diff -Nru pdns-recursor-3.3/ahuexception.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/ahuexception.hh --- pdns-recursor-3.3/ahuexception.hh 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/ahuexception.hh 2012-07-08 18:20:53.000000000 +0000 @@ -22,7 +22,7 @@ #include -using namespace std; +#include "namespaces.hh" //! Generic Exception thrown class AhuException diff -Nru pdns-recursor-3.3/arguments.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/arguments.hh --- pdns-recursor-3.3/arguments.hh 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/arguments.hh 2012-07-08 18:20:53.000000000 +0000 @@ -32,7 +32,7 @@ # include #endif -using namespace std; +#include "namespaces.hh" typedef AhuException ArgException; @@ -94,7 +94,7 @@ bool mustDo(const string &var); //!< if a switch is given, if we must do something (--help) int asNum(const string &var); //!< return a variable value as a number #ifndef WIN32 - mode_t asMode(const string &var); // #include #include "base32.hh" -using namespace std; +#include "namespaces.hh" /* based on freebsd:src/contrib/opie/libopie/btoe.c extract: get bit ranges from a char* */ uint32_t extract_bits(const char *s, int start, int length) @@ -112,7 +112,7 @@ toWrite = 0; } } - ret.append(block, (7+toWrite*5)/8); // round up + ret.append(block, (toWrite*5)/8); return ret; } diff -Nru pdns-recursor-3.3/base64.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/base64.cc --- pdns-recursor-3.3/base64.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/base64.cc 2012-07-08 18:20:53.000000000 +0000 @@ -109,7 +109,7 @@ // incoming Base64 character is first decoded, and // then it is inserted into the decode buffer // (with any relevant shifting, as required). - // Later, after all 3 bytes have been reconsituted, + // Later, after all 3 bytes have been reconstituted, // we assign them to the output string, ultimately // to be returned as the original message. int iInSize = strInput.size(); @@ -124,7 +124,8 @@ // Decode a character if(strInput.at(iInNum)=='=') pad++; - + while(isspace(strInput.at(iInNum))) + iInNum++; cChar = B64Decode1(strInput.at(iInNum++)); } // if diff -Nru pdns-recursor-3.3/cachecleaner.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/cachecleaner.hh --- pdns-recursor-3.3/cachecleaner.hh 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/cachecleaner.hh 2012-07-08 18:20:53.000000000 +0000 @@ -11,7 +11,7 @@ unsigned int cacheSize=collection.size(); - if(maxCached && cacheSize > maxCached) { + if(cacheSize > maxCached) { toTrim = cacheSize - maxCached; } diff -Nru pdns-recursor-3.3/config.h pdns-recursor-3.5.pre.20120708.2673~crass~precise/config.h --- pdns-recursor-3.3/config.h 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/config.h 2012-07-08 18:20:53.000000000 +0000 @@ -1,4 +1,4 @@ #define SYSCONFDIR "/etc/powerdns/" #define LOCALSTATEDIR "/var/run/" -#define VERSION "3.3" +#define VERSION "3.5-pre" #define RECURSOR diff -Nru pdns-recursor-3.3/debian/changelog pdns-recursor-3.5.pre.20120708.2673~crass~precise/debian/changelog --- pdns-recursor-3.3/debian/changelog 2011-08-08 09:57:13.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/debian/changelog 2012-07-10 20:01:40.000000000 +0000 @@ -1,3 +1,9 @@ +pdns-recursor (3.5.pre.20120708.2673~crass~precise) precise; urgency=low + + * Upstream snapshot + + -- Glenn Washburn Tue, 10 Jul 2012 15:01:40 +0000 + pdns-recursor (3.3-2) unstable; urgency=low * Fix my name in the init script and debian/control too. diff -Nru pdns-recursor-3.3/debian/patches/series pdns-recursor-3.5.pre.20120708.2673~crass~precise/debian/patches/series --- pdns-recursor-3.3/debian/patches/series 2010-11-06 10:29:26.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/debian/patches/series 2012-07-10 18:14:12.000000000 +0000 @@ -1,4 +1 @@ do-not-strip-binaries -kfreebsd-ftbfs-patch -pdns-recursor-less-chatty -hurd-ftbfs-patch diff -Nru pdns-recursor-3.3/devpollmplexer.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/devpollmplexer.cc --- pdns-recursor-3.3/devpollmplexer.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/devpollmplexer.cc 2012-07-08 18:20:53.000000000 +0000 @@ -8,7 +8,7 @@ #include "syncres.hh" #include "namespaces.hh" -using namespace std; +#include "namespaces.hh" class DevPollFDMultiplexer : public FDMultiplexer { diff -Nru pdns-recursor-3.3/dns.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/dns.cc --- pdns-recursor-3.3/dns.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/dns.cc 2012-07-08 18:20:53.000000000 +0000 @@ -1,5 +1,6 @@ #include "dns.hh" #include "misc.hh" +#include "arguments.hh" #include #include #include @@ -9,7 +10,7 @@ { unsigned char n = 0; for(n = 0 ; n < labellen; ++n) - if(begin[n] == '.' || begin[n] == '\\') + if(begin[n] == '.' || begin[n] == '\\' || begin[n] == ' ') break; if( n == labellen) { @@ -19,6 +20,7 @@ string label(begin, labellen); boost::replace_all(label, "\\", "\\\\"); boost::replace_all(label, ".", "\\."); + boost::replace_all(label, " ", "\\032"); ret.append(label); } @@ -48,7 +50,7 @@ //! compares two dns packets, skipping the header, but including the question and the qtype bool dnspacketLessThan(const std::string& a, const std::string& b) { - if(a.length() < 12 || b.length() < 12) + if(a.length() <= 12 || b.length() <= 12) return a.length() < b.length(); // throw runtime_error("Error parsing question in dnspacket comparison: packet too short"); @@ -123,3 +125,80 @@ // cerr << "returning: '"<parts; + stringtok(parts,content); + int pleft=parts.size(); + + // cout<<"'"<1) + data.hostmaster=attodot(parts[1]); // ahu@ds9a.nl -> ahu.ds9a.nl, piet.puk@ds9a.nl -> piet\.puk.ds9a.nl + + if(pleft>2) + data.serial=strtoul(parts[2].c_str(), NULL, 10); + + if(pleft>3) + data.refresh=atoi(parts[3].c_str()); + + if(pleft>4) + data.retry=atoi(parts[4].c_str()); + + if(pleft>5) + data.expire=atoi(parts[5].c_str()); + + if(pleft>6) + data.default_ttl=atoi(parts[6].c_str()); + +} + +string serializeSOAData(const SOAData &d) +{ + ostringstream o; + // nameservername hostmaster serial-number [refresh [retry [expire [ minimum] ] ] ] + o<((int)rcode); +} diff -Nru pdns-recursor-3.3/dns.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/dns.hh --- pdns-recursor-3.3/dns.hh 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/dns.hh 2012-07-08 18:20:53.000000000 +0000 @@ -1,6 +1,6 @@ /* PowerDNS Versatile Database Driven Nameserver - Copyright (C) 2002 PowerDNS.COM BV + Copyright (C) 2002 - 2011 PowerDNS.COM BV This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 @@ -16,7 +16,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ -// $Id: dns.hh 1554 2010-04-18 12:24:37Z ahu $ +// $Id: dns.hh 2589 2012-04-29 13:02:29Z peter $ /* (C) 2002 POWERDNS.COM BV */ #ifndef DNS_HH #define DNS_HH @@ -25,6 +25,10 @@ #include #include #include +#include +#include + + #include "utility.hh" #include "qtype.hh" #include @@ -44,13 +48,14 @@ uint32_t default_ttl; int domain_id; DNSBackend *db; + uint8_t scopeMask; }; class RCode { public: - enum rcodes_ { NoError=0, FormErr=1, ServFail=2, NXDomain=3, NotImp=4, Refused=5 }; + enum rcodes_ { NoError=0, FormErr=1, ServFail=2, NXDomain=3, NotImp=4, Refused=5, NotAuth=9 }; }; class Opcode @@ -63,12 +68,9 @@ class DNSResourceRecord { public: - DNSResourceRecord() : qclass(1), priority(0), d_place(ANSWER) {}; + DNSResourceRecord() : qclass(1), priority(0), last_modified(0), d_place(ANSWER), auth(1), scopeMask(0) {}; ~DNSResourceRecord(){}; - string serialize() const; - int unSerialize(const string &str); - // data QType qtype; //!< qtype of this record, ie A, CNAME, MX etc @@ -76,7 +78,7 @@ string qname; //!< the name of this record, for example: www.powerdns.com string wildcardname; string content; //!< what this record points to. Example: 10.1.2.3 - uint16_t priority; //!< For qtype's that support a priority or preference. Currently only MX + uint16_t priority; //!< For qtypes that support a priority or preference (MX, SRV) uint32_t ttl; //!< Time To Live of this record int domain_id; //!< If a backend implements this, the domain_id of the zone this record is in time_t last_modified; //!< For autocalculating SOA serial numbers - the backend needs to fill this in @@ -84,6 +86,23 @@ Place d_place; //!< This specifies where a record goes within the packet bool auth; + uint8_t scopeMask; + + template + void serialize(Archive & ar, const unsigned int version) + { + ar & qtype; + ar & qclass; + ar & qname; + ar & wildcardname; + ar & content; + ar & priority; + ar & ttl; + ar & domain_id; + ar & last_modified; + ar & d_place; + ar & auth; + } bool operator<(const DNSResourceRecord &b) const { @@ -93,9 +112,6 @@ return(content < b.content); return false; } - -private: - string escape(const string &str) const; }; #ifdef _MSC_VER @@ -163,8 +179,15 @@ ns_t_cert = 37, /* Certification record */ ns_t_a6 = 38, /* IPv6 address (deprecates AAAA) */ ns_t_dname = 39, /* Non-terminal DNAME (for IPv6) */ - ns_t_sink = 40, /* Kitchen sink (experimentatl) */ + ns_t_sink = 40, /* Kitchen sink (experimental) */ ns_t_opt = 41, /* EDNS0 option (meta-RR) */ + ns_t_ds = 43, /* Delegation signer */ + ns_t_rrsig = 46, /* Resoure Record signature */ + ns_t_nsec = 47, /* Next Record */ + ns_t_dnskey = 48, /* DNSKEY record */ + ns_t_nsec3 = 50, /* Next Record v3 */ + ns_t_nsec3param = 51, /* NSEC Parameters */ + ns_t_tlsa = 52, /* TLSA */ ns_t_tsig = 250, /* Transaction signature. */ ns_t_ixfr = 251, /* Incremental zone transfer. */ ns_t_axfr = 252, /* Transfer zone of authority. */ @@ -176,7 +199,7 @@ #ifdef WIN32 #define BYTE_ORDER 1 #define LITTLE_ENDIAN 1 -#elif __FreeBSD__ || __APPLE__ +#elif __FreeBSD__ || __APPLE__ || __OpenBSD__ #include #elif __linux__ # include @@ -253,4 +276,12 @@ extern time_t s_starttime; std::string questionExpand(const char* packet, uint16_t len, uint16_t& type); bool dnspacketLessThan(const std::string& a, const std::string& b); + +/** helper function for both DNSPacket and addSOARecord() - converts a line into a struct, for easier parsing */ +void fillSOAData(const string &content, SOAData &data); + +/** for use by DNSPacket, converts a SOAData class to a ascii line again */ +string serializeSOAData(const SOAData &data); +string &attodot(string &str); //!< for when you need to insert an email address in the SOA +string strrcode(unsigned char rcode); #endif diff -Nru pdns-recursor-3.3/dnslabeltext.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/dnslabeltext.cc --- pdns-recursor-3.3/dnslabeltext.cc 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/dnslabeltext.cc 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,475 @@ + +#line 1 "dnslabeltext.rl" +#include +#include +#include +#include +#include +#include "namespaces.hh" + + +namespace { +void appendSplit(vector& ret, string& segment, char c) +{ + if(segment.size()>254) { + ret.push_back(segment); + segment.clear(); + } + segment.append(1, c); +} +} + +vector segmentDNSText(const string& input ) +{ + +#line 26 "dnslabeltext.cc" +static const char _dnstext_actions[] = { + 0, 1, 0, 1, 1, 1, 2, 1, + 3, 1, 4, 1, 5, 2, 0, 1, + 2, 4, 5 +}; + +static const char _dnstext_key_offsets[] = { + 0, 0, 1, 7, 11, 13, 15, 21, + 25 +}; + +static const char _dnstext_trans_keys[] = { + 34, 34, 92, 9, 10, 32, 126, 34, + 92, 48, 57, 48, 57, 48, 57, 34, + 92, 9, 10, 32, 126, 32, 34, 9, + 13, 34, 0 +}; + +static const char _dnstext_single_lengths[] = { + 0, 1, 2, 2, 0, 0, 2, 2, + 1 +}; + +static const char _dnstext_range_lengths[] = { + 0, 0, 2, 1, 1, 1, 2, 1, + 0 +}; + +static const char _dnstext_index_offsets[] = { + 0, 0, 2, 7, 11, 13, 15, 20, + 24 +}; + +static const char _dnstext_trans_targs[] = { + 2, 0, 7, 3, 2, 2, 0, 2, + 2, 4, 0, 5, 0, 6, 0, 7, + 3, 2, 2, 0, 8, 2, 8, 0, + 2, 0, 0 +}; + +static const char _dnstext_trans_actions[] = { + 3, 0, 0, 0, 11, 11, 0, 5, + 5, 7, 0, 7, 0, 7, 0, 9, + 9, 16, 16, 0, 0, 13, 0, 0, + 13, 0, 0 +}; + +static const char _dnstext_eof_actions[] = { + 0, 0, 0, 0, 0, 0, 0, 1, + 1 +}; + +static const int dnstext_start = 1; +static const int dnstext_first_final = 7; +static const int dnstext_error = 0; + +static const int dnstext_en_main = 1; + + +#line 25 "dnslabeltext.rl" + + (void)dnstext_error; // silence warnings + (void)dnstext_en_main; + const char *p = input.c_str(), *pe = input.c_str() + input.length(); + const char* eof = pe; + int cs; + char val = 0; + + string segment; + vector ret; + + +#line 99 "dnslabeltext.cc" + { + cs = dnstext_start; + } + +#line 104 "dnslabeltext.cc" + { + int _klen; + unsigned int _trans; + const char *_acts; + unsigned int _nacts; + const char *_keys; + + if ( p == pe ) + goto _test_eof; + if ( cs == 0 ) + goto _out; +_resume: + _keys = _dnstext_trans_keys + _dnstext_key_offsets[cs]; + _trans = _dnstext_index_offsets[cs]; + + _klen = _dnstext_single_lengths[cs]; + if ( _klen > 0 ) { + const char *_lower = _keys; + const char *_mid; + const char *_upper = _keys + _klen - 1; + while (1) { + if ( _upper < _lower ) + break; + + _mid = _lower + ((_upper-_lower) >> 1); + if ( (*p) < *_mid ) + _upper = _mid - 1; + else if ( (*p) > *_mid ) + _lower = _mid + 1; + else { + _trans += (_mid - _keys); + goto _match; + } + } + _keys += _klen; + _trans += _klen; + } + + _klen = _dnstext_range_lengths[cs]; + if ( _klen > 0 ) { + const char *_lower = _keys; + const char *_mid; + const char *_upper = _keys + (_klen<<1) - 2; + while (1) { + if ( _upper < _lower ) + break; + + _mid = _lower + (((_upper-_lower) >> 1) & ~1); + if ( (*p) < _mid[0] ) + _upper = _mid - 2; + else if ( (*p) > _mid[1] ) + _lower = _mid + 2; + else { + _trans += ((_mid - _keys)>>1); + goto _match; + } + } + _trans += _klen; + } + +_match: + cs = _dnstext_trans_targs[_trans]; + + if ( _dnstext_trans_actions[_trans] == 0 ) + goto _again; + + _acts = _dnstext_actions + _dnstext_trans_actions[_trans]; + _nacts = (unsigned int) *_acts++; + while ( _nacts-- > 0 ) + { + switch ( *_acts++ ) + { + case 0: +#line 37 "dnslabeltext.rl" + { + ret.push_back(segment); + segment.clear(); + } + break; + case 1: +#line 41 "dnslabeltext.rl" + { + segment.clear(); + } + break; + case 2: +#line 45 "dnslabeltext.rl" + { + char c = *p; + appendSplit(ret, segment, c); + } + break; + case 3: +#line 49 "dnslabeltext.rl" + { + char c = *p; + val *= 10; + val += c-'0'; + + } + break; + case 4: +#line 55 "dnslabeltext.rl" + { + appendSplit(ret, segment, val); + val=0; + } + break; + case 5: +#line 60 "dnslabeltext.rl" + { + appendSplit(ret, segment, *(p)); + } + break; +#line 219 "dnslabeltext.cc" + } + } + +_again: + if ( cs == 0 ) + goto _out; + if ( ++p != pe ) + goto _resume; + _test_eof: {} + if ( p == eof ) + { + const char *__acts = _dnstext_actions + _dnstext_eof_actions[cs]; + unsigned int __nacts = (unsigned int) *__acts++; + while ( __nacts-- > 0 ) { + switch ( *__acts++ ) { + case 0: +#line 37 "dnslabeltext.rl" + { + ret.push_back(segment); + segment.clear(); + } + break; +#line 242 "dnslabeltext.cc" + } + } + } + + _out: {} + } + +#line 73 "dnslabeltext.rl" + + + if ( cs < dnstext_first_final ) { + throw runtime_error("Unable to parse DNS TXT '"+input+"'"); + } + + return ret; +}; +string segmentDNSLabel(const string& input ) +{ + +#line 262 "dnslabeltext.cc" +static const char _dnslabel_actions[] = { + 0, 1, 0, 1, 1, 1, 2, 1, + 3, 1, 4, 2, 3, 0, 2, 3, + 4 +}; + +static const char _dnslabel_key_offsets[] = { + 0, 0, 4, 8, 10, 12, 16 +}; + +static const char _dnslabel_trans_keys[] = { + 46, 92, 32, 126, 46, 92, 48, 57, + 48, 57, 48, 57, 46, 92, 32, 126, + 46, 92, 32, 126, 0 +}; + +static const char _dnslabel_single_lengths[] = { + 0, 2, 2, 0, 0, 2, 2 +}; + +static const char _dnslabel_range_lengths[] = { + 0, 1, 1, 1, 1, 1, 1 +}; + +static const char _dnslabel_index_offsets[] = { + 0, 0, 4, 8, 10, 12, 16 +}; + +static const char _dnslabel_trans_targs[] = { + 6, 2, 1, 0, 1, 1, 3, 0, + 4, 0, 5, 0, 6, 2, 1, 0, + 6, 2, 1, 0, 0 +}; + +static const char _dnslabel_trans_actions[] = { + 1, 0, 9, 0, 3, 3, 5, 0, + 5, 0, 5, 0, 11, 7, 14, 0, + 1, 0, 9, 0, 0 +}; + +static const int dnslabel_start = 1; +static const int dnslabel_first_final = 6; +static const int dnslabel_error = 0; + +static const int dnslabel_en_main = 1; + + +#line 86 "dnslabeltext.rl" + + (void)dnslabel_error; // silence warnings + (void)dnslabel_en_main; + const char *p = input.c_str(), *pe = input.c_str() + input.length(); + //const char* eof = pe; + int cs; + char val = 0; + + string ret; + string segment; + + +#line 323 "dnslabeltext.cc" + { + cs = dnslabel_start; + } + +#line 328 "dnslabeltext.cc" + { + int _klen; + unsigned int _trans; + const char *_acts; + unsigned int _nacts; + const char *_keys; + + if ( p == pe ) + goto _test_eof; + if ( cs == 0 ) + goto _out; +_resume: + _keys = _dnslabel_trans_keys + _dnslabel_key_offsets[cs]; + _trans = _dnslabel_index_offsets[cs]; + + _klen = _dnslabel_single_lengths[cs]; + if ( _klen > 0 ) { + const char *_lower = _keys; + const char *_mid; + const char *_upper = _keys + _klen - 1; + while (1) { + if ( _upper < _lower ) + break; + + _mid = _lower + ((_upper-_lower) >> 1); + if ( (*p) < *_mid ) + _upper = _mid - 1; + else if ( (*p) > *_mid ) + _lower = _mid + 1; + else { + _trans += (_mid - _keys); + goto _match; + } + } + _keys += _klen; + _trans += _klen; + } + + _klen = _dnslabel_range_lengths[cs]; + if ( _klen > 0 ) { + const char *_lower = _keys; + const char *_mid; + const char *_upper = _keys + (_klen<<1) - 2; + while (1) { + if ( _upper < _lower ) + break; + + _mid = _lower + (((_upper-_lower) >> 1) & ~1); + if ( (*p) < _mid[0] ) + _upper = _mid - 2; + else if ( (*p) > _mid[1] ) + _lower = _mid + 2; + else { + _trans += ((_mid - _keys)>>1); + goto _match; + } + } + _trans += _klen; + } + +_match: + cs = _dnslabel_trans_targs[_trans]; + + if ( _dnslabel_trans_actions[_trans] == 0 ) + goto _again; + + _acts = _dnslabel_actions + _dnslabel_trans_actions[_trans]; + _nacts = (unsigned int) *_acts++; + while ( _nacts-- > 0 ) + { + switch ( *_acts++ ) + { + case 0: +#line 98 "dnslabeltext.rl" + { + printf("Segment end, segment = '%s'\n", segment.c_str()); + ret.append(1, (unsigned char)segment.size()); + ret.append(segment); + segment.clear(); + } + break; + case 1: +#line 105 "dnslabeltext.rl" + { + printf("'\\%c' ", *p); + segment.append(1, *p); + } + break; + case 2: +#line 109 "dnslabeltext.rl" + { + char c = *p; + val *= 10; + val += c-'0'; + + } + break; + case 3: +#line 115 "dnslabeltext.rl" + { + printf("_%c_ ", val); + segment.append(1, val); + val=0; + } + break; + case 4: +#line 121 "dnslabeltext.rl" + { + printf("'%c' ", *p); + segment.append(1, *p); + } + break; +#line 441 "dnslabeltext.cc" + } + } + +_again: + if ( cs == 0 ) + goto _out; + if ( ++p != pe ) + goto _resume; + _test_eof: {} + _out: {} + } + +#line 136 "dnslabeltext.rl" + + + if ( cs < dnslabel_first_final ) { + throw runtime_error("Unable to parse DNS Label '"+input+"'"); + } + + if(ret.empty() || ret[0] != 0) + ret.append(1, 0); + return ret; +}; +#if 0 +int main() +{ + //char blah[]="\"blah\" \"bleh\" \"bloeh\\\"bleh\" \"\\97enzo\""; + char blah[]="\"v=spf1 ip4:67.106.74.128/25 ip4:63.138.42.224/28 ip4:65.204.46.224/27 \\013\\010ip4:66.104.217.176/28 \\013\\010ip4:209.48.147.0/27 ~all\""; + //char blah[]="\"abc \\097\\098 def\""; + printf("Input: '%s'\n", blah); + vector res=dnstext(blah); + cerr<second(content); } - DNSRecordContent::typemap_t& DNSRecordContent::getTypemap() { static DNSRecordContent::typemap_t typemap; return typemap; } -DNSRecordContent::namemap_t& DNSRecordContent::getNamemap() +DNSRecordContent::n2typemap_t& DNSRecordContent::getN2Typemap() +{ + static DNSRecordContent::n2typemap_t n2typemap; + return n2typemap; +} + +DNSRecordContent::t2namemap_t& DNSRecordContent::getT2Namemap() { - static DNSRecordContent::namemap_t namemap; - return namemap; + static DNSRecordContent::t2namemap_t t2namemap; + return t2namemap; } + DNSRecordContent::zmakermap_t& DNSRecordContent::getZmakermap() { static DNSRecordContent::zmakermap_t zmakermap; return zmakermap; } - - void MOADNSParser::init(const char *packet, unsigned int len) { if(len < sizeof(dnsheader)) @@ -264,7 +266,7 @@ } #endif } - catch(out_of_range &re) { + catch(std::out_of_range &re) { if(validPacket && d_header.tc) { // don't sweat it over truncated packets, but do adjust an, ns and arcount if(n < d_header.ancount) { d_header.ancount=n; d_header.nscount = d_header.arcount = 0; @@ -317,7 +319,7 @@ void PacketReader::copyRecord(unsigned char* dest, uint16_t len) { if(d_pos + len > d_content.size()) - throw MOADNSException("Attempt to copy outside of packet"); + throw std::out_of_range("Attempt to copy outside of packet"); memcpy(dest, &d_content.at(d_pos), len); d_pos+=len; @@ -388,7 +390,10 @@ string ret; for(string::const_iterator i=name.begin();i!=name.end();++i) - if(*i=='"' || *i=='\\'){ + if(*i=='\n') { // XXX FIXME this should do a way better job! + ret += "\\010"; + } + else if(*i=='"' || *i=='\\'){ ret += '\\'; ret += *i; } @@ -445,9 +450,15 @@ // XXX FIXME THIS MIGHT BE VERY SLOW! ret.reserve(ret.size() + labellen + 2); for(string::size_type n = 0 ; n < labellen; ++n, frompos++) { - if(content.at(frompos)=='.' || content.at(frompos)=='\\') + if(content.at(frompos)=='.' || content.at(frompos)=='\\') { ret.append(1, '\\'); - ret.append(1, content[frompos]); + ret.append(1, content[frompos]); + } + else if(content.at(frompos)==' ') { + ret+="\\032"; + } + else + ret.append(1, content[frompos]); } ret.append(1,'.'); } @@ -456,7 +467,7 @@ void PacketReader::xfrBlob(string& blob) { - if(d_recordlen) + if(d_recordlen && !(d_pos == (d_startrecordpos + d_recordlen))) blob.assign(&d_content.at(d_pos), &d_content.at(d_startrecordpos + d_recordlen - 1 ) + 1); else blob.clear(); @@ -476,7 +487,7 @@ } -void PacketReader::xfrHexBlob(string& blob) +void PacketReader::xfrHexBlob(string& blob, bool keepReading) { xfrBlob(blob); } @@ -574,7 +585,7 @@ { d_notyouroffset += by; if(d_notyouroffset > d_packet.length()) - throw range_error("dns packet out of range: "+lexical_cast(d_notyouroffset) +" > " + throw std::out_of_range("dns packet out of range: "+lexical_cast(d_notyouroffset) +" > " + lexical_cast(d_packet.length()) ); } std::string& d_packet; @@ -587,16 +598,17 @@ // method of operation: silently fail if it doesn't work - we're only trying to be nice, don't fall over on it void ageDNSPacket(std::string& packet, uint32_t seconds) { - if(packet.length() < 12) + if(packet.length() < sizeof(dnsheader)) return; try { - const dnsheader* dh = (const dnsheader*)packet.c_str(); - int numrecords = ntohs(dh->ancount) + ntohs(dh->nscount) + ntohs(dh->arcount); + dnsheader dh; + memcpy((void*)&dh, (const dnsheader*)packet.c_str(), sizeof(dh)); + int numrecords = ntohs(dh.ancount) + ntohs(dh.nscount) + ntohs(dh.arcount); DNSPacketMangler dpm(packet); int n; - for(n=0; n < ntohs(dh->qdcount) ; ++n) { + for(n=0; n < ntohs(dh.qdcount) ; ++n) { dpm.skipLabel(); dpm.skipBytes(4); // qtype, qclass } diff -Nru pdns-recursor-3.3/dnsparser.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/dnsparser.hh --- pdns-recursor-3.3/dnsparser.hh 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/dnsparser.hh 2012-07-08 18:20:53.000000000 +0000 @@ -1,6 +1,6 @@ /* PowerDNS Versatile Database Driven Nameserver - Copyright (C) 2005 - 2010 PowerDNS.COM BV + Copyright (C) 2005 - 2011 PowerDNS.COM BV This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as @@ -47,7 +47,7 @@ And we might be able to reverse 2 -> 3 as well */ -using namespace std; +#include "namespaces.hh" #include "namespaces.hh" class MOADNSException : public runtime_error @@ -64,8 +64,10 @@ { public: PacketReader(const vector& content) - : d_pos(0), d_content(content) - {} + : d_pos(0), d_startrecordpos(0), d_content(content) + { + d_recordlen = content.size(); + } uint32_t get32BitInt(); uint16_t get16BitInt(); @@ -119,7 +121,7 @@ void xfrBlob(string& blob); void xfrBlob(string& blob, int length); - void xfrHexBlob(string& blob); + void xfrHexBlob(string& blob, bool keepReading=false); static uint16_t get16BitInt(const vector&content, uint16_t& pos); static void getLabelFromContent(const vector& content, uint16_t& frompos, string& ret, int recurs); @@ -135,7 +137,7 @@ private: uint16_t d_startrecordpos; // needed for getBlob later on - uint16_t d_recordlen; // dito + uint16_t d_recordlen; // ditto const vector& d_content; }; @@ -150,7 +152,7 @@ virtual std::string getZoneRepresentation() const = 0; virtual ~DNSRecordContent() {} virtual void toPacket(DNSPacketWriter& pw)=0; - virtual string serialize(const string& qname, bool canonic=false) // it would rock if this were const, but it is too hard + virtual string serialize(const string& qname, bool canonic=false, bool lowerCase=false) // it would rock if this were const, but it is too hard { vector packet; string empty; @@ -158,6 +160,9 @@ if(canonic) pw.setCanonic(true); + if(lowerCase) + pw.setLowercase(true); + pw.startRecord(qname, d_qtype); this->toPacket(pw); pw.commit(); @@ -184,7 +189,8 @@ if(z) getZmakermap()[make_pair(cl,ty)]=z; - getNamemap()[make_pair(cl,ty)]=name; + getT2Namemap().insert(make_pair(make_pair(cl,ty), name)); + getN2Typemap().insert(make_pair(name, make_pair(cl,ty))); } static void unregist(uint16_t cl, uint16_t ty) @@ -196,19 +202,23 @@ static uint16_t TypeToNumber(const string& name) { - for(namemap_t::const_iterator i=getNamemap().begin(); i!=getNamemap().end();++i) - if(pdns_iequals(i->second, name)) - return i->first.second; - + n2typemap_t::const_iterator iter = getN2Typemap().find(toUpper(name)); + if(iter != getN2Typemap().end()) + return iter->second.second; + + if(boost::starts_with(name, "TYPE")) + return atoi(name.c_str()+4); + throw runtime_error("Unknown DNS type '"+name+"'"); } static const string NumberToType(uint16_t num, uint16_t classnum=1) { - if(!getNamemap().count(make_pair(classnum,num))) - return "#" + lexical_cast(num); + t2namemap_t::const_iterator iter = getT2Namemap().find(make_pair(classnum, num)); + if(iter == getT2Namemap().end()) + return "TYPE" + lexical_cast(num); // throw runtime_error("Unknown DNS type with numerical id "+lexical_cast(num)); - return getNamemap()[make_pair(classnum,num)]; + return iter->second; } explicit DNSRecordContent(uint16_t type) : d_qtype(type) @@ -229,10 +239,11 @@ protected: typedef std::map, makerfunc_t* > typemap_t; typedef std::map, zmakerfunc_t* > zmakermap_t; - typedef std::map, string > namemap_t; - + typedef std::map, string > t2namemap_t; + typedef std::map > n2typemap_t; static typemap_t& getTypemap(); - static namemap_t& getNamemap(); + static t2namemap_t& getT2Namemap(); + static n2typemap_t& getN2Typemap(); static zmakermap_t& getZmakermap(); }; @@ -298,7 +309,7 @@ dnsheader d_header; string d_qname; uint16_t d_qclass, d_qtype; - uint8_t d_rcode; + //uint8_t d_rcode; typedef vector > answers_t; diff -Nru pdns-recursor-3.3/dns_random.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/dns_random.cc --- pdns-recursor-3.3/dns_random.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/dns_random.cc 2012-07-08 18:20:53.000000000 +0000 @@ -13,6 +13,8 @@ static unsigned char g_counter[16]; static uint32_t g_in; +static bool g_initialized; + void dns_random_init(const char data[16]) { aes_init(); @@ -24,6 +26,8 @@ memcpy(g_counter, &now.tv_usec, sizeof(now.tv_usec)); memcpy(g_counter+sizeof(now.tv_usec), &now.tv_sec, sizeof(now.tv_sec)); g_in = getpid() | (getppid()<<16); + + g_initialized = true; srandom(dns_random(numeric_limits::max())); } @@ -50,6 +54,8 @@ unsigned int dns_random(unsigned int n) { + if(!g_initialized) + abort(); uint32_t out; aes_ctr_encrypt((unsigned char*) &g_in, (unsigned char*)& out, sizeof(g_in), g_counter, counterIncrement, &g_cx); return out % n; diff -Nru pdns-recursor-3.3/dnsrecords.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/dnsrecords.cc --- pdns-recursor-3.3/dnsrecords.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/dnsrecords.cc 2012-07-08 18:20:53.000000000 +0000 @@ -18,6 +18,7 @@ #include "utility.hh" #include "dnsrecords.hh" +#include boilerplate_conv(A, ns_t_a, conv.xfrIP(d_ip)); @@ -61,7 +62,7 @@ static DNSRecordContent* make(const string& zone) { AAAARecordContent *ar=new AAAARecordContent(); - if(Utility::inet_pton( AF_INET6, zone.c_str(), static_cast< void * >( ar->d_ip6 )) < 0) + if(Utility::inet_pton( AF_INET6, zone.c_str(), static_cast< void * >( ar->d_ip6 )) <= 0) throw MOADNSException("Asked to encode '"+zone+"' as an IPv6 address, but does not parse"); return ar; } @@ -114,8 +115,8 @@ string::size_type pos=0; uint16_t code, len; while(d_data.size() >= 4 + pos) { - code = 0xff * d_data[pos] + d_data[pos+1]; - len = 0xff * d_data[pos+2] + d_data[pos+3]; + code = 256 * (unsigned char)d_data[pos] + (unsigned char)d_data[pos+1]; + len = 256 * (unsigned char)d_data[pos+2] + (unsigned char)d_data[pos+3]; pos+=4; if(pos + len > d_data.size()) @@ -221,15 +222,32 @@ conv.xfr8BitInt(d_algorithm); conv.xfrBlob(d_certificate); ) + +boilerplate_conv(TLSA, 52, + conv.xfr8BitInt(d_certusage); + conv.xfr8BitInt(d_selector); + conv.xfr8BitInt(d_matchtype); + conv.xfrHexBlob(d_cert, true); + ) + #undef DS DSRecordContent::DSRecordContent() : DNSRecordContent(43) {} boilerplate_conv(DS, 43, conv.xfr16BitInt(d_tag); conv.xfr8BitInt(d_algorithm); conv.xfr8BitInt(d_digesttype); - conv.xfrHexBlob(d_digest); + conv.xfrHexBlob(d_digest, true); // keep reading across spaces ) +DLVRecordContent::DLVRecordContent() : DNSRecordContent(32769) {} +boilerplate_conv(DLV,32769 , + conv.xfr16BitInt(d_tag); + conv.xfr8BitInt(d_algorithm); + conv.xfr8BitInt(d_digesttype); + conv.xfrHexBlob(d_digest, true); // keep reading across spaces + ) + + boilerplate_conv(SSHFP, 44, conv.xfr8BitInt(d_algorithm); conv.xfr8BitInt(d_fptype); @@ -240,7 +258,6 @@ conv.xfrType(d_type); conv.xfr8BitInt(d_algorithm); conv.xfr8BitInt(d_labels); - conv.xfr32BitInt(d_originalttl); conv.xfrTime(d_sigexpire); conv.xfrTime(d_siginception); @@ -274,35 +291,6 @@ return ac & 0xFFFF; } -void DNSKEYRecordContent::getExpLen(uint16_t& startPos, uint16_t& expLen) const -{ - unsigned char* decoded=(unsigned char*) d_key.c_str(); - if(decoded[0] != 0) { - startPos=1; - expLen=decoded[0]; - } - else { - startPos=3; - expLen=decoded[1]*0xff + decoded[2]; // XXX FIXME - } -} - -string DNSKEYRecordContent::getExponent() const -{ - uint16_t startPos, expLen; - getExpLen(startPos, expLen); - return d_key.substr(startPos, expLen); -} - -string DNSKEYRecordContent::getModulus() const -{ - uint16_t startPos, expLen; - getExpLen(startPos, expLen); - - return d_key.substr(startPos+expLen); -} - - // "fancy records" boilerplate_conv(URL, QType::URL, conv.xfrLabel(d_url); @@ -312,29 +300,32 @@ conv.xfrLabel(d_mboxfw); ) + + bool getEDNSOpts(const MOADNSParser& mdp, EDNSOpts* eo) { - if(mdp.d_header.arcount && !mdp.d_answers.empty() && - mdp.d_answers.back().first.d_type == QType::OPT) { - eo->d_packetsize=mdp.d_answers.back().first.d_class; - - EDNS0Record stuff; - uint32_t ttl=ntohl(mdp.d_answers.back().first.d_ttl); - memcpy(&stuff, &ttl, sizeof(stuff)); - - eo->d_extRCode=stuff.extRCode; - eo->d_version=stuff.version; - eo->d_Z = ntohs(stuff.Z); - OPTRecordContent* orc = - dynamic_cast(mdp.d_answers.back().first.d_content.get()); - if(!orc) - return false; - orc->getData(eo->d_options); - - return true; + if(mdp.d_header.arcount && !mdp.d_answers.empty()) { + BOOST_FOREACH(const MOADNSParser::answers_t::value_type& val, mdp.d_answers) { + if(val.first.d_place == DNSRecord::Additional && val.first.d_type == QType::OPT) { + eo->d_packetsize=val.first.d_class; + + EDNS0Record stuff; + uint32_t ttl=ntohl(val.first.d_ttl); + memcpy(&stuff, &ttl, sizeof(stuff)); + + eo->d_extRCode=stuff.extRCode; + eo->d_version=stuff.version; + eo->d_Z = ntohs(stuff.Z); + OPTRecordContent* orc = + dynamic_cast(val.first.d_content.get()); + if(!orc) + return false; + orc->getData(eo->d_options); + return true; + } + } } - else - return false; + return false; } @@ -370,6 +361,8 @@ NSECRecordContent::report(); NSEC3RecordContent::report(); NSEC3PARAMRecordContent::report(); + TLSARecordContent::report(); + DLVRecordContent::report(); DNSRecordContent::regist(0xff, QType::TSIG, &TSIGRecordContent::make, &TSIGRecordContent::make, "TSIG"); OPTRecordContent::report(); } diff -Nru pdns-recursor-3.3/dnsrecords.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/dnsrecords.hh --- pdns-recursor-3.3/dnsrecords.hh 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/dnsrecords.hh 2012-07-08 18:20:53.000000000 +0000 @@ -26,7 +26,7 @@ #include #include -using namespace std; +#include "namespaces.hh" #include "namespaces.hh" #define includeboilerplate(RNAME) RNAME##RecordContent(const DNSRecord& dr, PacketReader& pr); \ @@ -231,15 +231,11 @@ DNSKEYRecordContent(); includeboilerplate(DNSKEY) uint16_t getTag(); - string getExponent() const; - string getModulus() const; uint16_t d_flags; uint8_t d_protocol; uint8_t d_algorithm; string d_key; -private: - void getExpLen(uint16_t& startPos, uint16_t& expLen) const; }; class DSRecordContent : public DNSRecordContent @@ -253,6 +249,18 @@ string d_digest; }; +class DLVRecordContent : public DNSRecordContent +{ +public: + DLVRecordContent(); + includeboilerplate(DLV) + + uint16_t d_tag; + uint8_t d_algorithm, d_digesttype; + string d_digest; +}; + + class SSHFPRecordContent : public DNSRecordContent { public: @@ -296,6 +304,17 @@ string d_certificate; }; +class TLSARecordContent : public DNSRecordContent +{ +public: + includeboilerplate(TLSA) + +private: + uint8_t d_certusage, d_selector, d_matchtype; + string d_cert; +}; + + class RRSIGRecordContent : public DNSRecordContent { public: diff -Nru pdns-recursor-3.3/dnswriter.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/dnswriter.cc --- pdns-recursor-3.3/dnswriter.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/dnswriter.cc 2012-07-08 18:20:53.000000000 +0000 @@ -1,12 +1,11 @@ #include "dnswriter.hh" #include "misc.hh" #include "dnsparser.hh" -#include -#include +#include #include DNSPacketWriter::DNSPacketWriter(vector& content, const string& qname, uint16_t qtype, uint16_t qclass, uint8_t opcode) - : d_pos(0), d_content(content), d_qname(qname), d_qtype(qtype), d_qclass(qclass), d_canonic(false) + : d_pos(0), d_content(content), d_qname(qname), d_qtype(qtype), d_qclass(qclass), d_canonic(false), d_lowerCase(false) { d_content.clear(); dnsheader dnsheader; @@ -107,7 +106,7 @@ void DNSPacketWriter::xfr48BitInt(uint64_t val) { unsigned char bytes[6]; - uint16_t theLeft = htons(val >> 32); + uint16_t theLeft = htons((val >> 32)&0xffffU); uint32_t theRight = htonl(val & 0xffffffffU); memcpy(bytes, (void*)&theLeft, 2); memcpy(bytes+2, (void*)&theRight, 4); @@ -135,30 +134,26 @@ d_record.push_back(val); } + +/* input: + "" -> 0 + "blah" -> 4blah + "blah" "blah" -> output 4blah4blah + "verylongstringlongerthan256....characters" \xffverylongstring\x23characters (autosplit) + "blah\"blah" -> 9blah"blah + "blah\97" -> 5blahb + */ void DNSPacketWriter::xfrText(const string& text, bool) { - using boost::escaped_list_separator; - using boost::tokenizer; - - escaped_list_separator sep('\\', ' ' , '"'); - tokenizer > tok(text, sep); - - tokenizer >::iterator beg=tok.begin(); - - if(beg==tok.end()) { + if(text.empty()) { d_record.push_back(0); + return; + } + vector segments = segmentDNSText(text); + BOOST_FOREACH(const string& str, segments) { + d_record.push_back(str.length()); + d_record.insert(d_record.end(), str.c_str(), str.c_str() + str.length()); } - else - for(; beg!