Skip to content

D
Dnsmasq
Commit 5107ace1 authored by Simon Kelley's avatar Simon Kelley
Browse files
Options

NSEC3 validation. First pass.

parent 7b1eae4f
Expand all Show whitespace changes
Inline Side-by-side
Showing with 505 additions and 113 deletions
src/dns-protocol.h
View file @ 5107ace1
...@@ -68,6 +68,7 @@ ...@@ -68,6 +68,7 @@
#define T_RRSIG 46 #define T_RRSIG 46
#define T_NSEC 47 #define T_NSEC 47
#define T_DNSKEY 48 #define T_DNSKEY 48
#define T_NSEC3 50
#define T_TKEY 249 #define T_TKEY 249
#define T_TSIG 250 #define T_TSIG 250
#define T_AXFR 252 #define T_AXFR 252
......
src/dnsmasq.c
View file @ 5107ace1
...@@ -98,7 +98,10 @@ int main (int argc, char **argv) ...@@ -98,7 +98,10 @@ int main (int argc, char **argv)
#ifdef HAVE_DNSSEC #ifdef HAVE_DNSSEC
if (option_bool(OPT_DNSSEC_VALID)) if (option_bool(OPT_DNSSEC_VALID))
{
daemon->keyname = safe_malloc(MAXDNAME); daemon->keyname = safe_malloc(MAXDNAME);
daemon->workspacename = safe_malloc(MAXDNAME);
}
#endif #endif
#ifdef HAVE_DHCP #ifdef HAVE_DHCP
......
src/dnsmasq.h
View file @ 5107ace1
...@@ -534,6 +534,7 @@ struct hostsfile { ...@@ -534,6 +534,7 @@ struct hostsfile {
#define STAT_NEED_DS 4 #define STAT_NEED_DS 4
#define STAT_NEED_KEY 5 #define STAT_NEED_KEY 5
#define STAT_TRUNCATED 6 #define STAT_TRUNCATED 6
#define STAT_SECURE_WILDCARD 7
#define FREC_NOREBIND 1 #define FREC_NOREBIND 1
#define FREC_CHECKING_DISABLED 2 #define FREC_CHECKING_DISABLED 2
...@@ -941,6 +942,7 @@ extern struct daemon { ...@@ -941,6 +942,7 @@ extern struct daemon {
char *namebuff; /* MAXDNAME size buffer */ char *namebuff; /* MAXDNAME size buffer */
#ifdef HAVE_DNSSEC #ifdef HAVE_DNSSEC
char *keyname; /* MAXDNAME size buffer */ char *keyname; /* MAXDNAME size buffer */
char *workspacename; /* ditto */
#endif #endif
unsigned int local_answer, queries_forwarded, auth_answer; unsigned int local_answer, queries_forwarded, auth_answer;
struct frec *frec_list; struct frec *frec_list;
...@@ -1035,6 +1037,7 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp, ...@@ -1035,6 +1037,7 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
char *name, int isExtract, int extrabytes); char *name, int isExtract, int extrabytes);
unsigned char *skip_name(unsigned char *ansp, struct dns_header *header, size_t plen, int extrabytes); unsigned char *skip_name(unsigned char *ansp, struct dns_header *header, size_t plen, int extrabytes);
unsigned char *skip_questions(struct dns_header *header, size_t plen); unsigned char *skip_questions(struct dns_header *header, size_t plen);
unsigned char *skip_section(unsigned char *ansp, int count, struct dns_header *header, size_t plen);
unsigned int extract_request(struct dns_header *header, size_t qlen, unsigned int extract_request(struct dns_header *header, size_t qlen,
char *name, unsigned short *typep); char *name, unsigned short *typep);
size_t setup_reply(struct dns_header *header, size_t qlen, size_t setup_reply(struct dns_header *header, size_t qlen,
......
src/dnssec.c
View file @ 5107ace1
This diff is collapsed.
src/rfc1035.c
View file @ 5107ace1
...@@ -337,7 +337,7 @@ unsigned char *skip_questions(struct dns_header *header, size_t plen) ...@@ -337,7 +337,7 @@ unsigned char *skip_questions(struct dns_header *header, size_t plen)
return ansp; return ansp;
} }
static unsigned char *skip_section(unsigned char *ansp, int count, struct dns_header *header, size_t plen) unsigned char *skip_section(unsigned char *ansp, int count, struct dns_header *header, size_t plen)
{ {
int i, rdlen; int i, rdlen;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment