[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r31157 - in gnunet/src: dns include
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r31157 - in gnunet/src: dns include |
|
Date: |
Fri, 6 Dec 2013 22:57:50 +0100 |
Author: grothoff
Date: 2013-12-06 22:57:50 +0100 (Fri, 06 Dec 2013)
New Revision: 31157
Modified:
gnunet/src/dns/dnsparser.c
gnunet/src/include/gnunet_dnsparser_lib.h
gnunet/src/include/gnunet_tun_lib.h
Log:
-adding CERT record support to dnsparser
Modified: gnunet/src/dns/dnsparser.c
===================================================================
--- gnunet/src/dns/dnsparser.c 2013-12-06 21:51:01 UTC (rev 31156)
+++ gnunet/src/dns/dnsparser.c 2013-12-06 21:57:50 UTC (rev 31157)
@@ -118,6 +118,21 @@
/**
+ * Free CERT information record.
+ *
+ * @param cert record to free
+ */
+void
+GNUNET_DNSPARSER_free_cert (struct GNUNET_DNSPARSER_CertRecord *cert)
+{
+ if (NULL == cert)
+ return;
+ GNUNET_free_non_null (cert->certificate_data);
+ GNUNET_free (cert);
+}
+
+
+/**
* Free SRV information record.
*
* @param srv record to free
@@ -170,6 +185,9 @@
case GNUNET_DNSPARSER_TYPE_SRV:
GNUNET_DNSPARSER_free_srv (r->data.srv);
break;
+ case GNUNET_DNSPARSER_TYPE_CERT:
+ GNUNET_DNSPARSER_free_cert (r->data.cert);
+ break;
case GNUNET_DNSPARSER_TYPE_NS:
case GNUNET_DNSPARSER_TYPE_CNAME:
case GNUNET_DNSPARSER_TYPE_PTR:
@@ -545,6 +563,44 @@
/**
+ * Parse a DNS CERT record.
+ *
+ * @param udp_payload reference to UDP packet
+ * @param udp_payload_length length of @a udp_payload
+ * @param off pointer to the offset of the query to parse in the CERT record
(to be
+ * incremented by the size of the record), unchanged on
error
+ * @return the parsed CERT record, NULL on error
+ */
+struct GNUNET_DNSPARSER_CertRecord *
+GNUNET_DNSPARSER_parse_cert (const char *udp_payload,
+ size_t udp_payload_length,
+ size_t *off)
+{
+ struct GNUNET_DNSPARSER_CertRecord *cert;
+ struct GNUNET_TUN_DnsCertRecord dcert;
+
+ if (*off + sizeof (struct GNUNET_TUN_DnsCertRecord) >= udp_payload_length)
+ {
+ GNUNET_break_op (0);
+ return NULL;
+ }
+ memcpy (&dcert, &udp_payload[*off], sizeof (struct
GNUNET_TUN_DnsCertRecord));
+ (*off) += sizeof (sizeof (struct GNUNET_TUN_DnsCertRecord));
+ cert = GNUNET_new (struct GNUNET_DNSPARSER_CertRecord);
+ cert->cert_type = ntohs (dcert.cert_type);
+ cert->cert_tag = ntohs (dcert.cert_tag);
+ cert->algorithm = dcert.algorithm;
+ cert->certificate_size = udp_payload_length - (*off);
+ cert->certificate_data = GNUNET_malloc (cert->certificate_size);
+ memcpy (cert->certificate_data,
+ &udp_payload[*off],
+ cert->certificate_size);
+ (*off) += cert->certificate_size;
+ return cert;
+}
+
+
+/**
* Parse a DNS record entry.
*
* @param udp_payload entire UDP payload
@@ -905,6 +961,46 @@
/**
+ * Add a CERT record to the UDP packet at the given location.