=tok.end(); ++beg){ - if(beg->empty()) - d_record.push_back(0); - else - for (unsigned int i = 0; i < beg->length(); i += 0xff){ - d_record.push_back(min((string::size_type)0xffU, beg->length()-i)); - const uint8_t* ptr=(uint8_t*)(beg->c_str()) + i; - d_record.insert(d_record.end(), ptr, ptr+min((string::size_type)0xffU, beg->length()-i)); - } - } } DNSPacketWriter::lmap_t::iterator find(DNSPacketWriter::lmap_t& lmap, const string& label) @@ -197,8 +192,9 @@ } // this is the absolute hottest function in the pdns recursor -void DNSPacketWriter::xfrLabel(const string& label, bool compress) +void DNSPacketWriter::xfrLabel(const string& Label, bool compress) { + string label = d_lowerCase ? toLower(Label) : Label; labelparts_t parts; if(d_canonic) @@ -209,7 +205,6 @@ d_record.push_back(0); return; } - bool unescaped=labeltokUnescape(parts, label); // d_stuff is amount of stuff that is yet to be written out - the dnsrecordheader for example @@ -243,6 +238,7 @@ if(unescaped) { string part(label.c_str() + i -> first, i->second - i->first); boost::replace_all(part, "\\.", "."); + boost::replace_all(part, "\\032", " "); boost::replace_all(part, "\\\\", "\\"); if(part.size() > 255) throw MOADNSException("DNSPacketWriter::xfrLabel() tried to write an overly large label"); @@ -269,22 +265,20 @@ void DNSPacketWriter::xfrBlob(const string& blob, int ) { const uint8_t* ptr=reinterpret_cast(blob.c_str()); - d_record.insert(d_record.end(), ptr, ptr+blob.size()); } -void DNSPacketWriter::xfrHexBlob(const string& blob) +void DNSPacketWriter::xfrHexBlob(const string& blob, bool keepReading) { xfrBlob(blob); } - void DNSPacketWriter::getRecords(string& records) { records.assign(d_content.begin() + d_sor, d_content.end()); } -uint16_t DNSPacketWriter::size() +uint32_t DNSPacketWriter::size() { return d_content.size() + d_stuff + d_record.size(); } diff -Nru pdns-recursor-3.3/dnswriter.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/dnswriter.hh --- pdns-recursor-3.3/dnswriter.hh 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/dnswriter.hh 2012-07-08 18:20:53.000000000 +0000 @@ -10,7 +10,7 @@ #include "utility.hh" #endif #include "dns.hh" -using namespace std; +#include "namespaces.hh" /** this class can be used to write DNS packets. It knows about DNS in the sense that it makes the packet header and record headers. @@ -61,7 +61,7 @@ */ void commit(); - uint16_t size(); + uint32_t size(); // needs to be 32 bit because otherwise we don't see the wrap coming when it happened! /** Should the packet have grown too big for the writer's liking, rollback removes the record currently being written */ void rollback(); @@ -87,7 +87,7 @@ void xfrLabel(const string& label, bool compress=false); void xfrText(const string& text, bool multi=false); void xfrBlob(const string& blob, int len=-1); - void xfrHexBlob(const string& blob); + void xfrHexBlob(const string& blob, bool keepReading=false); uint16_t d_pos; @@ -100,6 +100,15 @@ d_canonic=val; } + void setLowercase(bool val) + { + d_lowerCase=val; + } + vector & getContent() + { + return d_content; + } + private: vector & d_content; vector d_record; @@ -113,9 +122,10 @@ uint16_t d_sor; uint16_t d_rollbackmarker; // start of last complete packet, for rollback Place d_recordplace; - bool d_canonic; + bool d_canonic, d_lowerCase; }; typedef vector > labelparts_t; bool labeltokUnescape(labelparts_t& parts, const string& label); +std::vector segmentDNSText(const string& text); // from dnslabeltext.rl #endif diff -Nru pdns-recursor-3.3/epollmplexer.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/epollmplexer.cc --- pdns-recursor-3.3/epollmplexer.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/epollmplexer.cc 2012-07-08 18:20:53.000000000 +0000 @@ -10,7 +10,7 @@ #endif #include "namespaces.hh" -using namespace std; +#include "namespaces.hh" class EpollFDMultiplexer : public FDMultiplexer { diff -Nru pdns-recursor-3.3/iputils.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/iputils.hh --- pdns-recursor-3.3/iputils.hh 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/iputils.hh 2012-07-08 18:20:53.000000000 +0000 @@ -1,6 +1,6 @@ /* PowerDNS Versatile Database Driven Nameserver - Copyright (C) 2002 - 2008 PowerDNS.COM BV + Copyright (C) 2002 - 2011 PowerDNS.COM BV This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 @@ -32,11 +32,14 @@ #include #include "ahuexception.hh" #include "misc.hh" +#include +#include + #include #include #include -using namespace std; +#include "namespaces.hh" union ComboAddress { struct sockaddr_in sin4; @@ -78,7 +81,7 @@ return memcmp(&sin6.sin6_addr.s6_addr, &rhs.sin6.sin6_addr.s6_addr, 16) > 0; } - struct addressOnlyLessThan: public binary_function + struct addressOnlyLessThan: public std::binary_function { bool operator()(const ComboAddress& a, const ComboAddress& b) const { @@ -108,18 +111,20 @@ sin4.sin_port=0; } + // 'port' sets a default value in case 'str' does not set a port explicit ComboAddress(const string& str, uint16_t port=0) { memset(&sin6, 0, sizeof(sin6)); sin4.sin_family = AF_INET; - - if(!IpToU32(str, (uint32_t*)&sin4.sin_addr.s_addr)) { + sin4.sin_port = 0; + if(makeIPv4sockaddr(str, &sin4)) { sin6.sin6_family = AF_INET6; if(makeIPv6sockaddr(str, &sin6) < 0) throw AhuException("Unable to convert presentation address '"+ str +"'"); } - sin4.sin_port=htons(port); + if(!sin4.sin_port) // 'str' overrides port! + sin4.sin_port=htons(port); } bool isMappedIPv4() const @@ -156,14 +161,10 @@ string toString() const { - char tmp[128]; - if(sin4.sin_family==AF_INET && !Utility::inet_ntop(AF_INET, ( const char * ) &sin4.sin_addr, tmp, sizeof(tmp))) - return tmp; - - if(sin4.sin_family==AF_INET6 && !Utility::inet_ntop(AF_INET6, ( const char * ) &sin6.sin6_addr, tmp, sizeof(tmp))) - return tmp; + char host[1024]; + getnameinfo((struct sockaddr*) this, getSocklen(), host, sizeof(host),0, 0, NI_NUMERICHOST); - return tmp; + return host; } string toStringWithPort() const @@ -199,6 +200,25 @@ class Netmask { public: + Netmask() + { + d_network.sin4.sin_family=0; // disable this doing anything useful + } + + Netmask(const ComboAddress& network, uint8_t bits=0xff) + { + d_network = network; + + if(bits == 0xff) + bits = (network.sin4.sin_family == AF_INET) ? 32 : 128; + + d_bits = bits; + if(d_bits<32) + d_mask=~(0xFFFFFFFF>>d_bits); + else + d_mask=0xFFFFFFFF; // not actually used for IPv6 + } + //! Constructor supplies the mask, which cannot be changed Netmask(const string &mask) { @@ -206,7 +226,7 @@ d_network=makeComboAddress(split.first); if(!split.second.empty()) { - d_bits = (uint8_t) atoi(split.second.c_str()); + d_bits = lexical_cast(split.second); if(d_bits<32) d_mask=~(0xFFFFFFFF>>d_bits); else @@ -270,9 +290,21 @@ string toString() const { - return d_network.toString()+"/"+boost::lexical_cast(d_bits); + return d_network.toString()+"/"+boost::lexical_cast((unsigned int)d_bits); } + string toStringNoMask() const + { + return d_network.toString(); + } + const ComboAddress& getNetwork() const + { + return d_network; + } + int getBits() const + { + return d_bits; + } private: ComboAddress d_network; uint32_t d_mask; diff -Nru pdns-recursor-3.3/kqueuemplexer.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/kqueuemplexer.cc --- pdns-recursor-3.3/kqueuemplexer.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/kqueuemplexer.cc 2012-07-08 18:20:53.000000000 +0000 @@ -12,7 +12,7 @@ #include #include "namespaces.hh" -using namespace std; +#include "namespaces.hh" class KqueueFDMultiplexer : public FDMultiplexer { diff -Nru pdns-recursor-3.3/logger.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/logger.cc --- pdns-recursor-3.3/logger.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/logger.cc 2012-07-08 18:20:53.000000000 +0000 @@ -23,7 +23,7 @@ extern StatBag S; #endif -using namespace std; +#include "namespaces.hh" Logger &theL(const string &pname) { @@ -125,6 +125,14 @@ return *this; } +Logger& Logger::operator<<(double i) +{ + ostringstream tmp; + tmp< + +#if !defined(PDNS_ENABLE_LUA) + +// stub implementation + +PowerDNSLua::PowerDNSLua(const std::string& fname) +{ + throw runtime_error("Lua support disabled"); +} + + +PowerDNSLua::~PowerDNSLua() +{ + +} + +#else + +extern "C" { +#undef L +/* Include the Lua API header files. */ +#include +#include +#include +} + +#include +#include +#include +#include +#include +#include "logger.hh" +#include "namespaces.hh" + +bool netmaskMatchTable(lua_State* lua, const std::string& ip) +{ + lua_pushnil(lua); /* first key */ + while (lua_next(lua, 2) != 0) { + string netmask=lua_tostring(lua, -1); + Netmask nm(netmask); + ComboAddress ca(ip); + lua_pop(lua, 1); + + if(nm.match(ip)) + return true; + } + return false; +} + +static bool getFromTable(lua_State *lua, const std::string &key, std::string& value) +{ + lua_pushstring(lua, key.c_str()); // 4 is now '1' + lua_gettable(lua, -2); // replace by the first entry of our table we hope + + bool ret=false; + if(!lua_isnil(lua, -1)) { + value = lua_tostring(lua, -1); + ret=true; + } + lua_pop(lua, 1); + return ret; +} + +static bool getFromTable(lua_State *lua, const std::string &key, uint32_t& value) +{ + lua_pushstring(lua, key.c_str()); // 4 is now '1' + lua_gettable(lua, -2); // replace by the first entry of our table we hope + + bool ret=false; + if(!lua_isnil(lua, -1)) { + value = (uint32_t)lua_tonumber(lua, -1); + ret=true; + } + lua_pop(lua, 1); + return ret; +} + +void pushResourceRecordsTable(lua_State* lua, const vector& records) +{ + // make a table of tables + lua_newtable(lua); + + int pos=0; + BOOST_FOREACH(const DNSResourceRecord& rr, records) + { + // row number, used by 'lua_settable' below + lua_pushnumber(lua, ++pos); + // "row" table + lua_newtable(lua); + + lua_pushstring(lua, rr.qname.c_str()); + lua_setfield(lua, -2, "qname"); // pushes value at the top of the stack to the table immediately below that (-1 = top, -2 is below) + + lua_pushstring(lua, rr.content.c_str()); + lua_setfield(lua, -2, "content"); + + lua_pushnumber(lua, rr.qtype.getCode()); + lua_setfield(lua, -2, "qtype"); + + lua_pushnumber(lua, rr.ttl); + lua_setfield(lua, -2, "ttl"); + + lua_pushnumber(lua, rr.d_place); + lua_setfield(lua, -2, "place"); + + lua_settable(lua, -3); // pushes the table we just built into the master table at position pushed above + } +} + +void popResourceRecordsTable(lua_State *lua, const string &query, vector& ret) +{ + /* get the result */ + DNSResourceRecord rr; + rr.qname = query; + rr.d_place = DNSResourceRecord::ANSWER; + rr.ttl = 3600; + + cerr<<"Lua stacksize "<= 2) { + string ip=lua_tostring(lua, 1); + if(lua_istable(lua, 2)) { + result = netmaskMatchTable(lua, ip); + } + else { + for(int n=2 ; n <= lua_gettop(lua); ++n) { + string netmask=lua_tostring(lua, n); + Netmask nm(netmask); + ComboAddress ca(ip); + + result = nm.match(ip); + if(result) + break; + } + } + } + + lua_pushboolean(lua, result); + return 1; +} + +int getLocalAddressLua(lua_State* lua) +{ + lua_getfield(lua, LUA_REGISTRYINDEX, "__PowerDNSLua"); + PowerDNSLua* pl = (PowerDNSLua*)lua_touserdata(lua, -1); + + lua_pushstring(lua, pl->getLocal().toString().c_str()); + return 1; +} + +// called by lua to indicate that this answer is 'variable' and should not be cached +int setVariableLua(lua_State* lua) +{ + lua_getfield(lua, LUA_REGISTRYINDEX, "__PowerDNSLua"); + PowerDNSLua* pl = (PowerDNSLua*)lua_touserdata(lua, -1); + pl->setVariable(); + return 0; +} + +int logLua(lua_State *lua) +{ + if(lua_gettop(lua) >= 1) { + string message=lua_tostring(lua, 1); + theL()<::const_iterator iter = QType::names.begin(); iter != QType::names.end(); ++iter) { + lua_pushnumber(d_lua, iter->second); + lua_setfield(d_lua, -2, iter->first.c_str()); + } + lua_pushnumber(d_lua, 0); + lua_setfield(d_lua, -2, "NOERROR"); + lua_pushnumber(d_lua, 1); + lua_setfield(d_lua, -2, "FORMERR"); + lua_pushnumber(d_lua, 2); + lua_setfield(d_lua, -2, "SERVFAIL"); + lua_pushnumber(d_lua, 3); + lua_setfield(d_lua, -2, "NXDOMAIN"); + lua_pushnumber(d_lua, 4); + lua_setfield(d_lua, -2, "NOTIMP"); + lua_pushnumber(d_lua, 5); + lua_setfield(d_lua, -2, "REFUSED"); + lua_setglobal(d_lua, "pdns"); + + lua_pushlightuserdata(d_lua, (void*)this); + lua_setfield(d_lua, LUA_REGISTRYINDEX, "__PowerDNSLua"); +} + +bool PowerDNSLua::getFromTable(const std::string& key, std::string& value) +{ + return ::getFromTable(d_lua, key, value); +} + +bool PowerDNSLua::getFromTable(const std::string& key, uint32_t& value) +{ + return ::getFromTable(d_lua, key, value); +} + + +PowerDNSLua::~PowerDNSLua() +{ + lua_close(d_lua); +} +#endif diff -Nru pdns-recursor-3.3/lua-pdns.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/lua-pdns.hh --- pdns-recursor-3.3/lua-pdns.hh 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/lua-pdns.hh 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,37 @@ +#ifndef PDNS_LUA_PDNS_HH +#define PDNS_LUA_PDNS_HH +#include "dns.hh" +#include "iputils.hh" + +struct lua_State; + +class PowerDNSLua +{ +public: + explicit PowerDNSLua(const std::string& fname); + ~PowerDNSLua(); + void reload(); + ComboAddress getLocal() + { + return d_local; + } + + void setVariable() + { + d_variable=true; + } + +protected: // FIXME? + lua_State* d_lua; + bool passthrough(const string& func, const ComboAddress& remote,const ComboAddress& local, const string& query, const QType& qtype, vector& ret, int& res, bool* variable); + bool getFromTable(const std::string& key, std::string& value); + bool getFromTable(const std::string& key, uint32_t& value); + bool d_failed; + bool d_variable; + ComboAddress d_local; +}; + +void pushResourceRecordsTable(lua_State* lua, const vector& records); +void popResourceRecordsTable(lua_State *lua, const string &query, vector& ret); + +#endif diff -Nru pdns-recursor-3.3/lua-pdns-recursor.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/lua-pdns-recursor.cc --- pdns-recursor-3.3/lua-pdns-recursor.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/lua-pdns-recursor.cc 1970-01-01 00:00:00.000000000 +0000 @@ -1,288 +0,0 @@ -#include "lua-pdns-recursor.hh" - -#if !defined(PDNS_ENABLE_LUA) && !defined(LIBDIR) - -// stub implementation - -PowerDNSLua::PowerDNSLua(const std::string& fname) -{ - throw runtime_error("Lua support disabled"); -} - -bool PowerDNSLua::nxdomain(const ComboAddress& remote,const ComboAddress& local, const string& query, const QType& qtype, vector& ret, int& res, bool* variable) -{ - return false; -} - -bool PowerDNSLua::preresolve(const ComboAddress& remote, const ComboAddress& local, const string& query, const QType& qtype, vector& ret, int& res, bool* variable) -{ - return false; -} - -PowerDNSLua::~PowerDNSLua() -{ - -} - -#else - -extern "C" { -#undef L -/* Include the Lua API header files. */ -#include -#include -#include -} - -#include -#include -#include -#include -#include -#include "logger.hh" -using namespace std; - -bool netmaskMatchTable(lua_State* lua, const std::string& ip) -{ - lua_pushnil(lua); /* first key */ - while (lua_next(lua, 2) != 0) { - string netmask=lua_tostring(lua, -1); - Netmask nm(netmask); - ComboAddress ca(ip); - lua_pop(lua, 1); - - if(nm.match(ip)) - return true; - } - return false; -} - -extern "C" { - -int netmaskMatchLua(lua_State *lua) -{ - bool result=false; - if(lua_gettop(lua) >= 2) { - string ip=lua_tostring(lua, 1); - if(lua_istable(lua, 2)) { - result = netmaskMatchTable(lua, ip); - } - else { - for(int n=2 ; n <= lua_gettop(lua); ++n) { - string netmask=lua_tostring(lua, n); - Netmask nm(netmask); - ComboAddress ca(ip); - - result = nm.match(ip); - if(result) - break; - } - } - } - - lua_pushboolean(lua, result); - return 1; -} - -int getLocalAddressLua(lua_State* lua) -{ - lua_getfield(lua, LUA_REGISTRYINDEX, "__PowerDNSLua"); - PowerDNSLua* pl = (PowerDNSLua*)lua_touserdata(lua, -1); - - lua_pushstring(lua, pl->getLocal().toString().c_str()); - return 1; -} - -// called by lua to indicate that this answer is 'variable' and should not be cached -int setVariableLua(lua_State* lua) -{ - lua_getfield(lua, LUA_REGISTRYINDEX, "__PowerDNSLua"); - PowerDNSLua* pl = (PowerDNSLua*)lua_touserdata(lua, -1); - pl->setVariable(); - return 0; -} - -int logLua(lua_State *lua) -{ - if(lua_gettop(lua) >= 1) { - string message=lua_tostring(lua, 1); - theL()<::const_iterator iter = QType::names.begin(); iter != QType::names.end(); ++iter) { - lua_pushnumber(d_lua, iter->second); - lua_setfield(d_lua, -2, iter->first.c_str()); - } - lua_pushnumber(d_lua, 3); - lua_setfield(d_lua, -2, "NXDOMAIN"); - lua_setglobal(d_lua, "pdns"); - - lua_pushlightuserdata(d_lua, (void*)this); - lua_setfield(d_lua, LUA_REGISTRYINDEX, "__PowerDNSLua"); -} - -bool PowerDNSLua::nxdomain(const ComboAddress& remote, const ComboAddress& local,const string& query, const QType& qtype, vector& ret, int& res, bool* variable) -{ - return passthrough("nxdomain", remote, local, query, qtype, ret, res, variable); -} - -bool PowerDNSLua::preresolve(const ComboAddress& remote, const ComboAddress& local,const string& query, const QType& qtype, vector& ret, int& res, bool* variable) -{ - return passthrough("preresolve", remote, local, query, qtype, ret, res, variable); -} - -bool PowerDNSLua::getFromTable(const std::string& key, std::string& value) -{ - lua_pushstring(d_lua, key.c_str()); // 4 is now '1' - lua_gettable(d_lua, -2); // replace by the first entry of our table we hope - - bool ret=false; - if(!lua_isnil(d_lua, -1)) { - value = lua_tostring(d_lua, -1); - ret=true; - } - lua_pop(d_lua, 1); - return ret; -} - - -bool PowerDNSLua::getFromTable(const std::string& key, uint32_t& value) -{ - lua_pushstring(d_lua, key.c_str()); // 4 is now '1' - lua_gettable(d_lua, -2); // replace by the first entry of our table we hope - - bool ret=false; - if(!lua_isnil(d_lua, -1)) { - value = (uint32_t)lua_tonumber(d_lua, -1); - ret=true; - } - lua_pop(d_lua, 1); - return ret; -} - - -bool PowerDNSLua::passthrough(const string& func, const ComboAddress& remote, const ComboAddress& local, const string& query, const QType& qtype, vector& ret, - int& res, bool* variable) -{ - d_variable = false; - lua_getglobal(d_lua, func.c_str()); - if(!lua_isfunction(d_lua, -1)) { - // cerr<<"No such function '"<& res, int& ret, bool* variable); - bool nxdomain(const ComboAddress& remote, const ComboAddress& local, const string& query, const QType& qtype, vector& res, int& ret, bool* variable); - - ComboAddress getLocal() - { - return d_local; - } - - void setVariable() - { - d_variable=true; - } - -private: - lua_State* d_lua; - bool passthrough(const string& func, const ComboAddress& remote,const ComboAddress& local, const string& query, const QType& qtype, vector& ret, int& res, bool* variable); - bool getFromTable(const std::string& key, std::string& value); - bool getFromTable(const std::string& key, uint32_t& value); - bool d_failed; - bool d_variable; - ComboAddress d_local; -}; - -#endif diff -Nru pdns-recursor-3.3/lua-recursor.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/lua-recursor.cc --- pdns-recursor-3.3/lua-recursor.cc 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/lua-recursor.cc 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,173 @@ +#include "lua-recursor.hh" + +// to avoid including all of syncres.hh +int directResolve(const std::string& qname, const QType& qtype, int qclass, vector& ret); + +#if !defined(PDNS_ENABLE_LUA) + +RecursorLua::RecursorLua(const std::string &fname) + : PowerDNSLua(fname) +{ + // empty +} + +bool RecursorLua::nxdomain(const ComboAddress& remote,const ComboAddress& local, const string& query, const QType& qtype, vector& ret, int& res, bool* variable) +{ + return false; +} + +bool RecursorLua::nodata(const ComboAddress& remote,const ComboAddress& local, const string& query, const QType& qtype, vector& ret, int& res, bool* variable) +{ + return false; +} + +bool RecursorLua::postresolve(const ComboAddress& remote,const ComboAddress& local, const string& query, const QType& qtype, vector& ret, int& res, bool* variable) +{ + return false; +} + + +bool RecursorLua::preresolve(const ComboAddress& remote, const ComboAddress& local, const string& query, const QType& qtype, vector& ret, int& res, bool* variable) +{ + return false; +} + + +#else + +extern "C" { +#undef L +/* Include the Lua API header files. */ +#include +#include +#include +} + +#include +#include +#include +#include +#include +#include +#include "logger.hh" +#include "namespaces.hh" + +RecursorLua::RecursorLua(const std::string &fname) + : PowerDNSLua(fname) +{ + // empty +} + +int getFakeAAAARecords(const std::string& qname, const std::string& prefix, vector& ret) +{ + int rcode=directResolve(qname, QType(QType::A), 1, ret); + + ComboAddress prefixAddress(prefix); + + BOOST_FOREACH(DNSResourceRecord& rr, ret) + { + if(rr.qtype.getCode() == QType::A && rr.d_place==DNSResourceRecord::ANSWER) { + ComboAddress ipv4(rr.content); + uint32_t tmp; + memcpy((void*)&tmp, &ipv4.sin4.sin_addr.s_addr, 4); + // tmp=htonl(tmp); + memcpy(((char*)&prefixAddress.sin6.sin6_addr.s6_addr)+12, &tmp, 4); + rr.content = prefixAddress.toString(); + rr.qtype = QType(QType::AAAA); + } + } + return rcode; +} + +bool RecursorLua::nxdomain(const ComboAddress& remote, const ComboAddress& local,const string& query, const QType& qtype, vector& ret, int& res, bool* variable) +{ + return passthrough("nxdomain", remote, local, query, qtype, ret, res, variable); +} + +bool RecursorLua::preresolve(const ComboAddress& remote, const ComboAddress& local,const string& query, const QType& qtype, vector& ret, int& res, bool* variable) +{ + return passthrough("preresolve", remote, local, query, qtype, ret, res, variable); +} + +bool RecursorLua::nodata(const ComboAddress& remote, const ComboAddress& local,const string& query, const QType& qtype, vector& ret, int& res, bool* variable) +{ + return passthrough("nodata", remote, local, query, qtype, ret, res, variable); +} + +bool RecursorLua::postresolve(const ComboAddress& remote, const ComboAddress& local,const string& query, const QType& qtype, vector& ret, int& res, bool* variable) +{ + return passthrough("postresolve", remote, local, query, qtype, ret, res, variable); +} + + +bool RecursorLua::passthrough(const string& func, const ComboAddress& remote, const ComboAddress& local, const string& query, const QType& qtype, vector& ret, + int& res, bool* variable) +{ + d_variable = false; + lua_getglobal(d_lua, func.c_str()); + if(!lua_isfunction(d_lua, -1)) { + // cerr<<"No such function '"<& res, int& ret, bool* variable); + bool nxdomain(const ComboAddress& remote, const ComboAddress& local, const string& query, const QType& qtype, vector& res, int& ret, bool* variable); + bool nodata(const ComboAddress& remote, const ComboAddress& local, const string& query, const QType& qtype, vector& res, int& ret, bool* variable); + bool postresolve(const ComboAddress& remote, const ComboAddress& local, const string& query, const QType& qtype, vector& res, int& ret, bool* variable); + +private: + bool passthrough(const string& func, const ComboAddress& remote,const ComboAddress& local, const string& query, const QType& qtype, vector& ret, int& res, bool* variable); +}; + +#endif diff -Nru pdns-recursor-3.3/lwres.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/lwres.cc --- pdns-recursor-3.3/lwres.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/lwres.cc 2012-07-08 18:20:53.000000000 +0000 @@ -164,6 +164,7 @@ lwr->d_result.clear(); try { + lwr->d_tcbit=0; MOADNSParser mdp((const char*)buf.get(), len); lwr->d_aabit=mdp.d_header.aa; lwr->d_tcbit=mdp.d_header.tc; @@ -186,7 +187,6 @@ rr.priority = 0; rr.qtype=i->first.d_type; rr.qname=i->first.d_label; - rr.ttl=i->first.d_ttl; rr.content=i->first.d_content->getZoneRepresentation(); // this should be the serialised form rr.d_place=(DNSResourceRecord::Place) i->first.d_place; diff -Nru pdns-recursor-3.3/lwres.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/lwres.hh --- pdns-recursor-3.3/lwres.hh 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/lwres.hh 2012-07-08 18:20:53.000000000 +0000 @@ -38,7 +38,7 @@ #include "ahuexception.hh" #include "dns.hh" -using namespace std; +#include "namespaces.hh" int asendto(const char *data, int len, int flags, const ComboAddress& ip, uint16_t id, const string& domain, uint16_t qtype, int* fd); diff -Nru pdns-recursor-3.3/Makefile pdns-recursor-3.5.pre.20120708.2673~crass~precise/Makefile --- pdns-recursor-3.3/Makefile 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/Makefile 2012-07-08 18:20:53.000000000 +0000 @@ -18,8 +18,9 @@ arguments.o lwres.o pdns_recursor.o recursor_cache.o dnsparser.o \ dnswriter.o dnsrecords.o rcpgenerator.o base64.o zoneparser-tng.o \ rec_channel.o rec_channel_rec.o selectmplexer.o sillyrecords.o \ -dns_random.o aescrypt.o aeskey.o aes_modes.o aestab.o lua-pdns-recursor.o \ -randomhelper.o recpacketcache.o dns.o reczones.o base32.o nsecrecords.o +dns_random.o aescrypt.o aeskey.o aes_modes.o aestab.o dnslabeltext.o \ +lua-pdns.o lua-recursor.o randomhelper.o recpacketcache.o dns.o \ +reczones.o base32.o nsecrecords.o REC_CONTROL_OBJECTS=rec_channel.o rec_control.o arguments.o misc.o \ unix_utility.o logger.o qtype.o diff -Nru pdns-recursor-3.3/misc.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/misc.cc --- pdns-recursor-3.3/misc.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/misc.cc 2012-07-08 18:20:53.000000000 +0000 @@ -317,11 +317,45 @@ ret = poll(&pfd, 1, seconds * 1000 + useconds/1000); if ( ret == -1 ) - errno = ETIMEDOUT; + errno = ETIMEDOUT; // ??? return ret; } +// returns -1 in case if error, 0 if no data is available, 1 if there is. In the first two cases, errno is set +int waitFor2Data(int fd1, int fd2, int seconds, int useconds, int*fd) +{ + int ret; + + struct pollfd pfds[2]; + memset(&pfds[0], 0, 2*sizeof(struct pollfd)); + pfds[0].fd = fd1; + pfds[1].fd = fd2; + + pfds[0].events= pfds[1].events = POLLIN; + + int nsocks = 1 + (fd2 >= 0); // fd2 can optionally be -1 + + if(seconds >= 0) + ret = poll(pfds, nsocks, seconds * 1000 + useconds/1000); + else + ret = poll(pfds, nsocks, -1); + if(!ret || ret < 0) + return ret; + + if((pfds[0].revents & POLLIN) && !(pfds[1].revents & POLLIN)) + *fd = pfds[0].fd; + else if((pfds[1].revents & POLLIN) && !(pfds[0].revents & POLLIN)) + *fd = pfds[1].fd; + else if(ret == 2) { + *fd = pfds[random()%2].fd; + } + else + *fd = -1; // should never happen + + return 1; +} + string humanDuration(time_t passed) { @@ -329,13 +363,13 @@ if(passed<60) ret<sin_family == AF_INET) { - struct sockaddr_in sip; - memcpy(&sip,(struct sockaddr_in*)remote,sizeof(sip)); - return inet_ntoa(sip.sin_addr); - } - else { - char tmp[128]; - - if(!Utility::inet_ntop(AF_INET6, ( const char * ) &((struct sockaddr_in6 *)remote)->sin6_addr, tmp, sizeof(tmp))) - return "IPv6 untranslateable"; - - return tmp; - } -} - string makeHexDump(const string& str) { char tmp[5]; @@ -511,8 +531,6 @@ return ret; } - - // shuffle, maintaining some semblance of order void shuffle(vector& rrs) { @@ -541,6 +559,18 @@ // we don't shuffle the rest } +static bool comparePlace(DNSResourceRecord a, DNSResourceRecord b) +{ + return (a.d_place < b.d_place); +} + +// make sure rrs is sorted in d_place order to avoid surprises later +// then shuffle the parts that desire shuffling +void orderAndShuffle(vector& rrs) +{ + std::stable_sort(rrs.begin(), rrs.end(), comparePlace); + shuffle(rrs); +} void normalizeTV(struct timeval& tv) { @@ -585,10 +615,8 @@ return ret; } -boost::optional logFacilityToLOG(unsigned int facility) +int logFacilityToLOG(unsigned int facility) { - boost::optional ret; - switch(facility) { case 0: return LOG_LOCAL0; @@ -607,7 +635,7 @@ case 7: return(LOG_LOCAL7); default: - return ret; + return -1; } } @@ -665,6 +693,18 @@ int makeIPv6sockaddr(const std::string& addr, struct sockaddr_in6* ret) { + if(addr.empty()) + return -1; + string ourAddr(addr); + int port = -1; + if(addr[0]=='[') { // [::]:53 style address + string::size_type pos = addr.find(']'); + if(pos == string::npos || pos + 2 > addr.size() || addr[pos+1]!=':') + return -1; + ourAddr.assign(addr.c_str() + 1, pos-1); + port = atoi(addr.c_str()+pos+2); + } + struct addrinfo* res; struct addrinfo hints; memset(&hints, 0, sizeof(hints)); @@ -672,17 +712,57 @@ hints.ai_family = AF_INET6; hints.ai_flags = AI_NUMERICHOST; - if(getaddrinfo(addr.c_str(), 0, &hints, &res) < 0) { - perror("getaddrinfo"); + int error; + if((error=getaddrinfo(ourAddr.c_str(), 0, &hints, &res))) { // this is correct + /* + cerr<<"Error translating IPv6 address '"<ai_addr, sizeof(*ret)); - + memcpy(ret, res->ai_addr, res->ai_addrlen); + if(port >= 0) + ret->sin6_port = htons(port); freeaddrinfo(res); return 0; } +int makeIPv4sockaddr(const string &str, struct sockaddr_in* ret) +{ + if(str.empty()) { + return -1; + } + struct in_addr inp; + + string::size_type pos = str.find(':'); + if(pos == string::npos) { // no port specified, not touching the port + if(Utility::inet_aton(str.c_str(), &inp)) { + ret->sin_addr.s_addr=inp.s_addr; + return 0; + } + return -1; + } + if(!*(str.c_str() + pos + 1)) // trailing : + return -1; + + char *eptr = (char*)str.c_str() + str.size(); + int port = strtol(str.c_str() + pos + 1, &eptr, 10); + if(*eptr) + return -1; + + ret->sin_port = htons(port); + if(Utility::inet_aton(str.substr(0, pos).c_str(), &inp)) { + ret->sin_addr.s_addr=inp.s_addr; + return 0; + } + return -1; +} + + //! read a line of text from a FILE* to a std::string, returns false on 'no data' bool stringfgets(FILE* fp, std::string& line) { diff -Nru pdns-recursor-3.3/misc.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/misc.hh --- pdns-recursor-3.3/misc.hh 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/misc.hh 2012-07-08 18:20:53.000000000 +0000 @@ -6,7 +6,6 @@ it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation - This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the @@ -22,6 +21,12 @@ #include #include #include +#include +#include +#include +#include +#include +using namespace ::boost::multi_index; #if 0 #include using std::cout; @@ -61,9 +66,8 @@ #include #include #include -#include -using namespace std; +#include "namespaces.hh" bool chopOff(string &domain); bool chopOffDotted(string &domain); @@ -72,38 +76,18 @@ string nowTime(); const string unquotify(const string &item); string humanDuration(time_t passed); -void chomp(string &line, const string &delim); bool stripDomainSuffix(string *qname, const string &domain); void stripLine(string &line); string getHostname(); string urlEncode(const string &text); int waitForData(int fd, int seconds, int useconds=0); +int waitFor2Data(int fd1, int fd2, int seconds, int useconds, int* fd); int waitForRWData(int fd, bool waitForRead, int seconds, int useconds); uint16_t getShort(const unsigned char *p); uint16_t getShort(const char *p); uint32_t getLong(const unsigned char *p); uint32_t getLong(const char *p); -boost::optional logFacilityToLOG(unsigned int facility); - -inline void putLong(unsigned char* p, uint32_t val) -{ - *p++=(val>>24)&0xff; - *p++=(val>>16)&0xff; - *p++=(val>>8)&0xff; - *p++=(val )&0xff; - -} -inline void putLong(char* p, uint32_t val) -{ - putLong((unsigned char *)p,val); -} - - -inline uint32_t getLong(unsigned char *p) -{ - return (p[0]<<24)+(p[1]<<16)+(p[2]<<8)+p[3]; -} - +int logFacilityToLOG(unsigned int facility); struct ServiceTuple { @@ -198,6 +182,7 @@ time_t time(); inline void set(); //!< Reset the timer inline int udiff(); //!< Return the number of microseconds since the timer was last set. + inline int udiffNoReset(); //!< Return the number of microseconds since the timer was last set. void setTimeval(const struct timeval& tv) { d_set=tv; @@ -209,7 +194,7 @@ private: struct timeval d_set; }; -const string sockAddrToString(struct sockaddr_in *remote); + int sendData(const char *buffer, int replen, int outsock); inline void DTime::set() @@ -219,14 +204,21 @@ inline int DTime::udiff() { + int res=udiffNoReset(); + Utility::gettimeofday(&d_set,0); + return res; +} + +inline int DTime::udiffNoReset() +{ struct timeval now; Utility::gettimeofday(&now,0); int ret=1000000*(now.tv_sec-d_set.tv_sec)+(now.tv_usec-d_set.tv_usec); - d_set=now; return ret; } + inline bool dns_isspace(char c) { return c==' ' || c=='\t' || c=='\r' || c=='\n'; @@ -296,6 +288,7 @@ string makeHexDump(const string& str); void shuffle(vector& rrs); +void orderAndShuffle(vector& rrs); void normalizeTV(struct timeval& tv); const struct timeval operator+(const struct timeval& lhs, const struct timeval& rhs); @@ -401,7 +394,7 @@ }; -struct CIStringCompare: public binary_function +struct CIStringCompare: public std::binary_function { bool operator()(const string& a, const string& b) const { @@ -444,5 +437,17 @@ string labelReverse(const std::string& qname); std::string dotConcat(const std::string& a, const std::string &b); int makeIPv6sockaddr(const std::string& addr, struct sockaddr_in6* ret); +int makeIPv4sockaddr(const string &str, struct sockaddr_in* ret); bool stringfgets(FILE* fp, std::string& line); + +template +std::pair +replacing_insert(Index& i,const typename Index::value_type& x) +{ + std::pair res=i.insert(x); + if(!res.second)res.second=i.replace(res.first,x); + return res; +} + + #endif diff -Nru pdns-recursor-3.3/mtasker.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/mtasker.cc --- pdns-recursor-3.3/mtasker.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/mtasker.cc 2012-07-08 18:20:53.000000000 +0000 @@ -40,7 +40,7 @@ MTasker is designed to offer the performance of statemachines while maintaining simple thread semantics. It is not a replacement for a full threading system. - \section compatability Compatability + \section compatibility Compatibility MTasker is only guaranteed to work on Linux with glibc 2.2.5 and higher. It does not work on FreeBSD and notably, not on Red Hat 6.0. It may work on Solaris, please test. @@ -71,7 +71,7 @@ \section events Events By default, Events are recognized by an int and their value is also an int. - This can be overriden by specifying the EventKey and EventVal template parameters. + This can be overridden by specifying the EventKey and EventVal template parameters. An event can be a keypress, but also a UDP packet, or a bit of data from a TCP socket. The sample code provided works with keypresses, but that is just a not very useful example. @@ -144,7 +144,7 @@ //! puts a thread to sleep waiting until a specified event arrives /** Threads can call waitEvent to register that they are waiting on an event with a certain key. - If so desidered, the event can carry data which is returned in val in case that is non-zero. + If so desired, the event can carry data which is returned in val in case that is non-zero. Furthermore, a timeout can be specified in seconds. @@ -192,6 +192,9 @@ if(val && d_waitstatus==Answer) *val=d_waitval; d_tid=w.tid; + if((char*)&w < d_threads[d_tid].highestStackSeen) { + d_threads[d_tid].highestStackSeen = (char*)&w; + } key=d_eventkey; return d_waitstatus; } @@ -202,7 +205,7 @@ templatevoid MTasker::yield() { d_runQueue.push(d_tid); - if(swapcontext(d_threads[d_tid] ,&d_kernel) < 0) { // give control to the kernel + if(swapcontext(d_threads[d_tid].context ,&d_kernel) < 0) { // give control to the kernel perror("swapcontext in yield"); exit(EXIT_FAILURE); } @@ -271,7 +274,7 @@ makecontext (uc, (void (*)(void))threadWrapper, 6, thispair.first, thispair.second, start, d_maxtid, valpair.first, valpair.second); - d_threads[d_maxtid]=uc; + d_threads[d_maxtid].context = uc; d_runQueue.push(d_maxtid++); // will run at next schedule invocation } @@ -290,7 +293,7 @@ { if(!d_runQueue.empty()) { d_tid=d_runQueue.front(); - if(swapcontext(&d_kernel, d_threads[d_tid])) { + if(swapcontext(&d_kernel, d_threads[d_tid].context)) { perror("swapcontext in schedule"); exit(EXIT_FAILURE); } @@ -299,8 +302,8 @@ return true; } if(!d_zombiesQueue.empty()) { - delete[] (char *)d_threads[d_zombiesQueue.front()]->uc_stack.ss_sp; - delete d_threads[d_zombiesQueue.front()]; + delete[] (char *)d_threads[d_zombiesQueue.front()].context->uc_stack.ss_sp; + delete d_threads[d_zombiesQueue.front()].context; d_threads.erase(d_zombiesQueue.front()); d_zombiesQueue.pop(); return true; @@ -369,11 +372,11 @@ } } - templatevoid MTasker::threadWrapper(uint32_t self1, uint32_t self2, tfunc_t *tf, int tid, uint32_t val1, uint32_t val2) { void* val = joinPtr(val1, val2); MTasker* self = (MTasker*) joinPtr(self1, self2); + self->d_threads[self->d_tid].startOfStack = self->d_threads[self->d_tid].highestStackSeen = (char*)&val; (*tf)(val); self->d_zombiesQueue.push(tid); @@ -388,3 +391,10 @@ { return d_tid; } + + +//! Returns the maximum stack usage so far of this MThread +templateunsigned int MTasker::getMaxStackUsage() +{ + return d_threads[d_tid].startOfStack - d_threads[d_tid].highestStackSeen; +} diff -Nru pdns-recursor-3.3/mtasker.