(srcdir)/util/regional.h
|
||||
dns64.lo dns64.o: $(srcdir)/dns64/dns64.c config.h $(srcdir)/dns64/dns64.h $(srcdir)/util/module.h \
|
||||
$(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/data/msgreply.h \
|
||||
$(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h \
|
||||
$(srcdir)/services/cache/dns.h $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h \
|
||||
$(srcdir)/util/config_file.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/netevent.h $(srcdir)/util/tube.h \
|
||||
$(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/services/modstack.h $(srcdir)/util/net_help.h \
|
||||
$(srcdir)/util/regional.h
|
||||
checklocks.lo checklocks.o: $(srcdir)/testcode/checklocks.c config.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \
|
||||
$(srcdir)/testcode/checklocks.h
|
||||
unitanchor.lo unitanchor.o: $(srcdir)/testcode/unitanchor.c config.h $(srcdir)/util/log.h $(srcdir)/util/data/dname.h \
|
||||
@ -1171,13 +1177,13 @@ snprintf.lo snprintf.o: $(srcdir)/compat/snprintf.c config.h
|
||||
strlcat.lo strlcat.o: $(srcdir)/compat/strlcat.c config.h
|
||||
strlcpy.lo strlcpy.o: $(srcdir)/compat/strlcpy.c config.h
|
||||
strptime.lo strptime.o: $(srcdir)/compat/strptime.c config.h
|
||||
getentropy_linux.lo getentropy_linux.o: $(srcdir)/compat/getentropy_linux.c
|
||||
getentropy_osx.lo getentropy_osx.o: $(srcdir)/compat/getentropy_osx.c
|
||||
getentropy_solaris.lo getentropy_solaris.o: $(srcdir)/compat/getentropy_solaris.c
|
||||
getentropy_linux.lo getentropy_linux.o: $(srcdir)/compat/getentropy_linux.c config.h \
|
||||
|
||||
getentropy_osx.lo getentropy_osx.o: $(srcdir)/compat/getentropy_osx.c config.h
|
||||
getentropy_solaris.lo getentropy_solaris.o: $(srcdir)/compat/getentropy_solaris.c config.h
|
||||
getentropy_win.lo getentropy_win.o: $(srcdir)/compat/getentropy_win.c
|
||||
explicit_bzero.lo explicit_bzero.o: $(srcdir)/compat/explicit_bzero.c
|
||||
arc4random.lo arc4random.o: $(srcdir)/compat/arc4random.c $(srcdir)/compat/chacha_private.h
|
||||
arc4random_uniform.lo arc4random_uniform.o: $(srcdir)/compat/arc4random_uniform.c $(srcdir)/compat/chacha_private.h
|
||||
arc4_lock.lo arc4_lock.o: $(srcdir)/compat/arc4_lock.c
|
||||
sha512.lo sha512.o: $(srcdir)/compat/sha512.c
|
||||
dns64.lo: $(srcdir)/dns64/dns64.c config.h $(srcdir)/util/module.h $(srcdir)/services/cache/dns.h $(srcdir)/services/cache/rrset.h $(srcdir)/util/config_file.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/net_help.h $(srcdir)/util/regional.h
|
||||
explicit_bzero.lo explicit_bzero.o: $(srcdir)/compat/explicit_bzero.c config.h
|
||||
arc4random.lo arc4random.o: $(srcdir)/compat/arc4random.c config.h $(srcdir)/compat/chacha_private.h
|
||||
arc4random_uniform.lo arc4random_uniform.o: $(srcdir)/compat/arc4random_uniform.c config.h
|
||||
arc4_lock.lo arc4_lock.o: $(srcdir)/compat/arc4_lock.c config.h $(srcdir)/util/locks.h
|
||||
sha512.lo sha512.o: $(srcdir)/compat/sha512.c config.h
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* iterator/iterator.h - DNS64 module
|
||||
* dns64/dns64.c - DNS64 module
|
||||
*
|
||||
* Copyright (c) 2009, Viagénie. All rights reserved.
|
||||
*
|
||||
@ -39,7 +39,7 @@
|
||||
* This file contains a module that performs DNS64 query processing.