+ *
+ * @param dst where to write the CERT record
+ * @param dst_len number of bytes in @a dst
+ * @param off pointer to offset where to write the CERT information (increment
by bytes used);
+ * can also change if there was an error
+ * @param cert CERT information to write
+ * @return #GNUNET_SYSERR if @a cert is invalid
+ * #GNUNET_NO if @a cert did not fit
+ * #GNUNET_OK if @a cert was added to @a dst
+ */
+int
+GNUNET_DNSPARSER_builder_add_cert (char *dst,
+ size_t dst_len,
+ size_t *off,
+ const struct GNUNET_DNSPARSER_CertRecord
*cert)
+{
+ struct GNUNET_TUN_DnsCertRecord dcert;
+
+ if ( (cert->cert_type > UINT16_MAX) ||
+ (cert->cert_tag > UINT16_MAX) ||
+ (cert->algorithm > UINT8_MAX) )
+ {
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
+ if (*off + sizeof (struct GNUNET_TUN_DnsCertRecord) + cert->certificate_size
> dst_len)
+ return GNUNET_NO;
+ dcert.cert_type = htons ((uint16_t) cert->cert_type);
+ dcert.cert_tag = htons ((uint16_t) cert->cert_tag);
+ dcert.algorithm = (uint8_t) cert->algorithm;
+ memcpy (&dst[*off], &dcert, sizeof (dcert));
+ (*off) += sizeof (dcert);
+ memcpy (&dst[*off], cert->certificate_data, cert->certificate_size);
+ (*off) += cert->certificate_size;
+ return GNUNET_OK;
+}
+
+
+/**
* Add an SOA record to the UDP packet at the given location.
*
* @param dst where to write the SOA record
@@ -926,13 +1022,13 @@
int ret;
if ( (GNUNET_OK != (ret = GNUNET_DNSPARSER_builder_add_name (dst,
- dst_len,
- off,
- soa->mname))) ||
+ dst_len,
+ off,
+ soa->mname))) ||
(GNUNET_OK != (ret = GNUNET_DNSPARSER_builder_add_name (dst,
- dst_len,
- off,
- soa->rname)) ) )
+ dst_len,
+ off,
+ soa->rname)) ) )
return ret;
if (*off + sizeof (struct GNUNET_TUN_DnsSoaRecord) > dst_len)
return GNUNET_NO;
@@ -1032,6 +1128,9 @@
case GNUNET_DNSPARSER_TYPE_MX:
ret = GNUNET_DNSPARSER_builder_add_mx (dst, dst_len, &pos,
record->data.mx);
break;
+ case GNUNET_DNSPARSER_TYPE_CERT:
+ ret = GNUNET_DNSPARSER_builder_add_cert (dst, dst_len, &pos,
record->data.cert);
+ break;
case GNUNET_DNSPARSER_TYPE_SOA:
ret = GNUNET_DNSPARSER_builder_add_soa (dst, dst_len, &pos,
record->data.soa);
break;
Modified: gnunet/src/include/gnunet_dnsparser_lib.h
===================================================================
--- gnunet/src/include/gnunet_dnsparser_lib.h 2013-12-06 21:51:01 UTC (rev
31156)
+++ gnunet/src/include/gnunet_dnsparser_lib.h 2013-12-06 21:57:50 UTC (rev
31157)
@@ -53,6 +53,7 @@
#define GNUNET_DNSPARSER_TYPE_TXT 16
#define GNUNET_DNSPARSER_TYPE_AAAA 28
#define GNUNET_DNSPARSER_TYPE_SRV 33
+#define GNUNET_DNSPARSER_TYPE_CERT 37
#define GNUNET_DNSPARSER_TYPE_TLSA 52
@@ -178,6 +179,171 @@
/**
+ * DNS CERT types as defined in RFC 4398.