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/mtasker.hh --- pdns-recursor-3.3/mtasker.hh 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/mtasker.hh 2012-07-08 18:20:53.000000000 +0000 @@ -50,8 +50,14 @@ std::queue d_runQueue; std::queue d_zombiesQueue; + struct ThreadInfo + { + ucontext_t* context; + char* startOfStack; + char* highestStackSeen; + }; - typedef std::map mthreads_t; + typedef std::map mthreads_t; mthreads_t d_threads; int d_tid; int d_maxtid; @@ -66,7 +72,7 @@ EventKey key; ucontext_t *context; struct timeval ttd; - int tid; + int tid; }; typedef multi_index_container< @@ -99,6 +105,7 @@ bool noProcesses(); unsigned int numProcesses(); int getTid(); + unsigned int getMaxStackUsage(); private: static void threadWrapper(uint32_t self1, uint32_t self2, tfunc_t *tf, int tid, uint32_t val1, uint32_t val2); diff -Nru pdns-recursor-3.3/namespaces.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/namespaces.hh --- pdns-recursor-3.3/namespaces.hh 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/namespaces.hh 2012-07-08 18:20:53.000000000 +0000 @@ -10,6 +10,36 @@ #include #include #include +#include +#include +#include +#include +#include +#include + +using std::vector; +using std::map; +using std::pair; +using std::make_pair; +using std::runtime_error; +using std::ostringstream; +using std::set; +using std::deque; +using std::cerr; +using std::cout; +using std::clog; +using std::endl; +using std::ifstream; +using std::ofstream; +using std::ostream; +using std::min; // these are a bit scary, everybody uses 'min' +using std::max; + +namespace pdns { + typedef std::string string; +}; + +typedef pdns::string string; using boost::lexical_cast; using boost::tie; diff -Nru pdns-recursor-3.3/nsecrecords.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/nsecrecords.cc --- pdns-recursor-3.3/nsecrecords.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/nsecrecords.cc 2012-07-08 18:20:53.000000000 +0000 @@ -27,19 +27,32 @@ pw.xfrLabel(d_next); uint8_t res[34]; - memset(res, 0, sizeof(res)); - set::const_iterator i; - for(i=d_set.begin(); i != d_set.end() && *i<255; ++i){ - res[2+*i/8] |= 1 << (7-(*i%8)); - } - int len=0; - if(!d_set.empty()) - len=1+*--i/8; + int oldWindow = -1; + int window = 0; + int len = 0; + string tmp; - res[1]=len; + for(i=d_set.begin(); i != d_set.end(); ++i){ + uint16_t bit = (*i)%256; + window = static_cast((*i) / 256); + + if (window != oldWindow) { + if (oldWindow > -1) { + res[0] = static_cast(oldWindow); + res[1] = static_cast(len); + tmp.assign(res, res+len+2); + pw.xfrBlob(tmp); + } + memset(res, 0, 34); + oldWindow = window; + } + res[2+bit/8] |= 1 << (7-(bit%8)); + len=1+bit/8; + } - string tmp; + res[0] = static_cast(window); + res[1] = static_cast(len); tmp.assign(res, res+len+2); pw.xfrBlob(tmp); } @@ -50,27 +63,31 @@ pr.xfrLabel(ret->d_next); string bitmap; pr.xfrBlob(bitmap); - + // 00 06 20 00 00 00 00 03 -> NS RRSIG NSEC ( 2, 46, 47 ) counts from left - + if(bitmap.empty()) + return ret; + if(bitmap.size() < 2) throw MOADNSException("NSEC record with impossibly small bitmap"); - if(bitmap[0]) - throw MOADNSException("Can't deal with NSEC mappings > 255 yet"); - - unsigned int len=bitmap[1]; - if(bitmap.size()!=2+len) - throw MOADNSException("Can't deal with multi-part NSEC mappings yet"); - - for(unsigned int n=0 ; n < len ; ++n) { - uint8_t val=bitmap[2+n]; - for(int bit = 0; bit < 8 ; ++bit , val>>=1) - if(val & 1) { - ret->d_set.insert((7-bit) + 8*(n)); + for(unsigned int n = 0; n+1 < bitmap.size();) { + unsigned int window=static_cast(bitmap[n++]); + unsigned int len=static_cast(bitmap[n++]); + + // end if zero padding and ensure packet length + if(window == 0&&len == 0) break; + if(n+len>bitmap.size()) + throw MOADNSException("NSEC record with bitmap length > packet length"); + + for(unsigned int k=0; k < len; k++) { + uint8_t val=bitmap[n++]; + for(int bit = 0; bit < 8 ; ++bit , val>>=1) + if(val & 1) { + ret->d_set.insert((7-bit) + 8*(k) + 256*window); + } } } - return ret; } @@ -129,19 +146,32 @@ pw.xfrBlob(d_nexthash); uint8_t res[34]; - memset(res, 0, sizeof(res)); - set::const_iterator i; - for(i=d_set.begin(); i != d_set.end() && *i<255; ++i){ - res[2+*i/8] |= 1 << (7-(*i%8)); - } - int len=0; - if(!d_set.empty()) - len=1+*--i/8; + int oldWindow = -1; + int window = 0; + int len = 0; + string tmp; - res[1]=len; + for(i=d_set.begin(); i != d_set.end(); ++i){ + uint16_t bit = (*i)%256; + window = static_cast((*i) / 256); + + if (window != oldWindow) { + if (oldWindow > -1) { + res[0] = static_cast(oldWindow); + res[1] = static_cast(len); + tmp.assign(res, res+len+2); + pw.xfrBlob(tmp); + } + memset(res, 0, 34); + oldWindow = window; + } + res[2+bit/8] |= 1 << (7-(bit%8)); + len=1+bit/8; + } - string tmp; + res[0] = static_cast(window); + res[1] = static_cast(len); tmp.assign(res, res+len+2); pw.xfrBlob(tmp); } @@ -170,22 +200,24 @@ if(bitmap.size() < 2) throw MOADNSException("NSEC3 record with impossibly small bitmap"); - - if(bitmap[0]) - throw MOADNSException("Can't deal with NSEC3 mappings > 255 yet"); - - unsigned int bitmaplen=bitmap[1]; - if(bitmap.size()!=2+bitmaplen) - throw MOADNSException("Can't deal with multi-part NSEC3 mappings yet"); - - for(unsigned int n=0 ; n < bitmaplen ; ++n) { - uint8_t val=bitmap[2+n]; - for(int bit = 0; bit < 8 ; ++bit , val>>=1) - if(val & 1) { - ret->d_set.insert((7-bit) + 8*(n)); + + for(unsigned int n = 0; n+1 < bitmap.size();) { + unsigned int window=static_cast(bitmap[n++]); + unsigned int len=static_cast(bitmap[n++]); + + // end if zero padding and ensure packet length + if(window == 0&&len == 0) break; + if(n+len>bitmap.size()) + throw MOADNSException("NSEC record with bitmap length > packet length"); + + for(unsigned int k=0; k < len; k++) { + uint8_t val=bitmap[n++]; + for(int bit = 0; bit < 8 ; ++bit , val>>=1) + if(val & 1) { + ret->d_set.insert((7-bit) + 8*(k) + 256*window); + } } } - return ret; } diff -Nru pdns-recursor-3.3/pdns_hw.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns_hw.cc --- pdns-recursor-3.3/pdns_hw.cc 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns_hw.cc 2012-07-08 18:20:53.000000000 +0000 @@ -11,7 +11,7 @@ #include #include -using namespace std; +#include "namespaces.hh" int main() { ostringstream str; diff -Nru pdns-recursor-3.3/pdns_recursor.1 pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns_recursor.1 --- pdns-recursor-3.3/pdns_recursor.1 2011-01-22 14:45:29.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns_recursor.1 2012-07-08 18:20:53.000000000 +0000 @@ -1,13 +1,22 @@ '\" t .\" Title: pdns_recursor .\" Author: [see the "AUTHOR" section] -.\" Generator: DocBook XSL Stylesheets v1.75.1 -.\" Date: 02/10/2010 -.\" Manual: [FIXME: manual] -.\" Source: [FIXME: source] +.\" Generator: DocBook XSL Stylesheets v1.75.2 +.\" Date: 07/08/2012 +.\" Manual: \ \& +.\" Source: \ \& 3.0 .\" Language: English .\" -.TH "PDNS_RECURSOR" "1" "02/10/2010" "[FIXME: source]" "[FIXME: manual]" +.TH "PDNS_RECURSOR" "1" "07/08/2012" "\ \& 3\&.0" "\ \&" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aescpp.h pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aescpp.h --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aescpp.h 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aescpp.h 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,148 @@ +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 + + This file contains the definitions required to use AES (Rijndael) in C++. +*/ + +#ifndef _AESCPP_H +#define _AESCPP_H + +#include "aes.h" + +#if defined( AES_ENCRYPT ) + +class AESencrypt +{ +public: + aes_encrypt_ctx cx[1]; + AESencrypt(void) { aes_init(); }; +#if defined(AES_128) + AESencrypt(const unsigned char key[]) + { aes_encrypt_key128(key, cx); } + AES_RETURN key128(const unsigned char key[]) + { return aes_encrypt_key128(key, cx); } +#endif +#if defined(AES_192) + AES_RETURN key192(const unsigned char key[]) + { return aes_encrypt_key192(key, cx); } +#endif +#if defined(AES_256) + AES_RETURN key256(const unsigned char key[]) + { return aes_encrypt_key256(key, cx); } +#endif +#if defined(AES_VAR) + AES_RETURN key(const unsigned char key[], int key_len) + { return aes_encrypt_key(key, key_len, cx); } +#endif + AES_RETURN encrypt(const unsigned char in[], unsigned char out[]) const + { return aes_encrypt(in, out, cx); } +#ifndef AES_MODES + AES_RETURN ecb_encrypt(const unsigned char in[], unsigned char out[], int nb) const + { while(nb--) + { aes_encrypt(in, out, cx), in += AES_BLOCK_SIZE, out += AES_BLOCK_SIZE; } + } +#endif +#ifdef AES_MODES + AES_RETURN mode_reset(void) { return aes_mode_reset(cx); } + + AES_RETURN ecb_encrypt(const unsigned char in[], unsigned char out[], int nb) const + { return aes_ecb_encrypt(in, out, nb, cx); } + + AES_RETURN cbc_encrypt(const unsigned char in[], unsigned char out[], int nb, + unsigned char iv[]) const + { return aes_cbc_encrypt(in, out, nb, iv, cx); } + + AES_RETURN cfb_encrypt(const unsigned char in[], unsigned char out[], int nb, + unsigned char iv[]) + { return aes_cfb_encrypt(in, out, nb, iv, cx); } + + AES_RETURN cfb_decrypt(const unsigned char in[], unsigned char out[], int nb, + unsigned char iv[]) + { return aes_cfb_decrypt(in, out, nb, iv, cx); } + + AES_RETURN ofb_crypt(const unsigned char in[], unsigned char out[], int nb, + unsigned char iv[]) + { return aes_ofb_crypt(in, out, nb, iv, cx); } + + typedef void ctr_fn(unsigned char ctr[]); + + AES_RETURN ctr_crypt(const unsigned char in[], unsigned char out[], int nb, + unsigned char iv[], ctr_fn cf) + { return aes_ctr_crypt(in, out, nb, iv, cf, cx); } + +#endif + +}; + +#endif + +#if defined( AES_DECRYPT ) + +class AESdecrypt +{ +public: + aes_decrypt_ctx cx[1]; + AESdecrypt(void) { aes_init(); }; +#if defined(AES_128) + AESdecrypt(const unsigned char key[]) + { aes_decrypt_key128(key, cx); } + AES_RETURN key128(const unsigned char key[]) + { return aes_decrypt_key128(key, cx); } +#endif +#if defined(AES_192) + AES_RETURN key192(const unsigned char key[]) + { return aes_decrypt_key192(key, cx); } +#endif +#if defined(AES_256) + AES_RETURN key256(const unsigned char key[]) + { return aes_decrypt_key256(key, cx); } +#endif +#if defined(AES_VAR) + AES_RETURN key(const unsigned char key[], int key_len) + { return aes_decrypt_key(key, key_len, cx); } +#endif + AES_RETURN decrypt(const unsigned char in[], unsigned char out[]) const + { return aes_decrypt(in, out, cx); } +#ifndef AES_MODES + AES_RETURN ecb_decrypt(const unsigned char in[], unsigned char out[], int nb) const + { while(nb--) + { aes_decrypt(in, out, cx), in += AES_BLOCK_SIZE, out += AES_BLOCK_SIZE; } + } +#endif +#ifdef AES_MODES + + AES_RETURN ecb_decrypt(const unsigned char in[], unsigned char out[], int nb) const + { return aes_ecb_decrypt(in, out, nb, cx); } + + AES_RETURN cbc_decrypt(const unsigned char in[], unsigned char out[], int nb, + unsigned char iv[]) const + { return aes_cbc_decrypt(in, out, nb, iv, cx); } +#endif +}; + +#endif + +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aescrypt.c pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aescrypt.c --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aescrypt.c 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aescrypt.c 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,301 @@ +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 +*/ + +#include "aesopt.h" +#include "aestab.h" + +#if defined(__cplusplus) +extern "C" +{ +#endif + +#define si(y,x,k,c) (s(y,c) = word_in(x, c) ^ (k)[c]) +#define so(y,x,c) word_out(y, c, s(x,c)) + +#if defined(ARRAYS) +#define locals(y,x) x[4],y[4] +#else +#define locals(y,x) x##0,x##1,x##2,x##3,y##0,y##1,y##2,y##3 +#endif + +#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \ + s(y,2) = s(x,2); s(y,3) = s(x,3); +#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3) +#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3) +#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3) + +#if ( FUNCS_IN_C & ENCRYPTION_IN_C ) + +/* Visual C++ .Net v7.1 provides the fastest encryption code when using + Pentium optimiation with small code but this is poor for decryption + so we need to control this with the following VC++ pragmas +*/ + +#if defined( _MSC_VER ) && !defined( _WIN64 ) +#pragma optimize( "s", on ) +#endif + +/* Given the column (c) of the output state variable, the following + macros give the input state variables which are needed in its + computation for each row (r) of the state. All the alternative + macros give the same end values but expand into different ways + of calculating these values. In particular the complex macro + used for dynamically variable block sizes is designed to expand + to a compile time constant whenever possible but will expand to + conditional clauses on some branches (I am grateful to Frank + Yellin for this construction) +*/ + +#define fwd_var(x,r,c)\ + ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\ + : r == 1 ? ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))\ + : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\ + : ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))) + +#if defined(FT4_SET) +#undef dec_fmvars +#define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(f,n),fwd_var,rf1,c)) +#elif defined(FT1_SET) +#undef dec_fmvars +#define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,upr,t_use(f,n),fwd_var,rf1,c)) +#else +#define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ fwd_mcol(no_table(x,t_use(s,box),fwd_var,rf1,c))) +#endif + +#if defined(FL4_SET) +#define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(f,l),fwd_var,rf1,c)) +#elif defined(FL1_SET) +#define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,ups,t_use(f,l),fwd_var,rf1,c)) +#else +#define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ no_table(x,t_use(s,box),fwd_var,rf1,c)) +#endif + +AES_RETURN aes_encrypt(const unsigned char *in, unsigned char *out, const aes_encrypt_ctx cx[1]) +{ uint_32t locals(b0, b1); + const uint_32t *kp; +#if defined( dec_fmvars ) + dec_fmvars; /* declare variables for fwd_mcol() if needed */ +#endif + + if( cx->inf.b[0] != 10 * 16 && cx->inf.b[0] != 12 * 16 && cx->inf.b[0] != 14 * 16 ) + return EXIT_FAILURE; + + kp = cx->ks; + state_in(b0, in, kp); + +#if (ENC_UNROLL == FULL) + + switch(cx->inf.b[0]) + { + case 14 * 16: + round(fwd_rnd, b1, b0, kp + 1 * N_COLS); + round(fwd_rnd, b0, b1, kp + 2 * N_COLS); + kp += 2 * N_COLS; + case 12 * 16: + round(fwd_rnd, b1, b0, kp + 1 * N_COLS); + round(fwd_rnd, b0, b1, kp + 2 * N_COLS); + kp += 2 * N_COLS; + case 10 * 16: + round(fwd_rnd, b1, b0, kp + 1 * N_COLS); + round(fwd_rnd, b0, b1, kp + 2 * N_COLS); + round(fwd_rnd, b1, b0, kp + 3 * N_COLS); + round(fwd_rnd, b0, b1, kp + 4 * N_COLS); + round(fwd_rnd, b1, b0, kp + 5 * N_COLS); + round(fwd_rnd, b0, b1, kp + 6 * N_COLS); + round(fwd_rnd, b1, b0, kp + 7 * N_COLS); + round(fwd_rnd, b0, b1, kp + 8 * N_COLS); + round(fwd_rnd, b1, b0, kp + 9 * N_COLS); + round(fwd_lrnd, b0, b1, kp +10 * N_COLS); + } + +#else + +#if (ENC_UNROLL == PARTIAL) + { uint_32t rnd; + for(rnd = 0; rnd < (cx->inf.b[0] >> 5) - 1; ++rnd) + { + kp += N_COLS; + round(fwd_rnd, b1, b0, kp); + kp += N_COLS; + round(fwd_rnd, b0, b1, kp); + } + kp += N_COLS; + round(fwd_rnd, b1, b0, kp); +#else + { uint_32t rnd; + for(rnd = 0; rnd < (cx->inf.b[0] >> 4) - 1; ++rnd) + { + kp += N_COLS; + round(fwd_rnd, b1, b0, kp); + l_copy(b0, b1); + } +#endif + kp += N_COLS; + round(fwd_lrnd, b0, b1, kp); + } +#endif + + state_out(out, b0); + return EXIT_SUCCESS; +} + +#endif + +#if ( FUNCS_IN_C & DECRYPTION_IN_C) + +/* Visual C++ .Net v7.1 provides the fastest encryption code when using + Pentium optimiation with small code but this is poor for decryption + so we need to control this with the following VC++ pragmas +*/ + +#if defined( _MSC_VER ) && !defined( _WIN64 ) +#pragma optimize( "t", on ) +#endif + +/* Given the column (c) of the output state variable, the following + macros give the input state variables which are needed in its + computation for each row (r) of the state. All the alternative + macros give the same end values but expand into different ways + of calculating these values. In particular the complex macro + used for dynamically variable block sizes is designed to expand + to a compile time constant whenever possible but will expand to + conditional clauses on some branches (I am grateful to Frank + Yellin for this construction) +*/ + +#define inv_var(x,r,c)\ + ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\ + : r == 1 ? ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))\ + : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\ + : ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))) + +#if defined(IT4_SET) +#undef dec_imvars +#define inv_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(i,n),inv_var,rf1,c)) +#elif defined(IT1_SET) +#undef dec_imvars +#define inv_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,upr,t_use(i,n),inv_var,rf1,c)) +#else +#define inv_rnd(y,x,k,c) (s(y,c) = inv_mcol((k)[c] ^ no_table(x,t_use(i,box),inv_var,rf1,c))) +#endif + +#if defined(IL4_SET) +#define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(i,l),inv_var,rf1,c)) +#elif defined(IL1_SET) +#define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,ups,t_use(i,l),inv_var,rf1,c)) +#else +#define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ no_table(x,t_use(i,box),inv_var,rf1,c)) +#endif + +/* This code can work with the decryption key schedule in the */ +/* order that is used for encrytpion (where the 1st decryption */ +/* round key is at the high end ot the schedule) or with a key */ +/* schedule that has been reversed to put the 1st decryption */ +/* round key at the low end of the schedule in memory (when */ +/* AES_REV_DKS is defined) */ + +#ifdef AES_REV_DKS +#define key_ofs 0 +#define rnd_key(n) (kp + n * N_COLS) +#else +#define key_ofs 1 +#define rnd_key(n) (kp - n * N_COLS) +#endif + +AES_RETURN aes_decrypt(const unsigned char *in, unsigned char *out, const aes_decrypt_ctx cx[1]) +{ uint_32t locals(b0, b1); +#if defined( dec_imvars ) + dec_imvars; /* declare variables for inv_mcol() if needed */ +#endif + const uint_32t *kp; + + if( cx->inf.b[0] != 10 * 16 && cx->inf.b[0] != 12 * 16 && cx->inf.b[0] != 14 * 16 ) + return EXIT_FAILURE; + + kp = cx->ks + (key_ofs ? (cx->inf.b[0] >> 2) : 0); + state_in(b0, in, kp); + +#if (DEC_UNROLL == FULL) + + kp = cx->ks + (key_ofs ? 0 : (cx->inf.b[0] >> 2)); + switch(cx->inf.b[0]) + { + case 14 * 16: + round(inv_rnd, b1, b0, rnd_key(-13)); + round(inv_rnd, b0, b1, rnd_key(-12)); + case 12 * 16: + round(inv_rnd, b1, b0, rnd_key(-11)); + round(inv_rnd, b0, b1, rnd_key(-10)); + case 10 * 16: + round(inv_rnd, b1, b0, rnd_key(-9)); + round(inv_rnd, b0, b1, rnd_key(-8)); + round(inv_rnd, b1, b0, rnd_key(-7)); + round(inv_rnd, b0, b1, rnd_key(-6)); + round(inv_rnd, b1, b0, rnd_key(-5)); + round(inv_rnd, b0, b1, rnd_key(-4)); + round(inv_rnd, b1, b0, rnd_key(-3)); + round(inv_rnd, b0, b1, rnd_key(-2)); + round(inv_rnd, b1, b0, rnd_key(-1)); + round(inv_lrnd, b0, b1, rnd_key( 0)); + } + +#else + +#if (DEC_UNROLL == PARTIAL) + { uint_32t rnd; + for(rnd = 0; rnd < (cx->inf.b[0] >> 5) - 1; ++rnd) + { + kp = rnd_key(1); + round(inv_rnd, b1, b0, kp); + kp = rnd_key(1); + round(inv_rnd, b0, b1, kp); + } + kp = rnd_key(1); + round(inv_rnd, b1, b0, kp); +#else + { uint_32t rnd; + for(rnd = 0; rnd < (cx->inf.b[0] >> 4) - 1; ++rnd) + { + kp = rnd_key(1); + round(inv_rnd, b1, b0, kp); + l_copy(b0, b1); + } +#endif + kp = rnd_key(1); + round(inv_lrnd, b0, b1, kp); + } +#endif + + state_out(out, b0); + return EXIT_SUCCESS; +} + +#endif + +#if defined(__cplusplus) +} +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aes.h pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aes.h --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aes.h 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aes.h 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,205 @@ +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 + + This file contains the definitions required to use AES in C. See aesopt.h + for optimisation details. +*/ + +#ifndef _AES_H +#define _AES_H + +#include + +/* This include is used to find 8 & 32 bit unsigned integer types */ +#include "brg_types.h" + +#if defined(__cplusplus) +extern "C" +{ +#endif + +#define AES_128 /* if a fast 128 bit key scheduler is needed */ +#define AES_192 /* if a fast 192 bit key scheduler is needed */ +#define AES_256 /* if a fast 256 bit key scheduler is needed */ +#define AES_VAR /* if variable key size scheduler is needed */ +#define AES_MODES /* if support is needed for modes */ + +/* The following must also be set in assembler files if being used */ + +#define AES_ENCRYPT /* if support for encryption is needed */ +#define AES_DECRYPT /* if support for decryption is needed */ +#define AES_REV_DKS /* define to reverse decryption key schedule */ + +#define AES_BLOCK_SIZE 16 /* the AES block size in bytes */ +#define N_COLS 4 /* the number of columns in the state */ + +/* The key schedule length is 11, 13 or 15 16-byte blocks for 128, */ +/* 192 or 256-bit keys respectively. That is 176, 208 or 240 bytes */ +/* or 44, 52 or 60 32-bit words. */ + +#if defined( AES_VAR ) || defined( AES_256 ) +#define KS_LENGTH 60 +#elif defined( AES_192 ) +#define KS_LENGTH 52 +#else +#define KS_LENGTH 44 +#endif + +#define AES_RETURN INT_RETURN + +/* the character array 'inf' in the following structures is used */ +/* to hold AES context information. This AES code uses cx->inf.b[0] */ +/* to hold the number of rounds multiplied by 16. The other three */ +/* elements can be used by code that implements additional modes */ + +typedef union +{ uint_32t l; + uint_8t b[4]; +} aes_inf; + +typedef struct +{ uint_32t ks[KS_LENGTH]; + aes_inf inf; +} aes_encrypt_ctx; + +typedef struct +{ uint_32t ks[KS_LENGTH]; + aes_inf inf; +} aes_decrypt_ctx; + +/* This routine must be called before first use if non-static */ +/* tables are being used */ + +AES_RETURN aes_init(void); + +/* Key lengths in the range 16 <= key_len <= 32 are given in bytes, */ +/* those in the range 128 <= key_len <= 256 are given in bits */ + +#if defined( AES_ENCRYPT ) + +#if defined( AES_128 ) || defined( AES_VAR) +AES_RETURN aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1]); +#endif + +#if defined( AES_192 ) || defined( AES_VAR) +AES_RETURN aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1]); +#endif + +#if defined( AES_256 ) || defined( AES_VAR) +AES_RETURN aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1]); +#endif + +#if defined( AES_VAR ) +AES_RETURN aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1]); +#endif + +AES_RETURN aes_encrypt(const unsigned char *in, unsigned char *out, const aes_encrypt_ctx cx[1]); + +#endif + +#if defined( AES_DECRYPT ) + +#if defined( AES_128 ) || defined( AES_VAR) +AES_RETURN aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1]); +#endif + +#if defined( AES_192 ) || defined( AES_VAR) +AES_RETURN aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1]); +#endif + +#if defined( AES_256 ) || defined( AES_VAR) +AES_RETURN aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1]); +#endif + +#if defined( AES_VAR ) +AES_RETURN aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1]); +#endif + +AES_RETURN aes_decrypt(const unsigned char *in, unsigned char *out, const aes_decrypt_ctx cx[1]); + +#endif + +#if defined( AES_MODES ) + +/* Multiple calls to the following subroutines for multiple block */ +/* ECB, CBC, CFB, OFB and CTR mode encryption can be used to handle */ +/* long messages incremantally provided that the context AND the iv */ +/* are preserved between all such calls. For the ECB and CBC modes */ +/* each individual call within a series of incremental calls must */ +/* process only full blocks (i.e. len must be a multiple of 16) but */ +/* the CFB, OFB and CTR mode calls can handle multiple incremental */ +/* calls of any length. Each mode is reset when a new AES key is */ +/* set but ECB and CBC operations can be reset without setting a */ +/* new key by setting a new IV value. To reset CFB, OFB and CTR */ +/* without setting the key, aes_mode_reset() must be called and the */ +/* IV must be set. NOTE: All these calls update the IV on exit so */ +/* this has to be reset if a new operation with the same IV as the */ +/* previous one is required (or decryption follows encryption with */ +/* the same IV array). */ + +AES_RETURN aes_test_alignment_detection(unsigned int n); + +AES_RETURN aes_ecb_encrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, const aes_encrypt_ctx cx[1]); + +AES_RETURN aes_ecb_decrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, const aes_decrypt_ctx cx[1]); + +AES_RETURN aes_cbc_encrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, const aes_encrypt_ctx cx[1]); + +AES_RETURN aes_cbc_decrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, const aes_decrypt_ctx cx[1]); + +AES_RETURN aes_mode_reset(aes_encrypt_ctx cx[1]); + +AES_RETURN aes_cfb_encrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, aes_encrypt_ctx cx[1]); + +AES_RETURN aes_cfb_decrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, aes_encrypt_ctx cx[1]); + +#define aes_ofb_encrypt aes_ofb_crypt +#define aes_ofb_decrypt aes_ofb_crypt + +AES_RETURN aes_ofb_crypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, aes_encrypt_ctx cx[1]); + +typedef void cbuf_inc(unsigned char *cbuf); + +#define aes_ctr_encrypt aes_ctr_crypt +#define aes_ctr_decrypt aes_ctr_crypt + +AES_RETURN aes_ctr_crypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *cbuf, cbuf_inc ctr_inc, aes_encrypt_ctx cx[1]); + +#endif + +#if defined(__cplusplus) +} +#endif + +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aeskey.c pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aeskey.c --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aeskey.c 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aeskey.c 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,555 @@ +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 +*/ + +#include "aesopt.h" +#include "aestab.h" + +#ifdef USE_VIA_ACE_IF_PRESENT +# include "aes_via_ace.h" +#endif + +#if defined(__cplusplus) +extern "C" +{ +#endif + +/* Initialise the key schedule from the user supplied key. The key + length can be specified in bytes, with legal values of 16, 24 + and 32, or in bits, with legal values of 128, 192 and 256. These + values correspond with Nk values of 4, 6 and 8 respectively. + + The following macros implement a single cycle in the key + schedule generation process. The number of cycles needed + for each cx->n_col and nk value is: + + nk = 4 5 6 7 8 + ------------------------------ + cx->n_col = 4 10 9 8 7 7 + cx->n_col = 5 14 11 10 9 9 + cx->n_col = 6 19 15 12 11 11 + cx->n_col = 7 21 19 16 13 14 + cx->n_col = 8 29 23 19 17 14 +*/ + +#if defined( REDUCE_CODE_SIZE ) +# define ls_box ls_sub + uint_32t ls_sub(const uint_32t t, const uint_32t n); +# define inv_mcol im_sub + uint_32t im_sub(const uint_32t x); +# ifdef ENC_KS_UNROLL +# undef ENC_KS_UNROLL +# endif +# ifdef DEC_KS_UNROLL +# undef DEC_KS_UNROLL +# endif +#endif + +#if (FUNCS_IN_C & ENC_KEYING_IN_C) + +#if defined(AES_128) || defined( AES_VAR ) + +#define ke4(k,i) \ +{ k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; \ + k[4*(i)+5] = ss[1] ^= ss[0]; \ + k[4*(i)+6] = ss[2] ^= ss[1]; \ + k[4*(i)+7] = ss[3] ^= ss[2]; \ +} + +AES_RETURN aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1]) +{ uint_32t ss[4]; + + cx->ks[0] = ss[0] = word_in(key, 0); + cx->ks[1] = ss[1] = word_in(key, 1); + cx->ks[2] = ss[2] = word_in(key, 2); + cx->ks[3] = ss[3] = word_in(key, 3); + +#ifdef ENC_KS_UNROLL + ke4(cx->ks, 0); ke4(cx->ks, 1); + ke4(cx->ks, 2); ke4(cx->ks, 3); + ke4(cx->ks, 4); ke4(cx->ks, 5); + ke4(cx->ks, 6); ke4(cx->ks, 7); + ke4(cx->ks, 8); +#else + { uint_32t i; + for(i = 0; i < 9; ++i) + ke4(cx->ks, i); + } +#endif + ke4(cx->ks, 9); + cx->inf.l = 0; + cx->inf.b[0] = 10 * 16; + +#ifdef USE_VIA_ACE_IF_PRESENT + if(VIA_ACE_AVAILABLE) + cx->inf.b[1] = 0xff; +#endif + return EXIT_SUCCESS; +} + +#endif + +#if defined(AES_192) || defined( AES_VAR ) + +#define kef6(k,i) \ +{ k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; \ + k[6*(i)+ 7] = ss[1] ^= ss[0]; \ + k[6*(i)+ 8] = ss[2] ^= ss[1]; \ + k[6*(i)+ 9] = ss[3] ^= ss[2]; \ +} + +#define ke6(k,i) \ +{ kef6(k,i); \ + k[6*(i)+10] = ss[4] ^= ss[3]; \ + k[6*(i)+11] = ss[5] ^= ss[4]; \ +} + +AES_RETURN aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1]) +{ uint_32t ss[6]; + + cx->ks[0] = ss[0] = word_in(key, 0); + cx->ks[1] = ss[1] = word_in(key, 1); + cx->ks[2] = ss[2] = word_in(key, 2); + cx->ks[3] = ss[3] = word_in(key, 3); + cx->ks[4] = ss[4] = word_in(key, 4); + cx->ks[5] = ss[5] = word_in(key, 5); + +#ifdef ENC_KS_UNROLL + ke6(cx->ks, 0); ke6(cx->ks, 1); + ke6(cx->ks, 2); ke6(cx->ks, 3); + ke6(cx->ks, 4); ke6(cx->ks, 5); + ke6(cx->ks, 6); +#else + { uint_32t i; + for(i = 0; i < 7; ++i) + ke6(cx->ks, i); + } +#endif + kef6(cx->ks, 7); + cx->inf.l = 0; + cx->inf.b[0] = 12 * 16; + +#ifdef USE_VIA_ACE_IF_PRESENT + if(VIA_ACE_AVAILABLE) + cx->inf.b[1] = 0xff; +#endif + return EXIT_SUCCESS; +} + +#endif + +#if defined(AES_256) || defined( AES_VAR ) + +#define kef8(k,i) \ +{ k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; \ + k[8*(i)+ 9] = ss[1] ^= ss[0]; \ + k[8*(i)+10] = ss[2] ^= ss[1]; \ + k[8*(i)+11] = ss[3] ^= ss[2]; \ +} + +#define ke8(k,i) \ +{ kef8(k,i); \ + k[8*(i)+12] = ss[4] ^= ls_box(ss[3],0); \ + k[8*(i)+13] = ss[5] ^= ss[4]; \ + k[8*(i)+14] = ss[6] ^= ss[5]; \ + k[8*(i)+15] = ss[7] ^= ss[6]; \ +} + +AES_RETURN aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1]) +{ uint_32t ss[8]; + + cx->ks[0] = ss[0] = word_in(key, 0); + cx->ks[1] = ss[1] = word_in(key, 1); + cx->ks[2] = ss[2] = word_in(key, 2); + cx->ks[3] = ss[3] = word_in(key, 3); + cx->ks[4] = ss[4] = word_in(key, 4); + cx->ks[5] = ss[5] = word_in(key, 5); + cx->ks[6] = ss[6] = word_in(key, 6); + cx->ks[7] = ss[7] = word_in(key, 7); + +#ifdef ENC_KS_UNROLL + ke8(cx->ks, 0); ke8(cx->ks, 1); + ke8(cx->ks, 2); ke8(cx->ks, 3); + ke8(cx->ks, 4); ke8(cx->ks, 5); +#else + { uint_32t i; + for(i = 0; i < 6; ++i) + ke8(cx->ks, i); + } +#endif + kef8(cx->ks, 6); + cx->inf.l = 0; + cx->inf.b[0] = 14 * 16; + +#ifdef USE_VIA_ACE_IF_PRESENT + if(VIA_ACE_AVAILABLE) + cx->inf.b[1] = 0xff; +#endif + return EXIT_SUCCESS; +} + +#endif + +#if defined( AES_VAR ) + +AES_RETURN aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1]) +{ + switch(key_len) + { + case 16: case 128: return aes_encrypt_key128(key, cx); + case 24: case 192: return aes_encrypt_key192(key, cx); + case 32: case 256: return aes_encrypt_key256(key, cx); + default: return EXIT_FAILURE; + } +} + +#endif + +#endif + +#if (FUNCS_IN_C & DEC_KEYING_IN_C) + +/* this is used to store the decryption round keys */ +/* in forward or reverse order */ + +#ifdef AES_REV_DKS +#define v(n,i) ((n) - (i) + 2 * ((i) & 3)) +#else +#define v(n,i) (i) +#endif + +#if DEC_ROUND == NO_TABLES +#define ff(x) (x) +#else +#define ff(x) inv_mcol(x) +#if defined( dec_imvars ) +#define d_vars dec_imvars +#endif +#endif + +#if defined(AES_128) || defined( AES_VAR ) + +#define k4e(k,i) \ +{ k[v(40,(4*(i))+4)] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; \ + k[v(40,(4*(i))+5)] = ss[1] ^= ss[0]; \ + k[v(40,(4*(i))+6)] = ss[2] ^= ss[1]; \ + k[v(40,(4*(i))+7)] = ss[3] ^= ss[2]; \ +} + +#if 1 + +#define kdf4(k,i) \ +{ ss[0] = ss[0] ^ ss[2] ^ ss[1] ^ ss[3]; \ + ss[1] = ss[1] ^ ss[3]; \ + ss[2] = ss[2] ^ ss[3]; \ + ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; \ + ss[i % 4] ^= ss[4]; \ + ss[4] ^= k[v(40,(4*(i)))]; k[v(40,(4*(i))+4)] = ff(ss[4]); \ + ss[4] ^= k[v(40,(4*(i))+1)]; k[v(40,(4*(i))+5)] = ff(ss[4]); \ + ss[4] ^= k[v(40,(4*(i))+2)]; k[v(40,(4*(i))+6)] = ff(ss[4]); \ + ss[4] ^= k[v(40,(4*(i))+3)]; k[v(40,(4*(i))+7)] = ff(ss[4]); \ +} + +#define kd4(k,i) \ +{ ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; \ + ss[i % 4] ^= ss[4]; ss[4] = ff(ss[4]); \ + k[v(40,(4*(i))+4)] = ss[4] ^= k[v(40,(4*(i)))]; \ + k[v(40,(4*(i))+5)] = ss[4] ^= k[v(40,(4*(i))+1)]; \ + k[v(40,(4*(i))+6)] = ss[4] ^= k[v(40,(4*(i))+2)]; \ + k[v(40,(4*(i))+7)] = ss[4] ^= k[v(40,(4*(i))+3)]; \ +} + +#define kdl4(k,i) \ +{ ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; \ + k[v(40,(4*(i))+4)] = (ss[0] ^= ss[1]) ^ ss[2] ^ ss[3]; \ + k[v(40,(4*(i))+5)] = ss[1] ^ ss[3]; \ + k[v(40,(4*(i))+6)] = ss[0]; \ + k[v(40,(4*(i))+7)] = ss[1]; \ +} + +#else + +#define kdf4(k,i) \ +{ ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[v(40,(4*(i))+ 4)] = ff(ss[0]); \ + ss[1] ^= ss[0]; k[v(40,(4*(i))+ 5)] = ff(ss[1]); \ + ss[2] ^= ss[1]; k[v(40,(4*(i))+ 6)] = ff(ss[2]); \ + ss[3] ^= ss[2]; k[v(40,(4*(i))+ 7)] = ff(ss[3]); \ +} + +#define kd4(k,i) \ +{ ss[4] = ls_box(ss[3],3) ^ t_use(r,c)[i]; \ + ss[0] ^= ss[4]; ss[4] = ff(ss[4]); k[v(40,(4*(i))+ 4)] = ss[4] ^= k[v(40,(4*(i)))]; \ + ss[1] ^= ss[0]; k[v(40,(4*(i))+ 5)] = ss[4] ^= k[v(40,(4*(i))+ 1)]; \ + ss[2] ^= ss[1]; k[v(40,(4*(i))+ 6)] = ss[4] ^= k[v(40,(4*(i))+ 2)]; \ + ss[3] ^= ss[2]; k[v(40,(4*(i))+ 7)] = ss[4] ^= k[v(40,(4*(i))+ 3)]; \ +} + +#define kdl4(k,i) \ +{ ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[v(40,(4*(i))+ 4)] = ss[0]; \ + ss[1] ^= ss[0]; k[v(40,(4*(i))+ 5)] = ss[1]; \ + ss[2] ^= ss[1]; k[v(40,(4*(i))+ 6)] = ss[2]; \ + ss[3] ^= ss[2]; k[v(40,(4*(i))+ 7)] = ss[3]; \ +} + +#endif + +AES_RETURN aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1]) +{ uint_32t ss[5]; +#if defined( d_vars ) + d_vars; +#endif + cx->ks[v(40,(0))] = ss[0] = word_in(key, 0); + cx->ks[v(40,(1))] = ss[1] = word_in(key, 1); + cx->ks[v(40,(2))] = ss[2] = word_in(key, 2); + cx->ks[v(40,(3))] = ss[3] = word_in(key, 3); + +#ifdef DEC_KS_UNROLL + kdf4(cx->ks, 0); kd4(cx->ks, 1); + kd4(cx->ks, 2); kd4(cx->ks, 3); + kd4(cx->ks, 4); kd4(cx->ks, 5); + kd4(cx->ks, 6); kd4(cx->ks, 7); + kd4(cx->ks, 8); kdl4(cx->ks, 9); +#else + { uint_32t i; + for(i = 0; i < 10; ++i) + k4e(cx->ks, i); +#if !