|
||||
*/
|
||||
|
||||
#include <config.h>
|
||||
#include "config.h"
|
||||
#include "dns64/dns64.h"
|
||||
#include "services/cache/dns.h"
|
||||
#include "services/cache/rrset.h"
|
||||
@ -212,7 +212,7 @@ ipv4_to_ptr(uint32_t ipv4, char ptr[MAX_PTR_QNAME_IPV4])
|
||||
ipv4 /= 256;
|
||||
}
|
||||
|
||||
strcpy(c, IPV4_PTR_SUFFIX);
|
||||
memmove(c, IPV4_PTR_SUFFIX, sizeof(IPV4_PTR_SUFFIX));
|
||||
|
||||
return c + sizeof(IPV4_PTR_SUFFIX) - ptr;
|
||||
}
|
||||
@ -273,7 +273,7 @@ synthesize_aaaa(const uint8_t prefix_addr[16], int prefix_net,
|
||||
aaaa[prefix_net/8+2] |= a[2] >> (0+prefix_net%8);
|
||||
aaaa[prefix_net/8+3] |= a[2] << (8-prefix_net%8);
|
||||
aaaa[prefix_net/8+3] |= a[3] >> (0+prefix_net%8);
|
||||
if (prefix_net/8/4 < 16) /* <-- my beautiful symmetry is destroyed! */
|
||||
if (prefix_net/8+4 < 16) /* <-- my beautiful symmetry is destroyed! */
|
||||
aaaa[prefix_net/8+4] |= a[3] << (8-prefix_net%8);
|
||||
}
|
||||
|
||||
@ -334,7 +334,7 @@ dns64_init(struct module_env* env, int id)
|
||||
log_err("dns64: could not apply configuration settings.");
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
return 1;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -493,13 +493,13 @@ handle_event_pass(struct module_qstate* qstate, int id)
|
||||
&& qstate->qinfo.qtype == LDNS_RR_TYPE_AAAA)
|
||||
return generate_type_A_query(qstate, id);
|
||||
|
||||
/* We are finished when our sub-query is finished. */
|
||||
/* We are finished when our sub-query is finished. */
|
||||
if ((uintptr_t)qstate->minfo[id] == DNS64_SUBQUERY_FINISHED)
|
||||
return module_finished;
|
||||
|
||||
/* Otherwise, pass request to next module. */
|
||||
verbose(VERB_ALGO, "dns64: pass to next module");
|
||||
return module_wait_module;
|
||||
/* Otherwise, pass request to next module. */
|
||||
verbose(VERB_ALGO, "dns64: pass to next module");
|
||||
return module_wait_module;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -532,6 +532,7 @@ handle_event_moddone(struct module_qstate* qstate, int id)
|
||||
qstate->return_msg->rep)))
|
||||
return module_finished;
|
||||
|
||||
/* So, this is a AAAA noerror/nodata answer */
|
||||
return generate_type_A_query(qstate, id);
|
||||
}
|
||||
|
||||
@ -588,7 +589,7 @@ dns64_synth_aaaa_data(const struct ub_packed_rrset_key* fk,
|
||||
*/
|
||||
if (!(dd = *dd_out = regional_alloc(region,
|
||||
sizeof(struct packed_rrset_data)
|
||||
+ fd->count * (sizeof(size_t) + sizeof(uint32_t) +
|
||||
+ fd->count * (sizeof(size_t) + sizeof(time_t) +
|
||||
sizeof(uint8_t*) + 2 + 16)))) {
|
||||
log_err("out of memory");
|
||||
return;
|
||||
@ -607,7 +608,7 @@ dns64_synth_aaaa_data(const struct ub_packed_rrset_key* fk,
|
||||
dd->rr_len =
|
||||
(size_t*)((uint8_t*)dd + sizeof(struct packed_rrset_data));
|
||||
dd->rr_data = (uint8_t**)&dd->rr_len[dd->count];
|
||||
dd->rr_ttl = (uint32_t*)&dd->rr_data[dd->count];
|
||||
dd->rr_ttl = (time_t*)&dd->rr_data[dd->count];
|
||||
for(i = 0; i < fd->count; ++i) {
|
||||
if (fd->rr_len[i] != 6 || fd->rr_data[i][0] != 0
|
||||
|| fd->rr_data[i][1] != 4)
|
||||
@ -654,7 +655,6 @@ dns64_synth_aaaa_data(const struct ub_packed_rrset_key* fk,
|
||||
* original empty response.
|
||||
*
|
||||
* \param id This module's instance ID.