+ */
+enum GNUNET_DNSPARSER_CertType
+{
+ /**
+ * Reserved value
+ */
+ GNUNET_DNSPARSER_CERTTYPE_RESERVED = 0,
+
+ /**
+ * An x509 PKIX certificate
+ */
+ GNUNET_DNSPARSER_CERTTYPE_PKIX = 1,
+
+ /**
+ * A SKPI certificate
+ */
+ GNUNET_DNSPARSER_CERTTYPE_SKPI = 2,
+
+ /**
+ * A PGP certificate
+ */
+ GNUNET_DNSPARSER_CERTTYPE_PGP = 3,
+
+ /**
+ * An x509 PKIX cert URL
+ */
+ GNUNET_DNSPARSER_CERTTYPE_IPKIX = 4,
+
+ /**
+ * A SKPI cert URL
+ */
+ GNUNET_DNSPARSER_CERTTYPE_ISKPI = 5,
+
+ /**
+ * A PGP cert fingerprint and URL
+ */
+ GNUNET_DNSPARSER_CERTTYPE_IPGP = 6,
+
+ /**
+ * An attribute Certificate
+ */
+ GNUNET_DNSPARSER_CERTTYPE_ACPKIX = 7,
+
+ /**
+ * An attribute cert URL
+ */
+ GNUNET_DNSPARSER_CERTTYPE_IACKPIX = 8
+};
+
+
+/**
+ * DNSCERT algorithms as defined in http://www.iana.org/assignments/
+ * dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml#dns-sec-alg-numbers-1
+ */
+enum GNUNET_DNSPARSER_CertAlgorithm
+{
+ /**
+ * No defined
+ */
+ GNUNET_DNSPARSER_CERTALGO_UNDEFINED = 0,
+
+ /**
+ * RSA/MD5
+ */
+ GNUNET_DNSPARSER_CERTALGO_RSAMD5 = 1,
+
+ /**
+ * Diffie-Hellman
+ */
+ GNUNET_DNSPARSER_CERTALGO_DH = 2,
+
+ /**
+ * DSA/SHA1
+ */
+ GNUNET_DNSPARSER_CERTALGO_DSASHA = 3,
+
+ /**
+ * Reserved
+ */
+ GNUNET_DNSPARSER_CERTALGO_RSRVD4 = 4,
+
+ /**
+ * RSA/SHA1
+ */
+ GNUNET_DNSPARSER_CERTALGO_RSASHA = 5,
+
+ /**
+ * DSA/NSEC3/SHA
+ */
+ GNUNET_DNSPARSER_CERTALGO_DSANSEC3 = 6,
+
+ /**
+ * RSA/NSEC3/SHA
+ */
+ GNUNET_DNSPARSER_CERTALGO_RSANSEC3 = 7,
+
+ /**
+ * RSA/SHA256
+ */
+ GNUNET_DNSPARSER_CERTALGO_RSASHA256 = 8,
+
+ /**
+ * Reserved
+ */
+ GNUNET_DNSPARSER_CERTALGO_RSRVD9 = 9,
+
+ /**
+ * RSA/SHA512
+ */
+ GNUNET_DNSPARSER_CERTALGO_RSASHA512 = 10,
+
+ /**
+ * GOST R 34.10-2001
+ */
+ GNUNET_DNSPARSER_CERTALGO_GOST_R34 = 12,
+
+ /**
+ * ECDSA Curve P-256/SHA256
+ */
+ GNUNET_DNSPARSER_CERTALGO_ECDSA_P256SHA256 = 13,
+
+ /**
+ * ECDSA Curve P-384/SHA384
+ */
+ GNUNET_DNSPARSER_CERTALGO_ECDSA_P384SHA384 = 14
+
+};
+
+
+/**
+ * Information from CERT records (RFC 4034).
+ */
+struct GNUNET_DNSPARSER_CertRecord
+{
+
+ /**
+ * Certificate type
+ */
+ enum GNUNET_DNSPARSER_CertType cert_type;
+
+ /**
+ * Certificate KeyTag
+ */
+ uint16_t cert_tag;
+
+ /**
+ * Algorithm
+ */
+ enum GNUNET_DNSPARSER_CertAlgorithm algorithm;
+
+ /**
+ * Number of bytes in @e certificate_data
+ */
+ size_t certificate_size;
+
+ /**
+ * Data of the certificate.
+ */
+ char *certificate_data;
+
+};
+
+
+/**
* Information from SOA records (RFC 1035).
*/
struct GNUNET_DNSPARSER_SoaRecord
@@ -288,6 +454,11 @@
struct GNUNET_DNSPARSER_SoaRecord *soa;
/**
+ * CERT data for CERT records.
+ */
+ struct GNUNET_DNSPARSER_CertRecord *cert;
+
+ /**
* MX data for MX records.