(DEC_ROUND == NO_TABLES) + for(i = N_COLS; i < 10 * N_COLS; ++i) + cx->ks[i] = inv_mcol(cx->ks[i]); +#endif + } +#endif + cx->inf.l = 0; + cx->inf.b[0] = 10 * 16; + +#ifdef USE_VIA_ACE_IF_PRESENT + if(VIA_ACE_AVAILABLE) + cx->inf.b[1] = 0xff; +#endif + return EXIT_SUCCESS; +} + +#endif + +#if defined(AES_192) || defined( AES_VAR ) + +#define k6ef(k,i) \ +{ k[v(48,(6*(i))+ 6)] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; \ + k[v(48,(6*(i))+ 7)] = ss[1] ^= ss[0]; \ + k[v(48,(6*(i))+ 8)] = ss[2] ^= ss[1]; \ + k[v(48,(6*(i))+ 9)] = ss[3] ^= ss[2]; \ +} + +#define k6e(k,i) \ +{ k6ef(k,i); \ + k[v(48,(6*(i))+10)] = ss[4] ^= ss[3]; \ + k[v(48,(6*(i))+11)] = ss[5] ^= ss[4]; \ +} + +#define kdf6(k,i) \ +{ ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[v(48,(6*(i))+ 6)] = ff(ss[0]); \ + ss[1] ^= ss[0]; k[v(48,(6*(i))+ 7)] = ff(ss[1]); \ + ss[2] ^= ss[1]; k[v(48,(6*(i))+ 8)] = ff(ss[2]); \ + ss[3] ^= ss[2]; k[v(48,(6*(i))+ 9)] = ff(ss[3]); \ + ss[4] ^= ss[3]; k[v(48,(6*(i))+10)] = ff(ss[4]); \ + ss[5] ^= ss[4]; k[v(48,(6*(i))+11)] = ff(ss[5]); \ +} + +#define kd6(k,i) \ +{ ss[6] = ls_box(ss[5],3) ^ t_use(r,c)[i]; \ + ss[0] ^= ss[6]; ss[6] = ff(ss[6]); k[v(48,(6*(i))+ 6)] = ss[6] ^= k[v(48,(6*(i)))]; \ + ss[1] ^= ss[0]; k[v(48,(6*(i))+ 7)] = ss[6] ^= k[v(48,(6*(i))+ 1)]; \ + ss[2] ^= ss[1]; k[v(48,(6*(i))+ 8)] = ss[6] ^= k[v(48,(6*(i))+ 2)]; \ + ss[3] ^= ss[2]; k[v(48,(6*(i))+ 9)] = ss[6] ^= k[v(48,(6*(i))+ 3)]; \ + ss[4] ^= ss[3]; k[v(48,(6*(i))+10)] = ss[6] ^= k[v(48,(6*(i))+ 4)]; \ + ss[5] ^= ss[4]; k[v(48,(6*(i))+11)] = ss[6] ^= k[v(48,(6*(i))+ 5)]; \ +} + +#define kdl6(k,i) \ +{ ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[v(48,(6*(i))+ 6)] = ss[0]; \ + ss[1] ^= ss[0]; k[v(48,(6*(i))+ 7)] = ss[1]; \ + ss[2] ^= ss[1]; k[v(48,(6*(i))+ 8)] = ss[2]; \ + ss[3] ^= ss[2]; k[v(48,(6*(i))+ 9)] = ss[3]; \ +} + +AES_RETURN aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1]) +{ uint_32t ss[7]; +#if defined( d_vars ) + d_vars; +#endif + cx->ks[v(48,(0))] = ss[0] = word_in(key, 0); + cx->ks[v(48,(1))] = ss[1] = word_in(key, 1); + cx->ks[v(48,(2))] = ss[2] = word_in(key, 2); + cx->ks[v(48,(3))] = ss[3] = word_in(key, 3); + +#ifdef DEC_KS_UNROLL + cx->ks[v(48,(4))] = ff(ss[4] = word_in(key, 4)); + cx->ks[v(48,(5))] = ff(ss[5] = word_in(key, 5)); + kdf6(cx->ks, 0); kd6(cx->ks, 1); + kd6(cx->ks, 2); kd6(cx->ks, 3); + kd6(cx->ks, 4); kd6(cx->ks, 5); + kd6(cx->ks, 6); kdl6(cx->ks, 7); +#else + cx->ks[v(48,(4))] = ss[4] = word_in(key, 4); + cx->ks[v(48,(5))] = ss[5] = word_in(key, 5); + { uint_32t i; + + for(i = 0; i < 7; ++i) + k6e(cx->ks, i); + k6ef(cx->ks, 7); +#if !(DEC_ROUND == NO_TABLES) + for(i = N_COLS; i < 12 * N_COLS; ++i) + cx->ks[i] = inv_mcol(cx->ks[i]); +#endif + } +#endif + cx->inf.l = 0; + cx->inf.b[0] = 12 * 16; + +#ifdef USE_VIA_ACE_IF_PRESENT + if(VIA_ACE_AVAILABLE) + cx->inf.b[1] = 0xff; +#endif + return EXIT_SUCCESS; +} + +#endif + +#if defined(AES_256) || defined( AES_VAR ) + +#define k8ef(k,i) \ +{ k[v(56,(8*(i))+ 8)] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; \ + k[v(56,(8*(i))+ 9)] = ss[1] ^= ss[0]; \ + k[v(56,(8*(i))+10)] = ss[2] ^= ss[1]; \ + k[v(56,(8*(i))+11)] = ss[3] ^= ss[2]; \ +} + +#define k8e(k,i) \ +{ k8ef(k,i); \ + k[v(56,(8*(i))+12)] = ss[4] ^= ls_box(ss[3],0); \ + k[v(56,(8*(i))+13)] = ss[5] ^= ss[4]; \ + k[v(56,(8*(i))+14)] = ss[6] ^= ss[5]; \ + k[v(56,(8*(i))+15)] = ss[7] ^= ss[6]; \ +} + +#define kdf8(k,i) \ +{ ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[v(56,(8*(i))+ 8)] = ff(ss[0]); \ + ss[1] ^= ss[0]; k[v(56,(8*(i))+ 9)] = ff(ss[1]); \ + ss[2] ^= ss[1]; k[v(56,(8*(i))+10)] = ff(ss[2]); \ + ss[3] ^= ss[2]; k[v(56,(8*(i))+11)] = ff(ss[3]); \ + ss[4] ^= ls_box(ss[3],0); k[v(56,(8*(i))+12)] = ff(ss[4]); \ + ss[5] ^= ss[4]; k[v(56,(8*(i))+13)] = ff(ss[5]); \ + ss[6] ^= ss[5]; k[v(56,(8*(i))+14)] = ff(ss[6]); \ + ss[7] ^= ss[6]; k[v(56,(8*(i))+15)] = ff(ss[7]); \ +} + +#define kd8(k,i) \ +{ ss[8] = ls_box(ss[7],3) ^ t_use(r,c)[i]; \ + ss[0] ^= ss[8]; ss[8] = ff(ss[8]); k[v(56,(8*(i))+ 8)] = ss[8] ^= k[v(56,(8*(i)))]; \ + ss[1] ^= ss[0]; k[v(56,(8*(i))+ 9)] = ss[8] ^= k[v(56,(8*(i))+ 1)]; \ + ss[2] ^= ss[1]; k[v(56,(8*(i))+10)] = ss[8] ^= k[v(56,(8*(i))+ 2)]; \ + ss[3] ^= ss[2]; k[v(56,(8*(i))+11)] = ss[8] ^= k[v(56,(8*(i))+ 3)]; \ + ss[8] = ls_box(ss[3],0); \ + ss[4] ^= ss[8]; ss[8] = ff(ss[8]); k[v(56,(8*(i))+12)] = ss[8] ^= k[v(56,(8*(i))+ 4)]; \ + ss[5] ^= ss[4]; k[v(56,(8*(i))+13)] = ss[8] ^= k[v(56,(8*(i))+ 5)]; \ + ss[6] ^= ss[5]; k[v(56,(8*(i))+14)] = ss[8] ^= k[v(56,(8*(i))+ 6)]; \ + ss[7] ^= ss[6]; k[v(56,(8*(i))+15)] = ss[8] ^= k[v(56,(8*(i))+ 7)]; \ +} + +#define kdl8(k,i) \ +{ ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[v(56,(8*(i))+ 8)] = ss[0]; \ + ss[1] ^= ss[0]; k[v(56,(8*(i))+ 9)] = ss[1]; \ + ss[2] ^= ss[1]; k[v(56,(8*(i))+10)] = ss[2]; \ + ss[3] ^= ss[2]; k[v(56,(8*(i))+11)] = ss[3]; \ +} + +AES_RETURN aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1]) +{ uint_32t ss[9]; +#if defined( d_vars ) + d_vars; +#endif + cx->ks[v(56,(0))] = ss[0] = word_in(key, 0); + cx->ks[v(56,(1))] = ss[1] = word_in(key, 1); + cx->ks[v(56,(2))] = ss[2] = word_in(key, 2); + cx->ks[v(56,(3))] = ss[3] = word_in(key, 3); + +#ifdef DEC_KS_UNROLL + cx->ks[v(56,(4))] = ff(ss[4] = word_in(key, 4)); + cx->ks[v(56,(5))] = ff(ss[5] = word_in(key, 5)); + cx->ks[v(56,(6))] = ff(ss[6] = word_in(key, 6)); + cx->ks[v(56,(7))] = ff(ss[7] = word_in(key, 7)); + kdf8(cx->ks, 0); kd8(cx->ks, 1); + kd8(cx->ks, 2); kd8(cx->ks, 3); + kd8(cx->ks, 4); kd8(cx->ks, 5); + kdl8(cx->ks, 6); +#else + cx->ks[v(56,(4))] = ss[4] = word_in(key, 4); + cx->ks[v(56,(5))] = ss[5] = word_in(key, 5); + cx->ks[v(56,(6))] = ss[6] = word_in(key, 6); + cx->ks[v(56,(7))] = ss[7] = word_in(key, 7); + { uint_32t i; + + for(i = 0; i < 6; ++i) + k8e(cx->ks, i); + k8ef(cx->ks, 6); +#if !(DEC_ROUND == NO_TABLES) + for(i = N_COLS; i < 14 * N_COLS; ++i) + cx->ks[i] = inv_mcol(cx->ks[i]); +#endif + } +#endif + cx->inf.l = 0; + cx->inf.b[0] = 14 * 16; + +#ifdef USE_VIA_ACE_IF_PRESENT + if(VIA_ACE_AVAILABLE) + cx->inf.b[1] = 0xff; +#endif + return EXIT_SUCCESS; +} + +#endif + +#if defined( AES_VAR ) + +AES_RETURN aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1]) +{ + switch(key_len) + { + case 16: case 128: return aes_decrypt_key128(key, cx); + case 24: case 192: return aes_decrypt_key192(key, cx); + case 32: case 256: return aes_decrypt_key256(key, cx); + default: return EXIT_FAILURE; + } +} + +#endif + +#endif + +#if defined(__cplusplus) +} +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aes_modes.c pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aes_modes.c --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aes_modes.c 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aes_modes.c 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,918 @@ +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 + + These subroutines implement multiple block AES modes for ECB, CBC, CFB, + OFB and CTR encryption, The code provides support for the VIA Advanced + Cryptography Engine (ACE). + + NOTE: In the following subroutines, the AES contexts (ctx) must be + 16 byte aligned if VIA ACE is being used +*/ + +#include +#include + +#include "aesopt.h" + +#if defined( AES_MODES ) +#if defined(__cplusplus) +extern "C" +{ +#endif + +#if defined( _MSC_VER ) && ( _MSC_VER > 800 ) +#pragma intrinsic(memcpy) +#endif + +#define BFR_BLOCKS 8 + +/* These values are used to detect long word alignment in order to */ +/* speed up some buffer operations. This facility may not work on */ +/* some machines so this define can be commented out if necessary */ + +#define FAST_BUFFER_OPERATIONS + +#define lp32(x) ((uint_32t*)(x)) + +#if defined( USE_VIA_ACE_IF_PRESENT ) + +#include "aes_via_ace.h" + +#pragma pack(16) + +aligned_array(unsigned long, enc_gen_table, 12, 16) = NEH_ENC_GEN_DATA; +aligned_array(unsigned long, enc_load_table, 12, 16) = NEH_ENC_LOAD_DATA; +aligned_array(unsigned long, enc_hybrid_table, 12, 16) = NEH_ENC_HYBRID_DATA; +aligned_array(unsigned long, dec_gen_table, 12, 16) = NEH_DEC_GEN_DATA; +aligned_array(unsigned long, dec_load_table, 12, 16) = NEH_DEC_LOAD_DATA; +aligned_array(unsigned long, dec_hybrid_table, 12, 16) = NEH_DEC_HYBRID_DATA; + +/* NOTE: These control word macros must only be used after */ +/* a key has been set up because they depend on key size */ + +#if NEH_KEY_TYPE == NEH_LOAD +#define kd_adr(c) ((uint_8t*)(c)->ks) +#elif NEH_KEY_TYPE == NEH_GENERATE +#define kd_adr(c) ((uint_8t*)(c)->ks + (c)->inf.b[0]) +#else +#define kd_adr(c) ((uint_8t*)(c)->ks + ((c)->inf.b[0] == 160 ? 160 : 0)) +#endif + +#else + +#define aligned_array(type, name, no, stride) type name[no] +#define aligned_auto(type, name, no, stride) type name[no] + +#endif + +#if defined( _MSC_VER ) && _MSC_VER > 1200 + +#define via_cwd(cwd, ty, dir, len) \ + unsigned long* cwd = (dir##_##ty##_table + ((len - 128) >> 4)) + +#else + +#define via_cwd(cwd, ty, dir, len) \ + aligned_auto(unsigned long, cwd, 4, 16); \ + cwd[1] = cwd[2] = cwd[3] = 0; \ + cwd[0] = neh_##dir##_##ty##_key(len) + +#endif + +/* test the code for detecting and setting pointer alignment */ + +AES_RETURN aes_test_alignment_detection(unsigned int n) /* 4 <= n <= 16 */ +{ uint_8t p[16]; + uint_32t i, count_eq = 0, count_neq = 0; + + if(n < 4 || n > 16) + return EXIT_FAILURE; + + for(i = 0; i < n; ++i) + { + uint_8t *qf = ALIGN_FLOOR(p + i, n), + *qh = ALIGN_CEIL(p + i, n); + + if(qh == qf) + ++count_eq; + else if(qh == qf + n) + ++count_neq; + else + return EXIT_FAILURE; + } + return (count_eq != 1 || count_neq != n - 1 ? EXIT_FAILURE : EXIT_SUCCESS); +} + +AES_RETURN aes_mode_reset(aes_encrypt_ctx ctx[1]) +{ + ctx->inf.b[2] = 0; + return EXIT_SUCCESS; +} + +AES_RETURN aes_ecb_encrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, const aes_encrypt_ctx ctx[1]) +{ int nb = len >> 4; + + if(len & (AES_BLOCK_SIZE - 1)) + return EXIT_FAILURE; + +#if defined( USE_VIA_ACE_IF_PRESENT ) + + if(ctx->inf.b[1] == 0xff) + { uint_8t *ksp = (uint_8t*)(ctx->ks); + via_cwd(cwd, hybrid, enc, 2 * ctx->inf.b[0] - 192); + + if(ALIGN_OFFSET( ctx, 16 )) + return EXIT_FAILURE; + + if(!ALIGN_OFFSET( ibuf, 16 ) && !ALIGN_OFFSET( obuf, 16 )) + { + via_ecb_op5(ksp,cwd,ibuf,obuf,nb); + } + else + { aligned_auto(uint_8t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16); + uint_8t *ip, *op; + + while(nb) + { + int m = (nb > BFR_BLOCKS ? BFR_BLOCKS : nb); + + ip = (ALIGN_OFFSET( ibuf, 16 ) ? buf : ibuf); + op = (ALIGN_OFFSET( obuf, 16 ) ? buf : obuf); + + if(ip != ibuf) + memcpy(buf, ibuf, m * AES_BLOCK_SIZE); + + via_ecb_op5(ksp,cwd,ip,op,m); + + if(op != obuf) + memcpy(obuf, buf, m * AES_BLOCK_SIZE); + + ibuf += m * AES_BLOCK_SIZE; + obuf += m * AES_BLOCK_SIZE; + nb -= m; + } + } + + return EXIT_SUCCESS; + } + +#endif + +#if !defined( ASSUME_VIA_ACE_PRESENT ) + while(nb--) + { + if(aes_encrypt(ibuf, obuf, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + ibuf += AES_BLOCK_SIZE; + obuf += AES_BLOCK_SIZE; + } +#endif + return EXIT_SUCCESS; +} + +AES_RETURN aes_ecb_decrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, const aes_decrypt_ctx ctx[1]) +{ int nb = len >> 4; + + if(len & (AES_BLOCK_SIZE - 1)) + return EXIT_FAILURE; + +#if defined( USE_VIA_ACE_IF_PRESENT ) + + if(ctx->inf.b[1] == 0xff) + { uint_8t *ksp = kd_adr(ctx); + via_cwd(cwd, hybrid, dec, 2 * ctx->inf.b[0] - 192); + + if(ALIGN_OFFSET( ctx, 16 )) + return EXIT_FAILURE; + + if(!ALIGN_OFFSET( ibuf, 16 ) && !ALIGN_OFFSET( obuf, 16 )) + { + via_ecb_op5(ksp,cwd,ibuf,obuf,nb); + } + else + { aligned_auto(uint_8t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16); + uint_8t *ip, *op; + + while(nb) + { + int m = (nb > BFR_BLOCKS ? BFR_BLOCKS : nb); + + ip = (ALIGN_OFFSET( ibuf, 16 ) ? buf : ibuf); + op = (ALIGN_OFFSET( obuf, 16 ) ? buf : obuf); + + if(ip != ibuf) + memcpy(buf, ibuf, m * AES_BLOCK_SIZE); + + via_ecb_op5(ksp,cwd,ip,op,m); + + if(op != obuf) + memcpy(obuf, buf, m * AES_BLOCK_SIZE); + + ibuf += m * AES_BLOCK_SIZE; + obuf += m * AES_BLOCK_SIZE; + nb -= m; + } + } + + return EXIT_SUCCESS; + } + +#endif + +#if !defined( ASSUME_VIA_ACE_PRESENT ) + while(nb--) + { + if(aes_decrypt(ibuf, obuf, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + ibuf += AES_BLOCK_SIZE; + obuf += AES_BLOCK_SIZE; + } +#endif + return EXIT_SUCCESS; +} + +AES_RETURN aes_cbc_encrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, const aes_encrypt_ctx ctx[1]) +{ int nb = len >> 4; + + if(len & (AES_BLOCK_SIZE - 1)) + return EXIT_FAILURE; + +#if defined( USE_VIA_ACE_IF_PRESENT ) + + if(ctx->inf.b[1] == 0xff) + { uint_8t *ksp = (uint_8t*)(ctx->ks), *ivp = iv; + aligned_auto(uint_8t, liv, AES_BLOCK_SIZE, 16); + via_cwd(cwd, hybrid, enc, 2 * ctx->inf.b[0] - 192); + + if(ALIGN_OFFSET( ctx, 16 )) + return EXIT_FAILURE; + + if(ALIGN_OFFSET( iv, 16 )) /* ensure an aligned iv */ + { + ivp = liv; + memcpy(liv, iv, AES_BLOCK_SIZE); + } + + if(!ALIGN_OFFSET( ibuf, 16 ) && !ALIGN_OFFSET( obuf, 16 ) && !ALIGN_OFFSET( iv, 16 )) + { + via_cbc_op7(ksp,cwd,ibuf,obuf,nb,ivp,ivp); + } + else + { aligned_auto(uint_8t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16); + uint_8t *ip, *op; + + while(nb) + { + int m = (nb > BFR_BLOCKS ? BFR_BLOCKS : nb); + + ip = (ALIGN_OFFSET( ibuf, 16 ) ? buf : ibuf); + op = (ALIGN_OFFSET( obuf, 16 ) ? buf : obuf); + + if(ip != ibuf) + memcpy(buf, ibuf, m * AES_BLOCK_SIZE); + + via_cbc_op7(ksp,cwd,ip,op,m,ivp,ivp); + + if(op != obuf) + memcpy(obuf, buf, m * AES_BLOCK_SIZE); + + ibuf += m * AES_BLOCK_SIZE; + obuf += m * AES_BLOCK_SIZE; + nb -= m; + } + } + + if(iv != ivp) + memcpy(iv, ivp, AES_BLOCK_SIZE); + + return EXIT_SUCCESS; + } + +#endif + +#if !defined( ASSUME_VIA_ACE_PRESENT ) +# ifdef FAST_BUFFER_OPERATIONS + if(!ALIGN_OFFSET( ibuf, 4 ) && !ALIGN_OFFSET( iv, 4 )) + while(nb--) + { + lp32(iv)[0] ^= lp32(ibuf)[0]; + lp32(iv)[1] ^= lp32(ibuf)[1]; + lp32(iv)[2] ^= lp32(ibuf)[2]; + lp32(iv)[3] ^= lp32(ibuf)[3]; + if(aes_encrypt(iv, iv, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + memcpy(obuf, iv, AES_BLOCK_SIZE); + ibuf += AES_BLOCK_SIZE; + obuf += AES_BLOCK_SIZE; + } + else +# endif + while(nb--) + { + iv[ 0] ^= ibuf[ 0]; iv[ 1] ^= ibuf[ 1]; + iv[ 2] ^= ibuf[ 2]; iv[ 3] ^= ibuf[ 3]; + iv[ 4] ^= ibuf[ 4]; iv[ 5] ^= ibuf[ 5]; + iv[ 6] ^= ibuf[ 6]; iv[ 7] ^= ibuf[ 7]; + iv[ 8] ^= ibuf[ 8]; iv[ 9] ^= ibuf[ 9]; + iv[10] ^= ibuf[10]; iv[11] ^= ibuf[11]; + iv[12] ^= ibuf[12]; iv[13] ^= ibuf[13]; + iv[14] ^= ibuf[14]; iv[15] ^= ibuf[15]; + if(aes_encrypt(iv, iv, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + memcpy(obuf, iv, AES_BLOCK_SIZE); + ibuf += AES_BLOCK_SIZE; + obuf += AES_BLOCK_SIZE; + } +#endif + return EXIT_SUCCESS; +} + +AES_RETURN aes_cbc_decrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, const aes_decrypt_ctx ctx[1]) +{ unsigned char tmp[AES_BLOCK_SIZE]; + int nb = len >> 4; + + if(len & (AES_BLOCK_SIZE - 1)) + return EXIT_FAILURE; + +#if defined( USE_VIA_ACE_IF_PRESENT ) + + if(ctx->inf.b[1] == 0xff) + { uint_8t *ksp = kd_adr(ctx), *ivp = iv; + aligned_auto(uint_8t, liv, AES_BLOCK_SIZE, 16); + via_cwd(cwd, hybrid, dec, 2 * ctx->inf.b[0] - 192); + + if(ALIGN_OFFSET( ctx, 16 )) + return EXIT_FAILURE; + + if(ALIGN_OFFSET( iv, 16 )) /* ensure an aligned iv */ + { + ivp = liv; + memcpy(liv, iv, AES_BLOCK_SIZE); + } + + if(!ALIGN_OFFSET( ibuf, 16 ) && !ALIGN_OFFSET( obuf, 16 ) && !ALIGN_OFFSET( iv, 16 )) + { + via_cbc_op6(ksp,cwd,ibuf,obuf,nb,ivp); + } + else + { aligned_auto(uint_8t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16); + uint_8t *ip, *op; + + while(nb) + { + int m = (nb > BFR_BLOCKS ? BFR_BLOCKS : nb); + + ip = (ALIGN_OFFSET( ibuf, 16 ) ? buf : ibuf); + op = (ALIGN_OFFSET( obuf, 16 ) ? buf : obuf); + + if(ip != ibuf) + memcpy(buf, ibuf, m * AES_BLOCK_SIZE); + + via_cbc_op6(ksp,cwd,ip,op,m,ivp); + + if(op != obuf) + memcpy(obuf, buf, m * AES_BLOCK_SIZE); + + ibuf += m * AES_BLOCK_SIZE; + obuf += m * AES_BLOCK_SIZE; + nb -= m; + } + } + + if(iv != ivp) + memcpy(iv, ivp, AES_BLOCK_SIZE); + + return EXIT_SUCCESS; + } +#endif + +#if !defined( ASSUME_VIA_ACE_PRESENT ) +# ifdef FAST_BUFFER_OPERATIONS + if(!ALIGN_OFFSET( obuf, 4 ) && !ALIGN_OFFSET( iv, 4 )) + while(nb--) + { + memcpy(tmp, ibuf, AES_BLOCK_SIZE); + if(aes_decrypt(ibuf, obuf, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + lp32(obuf)[0] ^= lp32(iv)[0]; + lp32(obuf)[1] ^= lp32(iv)[1]; + lp32(obuf)[2] ^= lp32(iv)[2]; + lp32(obuf)[3] ^= lp32(iv)[3]; + memcpy(iv, tmp, AES_BLOCK_SIZE); + ibuf += AES_BLOCK_SIZE; + obuf += AES_BLOCK_SIZE; + } + else +# endif + while(nb--) + { + memcpy(tmp, ibuf, AES_BLOCK_SIZE); + if(aes_decrypt(ibuf, obuf, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + obuf[ 0] ^= iv[ 0]; obuf[ 1] ^= iv[ 1]; + obuf[ 2] ^= iv[ 2]; obuf[ 3] ^= iv[ 3]; + obuf[ 4] ^= iv[ 4]; obuf[ 5] ^= iv[ 5]; + obuf[ 6] ^= iv[ 6]; obuf[ 7] ^= iv[ 7]; + obuf[ 8] ^= iv[ 8]; obuf[ 9] ^= iv[ 9]; + obuf[10] ^= iv[10]; obuf[11] ^= iv[11]; + obuf[12] ^= iv[12]; obuf[13] ^= iv[13]; + obuf[14] ^= iv[14]; obuf[15] ^= iv[15]; + memcpy(iv, tmp, AES_BLOCK_SIZE); + ibuf += AES_BLOCK_SIZE; + obuf += AES_BLOCK_SIZE; + } +#endif + return EXIT_SUCCESS; +} + +AES_RETURN aes_cfb_encrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, aes_encrypt_ctx ctx[1]) +{ int cnt = 0, b_pos = (int)ctx->inf.b[2], nb; + + if(b_pos) /* complete any partial block */ + { + while(b_pos < AES_BLOCK_SIZE && cnt < len) + *obuf++ = iv[b_pos++] ^= *ibuf++, cnt++; + + b_pos = (b_pos == AES_BLOCK_SIZE ? 0 : b_pos); + } + + if((nb = (len - cnt) >> 4) != 0) /* process whole blocks */ + { +#if defined( USE_VIA_ACE_IF_PRESENT ) + + if(ctx->inf.b[1] == 0xff) + { int m; + uint_8t *ksp = (uint_8t*)(ctx->ks), *ivp = iv; + aligned_auto(uint_8t, liv, AES_BLOCK_SIZE, 16); + via_cwd(cwd, hybrid, enc, 2 * ctx->inf.b[0] - 192); + + if(ALIGN_OFFSET( ctx, 16 )) + return EXIT_FAILURE; + + if(ALIGN_OFFSET( iv, 16 )) /* ensure an aligned iv */ + { + ivp = liv; + memcpy(liv, iv, AES_BLOCK_SIZE); + } + + if(!ALIGN_OFFSET( ibuf, 16 ) && !ALIGN_OFFSET( obuf, 16 )) + { + via_cfb_op7(ksp, cwd, ibuf, obuf, nb, ivp, ivp); + ibuf += nb * AES_BLOCK_SIZE; + obuf += nb * AES_BLOCK_SIZE; + cnt += nb * AES_BLOCK_SIZE; + } + else /* input, output or both are unaligned */ + { aligned_auto(uint_8t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16); + uint_8t *ip, *op; + + while(nb) + { + m = (nb > BFR_BLOCKS ? BFR_BLOCKS : nb), nb -= m; + + ip = (ALIGN_OFFSET( ibuf, 16 ) ? buf : ibuf); + op = (ALIGN_OFFSET( obuf, 16 ) ? buf : obuf); + + if(ip != ibuf) + memcpy(buf, ibuf, m * AES_BLOCK_SIZE); + + via_cfb_op7(ksp, cwd, ip, op, m, ivp, ivp); + + if(op != obuf) + memcpy(obuf, buf, m * AES_BLOCK_SIZE); + + ibuf += m * AES_BLOCK_SIZE; + obuf += m * AES_BLOCK_SIZE; + cnt += m * AES_BLOCK_SIZE; + } + } + + if(ivp != iv) + memcpy(iv, ivp, AES_BLOCK_SIZE); + } +#else +# ifdef FAST_BUFFER_OPERATIONS + if(!ALIGN_OFFSET( ibuf, 4 ) && !ALIGN_OFFSET( obuf, 4 ) && !ALIGN_OFFSET( iv, 4 )) + while(cnt + AES_BLOCK_SIZE <= len) + { + assert(b_pos == 0); + if(aes_encrypt(iv, iv, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + lp32(obuf)[0] = lp32(iv)[0] ^= lp32(ibuf)[0]; + lp32(obuf)[1] = lp32(iv)[1] ^= lp32(ibuf)[1]; + lp32(obuf)[2] = lp32(iv)[2] ^= lp32(ibuf)[2]; + lp32(obuf)[3] = lp32(iv)[3] ^= lp32(ibuf)[3]; + ibuf += AES_BLOCK_SIZE; + obuf += AES_BLOCK_SIZE; + cnt += AES_BLOCK_SIZE; + } + else +# endif + while(cnt + AES_BLOCK_SIZE <= len) + { + assert(b_pos == 0); + if(aes_encrypt(iv, iv, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + obuf[ 0] = iv[ 0] ^= ibuf[ 0]; obuf[ 1] = iv[ 1] ^= ibuf[ 1]; + obuf[ 2] = iv[ 2] ^= ibuf[ 2]; obuf[ 3] = iv[ 3] ^= ibuf[ 3]; + obuf[ 4] = iv[ 4] ^= ibuf[ 4]; obuf[ 5] = iv[ 5] ^= ibuf[ 5]; + obuf[ 6] = iv[ 6] ^= ibuf[ 6]; obuf[ 7] = iv[ 7] ^= ibuf[ 7]; + obuf[ 8] = iv[ 8] ^= ibuf[ 8]; obuf[ 9] = iv[ 9] ^= ibuf[ 9]; + obuf[10] = iv[10] ^= ibuf[10]; obuf[11] = iv[11] ^= ibuf[11]; + obuf[12] = iv[12] ^= ibuf[12]; obuf[13] = iv[13] ^= ibuf[13]; + obuf[14] = iv[14] ^= ibuf[14]; obuf[15] = iv[15] ^= ibuf[15]; + ibuf += AES_BLOCK_SIZE; + obuf += AES_BLOCK_SIZE; + cnt += AES_BLOCK_SIZE; + } +#endif + } + + while(cnt < len) + { + if(!b_pos && aes_encrypt(iv, iv, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + + while(cnt < len && b_pos < AES_BLOCK_SIZE) + *obuf++ = iv[b_pos++] ^= *ibuf++, cnt++; + + b_pos = (b_pos == AES_BLOCK_SIZE ? 0 : b_pos); + } + + ctx->inf.b[2] = b_pos; + return EXIT_SUCCESS; +} + +AES_RETURN aes_cfb_decrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, aes_encrypt_ctx ctx[1]) +{ int cnt = 0, b_pos = (int)ctx->inf.b[2], nb; + + if(b_pos) /* complete any partial block */ + { uint_8t t; + + while(b_pos < AES_BLOCK_SIZE && cnt < len) + t = *ibuf++, *obuf++ = t ^ iv[b_pos], iv[b_pos++] = t, cnt++; + + b_pos = (b_pos == AES_BLOCK_SIZE ? 0 : b_pos); + } + + if((nb = (len - cnt) >> 4) != 0) /* process whole blocks */ + { +#if defined( USE_VIA_ACE_IF_PRESENT ) + + if(ctx->inf.b[1] == 0xff) + { int m; + uint_8t *ksp = (uint_8t*)(ctx->ks), *ivp = iv; + aligned_auto(uint_8t, liv, AES_BLOCK_SIZE, 16); + via_cwd(cwd, hybrid, dec, 2 * ctx->inf.b[0] - 192); + + if(ALIGN_OFFSET( ctx, 16 )) + return EXIT_FAILURE; + + if(ALIGN_OFFSET( iv, 16 )) /* ensure an aligned iv */ + { + ivp = liv; + memcpy(liv, iv, AES_BLOCK_SIZE); + } + + if(!ALIGN_OFFSET( ibuf, 16 ) && !ALIGN_OFFSET( obuf, 16 )) + { + via_cfb_op6(ksp, cwd, ibuf, obuf, nb, ivp); + ibuf += nb * AES_BLOCK_SIZE; + obuf += nb * AES_BLOCK_SIZE; + cnt += nb * AES_BLOCK_SIZE; + } + else /* input, output or both are unaligned */ + { aligned_auto(uint_8t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16); + uint_8t *ip, *op; + + while(nb) + { + m = (nb > BFR_BLOCKS ? BFR_BLOCKS : nb), nb -= m; + + ip = (ALIGN_OFFSET( ibuf, 16 ) ? buf : ibuf); + op = (ALIGN_OFFSET( obuf, 16 ) ? buf : obuf); + + if(ip != ibuf) /* input buffer is not aligned */ + memcpy(buf, ibuf, m * AES_BLOCK_SIZE); + + via_cfb_op6(ksp, cwd, ip, op, m, ivp); + + if(op != obuf) /* output buffer is not aligned */ + memcpy(obuf, buf, m * AES_BLOCK_SIZE); + + ibuf += m * AES_BLOCK_SIZE; + obuf += m * AES_BLOCK_SIZE; + cnt += m * AES_BLOCK_SIZE; + } + } + + if(ivp != iv) + memcpy(iv, ivp, AES_BLOCK_SIZE); + } +#else +# ifdef FAST_BUFFER_OPERATIONS + if(!ALIGN_OFFSET( ibuf, 4 ) && !ALIGN_OFFSET( obuf, 4 ) &&!ALIGN_OFFSET( iv, 4 )) + while(cnt + AES_BLOCK_SIZE <= len) + { uint_32t t; + + assert(b_pos == 0); + if(aes_encrypt(iv, iv, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + t = lp32(ibuf)[0], lp32(obuf)[0] = t ^ lp32(iv)[0], lp32(iv)[0] = t; + t = lp32(ibuf)[1], lp32(obuf)[1] = t ^ lp32(iv)[1], lp32(iv)[1] = t; + t = lp32(ibuf)[2], lp32(obuf)[2] = t ^ lp32(iv)[2], lp32(iv)[2] = t; + t = lp32(ibuf)[3], lp32(obuf)[3] = t ^ lp32(iv)[3], lp32(iv)[3] = t; + ibuf += AES_BLOCK_SIZE; + obuf += AES_BLOCK_SIZE; + cnt += AES_BLOCK_SIZE; + } + else +# endif + while(cnt + AES_BLOCK_SIZE <= len) + { uint_8t t; + + assert(b_pos == 0); + if(aes_encrypt(iv, iv, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + t = ibuf[ 0], obuf[ 0] = t ^ iv[ 0], iv[ 0] = t; + t = ibuf[ 1], obuf[ 1] = t ^ iv[ 1], iv[ 1] = t; + t = ibuf[ 2], obuf[ 2] = t ^ iv[ 2], iv[ 2] = t; + t = ibuf[ 3], obuf[ 3] = t ^ iv[ 3], iv[ 3] = t; + t = ibuf[ 4], obuf[ 4] = t ^ iv[ 4], iv[ 4] = t; + t = ibuf[ 5], obuf[ 5] = t ^ iv[ 5], iv[ 5] = t; + t = ibuf[ 6], obuf[ 6] = t ^ iv[ 6], iv[ 6] = t; + t = ibuf[ 7], obuf[ 7] = t ^ iv[ 7], iv[ 7] = t; + t = ibuf[ 8], obuf[ 8] = t ^ iv[ 8], iv[ 8] = t; + t = ibuf[ 9], obuf[ 9] = t ^ iv[ 9], iv[ 9] = t; + t = ibuf[10], obuf[10] = t ^ iv[10], iv[10] = t; + t = ibuf[11], obuf[11] = t ^ iv[11], iv[11] = t; + t = ibuf[12], obuf[12] = t ^ iv[12], iv[12] = t; + t = ibuf[13], obuf[13] = t ^ iv[13], iv[13] = t; + t = ibuf[14], obuf[14] = t ^ iv[14], iv[14] = t; + t = ibuf[15], obuf[15] = t ^ iv[15], iv[15] = t; + ibuf += AES_BLOCK_SIZE; + obuf += AES_BLOCK_SIZE; + cnt += AES_BLOCK_SIZE; + } +#endif + } + + while(cnt < len) + { uint_8t t; + + if(!b_pos && aes_encrypt(iv, iv, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + + while(cnt < len && b_pos < AES_BLOCK_SIZE) + t = *ibuf++, *obuf++ = t ^ iv[b_pos], iv[b_pos++] = t, cnt++; + + b_pos = (b_pos == AES_BLOCK_SIZE ? 0 : b_pos); + } + + ctx->inf.b[2] = b_pos; + return EXIT_SUCCESS; +} + +AES_RETURN aes_ofb_crypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, aes_encrypt_ctx ctx[1]) +{ int cnt = 0, b_pos = (int)ctx->inf.b[2], nb; + + if(b_pos) /* complete any partial block */ + { + while(b_pos < AES_BLOCK_SIZE && cnt < len) + *obuf++ = iv[b_pos++] ^ *ibuf++, cnt++; + + b_pos = (b_pos == AES_BLOCK_SIZE ? 0 : b_pos); + } + + if((nb = (len - cnt) >> 4) != 0) /* process whole blocks */ + { +#if defined( USE_VIA_ACE_IF_PRESENT ) + + if(ctx->inf.b[1] == 0xff) + { int m; + uint_8t *ksp = (uint_8t*)(ctx->ks), *ivp = iv; + aligned_auto(uint_8t, liv, AES_BLOCK_SIZE, 16); + via_cwd(cwd, hybrid, enc, 2 * ctx->inf.b[0] - 192); + + if(ALIGN_OFFSET( ctx, 16 )) + return EXIT_FAILURE; + + if(ALIGN_OFFSET( iv, 16 )) /* ensure an aligned iv */ + { + ivp = liv; + memcpy(liv, iv, AES_BLOCK_SIZE); + } + + if(!ALIGN_OFFSET( ibuf, 16 ) && !ALIGN_OFFSET( obuf, 16 )) + { + via_ofb_op6(ksp, cwd, ibuf, obuf, nb, ivp); + ibuf += nb * AES_BLOCK_SIZE; + obuf += nb * AES_BLOCK_SIZE; + cnt += nb * AES_BLOCK_SIZE; + } + else /* input, output or both are unaligned */ + { aligned_auto(uint_8t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16); + uint_8t *ip, *op; + + while(nb) + { + m = (nb > BFR_BLOCKS ? BFR_BLOCKS : nb), nb -= m; + + ip = (ALIGN_OFFSET( ibuf, 16 ) ? buf : ibuf); + op = (ALIGN_OFFSET( obuf, 16 ) ? buf : obuf); + + if(ip != ibuf) + memcpy(buf, ibuf, m * AES_BLOCK_SIZE); + + via_ofb_op6(ksp, cwd, ip, op, m, ivp); + + if(op != obuf) + memcpy(obuf, buf, m * AES_BLOCK_SIZE); + + ibuf += m * AES_BLOCK_SIZE; + obuf += m * AES_BLOCK_SIZE; + cnt += m * AES_BLOCK_SIZE; + } + } + + if(ivp != iv) + memcpy(iv, ivp, AES_BLOCK_SIZE); + } +#else +# ifdef FAST_BUFFER_OPERATIONS + if(!ALIGN_OFFSET( ibuf, 4 ) && !ALIGN_OFFSET( obuf, 4 ) && !ALIGN_OFFSET( iv, 4 )) + while(cnt + AES_BLOCK_SIZE <= len) + { + assert(b_pos == 0); + if(aes_encrypt(iv, iv, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + lp32(obuf)[0] = lp32(iv)[0] ^ lp32(ibuf)[0]; + lp32(obuf)[1] = lp32(iv)[1] ^ lp32(ibuf)[1]; + lp32(obuf)[2] = lp32(iv)[2] ^ lp32(ibuf)[2]; + lp32(obuf)[3] = lp32(iv)[3] ^ lp32(ibuf)[3]; + ibuf += AES_BLOCK_SIZE; + obuf += AES_BLOCK_SIZE; + cnt += AES_BLOCK_SIZE; + } + else +# endif + while(cnt + AES_BLOCK_SIZE <= len) + { + assert(b_pos == 0); + if(aes_encrypt(iv, iv, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + obuf[ 0] = iv[ 0] ^ ibuf[ 0]; obuf[ 1] = iv[ 1] ^ ibuf[ 1]; + obuf[ 2] = iv[ 2] ^ ibuf[ 2]; obuf[ 3] = iv[ 3] ^ ibuf[ 3]; + obuf[ 4] = iv[ 4] ^ ibuf[ 4]; obuf[ 5] = iv[ 5] ^ ibuf[ 5]; + obuf[ 6] = iv[ 6] ^ ibuf[ 6]; obuf[ 7] = iv[ 7] ^ ibuf[ 7]; + obuf[ 8] = iv[ 8] ^ ibuf[ 8]; obuf[ 9] = iv[ 9] ^ ibuf[ 9]; + obuf[10] = iv[10] ^ ibuf[10]; obuf[11] = iv[11] ^ ibuf[11]; + obuf[12] = iv[12] ^ ibuf[12]; obuf[13] = iv[13] ^ ibuf[13]; + obuf[14] = iv[14] ^ ibuf[14]; obuf[15] = iv[15] ^ ibuf[15]; + ibuf += AES_BLOCK_SIZE; + obuf += AES_BLOCK_SIZE; + cnt += AES_BLOCK_SIZE; + } +#endif + } + + while(cnt < len) + { + if(!b_pos && aes_encrypt(iv, iv, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + + while(cnt < len && b_pos < AES_BLOCK_SIZE) + *obuf++ = iv[b_pos++] ^ *ibuf++, cnt++; + + b_pos = (b_pos == AES_BLOCK_SIZE ? 0 : b_pos); + } + + ctx->inf.b[2] = b_pos; + return EXIT_SUCCESS; +} + +#define BFR_LENGTH (BFR_BLOCKS * AES_BLOCK_SIZE) + +AES_RETURN aes_ctr_crypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *cbuf, cbuf_inc ctr_inc, aes_encrypt_ctx ctx[1]) +{ uint_8t *ip; + int i, blen, b_pos = (int)(ctx->inf.b[2]); + +#if defined( USE_VIA_ACE_IF_PRESENT ) + aligned_auto(uint_8t, buf, BFR_LENGTH, 16); + if(ctx->inf.b[1] == 0xff && ALIGN_OFFSET( ctx, 16 )) + return EXIT_FAILURE; +#else + uint_8t buf[BFR_LENGTH]; +#endif + + if(b_pos) + { + memcpy(buf, cbuf, AES_BLOCK_SIZE); + if(aes_ecb_encrypt(buf, buf, AES_BLOCK_SIZE, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + while(b_pos < AES_BLOCK_SIZE && len) + *obuf++ = *ibuf++ ^ buf[b_pos++], --len; + if(len) + ctr_inc(cbuf), b_pos = 0; + } + + while(len) + { + blen = (len > BFR_LENGTH ? BFR_LENGTH : len), len -= blen; + + for(i = 0, ip = buf; i < (blen >> 4); ++i) + { + memcpy(ip, cbuf, AES_BLOCK_SIZE); + ctr_inc(cbuf); + ip += AES_BLOCK_SIZE; + } + + if(blen & (AES_BLOCK_SIZE - 1)) + memcpy(ip, cbuf, AES_BLOCK_SIZE), i++; + +#if defined( USE_VIA_ACE_IF_PRESENT ) + if(ctx->inf.b[1] == 0xff) + { + via_cwd(cwd, hybrid, enc, 2 * ctx->inf.b[0] - 192); + via_ecb_op5((ctx->ks),cwd,buf,buf,i); + } + else +#endif + if(aes_ecb_encrypt(buf, buf, i * AES_BLOCK_SIZE, ctx) != EXIT_SUCCESS) + return EXIT_FAILURE; + + i = 0; ip = buf; +# ifdef FAST_BUFFER_OPERATIONS + if(!ALIGN_OFFSET( ibuf, 4 ) && !ALIGN_OFFSET( obuf, 4 ) && !ALIGN_OFFSET( ip, 4 )) + while(i + AES_BLOCK_SIZE <= blen) + { + lp32(obuf)[0] = lp32(ibuf)[0] ^ lp32(ip)[0]; + lp32(obuf)[1] = lp32(ibuf)[1] ^ lp32(ip)[1]; + lp32(obuf)[2] = lp32(ibuf)[2] ^ lp32(ip)[2]; + lp32(obuf)[3] = lp32(ibuf)[3] ^ lp32(ip)[3]; + i += AES_BLOCK_SIZE; + ip += AES_BLOCK_SIZE; + ibuf += AES_BLOCK_SIZE; + obuf += AES_BLOCK_SIZE; + } + else +#endif + while(i + AES_BLOCK_SIZE <= blen) + { + obuf[ 0] = ibuf[ 0] ^ ip[ 0]; obuf[ 1] = ibuf[ 1] ^ ip[ 1]; + obuf[ 2] = ibuf[ 2] ^ ip[ 2]; obuf[ 3] = ibuf[ 3] ^ ip[ 3]; + obuf[ 4] = ibuf[ 4] ^ ip[ 4]; obuf[ 5] = ibuf[ 5] ^ ip[ 5]; + obuf[ 6] = ibuf[ 6] ^ ip[ 6]; obuf[ 7] = ibuf[ 7] ^ ip[ 7]; + obuf[ 8] = ibuf[ 8] ^ ip[ 8]; obuf[ 9] = ibuf[ 9] ^ ip[ 9]; + obuf[10] = ibuf[10] ^ ip[10]; obuf[11] = ibuf[11] ^ ip[11]; + obuf[12] = ibuf[12] ^ ip[12]; obuf[13] = ibuf[13] ^ ip[13]; + obuf[14] = ibuf[14] ^ ip[14]; obuf[15] = ibuf[15] ^ ip[15]; + i += AES_BLOCK_SIZE; + ip += AES_BLOCK_SIZE; + ibuf += AES_BLOCK_SIZE; + obuf += AES_BLOCK_SIZE; + } + + while(i++ < blen) + *obuf++ = *ibuf++ ^ ip[b_pos++]; + } + + ctx->inf.b[2] = b_pos; + return EXIT_SUCCESS; +} + +#if defined(__cplusplus) +} +#endif +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aesopt.h pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aesopt.h --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aesopt.h 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aesopt.h 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,746 @@ +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 + + This file contains the compilation options for AES (Rijndael) and code + that is common across encryption, key scheduling and table generation. + + OPERATION + + These source code files implement the AES algorithm Rijndael designed by + Joan Daemen and Vincent Rijmen. This version is designed for the standard + block size of 16 bytes and for key sizes of 128, 192 and 256 bits (16, 24 + and 32 bytes). + + This version is designed for flexibility and speed using operations on + 32-bit words rather than operations on bytes. It can be compiled with + either big or little endian internal byte order but is faster when the + native byte order for the processor is used. + + THE CIPHER INTERFACE + + The cipher interface is implemented as an array of bytes in which lower + AES bit sequence indexes map to higher numeric significance within bytes. + + uint_8t (an unsigned 8-bit type) + uint_32t (an unsigned 32-bit type) + struct aes_encrypt_ctx (structure for the cipher encryption context) + struct aes_decrypt_ctx (structure for the cipher decryption context) + AES_RETURN the function return type + + C subroutine calls: + + AES_RETURN aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1]); + AES_RETURN aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1]); + AES_RETURN aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1]); + AES_RETURN aes_encrypt(const unsigned char *in, unsigned char *out, + const aes_encrypt_ctx cx[1]); + + AES_RETURN aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1]); + AES_RETURN aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1]); + AES_RETURN aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1]); + AES_RETURN aes_decrypt(const unsigned char *in, unsigned char *out, + const aes_decrypt_ctx cx[1]); + + IMPORTANT NOTE: If you are using this C interface with dynamic tables make sure that + you call aes_init() before AES is used so that the tables are initialised. + + C++ aes class subroutines: + + Class AESencrypt for encryption + + Construtors: + AESencrypt(void) + AESencrypt(const unsigned char *key) - 128 bit key + Members: + AES_RETURN key128(const unsigned char *key) + AES_RETURN key192(const unsigned char *key) + AES_RETURN key256(const unsigned char *key) + AES_RETURN encrypt(const unsigned char *in, unsigned char *out) const + + Class AESdecrypt for encryption + Construtors: + AESdecrypt(void) + AESdecrypt(const unsigned char *key) - 128 bit key + Members: + AES_RETURN key128(const unsigned char *key) + AES_RETURN key192(const unsigned char *key) + AES_RETURN key256(const unsigned char *key) + AES_RETURN decrypt(const unsigned char *in, unsigned char *out) const +*/ + +#if !defined( _AESOPT_H ) +#define _AESOPT_H + +#if defined( __cplusplus ) +#include "aescpp.h" +#else +#include "aes.h" +#endif + +/* PLATFORM SPECIFIC INCLUDES */ + +#include "brg_endian.h" + +/* CONFIGURATION - THE USE OF DEFINES + + Later in this section there are a number of defines that control the + operation of the code. In each section, the purpose of each define is + explained so that the relevant form can be included or excluded by + setting either 1's or 0's respectively on the branches of the related + #if clauses. The following local defines should not be changed. +*/ + +#define ENCRYPTION_IN_C 1 +#define DECRYPTION_IN_C 2 +#define ENC_KEYING_IN_C 4 +#define DEC_KEYING_IN_C 8 + +#define NO_TABLES 0 +#define ONE_TABLE 1 +#define FOUR_TABLES 4 +#define NONE 0 +#define PARTIAL 1 +#define FULL 2 + +/* --- START OF USER CONFIGURED OPTIONS --- */ + +/* 1. BYTE ORDER WITHIN 32 BIT WORDS + + The fundamental data processing units in Rijndael are 8-bit bytes. The + input, output and key input are all enumerated arrays of bytes in which + bytes are numbered starting at zero and increasing to one less than the + number of bytes in the array in question. This enumeration is only used + for naming bytes and does not imply any adjacency or order relationship + from one byte to another. When these inputs and outputs are considered + as bit sequences, bits 8*n to 8*n+7 of the bit sequence are mapped to + byte[n] with bit 8n+i in the sequence mapped to bit 7-i within the byte. + In this implementation bits are numbered from 0 to 7 starting at the + numerically least significant end of each byte (bit n represents 2^n). + + However, Rijndael can be implemented more efficiently using 32-bit + words by packing bytes into words so that bytes 4*n to 4*n+3 are placed + into word[n]. While in principle these bytes can be assembled into words + in any positions, this implementation only supports the two formats in + which bytes in adjacent positions within words also have adjacent byte + numbers. This order is called big-endian if the lowest numbered bytes + in words have the highest numeric significance and little-endian if the + opposite applies. + + This code can work in either order irrespective of the order used by the + machine on which it runs. Normally the internal byte order will be set + to the order of the processor on which the code is to be run but this + define can be used to reverse this in special situations + + WARNING: Assembler code versions rely on PLATFORM_BYTE_ORDER being set. + This define will hence be redefined later (in section 4) if necessary +*/ + +#if 1 +# define ALGORITHM_BYTE_ORDER PLATFORM_BYTE_ORDER +#elif 0 +# define ALGORITHM_BYTE_ORDER IS_LITTLE_ENDIAN +#elif 0 +# define ALGORITHM_BYTE_ORDER IS_BIG_ENDIAN +#else +# error The algorithm byte order is not defined +#endif + +/* 2. VIA ACE SUPPORT */ + +#if defined( __GNUC__ ) && defined( __i386__ ) \ + || defined( _WIN32 ) && defined( _M_IX86 ) \ + && !