|
||||
* \param answer The answer RR set located in the sub-query's response.
|
||||
* \param super Original AAAA query.
|
||||
* \param qstate A query.
|
||||
*/
|
||||
@ -672,7 +672,6 @@ dns64_adjust_a(int id, struct module_qstate* super, struct module_qstate* qstate
|
||||
log_assert(super->region);
|
||||
log_assert(qstate->return_msg);
|
||||
log_assert(qstate->return_msg->rep);
|
||||
log_assert(qstate->region);
|
||||
|
||||
/* If dns64-synthall is enabled, return_msg is not initialized */
|
||||
if(!super->return_msg) {
|
||||
@ -689,14 +688,14 @@ dns64_adjust_a(int id, struct module_qstate* super, struct module_qstate* qstate
|
||||
/*
|
||||
* Build the actual reply.
|
||||
*/
|
||||
cp = construct_reply_info_base(qstate->region, rep->flags, rep->qdcount,
|
||||
cp = construct_reply_info_base(super->region, rep->flags, rep->qdcount,
|
||||
rep->ttl, rep->prefetch_ttl, rep->an_numrrsets, rep->ns_numrrsets,
|
||||
rep->ar_numrrsets, rep->rrset_count, rep->security);
|
||||
if(!cp)
|
||||
return;
|
||||
|
||||
/* allocate ub_key structures special or not */
|
||||
if(!repinfo_alloc_rrset_keys(cp, qstate->region)) {
|
||||
if(!repinfo_alloc_rrset_keys(cp, super->region)) {
|
||||
return;
|
||||
}
|
||||
|
||||
@ -705,11 +704,11 @@ dns64_adjust_a(int id, struct module_qstate* super, struct module_qstate* qstate
|
||||
fk = rep->rrsets[i];
|
||||
dk = cp->rrsets[i];
|
||||
fd = (struct packed_rrset_data*)fk->entry.data;
|
||||
dk->entry.hash = fk->entry.hash;
|
||||
dk->rk = fk->rk;
|
||||
dk->id = fk->id;
|
||||
|
||||
if(i<rep->an_numrrsets && fk->rk.type == htons(LDNS_RR_TYPE_A)) {
|
||||
/* also sets dk->entry.hash */
|
||||
dns64_synth_aaaa_data(fk, fd, dk, &dd, super->region, dns64_env);
|
||||
/* Delete negative AAAA record from cache stored by
|
||||
* the iterator module */
|
||||
@ -717,7 +716,8 @@ dns64_adjust_a(int id, struct module_qstate* super, struct module_qstate* qstate
|
||||
dk->rk.dname_len, LDNS_RR_TYPE_AAAA,
|
||||
LDNS_RR_CLASS_IN, 0);
|
||||
} else {
|
||||
dk->rk.dname = (uint8_t*)regional_alloc_init(qstate->region,
|
||||
dk->entry.hash = fk->entry.hash;
|
||||
dk->rk.dname = (uint8_t*)regional_alloc_init(super->region,
|
||||
fk->rk.dname, fk->rk.dname_len);
|
||||
|
||||
if(!dk->rk.dname)
|
||||
@ -725,7 +725,7 @@ dns64_adjust_a(int id, struct module_qstate* super, struct module_qstate* qstate
|
||||
|
||||
s = packed_rrset_sizeof(fd);
|
||||
dd = (struct packed_rrset_data*)regional_alloc_init(
|
||||
qstate->region, fd, s);
|
||||
super->region, fd, s);
|
||||
|
||||
if(!dd)
|
||||
return;
|
||||
|
||||
@ -19,3 +19,4 @@ Brett Carr - windows beta testing.
|
||||
Luca Bruno - patch for windows support in libunbound hosts and resolvconf().
|
||||
Tom Hendrikx - contributed split-itar.sh a useful script to 5011-track ITAR.
|
||||
Daisuke HIGASHI - patch for rrset-roundrobin and minimal-responses.
|
||||
Simon Perrault - DNS64 module.
|
||||
|
||||
@ -3,6 +3,11 @@
|
||||
Initial commit of the patch from the FreeBSD base (with its fixes).
|
||||
This adds a module (for module-config in unbound.conf) dns64 that
|
||||
performs DNS64 processing, see README.DNS64.
|
||||
- Changes from DNS64:
|
||||
strcpy changed to memmove.