*/
struct GNUNET_DNSPARSER_MxRecord *mx;
@@ -528,6 +699,25 @@
/**
+ * Add CERT record to the UDP packet at the given location.
+ *
+ * @param dst where to write the CERT record
+ * @param dst_len number of bytes in @a dst
+ * @param off pointer to offset where to write the CERT information (increment
by bytes used)
+ * can also change if there was an error
+ * @param cert CERT information to write
+ * @return #GNUNET_SYSERR if @a soa is invalid
+ * #GNUNET_NO if @a soa did not fit
+ * #GNUNET_OK if @a soa was added to @a dst
+ */
+int
+GNUNET_DNSPARSER_builder_add_cert (char *dst,
+ size_t dst_len,
+ size_t *off,
+ const struct GNUNET_DNSPARSER_CertRecord
*cert);
+
+
+/**
* Add an SRV record to the UDP packet at the given location.
*
* @param dst where to write the SRV record
@@ -595,6 +785,7 @@
size_t *off,
struct GNUNET_DNSPARSER_Query *q);
+
/**
* Parse a DNS SOA record.
*
@@ -611,6 +802,21 @@
/**
+ * Parse a DNS CERT record.
+ *
+ * @param udp_payload reference to UDP packet
+ * @param udp_payload_length length of @a udp_payload
+ * @param off pointer to the offset of the query to parse in the CERT record
(to be
+ * incremented by the size of the record), unchanged on
error
+ * @return the parsed CERT record, NULL on error
+ */
+struct GNUNET_DNSPARSER_CertRecord *
+GNUNET_DNSPARSER_parse_cert (const char *udp_payload,
+ size_t udp_payload_length,
+ size_t *off);
+
+
+/**
* Parse a DNS MX record.
*
* @param udp_payload reference to UDP packet
@@ -679,4 +885,13 @@
GNUNET_DNSPARSER_free_soa (struct GNUNET_DNSPARSER_SoaRecord *soa);
+/**
+ * Free CERT information record.
+ *
+ * @param cert record to free
+ */
+void
+GNUNET_DNSPARSER_free_cert (struct GNUNET_DNSPARSER_CertRecord *cert);
+
+
#endif
Modified: gnunet/src/include/gnunet_tun_lib.h
===================================================================
--- gnunet/src/include/gnunet_tun_lib.h 2013-12-06 21:51:01 UTC (rev 31156)
+++ gnunet/src/include/gnunet_tun_lib.h 2013-12-06 21:57:50 UTC (rev 31157)
@@ -530,6 +530,31 @@
/**
+ * Payload of DNS CERT record.
+ */
+struct GNUNET_TUN_DnsCertRecord
+{
+
+ /**
+ * Certificate type
+ */
+ uint16_t cert_type;
+
+ /**
+ * Certificate KeyTag
+ */
+ uint16_t cert_tag;
+
+ /**
+ * Algorithm
+ */
+ uint8_t algorithm;
+
+ /* Followed by the certificate */
+};
+
+
+/**
* Payload of DNSSEC TLSA record.
* http://datatracker.ietf.org/doc/draft-ietf-dane-protocol/
*/
@@ -594,6 +619,7 @@
/* followed by the servicename */
};
+
/**
* DNS query prefix.
*/
@@ -658,16 +684,19 @@
/**
* ICMP header.
*/
-struct GNUNET_TUN_IcmpHeader {
+struct GNUNET_TUN_IcmpHeader
+{
uint8_t type;
uint8_t code;
uint16_t crc GNUNET_PACKED;
- union {
+ union
+ {
/**
* ICMP Echo (request/reply)
*/
- struct {
+ struct
+ {
uint16_t identifier GNUNET_PACKED;
uint16_t sequence_number GNUNET_PACKED;
} echo;
@@ -675,7 +704,8 @@
/**
* ICMP Destination Unreachable (RFC 1191)
*/
- struct ih_pmtu {
+ struct ih_pmtu
+ {
uint16_t empty GNUNET_PACKED;
uint16_t next_hop_mtu GNUNET_PACKED;
/* followed by original IP header + first 8 bytes of original IP
datagram */
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r31157 - in gnunet/src: dns include,
gnunet <=