(defined( _WIN64 ) || defined( _WIN32_WCE ) || defined( _MSC_VER ) && ( _MSC_VER <= 800 )) +# define VIA_ACE_POSSIBLE +#endif + +/* Define this option if support for the VIA ACE is required. This uses + inline assembler instructions and is only implemented for the Microsoft, + Intel and GCC compilers. If VIA ACE is known to be present, then defining + ASSUME_VIA_ACE_PRESENT will remove the ordinary encryption/decryption + code. If USE_VIA_ACE_IF_PRESENT is defined then VIA ACE will be used if + it is detected (both present and enabled) but the normal AES code will + also be present. + + When VIA ACE is to be used, all AES encryption contexts MUST be 16 byte + aligned; other input/output buffers do not need to be 16 byte aligned + but there are very large performance gains if this can be arranged. + VIA ACE also requires the decryption key schedule to be in reverse + order (which later checks below ensure). +*/ + +#if 0 && defined( VIA_ACE_POSSIBLE ) && !defined( USE_VIA_ACE_IF_PRESENT ) +# define USE_VIA_ACE_IF_PRESENT +#endif + +#if 0 && defined( VIA_ACE_POSSIBLE ) && !defined( ASSUME_VIA_ACE_PRESENT ) +# define ASSUME_VIA_ACE_PRESENT +# endif + +/* 3. ASSEMBLER SUPPORT + + This define (which can be on the command line) enables the use of the + assembler code routines for encryption, decryption and key scheduling + as follows: + + ASM_X86_V1C uses the assembler (aes_x86_v1.asm) with large tables for + encryption and decryption and but with key scheduling in C + ASM_X86_V2 uses assembler (aes_x86_v2.asm) with compressed tables for + encryption, decryption and key scheduling + ASM_X86_V2C uses assembler (aes_x86_v2.asm) with compressed tables for + encryption and decryption and but with key scheduling in C + ASM_AMD64_C uses assembler (aes_amd64.asm) with compressed tables for + encryption and decryption and but with key scheduling in C + + Change one 'if 0' below to 'if 1' to select the version or define + as a compilation option. +*/ + +#if 0 && !defined( ASM_X86_V1C ) +# define ASM_X86_V1C +#elif 0 && !defined( ASM_X86_V2 ) +# define ASM_X86_V2 +#elif 0 && !defined( ASM_X86_V2C ) +# define ASM_X86_V2C +#elif 0 && !defined( ASM_AMD64_C ) +# define ASM_AMD64_C +#endif + +#if (defined ( ASM_X86_V1C ) || defined( ASM_X86_V2 ) || defined( ASM_X86_V2C )) \ + && !defined( _M_IX86 ) || defined( ASM_AMD64_C ) && !defined( _M_X64 ) +# error Assembler code is only available for x86 and AMD64 systems +#endif + +/* 4. FAST INPUT/OUTPUT OPERATIONS. + + On some machines it is possible to improve speed by transferring the + bytes in the input and output arrays to and from the internal 32-bit + variables by addressing these arrays as if they are arrays of 32-bit + words. On some machines this will always be possible but there may + be a large performance penalty if the byte arrays are not aligned on + the normal word boundaries. On other machines this technique will + lead to memory access errors when such 32-bit word accesses are not + properly aligned. The option SAFE_IO avoids such problems but will + often be slower on those machines that support misaligned access + (especially so if care is taken to align the input and output byte + arrays on 32-bit word boundaries). If SAFE_IO is not defined it is + assumed that access to byte arrays as if they are arrays of 32-bit + words will not cause problems when such accesses are misaligned. +*/ +#if 1 && !defined( _MSC_VER ) +# define SAFE_IO +#endif + +/* 5. LOOP UNROLLING + + The code for encryption and decrytpion cycles through a number of rounds + that can be implemented either in a loop or by expanding the code into a + long sequence of instructions, the latter producing a larger program but + one that will often be much faster. The latter is called loop unrolling. + There are also potential speed advantages in expanding two iterations in + a loop with half the number of iterations, which is called partial loop + unrolling. The following options allow partial or full loop unrolling + to be set independently for encryption and decryption +*/ +#if 1 +# define ENC_UNROLL FULL +#elif 0 +# define ENC_UNROLL PARTIAL +#else +# define ENC_UNROLL NONE +#endif + +#if 1 +# define DEC_UNROLL FULL +#elif 0 +# define DEC_UNROLL PARTIAL +#else +# define DEC_UNROLL NONE +#endif + +#if 1 +# define ENC_KS_UNROLL +#endif + +#if 1 +# define DEC_KS_UNROLL +#endif + +/* 6. FAST FINITE FIELD OPERATIONS + + If this section is included, tables are used to provide faster finite + field arithmetic (this has no effect if FIXED_TABLES is defined). +*/ +#if 1 +# define FF_TABLES +#endif + +/* 7. INTERNAL STATE VARIABLE FORMAT + + The internal state of Rijndael is stored in a number of local 32-bit + word varaibles which can be defined either as an array or as individual + names variables. Include this section if you want to store these local + varaibles in arrays. Otherwise individual local variables will be used. +*/ +#if 1 +# define ARRAYS +#endif + +/* 8. FIXED OR DYNAMIC TABLES + + When this section is included the tables used by the code are compiled + statically into the binary file. Otherwise the subroutine aes_init() + must be called to compute them before the code is first used. +*/ +#if 1 && !(defined( _MSC_VER ) && ( _MSC_VER <= 800 )) +# define FIXED_TABLES +#endif + +/* 9. MASKING OR CASTING FROM LONGER VALUES TO BYTES + + In some systems it is better to mask longer values to extract bytes + rather than using a cast. This option allows this choice. +*/ +#if 0 +# define to_byte(x) ((uint_8t)(x)) +#else +# define to_byte(x) ((x) & 0xff) +#endif + +/* 10. TABLE ALIGNMENT + + On some sytsems speed will be improved by aligning the AES large lookup + tables on particular boundaries. This define should be set to a power of + two giving the desired alignment. It can be left undefined if alignment + is not needed. This option is specific to the Microsft VC++ compiler - + it seems to sometimes cause trouble for the VC++ version 6 compiler. +*/ + +#if 1 && defined( _MSC_VER ) && ( _MSC_VER >= 1300 ) +# define TABLE_ALIGN 32 +#endif + +/* 11. REDUCE CODE AND TABLE SIZE + + This replaces some expanded macros with function calls if AES_ASM_V2 or + AES_ASM_V2C are defined +*/ + +#if 1 && (defined( ASM_X86_V2 ) || defined( ASM_X86_V2C )) +# define REDUCE_CODE_SIZE +#endif + +/* 12. TABLE OPTIONS + + This cipher proceeds by repeating in a number of cycles known as 'rounds' + which are implemented by a round function which can optionally be speeded + up using tables. The basic tables are each 256 32-bit words, with either + one or four tables being required for each round function depending on + how much speed is required. The encryption and decryption round functions + are different and the last encryption and decrytpion round functions are + different again making four different round functions in all. + + This means that: + 1. Normal encryption and decryption rounds can each use either 0, 1 + or 4 tables and table spaces of 0, 1024 or 4096 bytes each. + 2. The last encryption and decryption rounds can also use either 0, 1 + or 4 tables and table spaces of 0, 1024 or 4096 bytes each. + + Include or exclude the appropriate definitions below to set the number + of tables used by this implementation. +*/ + +#if 1 /* set tables for the normal encryption round */ +# define ENC_ROUND FOUR_TABLES +#elif 0 +# define ENC_ROUND ONE_TABLE +#else +# define ENC_ROUND NO_TABLES +#endif + +#if 1 /* set tables for the last encryption round */ +# define LAST_ENC_ROUND FOUR_TABLES +#elif 0 +# define LAST_ENC_ROUND ONE_TABLE +#else +# define LAST_ENC_ROUND NO_TABLES +#endif + +#if 1 /* set tables for the normal decryption round */ +# define DEC_ROUND FOUR_TABLES +#elif 0 +# define DEC_ROUND ONE_TABLE +#else +# define DEC_ROUND NO_TABLES +#endif + +#if 1 /* set tables for the last decryption round */ +# define LAST_DEC_ROUND FOUR_TABLES +#elif 0 +# define LAST_DEC_ROUND ONE_TABLE +#else +# define LAST_DEC_ROUND NO_TABLES +#endif + +/* The decryption key schedule can be speeded up with tables in the same + way that the round functions can. Include or exclude the following + defines to set this requirement. +*/ +#if 1 +# define KEY_SCHED FOUR_TABLES +#elif 0 +# define KEY_SCHED ONE_TABLE +#else +# define KEY_SCHED NO_TABLES +#endif + +/* ---- END OF USER CONFIGURED OPTIONS ---- */ + +/* VIA ACE support is only available for VC++ and GCC */ + +#if !defined( _MSC_VER ) && !defined( __GNUC__ ) +# if defined( ASSUME_VIA_ACE_PRESENT ) +# undef ASSUME_VIA_ACE_PRESENT +# endif +# if defined( USE_VIA_ACE_IF_PRESENT ) +# undef USE_VIA_ACE_IF_PRESENT +# endif +#endif + +#if defined( ASSUME_VIA_ACE_PRESENT ) && !defined( USE_VIA_ACE_IF_PRESENT ) +# define USE_VIA_ACE_IF_PRESENT +#endif + +#if defined( USE_VIA_ACE_IF_PRESENT ) && !defined ( AES_REV_DKS ) +# define AES_REV_DKS +#endif + +/* Assembler support requires the use of platform byte order */ + +#if ( defined( ASM_X86_V1C ) || defined( ASM_X86_V2C ) || defined( ASM_AMD64_C ) ) \ + && (ALGORITHM_BYTE_ORDER != PLATFORM_BYTE_ORDER) +# undef ALGORITHM_BYTE_ORDER +# define ALGORITHM_BYTE_ORDER PLATFORM_BYTE_ORDER +#endif + +/* In this implementation the columns of the state array are each held in + 32-bit words. The state array can be held in various ways: in an array + of words, in a number of individual word variables or in a number of + processor registers. The following define maps a variable name x and + a column number c to the way the state array variable is to be held. + The first define below maps the state into an array x[c] whereas the + second form maps the state into a number of individual variables x0, + x1, etc. Another form could map individual state colums to machine + register names. +*/ + +#if defined( ARRAYS ) +# define s(x,c) x[c] +#else +# define s(x,c) x##c +#endif + +/* This implementation provides subroutines for encryption, decryption + and for setting the three key lengths (separately) for encryption + and decryption. Since not all functions are needed, masks are set + up here to determine which will be implemented in C +*/ + +#if !defined( AES_ENCRYPT ) +# define EFUNCS_IN_C 0 +#elif defined( ASSUME_VIA_ACE_PRESENT ) || defined( ASM_X86_V1C ) \ + || defined( ASM_X86_V2C ) || defined( ASM_AMD64_C ) +# define EFUNCS_IN_C ENC_KEYING_IN_C +#elif !defined( ASM_X86_V2 ) +# define EFUNCS_IN_C ( ENCRYPTION_IN_C | ENC_KEYING_IN_C ) +#else +# define EFUNCS_IN_C 0 +#endif + +#if !defined( AES_DECRYPT ) +# define DFUNCS_IN_C 0 +#elif defined( ASSUME_VIA_ACE_PRESENT ) || defined( ASM_X86_V1C ) \ + || defined( ASM_X86_V2C ) || defined( ASM_AMD64_C ) +# define DFUNCS_IN_C DEC_KEYING_IN_C +#elif !defined( ASM_X86_V2 ) +# define DFUNCS_IN_C ( DECRYPTION_IN_C | DEC_KEYING_IN_C ) +#else +# define DFUNCS_IN_C 0 +#endif + +#define FUNCS_IN_C ( EFUNCS_IN_C | DFUNCS_IN_C ) + +/* END OF CONFIGURATION OPTIONS */ + +#define RC_LENGTH (5 * (AES_BLOCK_SIZE / 4 - 2)) + +/* Disable or report errors on some combinations of options */ + +#if ENC_ROUND == NO_TABLES && LAST_ENC_ROUND != NO_TABLES +# undef LAST_ENC_ROUND +# define LAST_ENC_ROUND NO_TABLES +#elif ENC_ROUND == ONE_TABLE && LAST_ENC_ROUND == FOUR_TABLES +# undef LAST_ENC_ROUND +# define LAST_ENC_ROUND ONE_TABLE +#endif + +#if ENC_ROUND == NO_TABLES && ENC_UNROLL != NONE +# undef ENC_UNROLL +# define ENC_UNROLL NONE +#endif + +#if DEC_ROUND == NO_TABLES && LAST_DEC_ROUND != NO_TABLES +# undef LAST_DEC_ROUND +# define LAST_DEC_ROUND NO_TABLES +#elif DEC_ROUND == ONE_TABLE && LAST_DEC_ROUND == FOUR_TABLES +# undef LAST_DEC_ROUND +# define LAST_DEC_ROUND ONE_TABLE +#endif + +#if DEC_ROUND == NO_TABLES && DEC_UNROLL != NONE +# undef DEC_UNROLL +# define DEC_UNROLL NONE +#endif + +#if defined( bswap32 ) +# define aes_sw32 bswap32 +#elif defined( bswap_32 ) +# define aes_sw32 bswap_32 +#else +# define brot(x,n) (((uint_32t)(x) << n) | ((uint_32t)(x) >> (32 - n))) +# define aes_sw32(x) ((brot((x),8) & 0x00ff00ff) | (brot((x),24) & 0xff00ff00)) +#endif + +/* upr(x,n): rotates bytes within words by n positions, moving bytes to + higher index positions with wrap around into low positions + ups(x,n): moves bytes by n positions to higher index positions in + words but without wrap around + bval(x,n): extracts a byte from a word + + WARNING: The definitions given here are intended only for use with + unsigned variables and with shift counts that are compile + time constants +*/ + +#if ( ALGORITHM_BYTE_ORDER == IS_LITTLE_ENDIAN ) +# define upr(x,n) (((uint_32t)(x) << (8 * (n))) | ((uint_32t)(x) >> (32 - 8 * (n)))) +# define ups(x,n) ((uint_32t) (x) << (8 * (n))) +# define bval(x,n) to_byte((x) >> (8 * (n))) +# define bytes2word(b0, b1, b2, b3) \ + (((uint_32t)(b3) << 24) | ((uint_32t)(b2) << 16) | ((uint_32t)(b1) << 8) | (b0)) +#endif + +#if ( ALGORITHM_BYTE_ORDER == IS_BIG_ENDIAN ) +# define upr(x,n) (((uint_32t)(x) >> (8 * (n))) | ((uint_32t)(x) << (32 - 8 * (n)))) +# define ups(x,n) ((uint_32t) (x) >> (8 * (n))) +# define bval(x,n) to_byte((x) >> (24 - 8 * (n))) +# define bytes2word(b0, b1, b2, b3) \ + (((uint_32t)(b0) << 24) | ((uint_32t)(b1) << 16) | ((uint_32t)(b2) << 8) | (b3)) +#endif + +#if defined( SAFE_IO ) +# define word_in(x,c) bytes2word(((const uint_8t*)(x)+4*c)[0], ((const uint_8t*)(x)+4*c)[1], \ + ((const uint_8t*)(x)+4*c)[2], ((const uint_8t*)(x)+4*c)[3]) +# define word_out(x,c,v) { ((uint_8t*)(x)+4*c)[0] = bval(v,0); ((uint_8t*)(x)+4*c)[1] = bval(v,1); \ + ((uint_8t*)(x)+4*c)[2] = bval(v,2); ((uint_8t*)(x)+4*c)[3] = bval(v,3); } +#elif ( ALGORITHM_BYTE_ORDER == PLATFORM_BYTE_ORDER ) +# define word_in(x,c) (*((uint_32t*)(x)+(c))) +# define word_out(x,c,v) (*((uint_32t*)(x)+(c)) = (v)) +#else +# define word_in(x,c) aes_sw32(*((uint_32t*)(x)+(c))) +# define word_out(x,c,v) (*((uint_32t*)(x)+(c)) = aes_sw32(v)) +#endif + +/* the finite field modular polynomial and elements */ + +#define WPOLY 0x011b +#define BPOLY 0x1b + +/* multiply four bytes in GF(2^8) by 'x' {02} in parallel */ + +#define m1 0x80808080 +#define m2 0x7f7f7f7f +#define gf_mulx(x) ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * BPOLY)) + +/* The following defines provide alternative definitions of gf_mulx that might + give improved performance if a fast 32-bit multiply is not available. Note + that a temporary variable u needs to be defined where gf_mulx is used. + +#define gf_mulx(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6)) +#define m4 (0x01010101 * BPOLY) +#define gf_mulx(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4) +*/ + +/* Work out which tables are needed for the different options */ + +#if defined( ASM_X86_V1C ) +# if defined( ENC_ROUND ) +# undef ENC_ROUND +# endif +# define ENC_ROUND FOUR_TABLES +# if defined( LAST_ENC_ROUND ) +# undef LAST_ENC_ROUND +# endif +# define LAST_ENC_ROUND FOUR_TABLES +# if defined( DEC_ROUND ) +# undef DEC_ROUND +# endif +# define DEC_ROUND FOUR_TABLES +# if defined( LAST_DEC_ROUND ) +# undef LAST_DEC_ROUND +# endif +# define LAST_DEC_ROUND FOUR_TABLES +# if defined( KEY_SCHED ) +# undef KEY_SCHED +# define KEY_SCHED FOUR_TABLES +# endif +#endif + +#if ( FUNCS_IN_C & ENCRYPTION_IN_C ) || defined( ASM_X86_V1C ) +# if ENC_ROUND == ONE_TABLE +# define FT1_SET +# elif ENC_ROUND == FOUR_TABLES +# define FT4_SET +# else +# define SBX_SET +# endif +# if LAST_ENC_ROUND == ONE_TABLE +# define FL1_SET +# elif LAST_ENC_ROUND == FOUR_TABLES +# define FL4_SET +# elif !defined( SBX_SET ) +# define SBX_SET +# endif +#endif + +#if ( FUNCS_IN_C & DECRYPTION_IN_C ) || defined( ASM_X86_V1C ) +# if DEC_ROUND == ONE_TABLE +# define IT1_SET +# elif DEC_ROUND == FOUR_TABLES +# define IT4_SET +# else +# define ISB_SET +# endif +# if LAST_DEC_ROUND == ONE_TABLE +# define IL1_SET +# elif LAST_DEC_ROUND == FOUR_TABLES +# define IL4_SET +# elif !defined(ISB_SET) +# define ISB_SET +# endif +#endif + +#if !(defined( REDUCE_CODE_SIZE ) && (defined( ASM_X86_V2 ) || defined( ASM_X86_V2C ))) +# if ((FUNCS_IN_C & ENC_KEYING_IN_C) || (FUNCS_IN_C & DEC_KEYING_IN_C)) +# if KEY_SCHED == ONE_TABLE +# if !defined( FL1_SET ) && !defined( FL4_SET ) +# define LS1_SET +# endif +# elif KEY_SCHED == FOUR_TABLES +# if !defined( FL4_SET ) +# define LS4_SET +# endif +# elif !defined( SBX_SET ) +# define SBX_SET +# endif +# endif +# if (FUNCS_IN_C & DEC_KEYING_IN_C) +# if KEY_SCHED == ONE_TABLE +# define IM1_SET +# elif KEY_SCHED == FOUR_TABLES +# define IM4_SET +# elif !defined( SBX_SET ) +# define SBX_SET +# endif +# endif +#endif + +/* generic definitions of Rijndael macros that use tables */ + +#define no_table(x,box,vf,rf,c) bytes2word( \ + box[bval(vf(x,0,c),rf(0,c))], \ + box[bval(vf(x,1,c),rf(1,c))], \ + box[bval(vf(x,2,c),rf(2,c))], \ + box[bval(vf(x,3,c),rf(3,c))]) + +#define one_table(x,op,tab,vf,rf,c) \ + ( tab[bval(vf(x,0,c),rf(0,c))] \ + ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \ + ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \ + ^ op(tab[bval(vf(x,3,c),rf(3,c))],3)) + +#define four_tables(x,tab,vf,rf,c) \ + ( tab[0][bval(vf(x,0,c),rf(0,c))] \ + ^ tab[1][bval(vf(x,1,c),rf(1,c))] \ + ^ tab[2][bval(vf(x,2,c),rf(2,c))] \ + ^ tab[3][bval(vf(x,3,c),rf(3,c))]) + +#define vf1(x,r,c) (x) +#define rf1(r,c) (r) +#define rf2(r,c) ((8+r-c)&3) + +/* perform forward and inverse column mix operation on four bytes in long word x in */ +/* parallel. NOTE: x must be a simple variable, NOT an expression in these macros. */ + +#if !(defined( REDUCE_CODE_SIZE ) && (defined( ASM_X86_V2 ) || defined( ASM_X86_V2C ))) + +#if defined( FM4_SET ) /* not currently used */ +# define fwd_mcol(x) four_tables(x,t_use(f,m),vf1,rf1,0) +#elif defined( FM1_SET ) /* not currently used */ +# define fwd_mcol(x) one_table(x,upr,t_use(f,m),vf1,rf1,0) +#else +# define dec_fmvars uint_32t g2 +# define fwd_mcol(x) (g2 = gf_mulx(x), g2 ^ upr((x) ^ g2, 3) ^ upr((x), 2) ^ upr((x), 1)) +#endif + +#if defined( IM4_SET ) +# define inv_mcol(x) four_tables(x,t_use(i,m),vf1,rf1,0) +#elif defined( IM1_SET ) +# define inv_mcol(x) one_table(x,upr,t_use(i,m),vf1,rf1,0) +#else +# define dec_imvars uint_32t g2, g4, g9 +# define inv_mcol(x) (g2 = gf_mulx(x), g4 = gf_mulx(g2), g9 = (x) ^ gf_mulx(g4), g4 ^= g9, \ + (x) ^ g2 ^ g4 ^ upr(g2 ^ g9, 3) ^ upr(g4, 2) ^ upr(g9, 1)) +#endif + +#if defined( FL4_SET ) +# define ls_box(x,c) four_tables(x,t_use(f,l),vf1,rf2,c) +#elif defined( LS4_SET ) +# define ls_box(x,c) four_tables(x,t_use(l,s),vf1,rf2,c) +#elif defined( FL1_SET ) +# define ls_box(x,c) one_table(x,upr,t_use(f,l),vf1,rf2,c) +#elif defined( LS1_SET ) +# define ls_box(x,c) one_table(x,upr,t_use(l,s),vf1,rf2,c) +#else +# define ls_box(x,c) no_table(x,t_use(s,box),vf1,rf2,c) +#endif + +#endif + +#if defined( ASM_X86_V1C ) && defined( AES_DECRYPT ) && !defined( ISB_SET ) +# define ISB_SET +#endif + +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aestab.c pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aestab.c --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aestab.c 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aestab.c 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,383 @@ +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 +*/ + +#define DO_TABLES + +#include "aes.h" +#include "aesopt.h" + +#if defined(FIXED_TABLES) + +#define sb_data(w) {\ + w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5),\ + w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76),\ + w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0),\ + w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0),\ + w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc),\ + w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15),\ + w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a),\ + w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75),\ + w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0),\ + w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84),\ + w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b),\ + w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf),\ + w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85),\ + w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8),\ + w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5),\ + w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2),\ + w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17),\ + w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73),\ + w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88),\ + w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb),\ + w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c),\ + w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79),\ + w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9),\ + w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08),\ + w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6),\ + w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a),\ + w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e),\ + w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e),\ + w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94),\ + w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf),\ + w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68),\ + w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16) } + +#define isb_data(w) {\ + w(0x52), w(0x09), w(0x6a), w(0xd5), w(0x30), w(0x36), w(0xa5), w(0x38),\ + w(0xbf), w(0x40), w(0xa3), w(0x9e), w(0x81), w(0xf3), w(0xd7), w(0xfb),\ + w(0x7c), w(0xe3), w(0x39), w(0x82), w(0x9b), w(0x2f), w(0xff), w(0x87),\ + w(0x34), w(0x8e), w(0x43), w(0x44), w(0xc4), w(0xde), w(0xe9), w(0xcb),\ + w(0x54), w(0x7b), w(0x94), w(0x32), w(0xa6), w(0xc2), w(0x23), w(0x3d),\ + w(0xee), w(0x4c), w(0x95), w(0x0b), w(0x42), w(0xfa), w(0xc3), w(0x4e),\ + w(0x08), w(0x2e), w(0xa1), w(0x66), w(0x28), w(0xd9), w(0x24), w(0xb2),\ + w(0x76), w(0x5b), w(0xa2), w(0x49), w(0x6d), w(0x8b), w(0xd1), w(0x25),\ + w(0x72), w(0xf8), w(0xf6), w(0x64), w(0x86), w(0x68), w(0x98), w(0x16),\ + w(0xd4), w(0xa4), w(0x5c), w(0xcc), w(0x5d), w(0x65), w(0xb6), w(0x92),\ + w(0x6c), w(0x70), w(0x48), w(0x50), w(0xfd), w(0xed), w(0xb9), w(0xda),\ + w(0x5e), w(0x15), w(0x46), w(0x57), w(0xa7), w(0x8d), w(0x9d), w(0x84),\ + w(0x90), w(0xd8), w(0xab), w(0x00), w(0x8c), w(0xbc), w(0xd3), w(0x0a),\ + w(0xf7), w(0xe4), w(0x58), w(0x05), w(0xb8), w(0xb3), w(0x45), w(0x06),\ + w(0xd0), w(0x2c), w(0x1e), w(0x8f), w(0xca), w(0x3f), w(0x0f), w(0x02),\ + w(0xc1), w(0xaf), w(0xbd), w(0x03), w(0x01), w(0x13), w(0x8a), w(0x6b),\ + w(0x3a), w(0x91), w(0x11), w(0x41), w(0x4f), w(0x67), w(0xdc), w(0xea),\ + w(0x97), w(0xf2), w(0xcf), w(0xce), w(0xf0), w(0xb4), w(0xe6), w(0x73),\ + w(0x96), w(0xac), w(0x74), w(0x22), w(0xe7), w(0xad), w(0x35), w(0x85),\ + w(0xe2), w(0xf9), w(0x37), w(0xe8), w(0x1c), w(0x75), w(0xdf), w(0x6e),\ + w(0x47), w(0xf1), w(0x1a), w(0x71), w(0x1d), w(0x29), w(0xc5), w(0x89),\ + w(0x6f), w(0xb7), w(0x62), w(0x0e), w(0xaa), w(0x18), w(0xbe), w(0x1b),\ + w(0xfc), w(0x56), w(0x3e), w(0x4b), w(0xc6), w(0xd2), w(0x79), w(0x20),\ + w(0x9a), w(0xdb), w(0xc0), w(0xfe), w(0x78), w(0xcd), w(0x5a), w(0xf4),\ + w(0x1f), w(0xdd), w(0xa8), w(0x33), w(0x88), w(0x07), w(0xc7), w(0x31),\ + w(0xb1), w(0x12), w(0x10), w(0x59), w(0x27), w(0x80), w(0xec), w(0x5f),\ + w(0x60), w(0x51), w(0x7f), w(0xa9), w(0x19), w(0xb5), w(0x4a), w(0x0d),\ + w(0x2d), w(0xe5), w(0x7a), w(0x9f), w(0x93), w(0xc9), w(0x9c), w(0xef),\ + w(0xa0), w(0xe0), w(0x3b), w(0x4d), w(0xae), w(0x2a), w(0xf5), w(0xb0),\ + w(0xc8), w(0xeb), w(0xbb), w(0x3c), w(0x83), w(0x53), w(0x99), w(0x61),\ + w(0x17), w(0x2b), w(0x04), w(0x7e), w(0xba), w(0x77), w(0xd6), w(0x26),\ + w(0xe1), w(0x69), w(0x14), w(0x63), w(0x55), w(0x21), w(0x0c), w(0x7d) } + +#define mm_data(w) {\ + w(0x00), w(0x01), w(0x02), w(0x03), w(0x04), w(0x05), w(0x06), w(0x07),\ + w(0x08), w(0x09), w(0x0a), w(0x0b), w(0x0c), w(0x0d), w(0x0e), w(0x0f),\ + w(0x10), w(0x11), w(0x12), w(0x13), w(0x14), w(0x15), w(0x16), w(0x17),\ + w(0x18), w(0x19), w(0x1a), w(0x1b), w(0x1c), w(0x1d), w(0x1e), w(0x1f),\ + w(0x20), w(0x21), w(0x22), w(0x23), w(0x24), w(0x25), w(0x26), w(0x27),\ + w(0x28), w(0x29), w(0x2a), w(0x2b), w(0x2c), w(0x2d), w(0x2e), w(0x2f),\ + w(0x30), w(0x31), w(0x32), w(0x33), w(0x34), w(0x35), w(0x36), w(0x37),\ + w(0x38), w(0x39), w(0x3a), w(0x3b), w(0x3c), w(0x3d), w(0x3e), w(0x3f),\ + w(0x40), w(0x41), w(0x42), w(0x43), w(0x44), w(0x45), w(0x46), w(0x47),\ + w(0x48), w(0x49), w(0x4a), w(0x4b), w(0x4c), w(0x4d), w(0x4e), w(0x4f),\ + w(0x50), w(0x51), w(0x52), w(0x53), w(0x54), w(0x55), w(0x56), w(0x57),\ + w(0x58), w(0x59), w(0x5a), w(0x5b), w(0x5c), w(0x5d), w(0x5e), w(0x5f),\ + w(0x60), w(0x61), w(0x62), w(0x63), w(0x64), w(0x65), w(0x66), w(0x67),\ + w(0x68), w(0x69), w(0x6a), w(0x6b), w(0x6c), w(0x6d), w(0x6e), w(0x6f),\ + w(0x70), w(0x71), w(0x72), w(0x73), w(0x74), w(0x75), w(0x76), w(0x77),\ + w(0x78), w(0x79), w(0x7a), w(0x7b), w(0x7c), w(0x7d), w(0x7e), w(0x7f),\ + w(0x80), w(0x81), w(0x82), w(0x83), w(0x84), w(0x85), w(0x86), w(0x87),\ + w(0x88), w(0x89), w(0x8a), w(0x8b), w(0x8c), w(0x8d), w(0x8e), w(0x8f),\ + w(0x90), w(0x91), w(0x92), w(0x93), w(0x94), w(0x95), w(0x96), w(0x97),\ + w(0x98), w(0x99), w(0x9a), w(0x9b), w(0x9c), w(0x9d), w(0x9e), w(0x9f),\ + w(0xa0), w(0xa1), w(0xa2), w(0xa3), w(0xa4), w(0xa5), w(0xa6), w(0xa7),\ + w(0xa8), w(0xa9), w(0xaa), w(0xab), w(0xac), w(0xad), w(0xae), w(0xaf),\ + w(0xb0), w(0xb1), w(0xb2), w(0xb3), w(0xb4), w(0xb5), w(0xb6), w(0xb7),\ + w(0xb8), w(0xb9), w(0xba), w(0xbb), w(0xbc), w(0xbd), w(0xbe), w(0xbf),\ + w(0xc0), w(0xc1), w(0xc2), w(0xc3), w(0xc4), w(0xc5), w(0xc6), w(0xc7),\ + w(0xc8), w(0xc9), w(0xca), w(0xcb), w(0xcc), w(0xcd), w(0xce), w(0xcf),\ + w(0xd0), w(0xd1), w(0xd2), w(0xd3), w(0xd4), w(0xd5), w(0xd6), w(0xd7),\ + w(0xd8), w(0xd9), w(0xda), w(0xdb), w(0xdc), w(0xdd), w(0xde), w(0xdf),\ + w(0xe0), w(0xe1), w(0xe2), w(0xe3), w(0xe4), w(0xe5), w(0xe6), w(0xe7),\ + w(0xe8), w(0xe9), w(0xea), w(0xeb), w(0xec), w(0xed), w(0xee), w(0xef),\ + w(0xf0), w(0xf1), w(0xf2), w(0xf3), w(0xf4), w(0xf5), w(0xf6), w(0xf7),\ + w(0xf8), w(0xf9), w(0xfa), w(0xfb), w(0xfc), w(0xfd), w(0xfe), w(0xff) } + +#define rc_data(w) {\ + w(0x01), w(0x02), w(0x04), w(0x08), w(0x10),w(0x20), w(0x40), w(0x80),\ + w(0x1b), w(0x36) } + +#define h0(x) (x) + +#define w0(p) bytes2word(p, 0, 0, 0) +#define w1(p) bytes2word(0, p, 0, 0) +#define w2(p) bytes2word(0, 0, p, 0) +#define w3(p) bytes2word(0, 0, 0, p) + +#define u0(p) bytes2word(f2(p), p, p, f3(p)) +#define u1(p) bytes2word(f3(p), f2(p), p, p) +#define u2(p) bytes2word(p, f3(p), f2(p), p) +#define u3(p) bytes2word(p, p, f3(p), f2(p)) + +#define v0(p) bytes2word(fe(p), f9(p), fd(p), fb(p)) +#define v1(p) bytes2word(fb(p), fe(p), f9(p), fd(p)) +#define v2(p) bytes2word(fd(p), fb(p), fe(p), f9(p)) +#define v3(p) bytes2word(f9(p), fd(p), fb(p), fe(p)) + +#endif + +#if defined(FIXED_TABLES) || !defined(FF_TABLES) + +#define f2(x) ((x<<1) ^ (((x>>7) & 1) * WPOLY)) +#define f4(x) ((x<<2) ^ (((x>>6) & 1) * WPOLY) ^ (((x>>6) & 2) * WPOLY)) +#define f8(x) ((x<<3) ^ (((x>>5) & 1) * WPOLY) ^ (((x>>5) & 2) * WPOLY) \ + ^ (((x>>5) & 4) * WPOLY)) +#define f3(x) (f2(x) ^ x) +#define f9(x) (f8(x) ^ x) +#define fb(x) (f8(x) ^ f2(x) ^ x) +#define fd(x) (f8(x) ^ f4(x) ^ x) +#define fe(x) (f8(x) ^ f4(x) ^ f2(x)) + +#else + +#define f2(x) ((x) ? pow[log[x] + 0x19] : 0) +#define f3(x) ((x) ? pow[log[x] + 0x01] : 0) +#define f9(x) ((x) ? pow[log[x] + 0xc7] : 0) +#define fb(x) ((x) ? pow[log[x] + 0x68] : 0) +#define fd(x) ((x) ? pow[log[x] + 0xee] : 0) +#define fe(x) ((x) ? pow[log[x] + 0xdf] : 0) +#define fi(x) ((x) ? pow[ 255 - log[x]] : 0) + +#endif + +#include "aestab.h" + +#if defined(__cplusplus) +extern "C" +{ +#endif + +#if defined(FIXED_TABLES) + +/* implemented in case of wrong call for fixed tables */ + +AES_RETURN aes_init(void) +{ + return EXIT_SUCCESS; +} + +#else /* dynamic table generation */ + +#if !defined(FF_TABLES) + +/* Generate the tables for the dynamic table option + + It will generally be sensible to use tables to compute finite + field multiplies and inverses but where memory is scarse this + code might sometimes be better. But it only has effect during + initialisation so its pretty unimportant in overall terms. +*/ + +/* return 2 ^ (n - 1) where n is the bit number of the highest bit + set in x with x in the range 1 < x < 0x00000200. This form is + used so that locals within fi can be bytes rather than words +*/ + +static uint_8t hibit(const uint_32t x) +{ uint_8t r = (uint_8t)((x >> 1) | (x >> 2)); + + r |= (r >> 2); + r |= (r >> 4); + return (r + 1) >> 1; +} + +/* return the inverse of the finite field element x */ + +static uint_8t fi(const uint_8t x) +{ uint_8t p1 = x, p2 = BPOLY, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0; + + if(x < 2) return x; + + for(;;) + { + if(!n1) return v1; + + while(n2 >= n1) + { + n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2); + } + + if(!n2) return v2; + + while(n1 >= n2) + { + n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1); + } + } +} + +#endif + +/* The forward and inverse affine transformations used in the S-box */ + +#define fwd_affine(x) \ + (w = (uint_32t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(uint_8t)(w^(w>>8))) + +#define inv_affine(x) \ + (w = (uint_32t)x, w = (w<<1)^(w<<3)^(w<<6), 0x05^(uint_8t)(w^(w>>8))) + +static int init = 0; + +AES_RETURN aes_init(void) +{ uint_32t i, w; + +#if defined(FF_TABLES) + + uint_8t pow[512], log[256]; + + if(init) + return EXIT_SUCCESS; + /* log and power tables for GF(2^8) finite field with + WPOLY as modular polynomial - the simplest primitive + root is 0x03, used here to generate the tables + */ + + i = 0; w = 1; + do + { + pow[i] = (uint_8t)w; + pow[i + 255] = (uint_8t)w; + log[w] = (uint_8t)i++; + w ^= (w << 1) ^ (w & 0x80 ? WPOLY : 0); + } + while (w != 1); + +#else + if(init) + return EXIT_SUCCESS; +#endif + + for(i = 0, w = 1; i < RC_LENGTH; ++i) + { + t_set(r,c)[i] = bytes2word(w, 0, 0, 0); + w = f2(w); + } + + for(i = 0; i < 256; ++i) + { uint_8t b; + + b = fwd_affine(fi((uint_8t)i)); + w = bytes2word(f2(b), b, b, f3(b)); + +#if defined( SBX_SET ) + t_set(s,box)[i] = b; +#endif + +#if defined( FT1_SET ) /* tables for a normal encryption round */ + t_set(f,n)[i] = w; +#endif +#if defined( FT4_SET ) + t_set(f,n)[0][i] = w; + t_set(f,n)[1][i] = upr(w,1); + t_set(f,n)[2][i] = upr(w,2); + t_set(f,n)[3][i] = upr(w,3); +#endif + w = bytes2word(b, 0, 0, 0); + +#if defined( FL1_SET ) /* tables for last encryption round (may also */ + t_set(f,l)[i] = w; /* be used in the key schedule) */ +#endif +#if defined( FL4_SET ) + t_set(f,l)[0][i] = w; + t_set(f,l)[1][i] = upr(w,1); + t_set(f,l)[2][i] = upr(w,2); + t_set(f,l)[3][i] = upr(w,3); +#endif + +#if defined( LS1_SET ) /* table for key schedule if t_set(f,l) above is*/ + t_set(l,s)[i] = w; /* not of the required form */ +#endif +#if defined( LS4_SET ) + t_set(l,s)[0][i] = w; + t_set(l,s)[1][i] = upr(w,1); + t_set(l,s)[2][i] = upr(w,2); + t_set(l,s)[3][i] = upr(w,3); +#endif + + b = fi(inv_affine((uint_8t)i)); + w = bytes2word(fe(b), f9(b), fd(b), fb(b)); + +#if defined( IM1_SET ) /* tables for the inverse mix column operation */ + t_set(i,m)[b] = w; +#endif +#if defined( IM4_SET ) + t_set(i,m)[0][b] = w; + t_set(i,m)[1][b] = upr(w,1); + t_set(i,m)[2][b] = upr(w,2); + t_set(i,m)[3][b] = upr(w,3); +#endif + +#if defined( ISB_SET ) + t_set(i,box)[i] = b; +#endif +#if defined( IT1_SET ) /* tables for a normal decryption round */ + t_set(i,n)[i] = w; +#endif +#if defined( IT4_SET ) + t_set(i,n)[0][i] = w; + t_set(i,n)[1][i] = upr(w,1); + t_set(i,n)[2][i] = upr(w,2); + t_set(i,n)[3][i] = upr(w,3); +#endif + w = bytes2word(b, 0, 0, 0); +#if defined( IL1_SET ) /* tables for last decryption round */ + t_set(i,l)[i] = w; +#endif +#if defined( IL4_SET ) + t_set(i,l)[0][i] = w; + t_set(i,l)[1][i] = upr(w,1); + t_set(i,l)[2][i] = upr(w,2); + t_set(i,l)[3][i] = upr(w,3); +#endif + } + init = 1; + return EXIT_SUCCESS; +} + +#endif + +#if defined(__cplusplus) +} +#endif + diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aestab.h pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aestab.h --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/aestab.h 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/aestab.h 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,174 @@ +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 + + This file contains the code for declaring the tables needed to implement + AES. The file aesopt.h is assumed to be included before this header file. + If there are no global variables, the definitions here can be used to put + the AES tables in a structure so that a pointer can then be added to the + AES context to pass them to the AES routines that need them. If this + facility is used, the calling program has to ensure that this pointer is + managed appropriately. In particular, the value of the t_dec(in,it) item + in the table structure must be set to zero in order to ensure that the + tables are initialised. In practice the three code sequences in aeskey.c + that control the calls to aes_init() and the aes_init() routine itself will + have to be changed for a specific implementation. If global variables are + available it will generally be preferable to use them with the precomputed + FIXED_TABLES option that uses static global tables. + + The following defines can be used to control the way the tables + are defined, initialised and used in embedded environments that + require special features for these purposes + + the 't_dec' construction is used to declare fixed table arrays + the 't_set' construction is used to set fixed table values + the 't_use' construction is used to access fixed table values + + 256 byte tables: + + t_xxx(s,box) => forward S box + t_xxx(i,box) => inverse S box + + 256 32-bit word OR 4 x 256 32-bit word tables: + + t_xxx(f,n) => forward normal round + t_xxx(f,l) => forward last round + t_xxx(i,n) => inverse normal round + t_xxx(i,l) => inverse last round + t_xxx(l,s) => key schedule table + t_xxx(i,m) => key schedule table + + Other variables and tables: + + t_xxx(r,c) => the rcon table +*/ + +#if !defined( _AESTAB_H ) +#define _AESTAB_H + +#define t_dec(m,n) t_##m##n +#define t_set(m,n) t_##m##n +#define t_use(m,n) t_##m##n + +#if defined(FIXED_TABLES) +# if !defined( __GNUC__ ) && (defined( __MSDOS__ ) || defined( __WIN16__ )) +/* make tables far data to avoid using too much DGROUP space (PG) */ +# define CONST const far +# else +# define CONST const +# endif +#else +# define CONST +#endif + +#if defined(__cplusplus) +# define EXTERN extern "C" +#elif defined(DO_TABLES) +# define EXTERN +#else +# define EXTERN extern +#endif + +#if defined(_MSC_VER) && defined(TABLE_ALIGN) +#define ALIGN __declspec(align(TABLE_ALIGN)) +#else +#define ALIGN +#endif + +#if defined( __WATCOMC__ ) && ( __WATCOMC__ >= 1100 ) +# define XP_DIR __cdecl +#else +# define XP_DIR +#endif + +#if defined(DO_TABLES) && defined(FIXED_TABLES) +#define d_1(t,n,b,e) EXTERN ALIGN CONST XP_DIR t n[256] = b(e) +#define d_4(t,n,b,e,f,g,h) EXTERN ALIGN CONST XP_DIR t n[4][256] = { b(e), b(f), b(g), b(h) } +EXTERN ALIGN CONST uint_32t t_dec(r,c)[RC_LENGTH] = rc_data(w0); +#else +#define d_1(t,n,b,e) EXTERN ALIGN CONST XP_DIR t n[256] +#define d_4(t,n,b,e,f,g,h) EXTERN ALIGN CONST XP_DIR t n[4][256] +EXTERN ALIGN CONST uint_32t t_dec(r,c)[RC_LENGTH]; +#endif + +#if defined( SBX_SET ) + d_1(uint_8t, t_dec(s,box), sb_data, h0); +#endif +#if defined( ISB_SET ) + d_1(uint_8t, t_dec(i,box), isb_data, h0); +#endif + +#if defined( FT1_SET ) + d_1(uint_32t, t_dec(f,n), sb_data, u0); +#endif +#if defined( FT4_SET ) + d_4(uint_32t, t_dec(f,n), sb_data, u0, u1, u2, u3); +#endif + +#if defined( FL1_SET ) + d_1(uint_32t, t_dec(f,l), sb_data, w0); +#endif +#if defined( FL4_SET ) + d_4(uint_32t, t_dec(f,l), sb_data, w0, w1, w2, w3); +#endif + +#if defined( IT1_SET ) + d_1(uint_32t, t_dec(i,n), isb_data, v0); +#endif +#if defined( IT4_SET ) + d_4(uint_32t, t_dec(i,n), isb_data, v0, v1, v2, v3); +#endif + +#if defined( IL1_SET ) + d_1(uint_32t, t_dec(i,l), isb_data, w0); +#endif +#if defined( IL4_SET ) + d_4(uint_32t, t_dec(i,l), isb_data, w0, w1, w2, w3); +#endif + +#if defined( LS1_SET ) +#if defined( FL1_SET ) +#undef LS1_SET +#else + d_1(uint_32t, t_dec(l,s), sb_data, w0); +#endif +#endif + +#if defined( LS4_SET ) +#if defined( FL4_SET ) +#undef LS4_SET +#else + d_4(uint_32t, t_dec(l,s), sb_data, w0, w1, w2, w3); +#endif +#endif + +#if defined( IM1_SET ) + d_1(uint_32t, t_dec(i,m), mm_data, v0); +#endif +#if defined( IM4_SET ) + d_4(uint_32t, t_dec(i,m), mm_data, v0, v1, v2, v3); +#endif + +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/ahuexception.