|
||||
arraybound check fixed from prefix_net/8/4 to prefix_net/8+4.
|
||||
allocation of result consistently in the correct region.
|
||||
time_t is now used for ttl in unbound (since the patch's version).
|
||||
|
||||
29 July 2014: Wouter
|
||||
- Patch from Dag-Erling Smorgrav that implements feature, unbound -dd
|
||||
|
||||
@ -3,6 +3,7 @@ Copyright 2007 NLnet Labs
|
||||
http://unbound.net
|
||||
|
||||
This software is under BSD license, see LICENSE for details.
|
||||
The DNS64 module has BSD license in dns64/dns64.c.
|
||||
|
||||
* Download the latest release version of this software from
|
||||
http://unbound.net
|
||||
|
||||
@ -1,3 +1,7 @@
|
||||
The DNS64 code was written by Viagenie, 2009, by Simon Perrault as part
|
||||
of the Ecdysis project. The code is copyright by them, and has the BSD
|
||||
license (see the dns64/dns64.c file).
|
||||
|
||||
To enable DNS64 functionality in Unbound, two directives in unbound.conf must
|
||||
be edited:
|
||||
|
||||
|
||||
@ -331,8 +331,8 @@ server:
|
||||
# minimal-responses: no
|
||||
|
||||
# module configuration of the server. A string with identifiers
|
||||
# separated by spaces. Syntax: [dns64] [validator] iterator
|
||||
# module-config: "dns64 iterator"
|
||||
# separated by spaces. Syntax: "[dns64] [validator] iterator"
|
||||
# module-config: "validator iterator"
|
||||
|
||||
# File with trusted keys, kept uptodate using RFC5011 probes,
|
||||
# initial file like trust-anchor-file, then it stores metadata.
|
||||
@ -534,7 +534,8 @@ server:
|
||||
# Default is no. Can be turned on and off with unbound-control.
|
||||
# ssl-upstream: no
|
||||
|
||||
# DNS64 prefix. Must be specified when DNS64 is in use.
|
||||
# DNS64 prefix. Must be specified when DNS64 is use.
|
||||
# Enable dns64 in module-config. Used to synthesize IPv6 from IPv4.
|
||||
# dns64-prefix: 64:ff9b::0/96
|
||||
|
||||
# Python config section. To enable:
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -7,9 +7,6 @@
|
||||
* See LICENSE for the license.
|
||||
*
|
||||
*/
|
||||
|
||||
#include "config.h"
|
||||
|
||||
#include <ctype.h>
|
||||
#include <string.h>
|
||||
#include <strings.h>
|
||||
|
||||
@ -192,6 +192,21 @@ struct msgreply_entry {
|
||||
struct lruhash_entry entry;
|
||||
};
|
||||
|
||||
/**
|
||||
* Constructor for replyinfo.
|
||||
* @param region: where to allocate the results, pass NULL to use malloc.
|
||||
* @param flags: flags for the replyinfo.
|
||||
* @param qd: qd count
|
||||
* @param ttl: TTL of replyinfo
|
||||
* @param prettl: prefetch ttl
|
||||
* @param an: an count
|
||||
* @param ns: ns count
|
||||
* @param ar: ar count
|
||||
* @param total: total rrset count (presumably an+ns+ar).
|
||||
* @param sec: security status of the reply info.
|
||||
* @return the reply_info base struct with the array for putting the rrsets
|
||||
* in. The array has been zeroed. Returns NULL on malloc failure.
|
||||
*/
|
||||
struct reply_info*
|
||||
construct_reply_info_base(struct regional* region, uint16_t flags, size_t qd,
|
||||
time_t ttl, time_t prettl, size_t an, size_t ns, size_t ar,
|
||||
|
||||
@ -189,7 +189,7 @@ enum sec_status {
|
||||
* o base struct
|
||||
* o rr_len size_t array
|
||||
* o rr_data uint8_t* array
|
||||
* o rr_ttl uint32_t array (after size_t and ptrs because those may be
|
||||
* o rr_ttl time_t array (after size_t and ptrs because those may be
|
||||
* 64bit and this array before those would make them unaligned).
|
||||
* Since the stuff before is 32/64bit, rr_ttl is 32 bit aligned.
|
||||
* o rr_data rdata wireformats
|
||||
|
||||
Loading…
Reference in New Issue
Block a user