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/ahuexception.hh --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/ahuexception.hh 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/ahuexception.hh 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,40 @@ +/* + PowerDNS Versatile Database Driven Nameserver + Copyright (C) 2002 PowerDNS.COM BV + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License version 2 + as published by the Free Software Foundation + + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +*/ +#ifndef AHUEXCEPTION_HH +#define AHUEXCEPTION_HH +/* (C) 2002 POWERDNS.COM BV */ + +#include + +#include "namespaces.hh" + +//! Generic Exception thrown +class AhuException +{ +public: + AhuException(){reason="Unspecified";}; + AhuException(string r){reason=r;}; + + string reason; //! Print this to tell the user what went wrong +}; + +class TimeoutException : public AhuException +{}; + +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/arguments.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/arguments.cc --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/arguments.cc 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/arguments.cc 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,423 @@ +/* + PowerDNS Versatile Database Driven Nameserver + Copyright (C) 2002 - 2008 PowerDNS.COM BV + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License version 2 as published + by the Free Software Foundation + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +*/ +#include "arguments.hh" +#include +#include "namespaces.hh" + +const ArgvMap::param_t::const_iterator ArgvMap::begin() +{ + return params.begin(); +} + +const ArgvMap::param_t::const_iterator ArgvMap::end() +{ + return params.end(); +} + +string & ArgvMap::set(const string &var) +{ + return params[var]; +} + +bool ArgvMap::mustDo(const string &var) +{ + return ((*this)[var]!="no") && ((*this)[var]!="off"); +} + +vectorArgvMap::list() +{ + vector ret; + for(map::const_iterator i=params.begin();i!=params.end();++i) + ret.push_back(i->first); + return ret; +} + +string ArgvMap::getHelp(const string &item) +{ + return helpmap[item]; +} + +string & ArgvMap::set(const string &var, const string &help) +{ + helpmap[var]=help; + d_typeMap[var]="Parameter"; + return set(var); +} + +void ArgvMap::setCmd(const string &var, const string &help) +{ + helpmap[var]=help; + d_typeMap[var]="Command"; + set(var)="no"; +} + +string & ArgvMap::setSwitch(const string &var, const string &help) +{ + helpmap[var]=help; + d_typeMap[var]="Switch"; + return set(var); +} + + +bool ArgvMap::contains(const string &var, const string &val) +{ + params_t::const_iterator param = params.find(var); + if(param == params.end() || param->second.empty()) { + return false; + } + vector parts; + vector::const_iterator i; + + stringtok( parts, param->second, ", \t" ); + for( i = parts.begin(); i != parts.end(); i++ ) { + if( *i == val ) { + return true; + } + } + + return false; +} + +string ArgvMap::helpstring(string prefix) +{ + if(prefix=="no") + prefix=""; + + string help; + + for(map::const_iterator i=helpmap.begin(); + i!=helpmap.end(); + i++) + { + if(!prefix.empty() && i->first.find(prefix)) // only print items with prefix + continue; + + help+=" --"; + help+=i->first; + + string type=d_typeMap[i->first]; + + if(type=="Parameter") + help+="=..."; + else if(type=="Switch") + { + help+=" | --"+i->first+"=yes"; + help+=" | --"+i->first+"=no"; + } + + + help+="\n\t"; + help+=i->second; + help+="\n"; + + } + return help; +} + +string ArgvMap::configstring() +{ + string help; + + help="# Autogenerated configuration file template\n"; + for(map::const_iterator i=helpmap.begin(); + i!=helpmap.end(); + i++) + { + if(d_typeMap[i->first]=="Command") + continue; + + help+="#################################\n"; + help+="# "; + help+=i->first; + help+="\t"; + help+=i->second; + help+="\n#\n"; + help+="# "+i->first+"="+params[i->first]+"\n\n"; + + } + return help; +} + + +const string & ArgvMap::operator[](const string &arg) +{ + if(!parmIsset(arg)) + throw ArgException(string("Undefined but needed argument: '")+arg+"'"); + + + return params[arg]; +} + +#ifndef WIN32 +mode_t ArgvMap::asMode(const string &arg) +{ + mode_t mode; + const char *cptr_orig; + char *cptr_ret = NULL; + + if(!parmIsset(arg)) + throw ArgException(string("Undefined but needed argument: '")+arg+"'"); + + cptr_orig = params[arg].c_str(); + mode = static_cast(strtol(cptr_orig, &cptr_ret, 8)); + if (mode == 0 && cptr_ret == cptr_orig) + throw ArgException("'" + arg + string("' contains invalid octal mode")); + return mode; +} + +gid_t ArgvMap::asGid(const string &arg) +{ + gid_t gid; + const char *cptr_orig; + char *cptr_ret = NULL; + + if(!parmIsset(arg)) + throw ArgException(string("Undefined but needed argument: '")+arg+"'"); + + cptr_orig = params[arg].c_str(); + gid = static_cast(strtol(cptr_orig, &cptr_ret, 0)); + if (gid == 0 && cptr_ret == cptr_orig) { + // try to resolve + struct group *group = getgrnam(params[arg].c_str()); + if (group == NULL) + throw ArgException("'" + arg + string("' contains invalid group")); + gid = group->gr_gid; + } + return gid; +} + +uid_t ArgvMap::asUid(const string &arg) +{ + uid_t uid; + const char *cptr_orig; + char *cptr_ret = NULL; + + if(!parmIsset(arg)) + throw ArgException(string("Undefined but needed argument: '")+arg+"'"); + + cptr_orig = params[arg].c_str(); + uid = static_cast(strtol(cptr_orig, &cptr_ret, 0)); + if (uid == 0 && cptr_ret == cptr_orig) { + // try to resolve + struct passwd *pwent = getpwnam(params[arg].c_str()); + if (pwent == NULL) + throw ArgException("'" + arg + string("' contains invalid group")); + uid = pwent->pw_uid; + } + return uid; +} +#endif + +int ArgvMap::asNum(const string &arg) +{ + int retval; + const char *cptr_orig; + char *cptr_ret = NULL; + + if(!parmIsset(arg)) + throw ArgException(string("Undefined but needed argument: '")+arg+"'"); + + // treat empty values as zeros + if (params[arg].empty()) + return 0; + + cptr_orig = params[arg].c_str(); + retval = static_cast(strtol(cptr_orig, &cptr_ret, 0)); + if (!retval && cptr_ret == cptr_orig) + throw ArgException("'"+arg+string("' is not valid number")); + + return retval; +} + +bool ArgvMap::isEmpty(const string &arg) +{ + if(!parmIsset(arg)) + return true; + return params[arg].empty(); +} + +double ArgvMap::asDouble(const string &arg) +{ + double retval; + const char *cptr_orig; + char *cptr_ret = NULL; + + if(!parmIsset(arg)) + throw ArgException(string("Undefined but needed argument: '")+arg+"'"); + + if (params[arg].empty()) + return 0.0; + + cptr_orig = params[arg].c_str(); + retval = strtod(cptr_orig, &cptr_ret); + + if (retval == 0 && cptr_ret == cptr_orig) + throw ArgException("'"+arg+string("' is not valid double")); + + return retval; +} + +ArgvMap::ArgvMap() +{ + +} + +bool ArgvMap::parmIsset(const string &var) +{ + return (params.find(var)!=params.end()); +} + +void ArgvMap::parseOne(const string &arg, const string &parseOnly, bool lax) +{ + string var, val; + string::size_type pos; + + if(!arg.find("--") &&(pos=arg.find("="))!=string::npos) // this is a --port=25 case + { + var=arg.substr(2,pos-2); + val=arg.substr(pos+1); + } + else if(!arg.find("--") && (arg.find("=")==string::npos)) // this is a --daemon case + { + var=arg.substr(2); + val=""; + } + else if(arg[0]=='-') + { + var=arg.substr(1); + val=""; + } + else { // command + d_cmds.push_back(arg); + } + + if(var!="" && (parseOnly.empty() || var==parseOnly)) { + + pos=val.find_first_not_of(" \t"); // strip leading whitespace + if(pos && pos!=string::npos) + val=val.substr(pos); + + if(parmIsset(var)) + params[var]=val; + else + if(!lax) + throw ArgException("Trying to set unexisting parameter '"+var+"'"); + } +} + +const vector&ArgvMap::getCommands() +{ + return d_cmds; +} + +void ArgvMap::parse(int &argc, char **argv, bool lax) +{ + for(int n=1;n +#include +#include +#include +#include +#include "misc.hh" +#include "ahuexception.hh" +#ifndef WIN32 +# include +# include +# include +#endif + +#include "namespaces.hh" + +typedef AhuException ArgException; + +/** This class helps parsing argc and argv into a map of parameters. We have 3 kinds of formats: + + + -w this leads to a key/value pair of "w"/void + + --port=25 "port"/"25" + + --daemon "daemon"/void + + We do not support "--port 25" syntax. + + It can also read from a file. This file can contain '#' to delimit comments. + + Some sample code: + + \code + + ArgvMap R; + + R.set("port")="25"; // use this to specify default parameters + R.file("./default.conf"); // parse configuration file + + R.parse(argc, argv); // read the arguments from main() + + cout<<"Will we be a deamon?: "<::const_iterator i; + cout<<"via iterator"<first<<"="<second< param_t; //!< use this if you need to know the content of the map + bool parmIsset(const string &var); //!< Checks if a parameter is set to *a* value + bool mustDo(const string &var); //!< if a switch is given, if we must do something (--help) + int asNum(const string &var); //!< return a variable value as a number +#ifndef WIN32 + mode_t asMode(const string &var); //list(); + string getHelp(const string &item); + + const param_t::const_iterator begin(); //!< iterator semantics + const param_t::const_iterator end(); //!< iterator semantics + const string &operator[](const string &); //!< iterator semantics + const vector&getCommands(); +private: + void parseOne(const string &unparsed, const string &parseOnly="", bool lax=false); + typedef map params_t; + params_t params; + map helpmap; + map d_typeMap; + vector d_cmds; +}; + +extern ArgvMap &arg(); + +#endif /* ARGUMENTS_HH */ diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/base32.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/base32.cc --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/base32.cc 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/base32.cc 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,136 @@ +#include +#include +#include +#include +#include +#include +#include "base32.hh" +#include "namespaces.hh" + +/* based on freebsd:src/contrib/opie/libopie/btoe.c extract: get bit ranges from a char* */ +uint32_t extract_bits(const char *s, int start, int length) +{ + uint32_t x; + unsigned char cl, cc, cr; + + cl = s[start / 8]; + cc = s[start / 8 + 1]; + cr = s[start / 8 + 2]; + x = ((uint32_t) (cl << 8 | cc) << 8 | cr); + x = x >> (24 - (length + (start % 8))); + x = (x & (0xffff >> (16 - length))); + return (x); +} + +/* same, set bit ranges in a char* */ +static void set_bits(char* s, int x, int start, int length) +{ + unsigned char cl, cc, cr; + uint32_t y; + int shift; + + shift = ((8 - ((start + length) % 8)) % 8); + y = (uint32_t) x << shift; + cl = (y >> 16) & 0xff; + cc = (y >> 8) & 0xff; + cr = y & 0xff; + if (shift + length > 16) { + s[start / 8] |= cl; + s[start / 8 + 1] |= cc; + s[start / 8 + 2] |= cr; + } + else { + if (shift + length > 8) { + s[start / 8] |= cc; + s[start / 8 + 1] |= cr; + } else { + s[start / 8] |= cr; + } + } +} + +/* convert a base32 hex character to its decoded equivalent */ +static int unbase32hex(char c) +{ + if(c >= '0' && c<='9') + return c-'0'; + if(c >= 'a' && c<='z') + return 10 + (c-'a'); + if(c >= 'A' && c<='Z') + return 10 + (c-'A'); + if(c=='=') + return '='; + return -1; +} + +/* convert a binary string to base32hex */ +string toBase32Hex(const std::string& input) +{ + static const char base32hex[] = "0123456789ABCDEFGHIJKLMNOPQRSTUV="; + string ret; + ret.reserve(4+ 8*input.length()/5); // optimization + // process input in groups of 5 8-bit chunks, emit 8 5-bit chunks + for(string::size_type offset = 0 ; offset < input.length(); offset+=5) { + int todo = input.length() - offset; + int stuffing; // how much '=' to add at the end + + switch(todo) { + case 1: + stuffing = 6; break; + case 2: + stuffing = 4; break; + case 3: + stuffing = 3; break; + case 4: + stuffing = 1; break; + default: // -> 0 or more than 5, no stuffing + stuffing = 0; break; + } + + for(int n=0; n < 8 - stuffing; ++n) + ret.append(1, base32hex[extract_bits(input.c_str()+offset, n*5, 5)]); + ret.append(stuffing, '='); + } + + return ret; +} + +// convert base32hex encoded string to normal string +string fromBase32Hex(const std::string& input) +{ + string ret; + char block[5]={0,0,0,0,0}; // we process 5 8-bit chunks at a time + string::size_type n, toWrite=0; + for(n = 0; n < input.length(); ++n) { + int c=unbase32hex(input[n]); + if(c == '=' || c < 0) // stop at stuffing or error + break; + set_bits(block, c , (n % 8) * 5, 5); + if(++toWrite == 8) { + ret.append(block, sizeof(block)); + memset(block, 0, sizeof(block)); + toWrite = 0; + } + } + ret.append(block, (toWrite*5)/8); + + return ret; +} + +#if 0 +int main(int argc, char **argv) +{ + if(argc!=3 || (argc==3 && strcmp(argv[1],"from") && strcmp(argv[1],"to"))) { + printf("syntax: base32 from|to string\n"); + exit(0); + } + if(!strcmp(argv[1],"to")) { + printf("input: '%s'\noutput: '%s'\n", + argv[2], + toBase32Hex(argv[2]).c_str()); + } + else { + cout<<"input: '"< + +std::string toBase32Hex(const std::string& input); +std::string fromBase32Hex(const std::string& input); + +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/base64.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/base64.cc --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/base64.cc 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/base64.cc 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,232 @@ +#include "base64.hh" +#include + +namespace anonpdns { +char B64Decode1(char cInChar) +{ + // The incoming character will be A-Z, a-z, 0-9, +, /, or =. + // The idea is to quickly determine which grouping the + // letter belongs to and return the associated value + // without having to search the global encoding string + // (the value we're looking for would be the resulting + // index into that string). + // + // To do that, we'll play some tricks... + unsigned char iIndex = '\0'; + switch ( cInChar ) { + case '+': + iIndex = 62; + break; + + case '/': + iIndex = 63; + break; + + case '=': + iIndex = 0; + break; + + default: + // Must be 'A'-'Z', 'a'-'z', '0'-'9', or an error... + // + // Numerically, small letters are "greater" in value than + // capital letters and numerals (ASCII value), and capital + // letters are "greater" than numerals (again, ASCII value), + // so we check for numerals first, then capital letters, + // and finally small letters. + iIndex = '9' - cInChar; + if ( iIndex > 0x3F ) { + // Not from '0' to '9'... + iIndex = 'Z' - cInChar; + if ( iIndex > 0x3F ) { + // Not from 'A' to 'Z'... + iIndex = 'z' - cInChar; + if ( iIndex > 0x3F ) { + // Invalid character...cannot + // decode! + iIndex = 0x80; // set the high bit + } // if + else { + // From 'a' to 'z' + iIndex = (('z' - iIndex) - 'a') + 26; + } // else + } // if + else { + // From 'A' to 'Z' + iIndex = ('Z' - iIndex) - 'A'; + } // else + } // if + else { + // Adjust the index... + iIndex = (('9' - iIndex) - '0') + 52; + } // else + break; + + } // switch + + return iIndex; +} + +inline char B64Encode1(unsigned char uc) +{ + if (uc < 26) + { + return 'A'+uc; + } + if (uc < 52) + { + return 'a'+(uc-26); + } + if (uc < 62) + { + return '0'+(uc-52); + } + if (uc == 62) + { + return '+'; + } + return '/'; +}; + + + +} +using namespace anonpdns; + +int B64Decode(const std::string& strInput, std::string& strOutput) +{ + // Set up a decoding buffer + long cBuf = 0; + char* pBuf = (char*)&cBuf; + + // Decoding management... + int iBitGroup = 0, iInNum = 0; + + // While there are characters to process... + // + // We'll decode characters in blocks of 4, as + // there are 4 groups of 6 bits in 3 bytes. The + // incoming Base64 character is first decoded, and + // then it is inserted into the decode buffer + // (with any relevant shifting, as required). + // Later, after all 3 bytes have been reconstituted, + // we assign them to the output string, ultimately + // to be returned as the original message. + int iInSize = strInput.size(); + unsigned char cChar = '\0'; + uint8_t pad = 0; + while ( iInNum < iInSize ) { + // Fill the decode buffer with 4 groups of 6 bits + cBuf = 0; // clear + pad = 0; + for ( iBitGroup = 0; iBitGroup < 4; ++iBitGroup ) { + if ( iInNum < iInSize ) { + // Decode a character + if(strInput.at(iInNum)=='=') + pad++; + while(isspace(strInput.at(iInNum))) + iInNum++; + cChar = B64Decode1(strInput.at(iInNum++)); + + } // if + else { + // Decode a padded zero + cChar = '\0'; + } // else + + // Check for valid decode + if ( cChar > 0x7F ) + return -1; + + // Adjust the bits + switch ( iBitGroup ) { + case 0: + // The first group is copied into + // the least significant 6 bits of + // the decode buffer...these 6 bits + // will eventually shift over to be + // the most significant bits of the + // third byte. + cBuf = cBuf | cChar; + break; + + default: + // For groupings 1-3, simply shift + // the bits in the decode buffer over + // by 6 and insert the 6 from the + // current decode character. + cBuf = (cBuf << 6) | cChar; + break; + + } // switch + } // for + + // Interpret the resulting 3 bytes...note there + // may have been padding, so those padded bytes + // are actually ignored. + strOutput += pBuf[2]; + strOutput += pBuf[1]; + strOutput += pBuf[0]; + } // while + if(pad) + strOutput.resize(strOutput.length()-pad); + + return 1; +} + +/* +www.kbcafe.com +Copyright 2001-2002 Randy Charles Morin +The Encode static method takes an array of 8-bit values and returns a base-64 stream. +*/ + + +std::string Base64Encode (const std::string& vby) +{ + std::string retval; + if (vby.size () == 0) + { + return retval; + }; + for (unsigned int i = 0; i < vby.size (); i += 3) + { + unsigned char by1 = 0, by2 = 0, by3 = 0; + by1 = vby[i]; + if (i + 1 < vby.size ()) + { + by2 = vby[i + 1]; + }; + if (i + 2 < vby.size ()) + { + by3 = vby[i + 2]; + } + unsigned char by4 = 0, by5 = 0, by6 = 0, by7 = 0; + by4 = by1 >> 2; + by5 = ((by1 & 0x3) << 4) | (by2 >> 4); + by6 = ((by2 & 0xf) << 2) | (by3 >> 6); + by7 = by3 & 0x3f; + retval += B64Encode1 (by4); + retval += B64Encode1 (by5); + if (i + 1 < vby.size ()) + { + retval += B64Encode1 (by6); + } + else + { + retval += "="; + }; + if (i + 2 < vby.size ()) + { + retval += B64Encode1 (by7); + } + else + { + retval += "="; + }; + /* if ((i % (76 / 4 * 3)) == 0) + { + retval += "\r\n"; + }*/ + }; + return retval; +}; diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/base64.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/base64.hh --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/base64.hh 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/base64.hh 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,8 @@ +#ifndef PDNS_BASE64_HH +#define PDNS_BASE64_HH +#include +#include + +int B64Decode(const std::string& strInput, std::string& strOutput); +std::string Base64Encode (const std::string& vby); +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/brg_endian.h pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/brg_endian.h --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/brg_endian.h 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/brg_endian.h 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,133 @@ +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 +*/ + +#ifndef _BRG_ENDIAN_H +#define _BRG_ENDIAN_H + +#define IS_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */ +#define IS_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */ + +/* Include files where endian defines and byteswap functions may reside */ +#if defined( __sun ) +# include +#elif defined( __FreeBSD__ ) || defined( __OpenBSD__ ) || defined( __NetBSD__ ) +# include +#elif defined( BSD ) && ( BSD >= 199103 ) || defined( __APPLE__ ) || \ + defined( __CYGWIN32__ ) || defined( __DJGPP__ ) || defined( __osf__ ) +# include +#elif defined( __linux__ ) || defined( __GNUC__ ) || defined( __GNU_LIBRARY__ ) +# if !defined( __MINGW32__ ) && !defined( _AIX ) +# include +# if !defined( __BEOS__ ) +# include +# endif +# endif +#endif + +/* Now attempt to set the define for platform byte order using any */ +/* of the four forms SYMBOL, _SYMBOL, __SYMBOL & __SYMBOL__, which */ +/* seem to encompass most endian symbol definitions */ + +#if defined( BIG_ENDIAN ) && defined( LITTLE_ENDIAN ) +# if defined( BYTE_ORDER ) && BYTE_ORDER == BIG_ENDIAN +# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN +# elif defined( BYTE_ORDER ) && BYTE_ORDER == LITTLE_ENDIAN +# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN +# endif +#elif defined( BIG_ENDIAN ) +# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN +#elif defined( LITTLE_ENDIAN ) +# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN +#endif + +#if defined( _BIG_ENDIAN ) && defined( _LITTLE_ENDIAN ) +# if defined( _BYTE_ORDER ) && _BYTE_ORDER == _BIG_ENDIAN +# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN +# elif defined( _BYTE_ORDER ) && _BYTE_ORDER == _LITTLE_ENDIAN +# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN +# endif +#elif defined( _BIG_ENDIAN ) +# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN +#elif defined( _LITTLE_ENDIAN ) +# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN +#endif + +#if defined( __BIG_ENDIAN ) && defined( __LITTLE_ENDIAN ) +# if defined( __BYTE_ORDER ) && __BYTE_ORDER == __BIG_ENDIAN +# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN +# elif defined( __BYTE_ORDER ) && __BYTE_ORDER == __LITTLE_ENDIAN +# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN +# endif +#elif defined( __BIG_ENDIAN ) +# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN +#elif defined( __LITTLE_ENDIAN ) +# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN +#endif + +#if defined( __BIG_ENDIAN__ ) && defined( __LITTLE_ENDIAN__ ) +# if defined( __BYTE_ORDER__ ) && __BYTE_ORDER__ == __BIG_ENDIAN__ +# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN +# elif defined( __BYTE_ORDER__ ) && __BYTE_ORDER__ == __LITTLE_ENDIAN__ +# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN +# endif +#elif defined( __BIG_ENDIAN__ ) +# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN +#elif defined( __LITTLE_ENDIAN__ ) +# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN +#endif + +/* if the platform byte order could not be determined, then try to */ +/* set this define using common machine defines */ +#if !defined(PLATFORM_BYTE_ORDER) + +#if defined( __alpha__ ) || defined( __alpha ) || defined( i386 ) || \ + defined( __i386__ ) || defined( _M_I86 ) || defined( _M_IX86 ) || \ + defined( __OS2__ ) || defined( sun386 ) || defined( __TURBOC__ ) || \ + defined( vax ) || defined( vms ) || defined( VMS ) || \ + defined( __VMS ) || defined( _M_X64 ) +# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN + +#elif defined( AMIGA ) || defined( applec ) || defined( __AS400__ ) || \ + defined( _CRAY ) || defined( __hppa ) || defined( __hp9000 ) || \ + defined( ibm370 ) || defined( mc68000 ) || defined( m68k ) || \ + defined( __MRC__ ) || defined( __MVS__ ) || defined( __MWERKS__ ) || \ + defined( sparc ) || defined( __sparc) || defined( SYMANTEC_C ) || \ + defined( __VOS__ ) || defined( __TIGCC__ ) || defined( __TANDEM ) || \ + defined( THINK_C ) || defined( __VMCMS__ ) || defined( _AIX ) +# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN + +#elif 0 /* **** EDIT HERE IF NECESSARY **** */ +# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN +#elif 0 /* **** EDIT HERE IF NECESSARY **** */ +# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN +#else +# error Please edit lines 126 or 128 in brg_endian.h to set the platform byte order +#endif + +#endif + +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/brg_types.h pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/brg_types.h --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/brg_types.h 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/brg_types.h 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,223 @@ +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 + + The unsigned integer types defined here are of the form uint_t where + is the length of the type; for example, the unsigned 32-bit type is + 'uint_32t'. These are NOT the same as the 'C99 integer types' that are + defined in the inttypes.h and stdint.h headers since attempts to use these + types have shown that support for them is still highly variable. However, + since the latter are of the form uint_t, a regular expression search + and replace (in VC++ search on 'uint_{:z}t' and replace with 'uint\1_t') + can be used to convert the types used here to the C99 standard types. +*/ + +#ifndef _BRG_TYPES_H +#define _BRG_TYPES_H + +#if defined(__cplusplus) +extern "C" { +#endif + +#include + +#if defined( _MSC_VER ) && ( _MSC_VER >= 1300 ) +# include +# define ptrint_t intptr_t +#elif defined( __GNUC__ ) && ( __GNUC__ >= 3 ) +# include +# define ptrint_t intptr_t +#else +# define ptrint_t int +#endif + +#ifndef BRG_UI8 +# define BRG_UI8 +# if UCHAR_MAX == 255u + typedef unsigned char uint_8t; +# else +# error Please define uint_8t as an 8-bit unsigned integer type in brg_types.h +# endif +#endif + +#ifndef BRG_UI16 +# define BRG_UI16 +# if USHRT_MAX == 65535u + typedef unsigned short uint_16t; +# else +# error Please define uint_16t as a 16-bit unsigned short type in brg_types.h +# endif +#endif + +#ifndef BRG_UI32 +# define BRG_UI32 +# if UINT_MAX == 4294967295u +# define li_32(h) 0x##h##u + typedef unsigned int uint_32t; +# elif ULONG_MAX == 4294967295u +# define li_32(h) 0x##h##ul + typedef unsigned long uint_32t; +# elif defined( _CRAY ) +# error This code needs 32-bit data types, which Cray machines do not provide +# else +# error Please define uint_32t as a 32-bit unsigned integer type in brg_types.h +# endif +#endif + +#ifndef BRG_UI64 +# if defined( __BORLANDC__ ) && !defined( __MSDOS__ ) +# define BRG_UI64 +# define li_64(h) 0x##h##ui64 + typedef unsigned __int64 uint_64t; +# elif defined( _MSC_VER ) && ( _MSC_VER < 1300 ) /* 1300 == VC++ 7.0 */ +# define BRG_UI64 +# define li_64(h) 0x##h##ui64 + typedef unsigned __int64 uint_64t; +# elif defined( __sun ) && defined(ULONG_MAX) && ULONG_MAX == 0xfffffffful +# define BRG_UI64 +# define li_64(h) 0x##h##ull + typedef unsigned long long uint_64t; +# elif defined( __MVS__ ) +# define BRG_UI64 +# define li_64(h) 0x##h##ull + typedef unsigned int long long uint_64t; +# elif defined( UINT_MAX ) && UINT_MAX > 4294967295u +# if UINT_MAX == 18446744073709551615u +# define BRG_UI64 +# define li_64(h) 0x##h##u + typedef unsigned int uint_64t; +# endif +# elif defined( ULONG_MAX ) && ULONG_MAX > 4294967295u +# if ULONG_MAX == 18446744073709551615ul +# define BRG_UI64 +# define li_64(h) 0x##h##ul + typedef unsigned long uint_64t; +# endif +# elif defined( ULLONG_MAX ) && ULLONG_MAX > 4294967295u +# if ULLONG_MAX == 18446744073709551615ull +# define BRG_UI64 +# define li_64(h) 0x##h##ull + typedef unsigned long long uint_64t; +# endif +# elif defined( ULONG_LONG_MAX ) && ULONG_LONG_MAX > 4294967295u +# if ULONG_LONG_MAX == 18446744073709551615ull +# define BRG_UI64 +# define li_64(h) 0x##h##ull + typedef unsigned long long uint_64t; +# endif +# endif +#endif + +#if !defined( BRG_UI64 ) +# if defined( NEED_UINT_64T ) +# error Please define uint_64t as an unsigned 64 bit type in brg_types.h +# endif +#endif + +#ifndef RETURN_VALUES +# define RETURN_VALUES +# if defined( DLL_EXPORT ) +# if defined( _MSC_VER ) || defined ( __INTEL_COMPILER ) +# define VOID_RETURN __declspec( dllexport ) void __stdcall +# define INT_RETURN __declspec( dllexport ) int __stdcall +# elif defined( __GNUC__ ) +# define VOID_RETURN __declspec( __dllexport__ ) void +# define INT_RETURN __declspec( __dllexport__ ) int +# else +# error Use of the DLL is only available on the Microsoft, Intel and GCC compilers +# endif +# elif defined( DLL_IMPORT ) +# if defined( _MSC_VER ) || defined ( __INTEL_COMPILER ) +# define VOID_RETURN __declspec( dllimport ) void __stdcall +# define INT_RETURN __declspec( dllimport ) int __stdcall +# elif defined( __GNUC__ ) +# define VOID_RETURN __declspec( __dllimport__ ) void +# define INT_RETURN __declspec( __dllimport__ ) int +# else +# error Use of the DLL is only available on the Microsoft, Intel and GCC compilers +# endif +# elif defined( __WATCOMC__ ) +# define VOID_RETURN void __cdecl +# define INT_RETURN int __cdecl +# else +# define VOID_RETURN void +# define INT_RETURN int +# endif +#endif + +/* These defines are used to detect and set the memory alignment of pointers. + Note that offsets are in bytes. + + ALIGN_OFFSET(x,n) return the positive or zero offset of + the memory addressed by the pointer 'x' + from an address that is aligned on an + 'n' byte boundary ('n' is a power of 2) + + ALIGN_FLOOR(x,n) return a pointer that points to memory + that is aligned on an 'n' byte boundary + and is not higher than the memory address + pointed to by 'x' ('n' is a power of 2) + + ALIGN_CEIL(x,n) return a pointer that points to memory + that is aligned on an 'n' byte boundary + and is not lower than the memory address + pointed to by 'x' ('n' is a power of 2) +*/ + +#define ALIGN_OFFSET(x,n) (((ptrint_t)(x)) & ((n) - 1)) +#define ALIGN_FLOOR(x,n) ((uint_8t*)(x) - ( ((ptrint_t)(x)) & ((n) - 1))) +#define ALIGN_CEIL(x,n) ((uint_8t*)(x) + (-((ptrint_t)(x)) & ((n) - 1))) + +/* These defines are used to declare buffers in a way that allows + faster operations on longer variables to be used. In all these + defines 'size' must be a power of 2 and >= 8. NOTE that the + buffer size is in bytes but the type length is in bits + + UNIT_TYPEDEF(x,size) declares a variable 'x' of length + 'size' bits + + BUFR_TYPEDEF(x,size,bsize) declares a buffer 'x' of length 'bsize' + bytes defined as an array of variables + each of 'size' bits (bsize must be a + multiple of size / 8) + + UNIT_CAST(x,size) casts a variable to a type of + length 'size' bits + + UPTR_CAST(x,size) casts a pointer to a pointer to a + varaiable of length 'size' bits +*/ + +#define UI_TYPE(size) uint_##size##t +#define UNIT_TYPEDEF(x,size) typedef UI_TYPE(size) x +#define BUFR_TYPEDEF(x,size,bsize) typedef UI_TYPE(size) x[bsize / (size >> 3)] +#define UNIT_CAST(x,size) ((UI_TYPE(size) )(x)) +#define UPTR_CAST(x,size) ((UI_TYPE(size)*)(x)) + +#if defined(__cplusplus) +} +#endif + +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/cachecleaner.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/cachecleaner.hh --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/cachecleaner.hh 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/cachecleaner.hh 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,83 @@ +#ifndef PDNS_CACHECLEANER_HH +#define PDNS_CACHECLEANER_HH + +// this function can clean any cache that has a getTTD() method on its entries, and a 'sequence' index as its second index +// the ritual is that the oldest entries are in *front* of the sequence collection, so on a hit, move an item to the end +// on a miss, move it to the beginning +template void pruneCollection(T& collection, unsigned int maxCached, unsigned int scanFraction=1000) +{ + uint32_t now=(uint32_t)time(0); + unsigned int toTrim=0; + + unsigned int cacheSize=collection.size(); + + if(cacheSize > maxCached) { + toTrim = cacheSize - maxCached; + } + +// cout<<"Need to trim "<::type sequence_t; + sequence_t& sidx=collection.get<1>(); + + unsigned int tried=0, lookAt, erased=0; + + // two modes - if toTrim is 0, just look through 1/scanFraction of all records + // and nuke everything that is expired + // otherwise, scan first 5*toTrim records, and stop once we've nuked enough + if(toTrim) + lookAt=5*toTrim; + else + lookAt=cacheSize/scanFraction; + + typename sequence_t::iterator iter=sidx.begin(), eiter; + for(; iter != sidx.end() && tried < lookAt ; ++tried) { + if(iter->getTTD() < now) { + sidx.erase(iter++); + erased++; + } + else + ++iter; + + if(toTrim && erased > toTrim) + break; + } + + //cout<<"erased "<= toTrim) // done + return; + + toTrim -= erased; + + //if(toTrim) + // cout<<"Still have "< void moveCacheItemToFrontOrBack(T& collection, typename T::iterator& iter, bool front) +{ + typedef typename T::template nth_index<1>::type sequence_t; + sequence_t& sidx=collection.get<1>(); + typename sequence_t::iterator si=collection.project<1>(iter); + if(front) + sidx.relocate(sidx.begin(), si); // at the beginning of the delete queue + else + sidx.relocate(sidx.end(), si); // back +} + +template void moveCacheItemToFront(T& collection, typename T::iterator& iter) +{ + moveCacheItemToFrontOrBack(collection, iter, true); +} + +template void moveCacheItemToBack(T& collection, typename T::iterator& iter) +{ + moveCacheItemToFrontOrBack(collection, iter, false); +} + +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/config.h pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/config.h --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/config.h 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/config.h 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,4 @@ +#define SYSCONFDIR "/etc/powerdns/" +#define LOCALSTATEDIR "/var/run/" +#define VERSION "3.5-pre" +#define RECURSOR diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/configure pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/configure --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/configure 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/configure 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,12 @@ +#!/bin/sh +echo Testing dependencies and compiler. + +GMAKE=`which gmake` +if test -z "$GMAKE" +then + make basic_checks +else + echo Using gmake to build + gmake basic_checks +fi + diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/COPYING pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/COPYING --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/COPYING 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/COPYING 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/devpollmplexer.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/devpollmplexer.cc --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/devpollmplexer.cc 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/devpollmplexer.cc 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,156 @@ +#include +#include "mplexer.hh" +#include "sstuff.hh" +#include +#include +#include "misc.hh" +#include +#include "syncres.hh" + +#include "namespaces.hh" +#include "namespaces.hh" + +class DevPollFDMultiplexer : public FDMultiplexer +{ +public: + DevPollFDMultiplexer(); + virtual ~DevPollFDMultiplexer() + { + close(d_devpollfd); + } + + virtual int run(struct timeval* tv); + + virtual void addFD(callbackmap_t& cbmap, int fd, callbackfunc_t toDo, const funcparam_t& parameter); + virtual void removeFD(callbackmap_t& cbmap, int fd); + string getName() + { + return "/dev/poll"; + } +private: + int d_devpollfd; +}; + + +static FDMultiplexer* makeDevPoll() +{ + return new DevPollFDMultiplexer(); +} + +static struct DevPollRegisterOurselves +{ + DevPollRegisterOurselves() { + FDMultiplexer::getMultiplexerMap().insert(make_pair(0, &makeDevPoll)); // priority 0! + } +} doItDevPoll; + + +//int DevPollFDMultiplexer::s_maxevents=1024; +DevPollFDMultiplexer::DevPollFDMultiplexer() +{ + d_devpollfd=open("/dev/poll", O_RDWR); + if(d_devpollfd < 0) + throw FDMultiplexerException("Setting up /dev/poll: "+stringerror()); + +} + +void DevPollFDMultiplexer::addFD(callbackmap_t& cbmap, int fd, callbackfunc_t toDo, const funcparam_t& parameter) +{ + accountingAddFD(cbmap, fd, toDo, parameter); + + struct pollfd devent; + devent.fd=fd; + devent.events= (&cbmap == &d_readCallbacks) ? POLLIN : POLLOUT; + devent.revents = 0; + + if(write(d_devpollfd, &devent, sizeof(devent)) != sizeof(devent)) { + cbmap.erase(fd); + throw FDMultiplexerException("Adding fd to /dev/poll/ set: "+stringerror()); + } +} + +void DevPollFDMultiplexer::removeFD(callbackmap_t& cbmap, int fd) +{ + if(!cbmap.erase(fd)) + throw FDMultiplexerException("Tried to remove unlisted fd "+lexical_cast(fd)+ " from multiplexer"); + + struct pollfd devent; + devent.fd=fd; + devent.events= POLLREMOVE; + devent.revents = 0; + + if(write(d_devpollfd, &devent, sizeof(devent)) != sizeof(devent)) { + cbmap.erase(fd); + throw FDMultiplexerException("Removing fd from epoll set: "+stringerror()); + } +} + +int DevPollFDMultiplexer::run(struct timeval* now) +{ + if(d_inrun) { + throw FDMultiplexerException("FDMultiplexer::run() is not reentrant!\n"); + } + struct dvpoll dvp; + dvp.dp_nfds = d_readCallbacks.size() + d_writeCallbacks.size(); + dvp.dp_fds = new pollfd[dvp.dp_nfds]; + dvp.dp_timeout = 500; + int ret=ioctl(d_devpollfd, DP_POLL, &dvp); + gettimeofday(now,0); // MANDATORY! + + if(ret < 0 && errno!=EINTR) + throw FDMultiplexerException("/dev/poll returned error: "+stringerror()); + + if(ret < 1) // thanks AB! + return 0; + + d_inrun=true; + for(int n=0; n < ret; ++n) { + d_iter=d_readCallbacks.find(dvp.dp_fds[n].fd); + + if(d_iter != d_readCallbacks.end()) { + d_iter->second.d_callback(d_iter->first, d_iter->second.d_parameter); + continue; // so we don't refind ourselves as writable! + } + d_iter=d_writeCallbacks.find(dvp.dp_fds[n].fd); + + if(d_iter != d_writeCallbacks.end()) { + d_iter->second.d_callback(d_iter->first, d_iter->second.d_parameter); + } + } + delete[] dvp.dp_fds; + d_inrun=false; + return 0; +} + +#if 0 +void acceptData(int fd, funcparam_t& parameter) +{ + cout<<"Have data on fd "<(parameter); + string packet; + IPEndpoint rem; + sock->recvFrom(packet, rem); + cout<<"Received "< +#include +#include +#include + +static void appendEscapedLabel(string& ret, const char* begin, unsigned char labellen) +{ + unsigned char n = 0; + for(n = 0 ; n < labellen; ++n) + if(begin[n] == '.' || begin[n] == '\\' || begin[n] == ' ') + break; + + if( n == labellen) { + ret.append(begin, labellen); + return; + } + string label(begin, labellen); + boost::replace_all(label, "\\", "\\\\"); + boost::replace_all(label, ".", "\\."); + boost::replace_all(label, " ", "\\032"); + ret.append(label); +} + +class BoundsCheckingPointer +{ +public: + explicit BoundsCheckingPointer(const char* a, unsigned int length) + : d_ptr(a), d_length(length) + {} + + explicit BoundsCheckingPointer(const std::string& str) + : d_ptr(str.c_str()), d_length(str.size()) + {} + + + const char operator[](unsigned int offset) const + { + if(offset < d_length) + return d_ptr[offset]; + else throw runtime_error("out of bounds: "+boost::lexical_cast(offset)+" >= " + boost::lexical_cast(d_length)); + } +private: + const char* d_ptr; + const unsigned int d_length; +}; + +//! compares two dns packets, skipping the header, but including the question and the qtype +bool dnspacketLessThan(const std::string& a, const std::string& b) +{ + if(a.length() <= 12 || b.length() <= 12) + return a.length() < b.length(); +// throw runtime_error("Error parsing question in dnspacket comparison: packet too short"); + + // we find: 3www4ds9a2nl0XXYY, where XX and YY are each 2 bytes describing class and type + + BoundsCheckingPointer aSafe(a), bSafe(b); + int aPos=12, bPos=12; + + unsigned char aLabelLen, bLabelLen; + + do { + aLabelLen = aSafe[aPos++]; bLabelLen = bSafe[bPos++]; + // cerr<<"aLabelLen: "<<(int)aLabelLen<<", bLabelLen: "<< (int)bLabelLen< end) + throw runtime_error("Error parsing question in incoming packet: label extends beyond packet"); + + appendEscapedLabel(ret, (const char*) pos, labellen); + + ret.append(1, '.'); + pos += labellen; + } + + if(pos + labellen + 2 <= end) + type=(*pos)*256 + *(pos+1); + // cerr << "returning: '"<parts; + stringtok(parts,content); + int pleft=parts.size(); + + // cout<<"'"<1) + data.hostmaster=attodot(parts[1]); // ahu@ds9a.nl -> ahu.ds9a.nl, piet.puk@ds9a.nl -> piet\.puk.ds9a.nl + + if(pleft>2) + data.serial=strtoul(parts[2].c_str(), NULL, 10); + + if(pleft>3) + data.refresh=atoi(parts[3].c_str()); + + if(pleft>4) + data.retry=atoi(parts[4].c_str()); + + if(pleft>5) + data.expire=atoi(parts[5].c_str()); + + if(pleft>6) + data.default_ttl=atoi(parts[6].c_str()); + +} + +string serializeSOAData(const SOAData &d) +{ + ostringstream o; + // nameservername hostmaster serial-number [refresh [retry [expire [ minimum] ] ] ] + o<((int)rcode); +} diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/dns.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/dns.hh --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/dns.hh 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/dns.hh 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,287 @@ +/* + PowerDNS Versatile Database Driven Nameserver + Copyright (C) 2002 - 2011 PowerDNS.COM BV + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License version 2 + as published by the Free Software Foundation + + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +*/ +// $Id: dns.hh 2589 2012-04-29 13:02:29Z peter $ +/* (C) 2002 POWERDNS.COM BV */ +#ifndef DNS_HH +#define DNS_HH +#include +#include +#include +#include +#include +#include +#include + + +#include "utility.hh" +#include "qtype.hh" +#include +#include +class DNSBackend; + +struct SOAData +{ + string qname; + string nameserver; + string hostmaster; + uint32_t ttl; + uint32_t serial; + uint32_t refresh; + uint32_t retry; + uint32_t expire; + uint32_t default_ttl; + int domain_id; + DNSBackend *db; + uint8_t scopeMask; +}; + + +class RCode +{ +public: + enum rcodes_ { NoError=0, FormErr=1, ServFail=2, NXDomain=3, NotImp=4, Refused=5, NotAuth=9 }; +}; + +class Opcode +{ +public: + enum { Query=0, IQuery=1, Status=2, Notify=4, Update=5 }; +}; + +//! This class represents a resource record +class DNSResourceRecord +{ +public: + DNSResourceRecord() : qclass(1), priority(0), last_modified(0), d_place(ANSWER), auth(1), scopeMask(0) {}; + ~DNSResourceRecord(){}; + + // data + + QType qtype; //!< qtype of this record, ie A, CNAME, MX etc + uint16_t qclass; //!< class of this record + string qname; //!< the name of this record, for example: www.powerdns.com + string wildcardname; + string content; //!< what this record points to. Example: 10.1.2.3 + uint16_t priority; //!< For qtypes that support a priority or preference (MX, SRV) + uint32_t ttl; //!< Time To Live of this record + int domain_id; //!< If a backend implements this, the domain_id of the zone this record is in + time_t last_modified; //!< For autocalculating SOA serial numbers - the backend needs to fill this in + enum Place {QUESTION=0, ANSWER=1, AUTHORITY=2, ADDITIONAL=3}; //!< Type describing the positioning of a DNSResourceRecord within, say, a DNSPacket + Place d_place; //!< This specifies where a record goes within the packet + + bool auth; + uint8_t scopeMask; + + template + void serialize(Archive & ar, const unsigned int version) + { + ar & qtype; + ar & qclass; + ar & qname; + ar & wildcardname; + ar & content; + ar & priority; + ar & ttl; + ar & domain_id; + ar & last_modified; + ar & d_place; + ar & auth; + } + + bool operator<(const DNSResourceRecord &b) const + { + if(qname < b.qname) + return true; + if(qname == b.qname) + return(content < b.content); + return false; + } +}; + +#ifdef _MSC_VER +# pragma pack ( push ) +# pragma pack ( 1 ) +# define GCCPACKATTRIBUTE +#else +# define GCCPACKATTRIBUTE __attribute__((packed)) +#endif +struct dnsrecordheader +{ + uint16_t d_type; + uint16_t d_class; + uint32_t d_ttl; + uint16_t d_clen; +} GCCPACKATTRIBUTE; + +struct EDNS0Record +{ + uint8_t extRCode, version; + uint16_t Z; +} GCCPACKATTRIBUTE; +#ifdef _MSC_VER +#pragma pack (pop) +#endif + +enum { + ns_t_invalid = 0, /* Cookie. */ + ns_t_a = 1, /* Host address. */ + ns_t_ns = 2, /* Authoritative server. */ + ns_t_md = 3, /* Mail destination. */ + ns_t_mf = 4, /* Mail forwarder. */ + ns_t_cname = 5, /* Canonical name. */ + ns_t_soa = 6, /* Start of authority zone. */ + ns_t_mb = 7, /* Mailbox domain name. */ + ns_t_mg = 8, /* Mail group member. */ + ns_t_mr = 9, /* Mail rename name. */ + ns_t_null = 10, /* Null resource record. */ + ns_t_wks = 11, /* Well known service. */ + ns_t_ptr = 12, /* Domain name pointer. */ + ns_t_hinfo = 13, /* Host information. */ + ns_t_minfo = 14, /* Mailbox information. */ + ns_t_mx = 15, /* Mail routing information. */ + ns_t_txt = 16, /* Text strings. */ + ns_t_rp = 17, /* Responsible person. */ + ns_t_afsdb = 18, /* AFS cell database. */ + ns_t_x25 = 19, /* X_25 calling address. */ + ns_t_isdn = 20, /* ISDN calling address. */ + ns_t_rt = 21, /* Router. */ + ns_t_nsap = 22, /* NSAP address. */ + ns_t_nsap_ptr = 23, /* Reverse NSAP lookup (deprecated). */ + ns_t_sig = 24, /* Security signature. */ + ns_t_key = 25, /* Security key. */ + ns_t_px = 26, /* X.400 mail mapping. */ + ns_t_gpos = 27, /* Geographical position (withdrawn). */ + ns_t_aaaa = 28, /* Ip6 Address. */ + ns_t_loc = 29, /* Location Information. */ + ns_t_nxt = 30, /* Next domain (security). */ + ns_t_eid = 31, /* Endpoint identifier. */ + ns_t_nimloc = 32, /* Nimrod Locator. */ + ns_t_srv = 33, /* Server Selection. */ + ns_t_atma = 34, /* ATM Address */ + ns_t_naptr = 35, /* Naming Authority PoinTeR */ + ns_t_kx = 36, /* Key Exchange */ + ns_t_cert = 37, /* Certification record */ + ns_t_a6 = 38, /* IPv6 address (deprecates AAAA) */ + ns_t_dname = 39, /* Non-terminal DNAME (for IPv6) */ + ns_t_sink = 40, /* Kitchen sink (experimental) */ + ns_t_opt = 41, /* EDNS0 option (meta-RR) */ + ns_t_ds = 43, /* Delegation signer */ + ns_t_rrsig = 46, /* Resoure Record signature */ + ns_t_nsec = 47, /* Next Record */ + ns_t_dnskey = 48, /* DNSKEY record */ + ns_t_nsec3 = 50, /* Next Record v3 */ + ns_t_nsec3param = 51, /* NSEC Parameters */ + ns_t_tlsa = 52, /* TLSA */ + ns_t_tsig = 250, /* Transaction signature. */ + ns_t_ixfr = 251, /* Incremental zone transfer. */ + ns_t_axfr = 252, /* Transfer zone of authority. */ + ns_t_mailb = 253, /* Transfer mailbox records. */ + ns_t_maila = 254, /* Transfer mail agent records. */ + ns_t_any = 255, /* Wildcard match. */ +}; + +#ifdef WIN32 +#define BYTE_ORDER 1 +#define LITTLE_ENDIAN 1 +#elif __FreeBSD__ || __APPLE__ || __OpenBSD__ +#include +#elif __linux__ +# include + +#else // with thanks to + +# define LITTLE_ENDIAN 1234 /* least-significant byte first (vax, pc) */ +# define BIG_ENDIAN 4321 /* most-significant byte first (IBM, net) */ +# define PDP_ENDIAN 3412 /* LSB first in word, MSW first in long (pdp) */ + +#if defined(vax) || defined(ns32000) || defined(sun386) || defined(i386) || \ + defined(__i386) || defined(__ia64) || defined(__amd64) || \ + defined(MIPSEL) || defined(_MIPSEL) || defined(BIT_ZERO_ON_RIGHT) || \ + defined(__alpha__) || defined(__alpha) || \ + (defined(__Lynx__) && defined(__x86__)) +# define BYTE_ORDER LITTLE_ENDIAN +#endif + +#if defined(sel) || defined(pyr) || defined(mc68000) || defined(sparc) || \ + defined(__sparc) || \ + defined(is68k) || defined(tahoe) || defined(ibm032) || defined(ibm370) || \ + defined(MIPSEB) || defined(_MIPSEB) || defined(_IBMR2) || defined(DGUX) ||\ + defined(apollo) || defined(__convex__) || defined(_CRAY) || \ + defined(__hppa) || defined(__hp9000) || \ + defined(__hp9000s300) || defined(__hp9000s700) || \ + defined(__hp3000s900) || defined(MPE) || \ + defined(BIT_ZERO_ON_LEFT) || defined(m68k) || \ + (defined(__Lynx__) && \ + (defined(__68k__) || defined(__sparc__) || defined(__powerpc__))) +# define BYTE_ORDER BIG_ENDIAN +#endif + +#endif + +struct dnsheader { + unsigned id :16; /* query identification number */ +#if BYTE_ORDER == BIG_ENDIAN + /* fields in third byte */ + unsigned qr: 1; /* response flag */ + unsigned opcode: 4; /* purpose of message */ + unsigned aa: 1; /* authoritive answer */ + unsigned tc: 1; /* truncated message */ + unsigned rd: 1; /* recursion desired */ + /* fields in fourth byte */ + unsigned ra: 1; /* recursion available */ + unsigned unused :1; /* unused bits (MBZ as of 4.9.3a3) */ + unsigned ad: 1; /* authentic data from named */ + unsigned cd: 1; /* checking disabled by resolver */ + unsigned rcode :4; /* response code */ +#endif +#if BYTE_ORDER == LITTLE_ENDIAN || BYTE_ORDER == PDP_ENDIAN + /* fields in third byte */ + unsigned rd :1; /* recursion desired */ + unsigned tc :1; /* truncated message */ + unsigned aa :1; /* authoritive answer */ + unsigned opcode :4; /* purpose of message */ + unsigned qr :1; /* response flag */ + /* fields in fourth byte */ + unsigned rcode :4; /* response code */ + unsigned cd: 1; /* checking disabled by resolver */ + unsigned ad: 1; /* authentic data from named */ + unsigned unused :1; /* unused bits (MBZ as of 4.9.3a3) */ + unsigned ra :1; /* recursion available */ +#endif + /* remaining bytes */ + unsigned qdcount :16; /* number of question entries */ + unsigned ancount :16; /* number of answer entries */ + unsigned nscount :16; /* number of authority entries */ + unsigned arcount :16; /* number of resource entries */ +}; + + +#define L theL() +extern time_t s_starttime; +std::string questionExpand(const char* packet, uint16_t len, uint16_t& type); +bool dnspacketLessThan(const std::string& a, const std::string& b); + +/** helper function for both DNSPacket and addSOARecord() - converts a line into a struct, for easier parsing */ +void fillSOAData(const string &content, SOAData &data); + +/** for use by DNSPacket, converts a SOAData class to a ascii line again */ +string serializeSOAData(const SOAData &data); +string &attodot(string &str); //!< for when you need to insert an email address in the SOA +string strrcode(unsigned char rcode); +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/dnslabeltext.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/dnslabeltext.cc --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/dnslabeltext.cc 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/dnslabeltext.cc 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,475 @@ + +#line 1 "dnslabeltext.rl" +#include +#include +#include +#include +#include +#include "namespaces.hh" + + +namespace { +void appendSplit(vector& ret, string& segment, char c) +{ + if(segment.size()>254) { + ret.push_back(segment); + segment.clear(); + } + segment.append(1, c); +} +} + +vector segmentDNSText(const string& input ) +{ + +#line 26 "dnslabeltext.cc" +static const char _dnstext_actions[] = { + 0, 1, 0, 1, 1, 1, 2, 1, + 3, 1, 4, 1, 5, 2, 0, 1, + 2, 4, 5 +}; + +static const char _dnstext_key_offsets[] = { + 0, 0, 1, 7, 11, 13, 15, 21, + 25 +}; + +static const char _dnstext_trans_keys[] = { + 34, 34, 92, 9, 10, 32, 126, 34, + 92, 48, 57, 48, 57, 48, 57, 34, + 92, 9, 10, 32, 126, 32, 34, 9, + 13, 34, 0 +}; + +static const char _dnstext_single_lengths[] = { + 0, 1, 2, 2, 0, 0, 2, 2, + 1 +}; + +static const char _dnstext_range_lengths[] = { + 0, 0, 2, 1, 1, 1, 2, 1, + 0 +}; + +static const char _dnstext_index_offsets[] = { + 0, 0, 2, 7, 11, 13, 15, 20, + 24 +}; + +static const char _dnstext_trans_targs[] = { + 2, 0, 7, 3, 2, 2, 0, 2, + 2, 4, 0, 5, 0, 6, 0, 7, + 3, 2, 2, 0, 8, 2, 8, 0, + 2, 0, 0 +}; + +static const char _dnstext_trans_actions[] = { + 3, 0, 0, 0, 11, 11, 0, 5, + 5, 7, 0, 7, 0, 7, 0, 9, + 9, 16, 16, 0, 0, 13, 0, 0, + 13, 0, 0 +}; + +static const char _dnstext_eof_actions[] = { + 0, 0, 0, 0, 0, 0, 0, 1, + 1 +}; + +static const int dnstext_start = 1; +static const int dnstext_first_final = 7; +static const int dnstext_error = 0; + +static const int dnstext_en_main = 1; + + +#line 25 "dnslabeltext.rl" + + (void)dnstext_error; // silence warnings + (void)dnstext_en_main; + const char *p = input.c_str(), *pe = input.c_str() + input.length(); + const char* eof = pe; + int cs; + char val = 0; + + string segment; + vector ret; + + +#line 99 "dnslabeltext.cc" + { + cs = dnstext_start; + } + +#line 104 "dnslabeltext.cc" + { + int _klen; + unsigned int _trans; + const char *_acts; + unsigned int _nacts; + const char *_keys; + + if ( p == pe ) + goto _test_eof; + if ( cs == 0 ) + goto _out; +_resume: + _keys = _dnstext_trans_keys + _dnstext_key_offsets[cs]; + _trans = _dnstext_index_offsets[cs]; + + _klen = _dnstext_single_lengths[cs]; + if ( _klen > 0 ) { + const char *_lower = _keys; + const char *_mid; + const char *_upper = _keys + _klen - 1; + while (1) { + if ( _upper < _lower ) + break; + + _mid = _lower + ((_upper-_lower) >> 1); + if ( (*p) < *_mid ) + _upper = _mid - 1; + else if ( (*p) > *_mid ) + _lower = _mid + 1; + else { + _trans += (_mid - _keys); + goto _match; + } + } + _keys += _klen; + _trans += _klen; + } + + _klen = _dnstext_range_lengths[cs]; + if ( _klen > 0 ) { + const char *_lower = _keys; + const char *_mid; + const char *_upper = _keys + (_klen<<1) - 2; + while (1) { + if ( _upper < _lower ) + break; + + _mid = _lower + (((_upper-_lower) >> 1) & ~1); + if ( (*p) < _mid[0] ) + _upper = _mid - 2; + else if ( (*p) > _mid[1] ) + _lower = _mid + 2; + else { + _trans += ((_mid - _keys)>>1); + goto _match; + } + } + _trans += _klen; + } + +_match: + cs = _dnstext_trans_targs[_trans]; + + if ( _dnstext_trans_actions[_trans] == 0 ) + goto _again; + + _acts = _dnstext_actions + _dnstext_trans_actions[_trans]; + _nacts = (unsigned int) *_acts++; + while ( _nacts-- > 0 ) + { + switch ( *_acts++ ) + { + case 0: +#line 37 "dnslabeltext.rl" + { + ret.push_back(segment); + segment.clear(); + } + break; + case 1: +#line 41 "dnslabeltext.rl" + { + segment.clear(); + } + break; + case 2: +#line 45 "dnslabeltext.rl" + { + char c = *p; + appendSplit(ret, segment, c); + } + break; + case 3: +#line 49 "dnslabeltext.rl" + { + char c = *p; + val *= 10; + val += c-'0'; + + } + break; + case 4: +#line 55 "dnslabeltext.rl" + { + appendSplit(ret, segment, val); + val=0; + } + break; + case 5: +#line 60 "dnslabeltext.rl" + { + appendSplit(ret, segment, *(p)); + } + break; +#line 219 "dnslabeltext.cc" + } + } + +_again: + if ( cs == 0 ) + goto _out; + if ( ++p != pe ) + goto _resume; + _test_eof: {} + if ( p == eof ) + { + const char *__acts = _dnstext_actions + _dnstext_eof_actions[cs]; + unsigned int __nacts = (unsigned int) *__acts++; + while ( __nacts-- > 0 ) { + switch ( *__acts++ ) { + case 0: +#line 37 "dnslabeltext.rl" + { + ret.push_back(segment); + segment.clear(); + } + break; +#line 242 "dnslabeltext.cc" + } + } + } + + _out: {} + } + +#line 73 "dnslabeltext.rl" + + + if ( cs < dnstext_first_final ) { + throw runtime_error("Unable to parse DNS TXT '"+input+"'"); + } + + return ret; +}; +string segmentDNSLabel(const string& input ) +{ + +#line 262 "dnslabeltext.cc" +static const char _dnslabel_actions[] = { + 0, 1, 0, 1, 1, 1, 2, 1, + 3, 1, 4, 2, 3, 0, 2, 3, + 4 +}; + +static const char _dnslabel_key_offsets[] = { + 0, 0, 4, 8, 10, 12, 16 +}; + +static const char _dnslabel_trans_keys[] = { + 46, 92, 32, 126, 46, 92, 48, 57, + 48, 57, 48, 57, 46, 92, 32, 126, + 46, 92, 32, 126, 0 +}; + +static const char _dnslabel_single_lengths[] = { + 0, 2, 2, 0, 0, 2, 2 +}; + +static const char _dnslabel_range_lengths[] = { + 0, 1, 1, 1, 1, 1, 1 +}; + +static const char _dnslabel_index_offsets[] = { + 0, 0, 4, 8, 10, 12, 16 +}; + +static const char _dnslabel_trans_targs[] = { + 6, 2, 1, 0, 1, 1, 3, 0, + 4, 0, 5, 0, 6, 2, 1, 0, + 6, 2, 1, 0, 0 +}; + +static const char _dnslabel_trans_actions[] = { + 1, 0, 9, 0, 3, 3, 5, 0, + 5, 0, 5, 0, 11, 7, 14, 0, + 1, 0, 9, 0, 0 +}; + +static const int dnslabel_start = 1; +static const int dnslabel_first_final = 6; +static const int dnslabel_error = 0; + +static const int dnslabel_en_main = 1; + + +#line 86 "dnslabeltext.rl" + + (void)dnslabel_error; // silence warnings + (void)dnslabel_en_main; + const char *p = input.c_str(), *pe = input.c_str() + input.length(); + //const char* eof = pe; + int cs; + char val = 0; + + string ret; + string segment; + + +#line 323 "dnslabeltext.cc" + { + cs = dnslabel_start; + } + +#line 328 "dnslabeltext.cc" + { + int _klen; + unsigned int _trans; + const char *_acts; + unsigned int _nacts; + const char *_keys; + + if ( p == pe ) + goto _test_eof; + if ( cs == 0 ) + goto _out; +_resume: + _keys = _dnslabel_trans_keys + _dnslabel_key_offsets[cs]; + _trans = _dnslabel_index_offsets[cs]; + + _klen = _dnslabel_single_lengths[cs]; + if ( _klen > 0 ) { + const char *_lower = _keys; + const char *_mid; + const char *_upper = _keys + _klen - 1; + while (1) { + if ( _upper < _lower ) + break; + + _mid = _lower + ((_upper-_lower) >> 1); + if ( (*p) < *_mid ) + _upper = _mid - 1; + else if ( (*p) > *_mid ) + _lower = _mid + 1; + else { + _trans += (_mid - _keys); + goto _match; + } + } + _keys += _klen; + _trans += _klen; + } + + _klen = _dnslabel_range_lengths[cs]; + if ( _klen > 0 ) { + const char *_lower = _keys; + const char *_mid; + const char *_upper = _keys + (_klen<<1) - 2; + while (1) { + if ( _upper < _lower ) + break; + + _mid = _lower + (((_upper-_lower) >> 1) & ~1); + if ( (*p) < _mid[0] ) + _upper = _mid - 2; + else if ( (*p) > _mid[1] ) + _lower = _mid + 2; + else { + _trans += ((_mid - _keys)>>1); + goto _match; + } + } + _trans += _klen; + } + +_match: + cs = _dnslabel_trans_targs[_trans]; + + if ( _dnslabel_trans_actions[_trans] == 0 ) + goto _again; + + _acts = _dnslabel_actions + _dnslabel_trans_actions[_trans]; + _nacts = (unsigned int) *_acts++; + while ( _nacts-- > 0 ) + { + switch ( *_acts++ ) + { + case 0: +#line 98 "dnslabeltext.rl" + { + printf("Segment end, segment = '%s'\n", segment.c_str()); + ret.append(1, (unsigned char)segment.size()); + ret.append(segment); + segment.clear(); + } + break; + case 1: +#line 105 "dnslabeltext.rl" + { + printf("'\\%c' ", *p); + segment.append(1, *p); + } + break; + case 2: +#line 109 "dnslabeltext.rl" + { + char c = *p; + val *= 10; + val += c-'0'; + + } + break; + case 3: +#line 115 "dnslabeltext.rl" + { + printf("_%c_ ", val); + segment.append(1, val); + val=0; + } + break; + case 4: +#line 121 "dnslabeltext.rl" + { + printf("'%c' ", *p); + segment.append(1, *p); + } + break; +#line 441 "dnslabeltext.cc" + } + } + +_again: + if ( cs == 0 ) + goto _out; + if ( ++p != pe ) + goto _resume; + _test_eof: {} + _out: {} + } + +#line 136 "dnslabeltext.rl" + + + if ( cs < dnslabel_first_final ) { + throw runtime_error("Unable to parse DNS Label '"+input+"'"); + } + + if(ret.empty() || ret[0] != 0) + ret.append(1, 0); + return ret; +}; +#if 0 +int main() +{ + //char blah[]="\"blah\" \"bleh\" \"bloeh\\\"bleh\" \"\\97enzo\""; + char blah[]="\"v=spf1 ip4:67.106.74.128/25 ip4:63.138.42.224/28 ip4:65.204.46.224/27 \\013\\010ip4:66.104.217.176/28 \\013\\010ip4:209.48.147.0/27 ~all\""; + //char blah[]="\"abc \\097\\098 def\""; + printf("Input: '%s'\n", blah); + vector res=dnstext(blah); + cerr< +#include + +#include "namespaces.hh" + +class UnknownRecordContent : public DNSRecordContent +{ +public: + UnknownRecordContent(const DNSRecord& dr, PacketReader& pr) + : DNSRecordContent(dr.d_type), d_dr(dr) + { + pr.copyRecord(d_record, dr.d_clen); + } + + UnknownRecordContent(const string& zone) : DNSRecordContent(0) + { + d_record.insert(d_record.end(), zone.begin(), zone.end()); + } + + string getZoneRepresentation() const + { + ostringstream str; + str<<"\\# "<<(unsigned int)d_record.size()<<" "; + char hex[4]; + for(size_t n=0; n parts; + stringtok(parts, tmp); + if(parts.size()!=3 && !(parts.size()==2 && equals(parts[1],"0")) ) + throw MOADNSException("Unknown record was stored incorrectly, need 3 fields, got "+lexical_cast(parts.size())+": "+tmp ); + const string& relevant=(parts.size() > 2) ? parts[2] : ""; + unsigned int total=atoi(parts[1].c_str()); + if(relevant.size()!=2*total) + throw runtime_error("invalid unknown record"); + string out; + out.reserve(total+1); + for(unsigned int n=0; n < total; ++n) { + int c; + sscanf(relevant.c_str()+2*n, "%02x", &c); + out.append(1, (char)c); + } + pw.xfrBlob(out); + } +private: + DNSRecord d_dr; + vector d_record; +}; + +static const string EncodeDNSLabel(const string& input) +{ + if(input.length() == 1 && input[0]=='.') // otherwise we encode .. (long story) + return string (1, 0); + + labelparts_t parts; + bool unescapedSomething = labeltokUnescape(parts, input); + string ret; + + if(!unescapedSomething) { + for(labelparts_t::const_iterator i=parts.begin(); i!=parts.end(); ++i) { + ret.append(1, i->second - i->first); + ret.append(input.c_str() + i->first, i->second - i->first); + } + + } else { + for(labelparts_t::const_iterator i=parts.begin(); i!=parts.end(); ++i) { + string part(input.c_str() + i->first, i->second - i->first); + boost::replace_all(part, "\\\\", "\\"); + boost::replace_all(part, "\\.", "."); + + ret.append(1, part.length()); + ret.append(part); + } + } + ret.append(1, 0); + return ret; +} + + +shared_ptr DNSRecordContent::unserialize(const string& qname, uint16_t qtype, const string& serialized) +{ + dnsheader dnsheader; + memset(&dnsheader, 0, sizeof(dnsheader)); + dnsheader.qdcount=htons(1); + dnsheader.ancount=htons(1); + + vector packet; // build pseudo packet + + /* will look like: dnsheader, 5 bytes, encoded qname, dns record header, serialized data */ + + string encoded=EncodeDNSLabel(qname); + + packet.resize(sizeof(dnsheader) + 5 + encoded.size() + sizeof(struct dnsrecordheader) + serialized.size()); + + uint16_t pos=0; + + memcpy(&packet[0], &dnsheader, sizeof(dnsheader)); pos+=sizeof(dnsheader); + + char tmp[6]="\x0" "\x0\x1" "\x0\x1"; // root question for ns_t_a + memcpy(&packet[pos], &tmp, 5); pos+=5; + + memcpy(&packet[pos], encoded.c_str(), encoded.size()); pos+=(uint16_t)encoded.size(); + + struct dnsrecordheader drh; + drh.d_type=htons(qtype); + drh.d_class=htons(1); + drh.d_ttl=0; + drh.d_clen=htons(serialized.size()); + + memcpy(&packet[pos], &drh, sizeof(drh)); pos+=sizeof(drh); + memcpy(&packet[pos], serialized.c_str(), serialized.size()); pos+=(uint16_t)serialized.size(); + + MOADNSParser mdp((char*)&*packet.begin(), (unsigned int)packet.size()); + shared_ptr ret= mdp.d_answers.begin()->first.d_content; + ret->header.d_type=ret->d_qtype; + ret->label=mdp.d_answers.begin()->first.d_label; + ret->header.d_ttl=mdp.d_answers.begin()->first.d_ttl; + return ret; +} + +DNSRecordContent* DNSRecordContent::mastermake(const DNSRecord &dr, + PacketReader& pr) +{ + uint16_t searchclass = (dr.d_type == QType::OPT) ? 1 : dr.d_class; // class is invalid for OPT + + typemap_t::const_iterator i=getTypemap().find(make_pair(searchclass, dr.d_type)); + if(i==getTypemap().end() || !i->second) { + return new UnknownRecordContent(dr, pr); + } + + return i->second(dr, pr); +} + +DNSRecordContent* DNSRecordContent::mastermake(uint16_t qtype, uint16_t qclass, + const string& content) +{ + zmakermap_t::const_iterator i=getZmakermap().find(make_pair(qclass, qtype)); + if(i==getZmakermap().end()) { + return new UnknownRecordContent(content); + } + + return i->second(content); +} + +DNSRecordContent::typemap_t& DNSRecordContent::getTypemap() +{ + static DNSRecordContent::typemap_t typemap; + return typemap; +} + +DNSRecordContent::n2typemap_t& DNSRecordContent::getN2Typemap() +{ + static DNSRecordContent::n2typemap_t n2typemap; + return n2typemap; +} + +DNSRecordContent::t2namemap_t& DNSRecordContent::getT2Namemap() +{ + static DNSRecordContent::t2namemap_t t2namemap; + return t2namemap; +} + + +DNSRecordContent::zmakermap_t& DNSRecordContent::getZmakermap() +{ + static DNSRecordContent::zmakermap_t zmakermap; + return zmakermap; +} + +void MOADNSParser::init(const char *packet, unsigned int len) +{ + if(len < sizeof(dnsheader)) + throw MOADNSException("Packet shorter than minimal header"); + + memcpy(&d_header, packet, sizeof(dnsheader)); + + if(d_header.opcode!=0 && d_header.opcode != 4) // notification + throw MOADNSException("Can't parse non-query packet with opcode="+ lexical_cast(d_header.opcode)); + + d_header.qdcount=ntohs(d_header.qdcount); + d_header.ancount=ntohs(d_header.ancount); + d_header.nscount=ntohs(d_header.nscount); + d_header.arcount=ntohs(d_header.arcount); + + uint16_t contentlen=len-sizeof(dnsheader); + + d_content.resize(contentlen); + copy(packet+sizeof(dnsheader), packet+len, d_content.begin()); + + unsigned int n=0; + + PacketReader pr(d_content); + bool validPacket=false; + try { + d_qtype = d_qclass = 0; // sometimes replies come in with no question, don't present garbage then + + for(n=0;n < d_header.qdcount; ++n) { + d_qname=pr.getLabel(); + d_qtype=pr.get16BitInt(); + d_qclass=pr.get16BitInt(); + } + + struct dnsrecordheader ah; + vector record; + validPacket=true; + for(n=0;n < (unsigned int)(d_header.ancount + d_header.nscount + d_header.arcount); ++n) { + DNSRecord dr; + + if(n < d_header.ancount) + dr.d_place=DNSRecord::Answer; + else if(n < d_header.ancount + d_header.nscount) + dr.d_place=DNSRecord::Nameserver; + else + dr.d_place=DNSRecord::Additional; + + unsigned int recordStartPos=pr.d_pos; + + string label=pr.getLabel(); + + pr.getDnsrecordheader(ah); + dr.d_ttl=ah.d_ttl; + dr.d_type=ah.d_type; + dr.d_class=ah.d_class; + + dr.d_label=label; + dr.d_clen=ah.d_clen; + + dr.d_content=boost::shared_ptr(DNSRecordContent::mastermake(dr, pr)); + d_answers.push_back(make_pair(dr, pr.d_pos)); + + if(dr.d_type == QType::TSIG && dr.d_class == 0xff) + d_tsigPos = recordStartPos + sizeof(struct dnsheader); + } + +#if 0 + if(pr.d_pos!=contentlen) { + throw MOADNSException("Packet ("+d_qname+"|#"+lexical_cast(d_qtype)+") has trailing garbage ("+ lexical_cast(pr.d_pos) + " < " + + lexical_cast(contentlen) + ")"); + } +#endif + } + catch(std::out_of_range &re) { + if(validPacket && d_header.tc) { // don't sweat it over truncated packets, but do adjust an, ns and arcount + if(n < d_header.ancount) { + d_header.ancount=n; d_header.nscount = d_header.arcount = 0; + } + else if(n < d_header.ancount + d_header.nscount) { + d_header.nscount = n - d_header.ancount; d_header.arcount=0; + } + else { + d_header.arcount = n - d_header.ancount - d_header.nscount; + } + } + else { + throw MOADNSException("Error parsing packet of "+lexical_cast(len)+" bytes (rd="+ + lexical_cast(d_header.rd)+ + "), out of bounds: "+string(re.what())); + } + } +} + + +void PacketReader::getDnsrecordheader(struct dnsrecordheader &ah) +{ + unsigned int n; + unsigned char *p=reinterpret_cast(&ah); + + for(n=0; n < sizeof(dnsrecordheader); ++n) + p[n]=d_content.at(d_pos++); + + ah.d_type=ntohs(ah.d_type); + ah.d_class=ntohs(ah.d_class); + ah.d_clen=ntohs(ah.d_clen); + ah.d_ttl=ntohl(ah.d_ttl); + + d_startrecordpos=d_pos; // needed for getBlob later on + d_recordlen=ah.d_clen; +} + + +void PacketReader::copyRecord(vector& dest, uint16_t len) +{ + dest.resize(len); + if(!len) + return; + + for(uint16_t n=0;n d_content.size()) + throw std::out_of_range("Attempt to copy outside of packet"); + + memcpy(dest, &d_content.at(d_pos), len); + d_pos+=len; +} + +void PacketReader::xfr48BitInt(uint64_t& ret) +{ + ret=0; + ret+=d_content.at(d_pos++); + ret<<=8; + ret+=d_content.at(d_pos++); + ret<<=8; + ret+=d_content.at(d_pos++); + ret<<=8; + ret+=d_content.at(d_pos++); + ret<<=8; + ret+=d_content.at(d_pos++); + ret<<=8; + ret+=d_content.at(d_pos++); +} + +uint32_t PacketReader::get32BitInt() +{ + uint32_t ret=0; + ret+=d_content.at(d_pos++); + ret<<=8; + ret+=d_content.at(d_pos++); + ret<<=8; + ret+=d_content.at(d_pos++); + ret<<=8; + ret+=d_content.at(d_pos++); + + return ret; +} + + +uint16_t PacketReader::get16BitInt() +{ + return get16BitInt(d_content, d_pos); +} + +uint16_t PacketReader::get16BitInt(const vector&content, uint16_t& pos) +{ + uint16_t ret=0; + ret+=content.at(pos++); + ret<<=8; + ret+=content.at(pos++); + + return ret; +} + +uint8_t PacketReader::get8BitInt() +{ + return d_content.at(d_pos++); +} + + +string PacketReader::getLabel(unsigned int recurs) +{ + string ret; + ret.reserve(40); + getLabelFromContent(d_content, d_pos, ret, recurs++); + return ret; +} + +static string txtEscape(const string &name) +{ + string ret; + + for(string::const_iterator i=name.begin();i!=name.end();++i) + if(*i=='\n') { // XXX FIXME this should do a way better job! + ret += "\\010"; + } + else if(*i=='"' || *i=='\\'){ + ret += '\\'; + ret += *i; + } + else + ret += *i; + return ret; +} + +// exceptions thrown here do not result in logging in the main pdns auth server - just so you know! +string PacketReader::getText(bool multi) +{ + string ret; + ret.reserve(40); + while(d_pos < d_startrecordpos + d_recordlen ) { + if(!ret.empty()) { + ret.append(1,' '); + } + unsigned char labellen=d_content.at(d_pos++); + + ret.append(1,'"'); + if(labellen) { // no need to do anything for an empty string + string val(&d_content.at(d_pos), &d_content.at(d_pos+labellen-1)+1); + ret.append(txtEscape(val)); // the end is one beyond the packet + } + ret.append(1,'"'); + d_pos+=labellen; + if(!multi) + break; + } + + return ret; +} + + +void PacketReader::getLabelFromContent(const vector& content, uint16_t& frompos, string& ret, int recurs) +{ + if(recurs > 10) + throw MOADNSException("Loop"); + + for(;;) { + unsigned char labellen=content.at(frompos++); + + if(!labellen) { + if(ret.empty()) + ret.append(1,'.'); + break; + } + if((labellen & 0xc0) == 0xc0) { + uint16_t offset=256*(labellen & ~0xc0) + (unsigned int)content.at(frompos++) - sizeof(dnsheader); + // cout<<"This is an offset, need to go to: "< > parts_t; + parts_t parts; + vstringtok(parts, label, "."); + string ret; + ret.reserve(label.size()+4); + for(parts_t::const_iterator i=parts.begin(); i!=parts.end(); ++i) { + if(!root.empty() && !strncasecmp(root.c_str(), label.c_str() + i->first, 1 + label.length() - i->first)) { // also match trailing 0, hence '1 +' + const char rootptr[2]={0xc0,0x11}; + ret.append(rootptr, 2); + return ret; + } + ret.append(1, (char)(i->second - i->first)); + ret.append(label.c_str() + i->first, i->second - i->first); + } + ret.append(1, (char)0); + return ret; +} + + +void simpleExpandTo(const string& label, unsigned int frompos, string& ret) +{ + unsigned int labellen=0; + while((labellen=label.at(frompos++))) { + ret.append(label.c_str()+frompos, labellen); + ret.append(1,'.'); + frompos+=labellen; + } +} + +/** Simple DNSPacketMangler. Ritual is: get a pointer into the packet and moveOffset() to beyond your needs + * If you survive that, feel free to read from the pointer */ +class DNSPacketMangler +{ +public: + explicit DNSPacketMangler(std::string& packet) + : d_packet(packet), d_notyouroffset(12), d_offset(d_notyouroffset) + {} + + void skipLabel() + { + uint8_t len; + while((len=get8BitInt())) { + if(len >= 0xc0) { // extended label + get8BitInt(); + return; + } + skipBytes(len); + } + } + void skipBytes(uint16_t bytes) + { + moveOffset(bytes); + } + uint16_t get16BitInt() + { + const char* p = d_packet.c_str() + d_offset; + moveOffset(2); + uint16_t ret; + memcpy(&ret, (void*)p, 2); + return ntohs(ret); + } + + uint8_t get8BitInt() + { + const char* p = d_packet.c_str() + d_offset; + moveOffset(1); + return *p; + } + + void skipRData() + { + int toskip = get16BitInt(); + moveOffset(toskip); + } + void decreaseAndSkip32BitInt(uint32_t decrease) + { + const char *p = (const char*)d_packet.c_str() + d_offset; + moveOffset(4); + + uint32_t tmp; + memcpy(&tmp, (void*) p, sizeof(tmp)); + tmp = ntohl(tmp); + tmp-=decrease; + tmp = htonl(tmp); + d_packet.replace(d_offset-4, sizeof(tmp), (const char*)&tmp, sizeof(tmp)); + } +private: + void moveOffset(uint16_t by) + { + d_notyouroffset += by; + if(d_notyouroffset > d_packet.length()) + throw std::out_of_range("dns packet out of range: "+lexical_cast(d_notyouroffset) +" > " + + lexical_cast(d_packet.length()) ); + } + std::string& d_packet; + + uint32_t d_notyouroffset; // only 'moveOffset' can touch this + const uint32_t& d_offset; // look.. but don't touch + +}; + +// method of operation: silently fail if it doesn't work - we're only trying to be nice, don't fall over on it +void ageDNSPacket(std::string& packet, uint32_t seconds) +{ + if(packet.length() < sizeof(dnsheader)) + return; + try + { + dnsheader dh; + memcpy((void*)&dh, (const dnsheader*)packet.c_str(), sizeof(dh)); + int numrecords = ntohs(dh.ancount) + ntohs(dh.nscount) + ntohs(dh.arcount); + DNSPacketMangler dpm(packet); + + int n; + for(n=0; n < ntohs(dh.qdcount) ; ++n) { + dpm.skipLabel(); + dpm.skipBytes(4); // qtype, qclass + } + // cerr<<"Skipped "< +#include +#include +#include +#include +#include +// #include +#include "misc.hh" +#include +#include +#include +#include +#include "dns.hh" +#include "dnswriter.hh" + +/** DNS records have three representations: + 1) in the packet + 2) parsed in a class, ready for use + 3) in the zone + + We should implement bidirectional transitions between 1&2 and 2&3. + Currently we have: 1 -> 2 + 2 -> 3 + + We can add: 2 -> 1 easily by reversing the packetwriter + And we might be able to reverse 2 -> 3 as well +*/ + +#include "namespaces.hh" +#include "namespaces.hh" + +class MOADNSException : public runtime_error +{ +public: + MOADNSException(const string& str) : runtime_error(str) + {} +}; + + +class MOADNSParser; + +class PacketReader +{ +public: + PacketReader(const vector& content) + : d_pos(0), d_startrecordpos(0), d_content(content) + { + d_recordlen = content.size(); + } + + uint32_t get32BitInt(); + uint16_t get16BitInt(); + uint8_t get8BitInt(); + + void xfr48BitInt(uint64_t& val); + + void xfr32BitInt(uint32_t& val) + { + val=get32BitInt(); + } + + void xfrIP(uint32_t& val) + { + xfr32BitInt(val); + val=htonl(val); + } + + void xfrTime(uint32_t& val) + { + xfr32BitInt(val); + } + + + void xfr16BitInt(uint16_t& val) + { + val=get16BitInt(); + } + + void xfrType(uint16_t& val) + { + xfr16BitInt(val); + } + + + void xfr8BitInt(uint8_t& val) + { + val=get8BitInt(); + } + + + void xfrLabel(string &label, bool compress=false) + { + label=getLabel(); + } + + void xfrText(string &text, bool multi=false) + { + text=getText(multi); + } + + void xfrBlob(string& blob); + void xfrBlob(string& blob, int length); + void xfrHexBlob(string& blob, bool keepReading=false); + + static uint16_t get16BitInt(const vector&content, uint16_t& pos); + static void getLabelFromContent(const vector& content, uint16_t& frompos, string& ret, int recurs); + + void getDnsrecordheader(struct dnsrecordheader &ah); + void copyRecord(vector& dest, uint16_t len); + void copyRecord(unsigned char* dest, uint16_t len); + + string getLabel(unsigned int recurs=0); + string getText(bool multi); + + uint16_t d_pos; + +private: + uint16_t d_startrecordpos; // needed for getBlob later on + uint16_t d_recordlen; // ditto + const vector& d_content; +}; + +struct DNSRecord; + +class DNSRecordContent +{ +public: + static DNSRecordContent* mastermake(const DNSRecord &dr, PacketReader& pr); + static DNSRecordContent* mastermake(uint16_t qtype, uint16_t qclass, const string& zone); + + virtual std::string getZoneRepresentation() const = 0; + virtual ~DNSRecordContent() {} + virtual void toPacket(DNSPacketWriter& pw)=0; + virtual string serialize(const string& qname, bool canonic=false, bool lowerCase=false) // it would rock if this were const, but it is too hard + { + vector packet; + string empty; + DNSPacketWriter pw(packet, empty, 1); + if(canonic) + pw.setCanonic(true); + + if(lowerCase) + pw.setLowercase(true); + + pw.startRecord(qname, d_qtype); + this->toPacket(pw); + pw.commit(); + + string record; + pw.getRecords(record); + return record; + } + + static shared_ptr unserialize(const string& qname, uint16_t qtype, const string& serialized); + + void doRecordCheck(const struct DNSRecord&){} + + std::string label; + struct dnsrecordheader header; + + typedef DNSRecordContent* makerfunc_t(const struct DNSRecord& dr, PacketReader& pr); + typedef DNSRecordContent* zmakerfunc_t(const string& str); + + static void regist(uint16_t cl, uint16_t ty, makerfunc_t* f, zmakerfunc_t* z, const char* name) + { + if(f) + getTypemap()[make_pair(cl,ty)]=f; + if(z) + getZmakermap()[make_pair(cl,ty)]=z; + + getT2Namemap().insert(make_pair(make_pair(cl,ty), name)); + getN2Typemap().insert(make_pair(name, make_pair(cl,ty))); + } + + static void unregist(uint16_t cl, uint16_t ty) + { + pair key=make_pair(cl, ty); + getTypemap().erase(key); + getZmakermap().erase(key); + } + + static uint16_t TypeToNumber(const string& name) + { + n2typemap_t::const_iterator iter = getN2Typemap().find(toUpper(name)); + if(iter != getN2Typemap().end()) + return iter->second.second; + + if(boost::starts_with(name, "TYPE")) + return atoi(name.c_str()+4); + + throw runtime_error("Unknown DNS type '"+name+"'"); + } + + static const string NumberToType(uint16_t num, uint16_t classnum=1) + { + t2namemap_t::const_iterator iter = getT2Namemap().find(make_pair(classnum, num)); + if(iter == getT2Namemap().end()) + return "TYPE" + lexical_cast(num); + // throw runtime_error("Unknown DNS type with numerical id "+lexical_cast(num)); + return iter->second; + } + + explicit DNSRecordContent(uint16_t type) : d_qtype(type) + {} + + + DNSRecordContent& operator=(const DNSRecordContent& orig) + { + const_cast(d_qtype) = orig.d_qtype; // **COUGH** + label = orig.label; + header = orig.header; + return *this; + } + + + const uint16_t d_qtype; + +protected: + typedef std::map, makerfunc_t* > typemap_t; + typedef std::map, zmakerfunc_t* > zmakermap_t; + typedef std::map, string > t2namemap_t; + typedef std::map > n2typemap_t; + static typemap_t& getTypemap(); + static t2namemap_t& getT2Namemap(); + static n2typemap_t& getN2Typemap(); + static zmakermap_t& getZmakermap(); +}; + +struct DNSRecord +{ + std::string d_label; + uint16_t d_type; + uint16_t d_class; + uint32_t d_ttl; + uint16_t d_clen; + enum {Answer=1, Nameserver, Additional} d_place; + boost::shared_ptr d_content; + + bool operator<(const DNSRecord& rhs) const + { + string lzrp, rzrp; + if(d_content) + lzrp=toLower(d_content->getZoneRepresentation()); + if(rhs.d_content) + rzrp=toLower(rhs.d_content->getZoneRepresentation()); + + string llabel=toLower(d_label); + string rlabel=toLower(rhs.d_label); + + return + tie(llabel, d_type, d_class, lzrp) < + tie(rlabel, rhs.d_type, rhs.d_class, rzrp); + } + + bool operator==(const DNSRecord& rhs) const + { + string lzrp, rzrp; + if(d_content) + lzrp=toLower(d_content->getZoneRepresentation()); + if(rhs.d_content) + rzrp=toLower(rhs.d_content->getZoneRepresentation()); + + string llabel=toLower(d_label); + string rlabel=toLower(rhs.d_label); + + return + tie(llabel, d_type, d_class, lzrp) == + tie(rlabel, rhs.d_type, rhs.d_class, rzrp); + } +}; + +//! This class can be used to parse incoming packets, and is copyable +class MOADNSParser : public boost::noncopyable +{ +public: + //! Parse from a string + MOADNSParser(const string& buffer) : d_tsigPos(0) + { + init(buffer.c_str(), (unsigned int)buffer.size()); + } + + //! Parse from a pointer and length + MOADNSParser(const char *packet, unsigned int len) : d_tsigPos(0) + { + init(packet, len); + } + + dnsheader d_header; + string d_qname; + uint16_t d_qclass, d_qtype; + //uint8_t d_rcode; + + typedef vector > answers_t; + + //! All answers contained in this packet + answers_t d_answers; + + shared_ptr getPacketReader(uint16_t offset) + { + shared_ptr pr(new PacketReader(d_content)); + pr->d_pos=offset; + return pr; + } + + uint16_t getTSIGPos() + { + return d_tsigPos; + } +private: + void getDnsrecordheader(struct dnsrecordheader &ah); + void init(const char *packet, unsigned int len); + vector d_content; + uint16_t d_tsigPos; +}; + +string simpleCompress(const string& label, const string& root=""); +void simpleExpandTo(const string& label, unsigned int frompos, string& ret); +void ageDNSPacket(std::string& packet, uint32_t seconds); +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/dns_random.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/dns_random.cc --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/dns_random.cc 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/dns_random.cc 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,72 @@ +#include "aescpp.h" +#include +#include +#include +#include +#include +#include +#include "dns_random.hh" + +using namespace std; + +static aes_encrypt_ctx g_cx; +static unsigned char g_counter[16]; +static uint32_t g_in; + +static bool g_initialized; + +void dns_random_init(const char data[16]) +{ + aes_init(); + + aes_encrypt_key128((const unsigned char*)data, &g_cx); + struct timeval now; + gettimeofday(&now, 0); + + memcpy(g_counter, &now.tv_usec, sizeof(now.tv_usec)); + memcpy(g_counter+sizeof(now.tv_usec), &now.tv_sec, sizeof(now.tv_sec)); + g_in = getpid() | (getppid()<<16); + + g_initialized = true; + srandom(dns_random(numeric_limits::max())); +} + +static void counterIncrement(unsigned char* counter) +{ + if(!++counter[0]) + if(!++counter[1]) + if(!++counter[2]) + if(!++counter[3]) + if(!++counter[4]) + if(!++counter[5]) + if(!++counter[6]) + if(!++counter[7]) + if(!++counter[8]) + if(!++counter[9]) + if(!++counter[10]) + if(!++counter[11]) + if(!++counter[12]) + if(!++counter[13]) + if(!++counter[14]) + ++counter[15]; + +} + +unsigned int dns_random(unsigned int n) +{ + if(!g_initialized) + abort(); + uint32_t out; + aes_ctr_encrypt((unsigned char*) &g_in, (unsigned char*)& out, sizeof(g_in), g_counter, counterIncrement, &g_cx); + return out % n; +} + +#if 0 +int main() +{ + dns_random_init("0123456789abcdef"); + + for(int n = 0; n < 16; n++) + cerr< + +boilerplate_conv(A, ns_t_a, conv.xfrIP(d_ip)); + +ARecordContent::ARecordContent(uint32_t ip) : DNSRecordContent(ns_t_a) +{ + d_ip = ip; +} + +uint32_t ARecordContent::getIP() const +{ + return d_ip; +} + +void ARecordContent::doRecordCheck(const DNSRecord& dr) +{ + if(dr.d_clen!=4) + throw MOADNSException("Wrong size for A record ("+lexical_cast(dr.d_clen)+")"); +} + +class AAAARecordContent : public DNSRecordContent +{ +public: + AAAARecordContent() : DNSRecordContent(ns_t_aaaa) + {} + + static void report(void) + { + regist(1, ns_t_aaaa, &make, &make, "AAAA"); + } + + static DNSRecordContent* make(const DNSRecord &dr, PacketReader& pr) + { + if(dr.d_clen!=16) + throw MOADNSException("Wrong size for AAAA record"); + + AAAARecordContent* ret=new AAAARecordContent(); + pr.copyRecord((unsigned char*) &ret->d_ip6, 16); + return ret; + } + + static DNSRecordContent* make(const string& zone) + { + AAAARecordContent *ar=new AAAARecordContent(); + if(Utility::inet_pton( AF_INET6, zone.c_str(), static_cast< void * >( ar->d_ip6 )) <= 0) + throw MOADNSException("Asked to encode '"+zone+"' as an IPv6 address, but does not parse"); + return ar; + } + + void toPacket(DNSPacketWriter& pw) + { + string blob(d_ip6, d_ip6+16); + pw.xfrBlob(blob); + } + + string getZoneRepresentation() const + { + struct sockaddr_in6 addr; + memset(&addr, 0, sizeof(addr)); + addr.sin6_family=AF_INET6; + memcpy(&addr.sin6_addr, d_ip6, 16); + + char tmp[128]; + tmp[0]=0; + Utility::inet_ntop(AF_INET6, (const char*)& addr.sin6_addr, tmp, sizeof(tmp)); + return tmp; + } + +private: + unsigned char d_ip6[16]; +}; + + + +boilerplate_conv(NS, ns_t_ns, conv.xfrLabel(d_content, true)); +boilerplate_conv(PTR, ns_t_ptr, conv.xfrLabel(d_content, true)); +boilerplate_conv(CNAME, ns_t_cname, conv.xfrLabel(d_content, true)); +boilerplate_conv(MR, ns_t_mr, conv.xfrLabel(d_alias, false)); +boilerplate_conv(TXT, ns_t_txt, conv.xfrText(d_text, true)); +boilerplate_conv(SPF, 99, conv.xfrText(d_text, true)); +boilerplate_conv(HINFO, ns_t_hinfo, conv.xfrText(d_cpu); conv.xfrText(d_host)); + +boilerplate_conv(RP, ns_t_rp, + conv.xfrLabel(d_mbox); + conv.xfrLabel(d_info) + ); + + +boilerplate_conv(OPT, ns_t_opt, + conv.xfrBlob(d_data) + ); + +void OPTRecordContent::getData(vector >& options) +{ + string::size_type pos=0; + uint16_t code, len; + while(d_data.size() >= 4 + pos) { + code = 256 * (unsigned char)d_data[pos] + (unsigned char)d_data[pos+1]; + len = 256 * (unsigned char)d_data[pos+2] + (unsigned char)d_data[pos+3]; + pos+=4; + + if(pos + len > d_data.size()) + break; + + string field(d_data.c_str() + pos, len); + pos+=len; + options.push_back(make_pair(code, field)); + } +} + +boilerplate_conv(TSIG, ns_t_tsig, + conv.xfrLabel(d_algoName); + conv.xfr48BitInt(d_time); + conv.xfr16BitInt(d_fudge); + uint16_t size=d_mac.size(); + conv.xfr16BitInt(size); + conv.xfrBlob(d_mac, size); + conv.xfr16BitInt(d_origID); + conv.xfr16BitInt(d_eRcode); + size=d_otherData.size(); + conv.xfr16BitInt(size); + conv.xfrBlob(d_otherData, size); + ); + +MXRecordContent::MXRecordContent(uint16_t preference, const string& mxname) : DNSRecordContent(ns_t_mx), d_preference(preference), d_mxname(mxname) +{ +} + +boilerplate_conv(MX, ns_t_mx, + conv.xfr16BitInt(d_preference); + conv.xfrLabel(d_mxname, true); + ) + +boilerplate_conv(KX, ns_t_kx, + conv.xfr16BitInt(d_preference); + conv.xfrLabel(d_exchanger, false); + ) + +boilerplate_conv(IPSECKEY, 45, /* ns_t_ipsec */ + conv.xfr8BitInt(d_preference); + conv.xfr8BitInt(d_gatewaytype); + conv.xfr8BitInt(d_algorithm); + conv.xfrLabel(d_gateway, false); + conv.xfrBlob(d_publickey); + ) + +boilerplate_conv(DHCID, 49, + conv.xfrBlob(d_content); + ) + + +boilerplate_conv(AFSDB, ns_t_afsdb, + conv.xfr16BitInt(d_subtype); + conv.xfrLabel(d_hostname); + ) + + +boilerplate_conv(NAPTR, ns_t_naptr, + conv.xfr16BitInt(d_order); conv.xfr16BitInt(d_preference); + conv.xfrText(d_flags); conv.xfrText(d_services); conv.xfrText(d_regexp); + conv.xfrLabel(d_replacement); + ) + + +SRVRecordContent::SRVRecordContent(uint16_t preference, uint16_t weight, uint16_t port, const string& target) + : DNSRecordContent(ns_t_srv), d_preference(preference), d_weight(weight), d_port(port), d_target(target) +{} + +boilerplate_conv(SRV, ns_t_srv, + conv.xfr16BitInt(d_preference); conv.xfr16BitInt(d_weight); conv.xfr16BitInt(d_port); + conv.xfrLabel(d_target); + ) + + + +SOARecordContent::SOARecordContent(const string& mname, const string& rname, const struct soatimes& st) + : DNSRecordContent(ns_t_soa), d_mname(mname), d_rname(rname) +{ + d_st=st; +} + +boilerplate_conv(SOA, ns_t_soa, + conv.xfrLabel(d_mname, true); + conv.xfrLabel(d_rname, true); + conv.xfr32BitInt(d_st.serial); + conv.xfr32BitInt(d_st.refresh); + conv.xfr32BitInt(d_st.retry); + conv.xfr32BitInt(d_st.expire); + conv.xfr32BitInt(d_st.minimum); + ); +#undef KEY +boilerplate_conv(KEY, ns_t_key, + conv.xfr16BitInt(d_flags); + conv.xfr8BitInt(d_protocol); + conv.xfr8BitInt(d_algorithm); + conv.xfrBlob(d_certificate); + ); + +boilerplate_conv(CERT, 37, + conv.xfr16BitInt(d_type); + conv.xfr16BitInt(d_tag); + conv.xfr8BitInt(d_algorithm); + conv.xfrBlob(d_certificate); + ) + +boilerplate_conv(TLSA, 52, + conv.xfr8BitInt(d_certusage); + conv.xfr8BitInt(d_selector); + conv.xfr8BitInt(d_matchtype); + conv.xfrHexBlob(d_cert, true); + ) + +#undef DS +DSRecordContent::DSRecordContent() : DNSRecordContent(43) {} +boilerplate_conv(DS, 43, + conv.xfr16BitInt(d_tag); + conv.xfr8BitInt(d_algorithm); + conv.xfr8BitInt(d_digesttype); + conv.xfrHexBlob(d_digest, true); // keep reading across spaces + ) + +DLVRecordContent::DLVRecordContent() : DNSRecordContent(32769) {} +boilerplate_conv(DLV,32769 , + conv.xfr16BitInt(d_tag); + conv.xfr8BitInt(d_algorithm); + conv.xfr8BitInt(d_digesttype); + conv.xfrHexBlob(d_digest, true); // keep reading across spaces + ) + + +boilerplate_conv(SSHFP, 44, + conv.xfr8BitInt(d_algorithm); + conv.xfr8BitInt(d_fptype); + conv.xfrHexBlob(d_fingerprint); + ) + +boilerplate_conv(RRSIG, 46, + conv.xfrType(d_type); + conv.xfr8BitInt(d_algorithm); + conv.xfr8BitInt(d_labels); + conv.xfr32BitInt(d_originalttl); + conv.xfrTime(d_sigexpire); + conv.xfrTime(d_siginception); + conv.xfr16BitInt(d_tag); + conv.xfrLabel(d_signer); + conv.xfrBlob(d_signature); + ) + +RRSIGRecordContent::RRSIGRecordContent() : DNSRecordContent(46) {} + +boilerplate_conv(DNSKEY, 48, + conv.xfr16BitInt(d_flags); + conv.xfr8BitInt(d_protocol); + conv.xfr8BitInt(d_algorithm); + conv.xfrBlob(d_key); + ) +DNSKEYRecordContent::DNSKEYRecordContent() : DNSRecordContent(48) {} + +uint16_t DNSKEYRecordContent::getTag() +{ + string data=this->serialize(""); + const unsigned char* key=(const unsigned char*)data.c_str(); + unsigned int keysize=data.length(); + + unsigned long ac; /* assumed to be 32 bits or larger */ + unsigned int i; /* loop index */ + + for ( ac = 0, i = 0; i < keysize; ++i ) + ac += (i & 1) ? key[i] : key[i] << 8; + ac += (ac >> 16) & 0xFFFF; + return ac & 0xFFFF; +} + +// "fancy records" +boilerplate_conv(URL, QType::URL, + conv.xfrLabel(d_url); + ) + +boilerplate_conv(MBOXFW, QType::MBOXFW, + conv.xfrLabel(d_mboxfw); + ) + + + +bool getEDNSOpts(const MOADNSParser& mdp, EDNSOpts* eo) +{ + if(mdp.d_header.arcount && !mdp.d_answers.empty()) { + BOOST_FOREACH(const MOADNSParser::answers_t::value_type& val, mdp.d_answers) { + if(val.first.d_place == DNSRecord::Additional && val.first.d_type == QType::OPT) { + eo->d_packetsize=val.first.d_class; + + EDNS0Record stuff; + uint32_t ttl=ntohl(val.first.d_ttl); + memcpy(&stuff, &ttl, sizeof(stuff)); + + eo->d_extRCode=stuff.extRCode; + eo->d_version=stuff.version; + eo->d_Z = ntohs(stuff.Z); + OPTRecordContent* orc = + dynamic_cast(val.first.d_content.get()); + if(!orc) + return false; + orc->getData(eo->d_options); + return true; + } + } + } + return false; +} + + +void reportBasicTypes() +{ + ARecordContent::report(); + AAAARecordContent::report(); + NSRecordContent::report(); + CNAMERecordContent::report(); + MXRecordContent::report(); + SOARecordContent::report(); + SRVRecordContent::report(); + PTRRecordContent::report(); + DNSRecordContent::regist(3, ns_t_txt, &TXTRecordContent::make, &TXTRecordContent::make, "TXT"); + TXTRecordContent::report(); + DNSRecordContent::regist(1, QType::ANY, 0, 0, "ANY"); +} + +void reportOtherTypes() +{ + AFSDBRecordContent::report(); + SPFRecordContent::report(); + NAPTRRecordContent::report(); + LOCRecordContent::report(); + HINFORecordContent::report(); + RPRecordContent::report(); + KEYRecordContent::report(); + DNSKEYRecordContent::report(); + RRSIGRecordContent::report(); + DSRecordContent::report(); + SSHFPRecordContent::report(); + CERTRecordContent::report(); + NSECRecordContent::report(); + NSEC3RecordContent::report(); + NSEC3PARAMRecordContent::report(); + TLSARecordContent::report(); + DLVRecordContent::report(); + DNSRecordContent::regist(0xff, QType::TSIG, &TSIGRecordContent::make, &TSIGRecordContent::make, "TSIG"); + OPTRecordContent::report(); +} + +void reportFancyTypes() +{ + URLRecordContent::report(); + MBOXFWRecordContent::report(); +} + +void reportAllTypes() +{ + reportBasicTypes(); + reportOtherTypes(); +} + +#if 0 +static struct Reporter +{ + Reporter() + { + reportAllTypes(); + } +} reporter __attribute__((init_priority(65535))); +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/dnsrecords.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/dnsrecords.hh --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/dnsrecords.hh 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/dnsrecords.hh 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,552 @@ +/* + PowerDNS Versatile Database Driven Nameserver + Copyright (C) 2005 - 2010 PowerDNS.COM BV + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License version 2 as + published by the Free Software Foundation + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +*/ + +#ifndef PDNS_DNSRECORDS_HH +#define PDNS_DNSRECORDS_HH + +#include "dnsparser.hh" +#include "dnswriter.hh" +#include "rcpgenerator.hh" +#include +#include +#include + +#include "namespaces.hh" +#include "namespaces.hh" + +#define includeboilerplate(RNAME) RNAME##RecordContent(const DNSRecord& dr, PacketReader& pr); \ + RNAME##RecordContent(const string& zoneData); \ + static void report(void); \ + static void unreport(void); \ + static DNSRecordContent* make(const DNSRecord &dr, PacketReader& pr); \ + static DNSRecordContent* make(const string& zonedata); \ + string getZoneRepresentation() const; \ + void toPacket(DNSPacketWriter& pw); \ + template void xfrPacket(Convertor& conv); + +class NAPTRRecordContent : public DNSRecordContent +{ +public: + NAPTRRecordContent(uint16_t order, uint16_t preference, string flags, string services, string regexp, string replacement); + + includeboilerplate(NAPTR); + template void xfrRecordContent(Convertor& conv); +private: + uint16_t d_order, d_preference; + string d_flags, d_services, d_regexp, d_replacement; +}; + + +class ARecordContent : public DNSRecordContent +{ +public: + explicit ARecordContent(uint32_t ip); + includeboilerplate(A); + void doRecordCheck(const DNSRecord& dr); + uint32_t getIP() const; + +private: + uint32_t d_ip; +}; + +class MXRecordContent : public DNSRecordContent +{ +public: + MXRecordContent(uint16_t preference, const string& mxname); + + includeboilerplate(MX) + +private: + uint16_t d_preference; + string d_mxname; +}; + +class KXRecordContent : public DNSRecordContent +{ +public: + KXRecordContent(uint16_t preference, const string& exchanger); + + includeboilerplate(KX) + +private: + uint16_t d_preference; + string d_exchanger; +}; + +class IPSECKEYRecordContent : public DNSRecordContent +{ +public: + IPSECKEYRecordContent(uint16_t preference, uint8_t gatewaytype, uint8_t algo, const std::string& gateway, const std::string &publickey); + + includeboilerplate(IPSECKEY) + +private: + uint8_t d_preference, d_gatewaytype, d_algorithm; + string d_gateway, d_publickey; +}; + +class DHCIDRecordContent : public DNSRecordContent +{ +public: + includeboilerplate(DHCID) + +private: + string d_content; +}; + + +class SRVRecordContent : public DNSRecordContent +{ +public: + SRVRecordContent(uint16_t preference, uint16_t weight, uint16_t port, const string& target); + + includeboilerplate(SRV) + +private: + uint16_t d_preference, d_weight, d_port; + string d_target; +}; + +class TSIGRecordContent : public DNSRecordContent +{ +public: + includeboilerplate(TSIG) + TSIGRecordContent() : DNSRecordContent(QType::TSIG) {} + + string d_algoName; + uint64_t d_time; // 48 bits + uint16_t d_fudge; + // uint16_t d_macSize; + string d_mac; + uint16_t d_origID; + uint16_t d_eRcode; + // uint16_t d_otherLen + string d_otherData; +}; + + +class TXTRecordContent : public DNSRecordContent +{ +public: + includeboilerplate(TXT) + +private: + string d_text; +}; + +class SPFRecordContent : public DNSRecordContent +{ +public: + includeboilerplate(SPF) + +private: + string d_text; +}; + + +class NSRecordContent : public DNSRecordContent +{ +public: + includeboilerplate(NS) + +private: + string d_content; +}; + +class PTRRecordContent : public DNSRecordContent +{ +public: + includeboilerplate(PTR) + +private: + string d_content; +}; + +class CNAMERecordContent : public DNSRecordContent +{ +public: + includeboilerplate(CNAME) + +private: + string d_content; +}; + +class MRRecordContent : public DNSRecordContent +{ +public: + includeboilerplate(MR) + +private: + string d_alias; +}; + + +class OPTRecordContent : public DNSRecordContent +{ +public: + includeboilerplate(OPT) + void getData(vector > &opts); +private: + string d_data; +}; + + +class HINFORecordContent : public DNSRecordContent +{ +public: + includeboilerplate(HINFO) + +private: + string d_cpu, d_host; +}; + +class RPRecordContent : public DNSRecordContent +{ +public: + includeboilerplate(RP) + +private: + string d_mbox, d_info; +}; + + +class DNSKEYRecordContent : public DNSRecordContent +{ +public: + DNSKEYRecordContent(); + includeboilerplate(DNSKEY) + uint16_t getTag(); + + uint16_t d_flags; + uint8_t d_protocol; + uint8_t d_algorithm; + string d_key; +}; + +class DSRecordContent : public DNSRecordContent +{ +public: + DSRecordContent(); + includeboilerplate(DS) + + uint16_t d_tag; + uint8_t d_algorithm, d_digesttype; + string d_digest; +}; + +class DLVRecordContent : public DNSRecordContent +{ +public: + DLVRecordContent(); + includeboilerplate(DLV) + + uint16_t d_tag; + uint8_t d_algorithm, d_digesttype; + string d_digest; +}; + + +class SSHFPRecordContent : public DNSRecordContent +{ +public: + includeboilerplate(SSHFP) + +private: + uint8_t d_algorithm, d_fptype; + string d_fingerprint; +}; + +class KEYRecordContent : public DNSRecordContent +{ +public: + includeboilerplate(KEY) + +private: + uint16_t d_flags; + uint8_t d_protocol, d_algorithm; + string d_certificate; +}; + +class AFSDBRecordContent : public DNSRecordContent +{ +public: + includeboilerplate(AFSDB) + +private: + uint16_t d_subtype; + string d_hostname; +}; + + +class CERTRecordContent : public DNSRecordContent +{ +public: + includeboilerplate(CERT) + +private: + uint16_t d_type, d_tag; + uint8_t d_algorithm; + string d_certificate; +}; + +class TLSARecordContent : public DNSRecordContent +{ +public: + includeboilerplate(TLSA) + +private: + uint8_t d_certusage, d_selector, d_matchtype; + string d_cert; +}; + + +class RRSIGRecordContent : public DNSRecordContent +{ +public: + RRSIGRecordContent(); + includeboilerplate(RRSIG) + + uint16_t d_type; + uint8_t d_algorithm, d_labels; + uint32_t d_originalttl, d_sigexpire, d_siginception; + uint16_t d_tag; + string d_signer, d_signature; +}; + + + +//namespace { + struct soatimes + { + uint32_t serial; + uint32_t refresh; + uint32_t retry; + uint32_t expire; + uint32_t minimum; + }; +//} + + +class SOARecordContent : public DNSRecordContent +{ +public: + includeboilerplate(SOA) + SOARecordContent(const string& mname, const string& rname, const struct soatimes& st); + + string d_mname; + string d_rname; + struct soatimes d_st; +}; + +class NSECRecordContent : public DNSRecordContent +{ +public: + static void report(void); + NSECRecordContent() : DNSRecordContent(47) + {} + NSECRecordContent(const string& content, const string& zone=""); + + static DNSRecordContent* make(const DNSRecord &dr, PacketReader& pr); + static DNSRecordContent* make(const string& content); + string getZoneRepresentation() const; + void toPacket(DNSPacketWriter& pw); + string d_next; + std::set d_set; +private: +}; + +class NSEC3RecordContent : public DNSRecordContent +{ +public: + static void report(void); + NSEC3RecordContent() : DNSRecordContent(50) + {} + NSEC3RecordContent(const string& content, const string& zone=""); + + static DNSRecordContent* make(const DNSRecord &dr, PacketReader& pr); + static DNSRecordContent* make(const string& content); + string getZoneRepresentation() const; + void toPacket(DNSPacketWriter& pw); + + uint8_t d_algorithm, d_flags; + uint16_t d_iterations; + uint8_t d_saltlength; + string d_salt; + uint8_t d_nexthashlength; + string d_nexthash; + std::set d_set; + +private: +}; + + +class NSEC3PARAMRecordContent : public DNSRecordContent +{ +public: + static void report(void); + NSEC3PARAMRecordContent() : DNSRecordContent(51) + {} + NSEC3PARAMRecordContent(const string& content, const string& zone=""); + + static DNSRecordContent* make(const DNSRecord &dr, PacketReader& pr); + static DNSRecordContent* make(const string& content); + string getZoneRepresentation() const; + void toPacket(DNSPacketWriter& pw); + + + uint8_t d_algorithm, d_flags; + uint16_t d_iterations; + uint8_t d_saltlength; + string d_salt; +}; + + +class LOCRecordContent : public DNSRecordContent +{ +public: + static void report(void); + LOCRecordContent() : DNSRecordContent(ns_t_loc) + {} + LOCRecordContent(const string& content, const string& zone=""); + + static DNSRecordContent* make(const DNSRecord &dr, PacketReader& pr); + static DNSRecordContent* make(const string& content); + string getZoneRepresentation() const; + void toPacket(DNSPacketWriter& pw); + + uint8_t d_version, d_size, d_horizpre, d_vertpre; + uint32_t d_latitude, d_longitude, d_altitude; + +private: +}; + + +class WKSRecordContent : public DNSRecordContent +{ +public: + static void report(void); + WKSRecordContent() : DNSRecordContent(ns_t_wks) + {} + WKSRecordContent(const string& content, const string& zone=""); + + static DNSRecordContent* make(const DNSRecord &dr, PacketReader& pr); + static DNSRecordContent* make(const string& content); + string getZoneRepresentation() const; + void toPacket(DNSPacketWriter& pw); + + uint32_t d_ip; + std::bitset<65535> d_services; +private: +}; + + +class URLRecordContent : public DNSRecordContent // Fake, 'fancy record' with type 256 +{ +public: + includeboilerplate(URL) +private: + string d_url; +}; + +class MBOXFWRecordContent : public DNSRecordContent // Fake, 'fancy record' with type 256 +{ +public: + includeboilerplate(MBOXFW) +private: + string d_mboxfw; +}; + + +#define boilerplate(RNAME, RTYPE) \ +RNAME##RecordContent::DNSRecordContent* RNAME##RecordContent::make(const DNSRecord& dr, PacketReader& pr) \ +{ \ + return new RNAME##RecordContent(dr, pr); \ +} \ + \ +RNAME##RecordContent::RNAME##RecordContent(const DNSRecord& dr, PacketReader& pr) : DNSRecordContent(RTYPE) \ +{ \ + doRecordCheck(dr); \ + xfrPacket(pr); \ +} \ + \ +RNAME##RecordContent::DNSRecordContent* RNAME##RecordContent::make(const string& zonedata) \ +{ \ + return new RNAME##RecordContent(zonedata); \ +} \ + \ +void RNAME##RecordContent::toPacket(DNSPacketWriter& pw) \ +{ \ + this->xfrPacket(pw); \ +} \ + \ +void RNAME##RecordContent::report(void) \ +{ \ + regist(1, RTYPE, &RNAME##RecordContent::make, &RNAME##RecordContent::make, #RNAME); \ +} \ +void RNAME##RecordContent::unreport(void) \ +{ \ + unregist(1, RTYPE); \ +} \ + \ +RNAME##RecordContent::RNAME##RecordContent(const string& zoneData) : DNSRecordContent(RTYPE) \ +{ \ + try { \ + RecordTextReader rtr(zoneData); \ + xfrPacket(rtr); \ + } \ + catch(RecordTextException& rtr) { \ + throw MOADNSException("Parsing record content: "+string(rtr.what())); \ + } \ +} \ + \ +string RNAME##RecordContent::getZoneRepresentation() const \ +{ \ + string ret; \ + RecordTextWriter rtw(ret); \ + const_cast(this)->xfrPacket(rtw); \ + return ret; \ +} + + +#define boilerplate_conv(RNAME, TYPE, CONV) \ +boilerplate(RNAME, TYPE) \ +template \ +void RNAME##RecordContent::xfrPacket(Convertor& conv) \ +{ \ + CONV; \ +} \ + +struct EDNSOpts +{ + uint16_t d_packetsize; + uint8_t d_extRCode, d_version; + uint16_t d_Z; + vector > d_options; + enum zFlags { DNSSECOK=32768 }; +}; +//! Convenience function that fills out EDNS0 options, and returns true if there are any + +class MOADNSParser; +bool getEDNSOpts(const MOADNSParser& mdp, EDNSOpts* eo); + +void reportBasicTypes(); +void reportOtherTypes(); +void reportAllTypes(); +void reportFancyTypes(); + +#endif diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/dnswriter.cc pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/dnswriter.cc --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/dnswriter.cc 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/dnswriter.cc 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,333 @@ +#include "dnswriter.hh" +#include "misc.hh" +#include "dnsparser.hh" +#include +#include + +DNSPacketWriter::DNSPacketWriter(vector& content, const string& qname, uint16_t qtype, uint16_t qclass, uint8_t opcode) + : d_pos(0), d_content(content), d_qname(qname), d_qtype(qtype), d_qclass(qclass), d_canonic(false), d_lowerCase(false) +{ + d_content.clear(); + dnsheader dnsheader; + + memset(&dnsheader, 0, sizeof(dnsheader)); + dnsheader.id=0; + dnsheader.qdcount=htons(1); + dnsheader.opcode=opcode; + + const uint8_t* ptr=(const uint8_t*)&dnsheader; + uint32_t len=d_content.size(); + d_content.resize(len + sizeof(dnsheader)); + uint8_t* dptr=(&*d_content.begin()) + len; + + memcpy(dptr, ptr, sizeof(dnsheader)); + d_stuff=0; + + xfrLabel(qname, false); + + len=d_content.size(); + d_content.resize(len + d_record.size() + 4); + + ptr=&*d_record.begin(); + dptr=(&*d_content.begin()) + len; + + memcpy(dptr, ptr, d_record.size()); + + len+=d_record.size(); + d_record.clear(); + + qtype=htons(qtype); + qclass=htons(qclass); + + vector::iterator i=d_content.begin()+len; // this works around a gcc 3.4 bug + memcpy(&*i, &qtype, 2); + i+=2; + memcpy(&*i, &qclass, 2); + + d_stuff=0xffff; + d_labelmap.reserve(16); +} + +dnsheader* DNSPacketWriter::getHeader() +{ + return (dnsheader*)&*d_content.begin(); +} + +void DNSPacketWriter::startRecord(const string& name, uint16_t qtype, uint32_t ttl, uint16_t qclass, Place place) +{ + if(!d_record.empty()) + commit(); + + d_recordqname=name; + d_recordqtype=qtype; + d_recordqclass=qclass; + d_recordttl=ttl; + d_recordplace=place; + + d_stuff = 0; + d_rollbackmarker=d_content.size(); + + if(pdns_iequals(d_qname, d_recordqname)) { // don't do the whole label compression thing if we *know* we can get away with "see question" + static char marker[2]={0xc0, 0x0c}; + d_content.insert(d_content.end(), &marker[0], &marker[2]); + } + else { + xfrLabel(d_recordqname, true); + d_content.insert(d_content.end(), d_record.begin(), d_record.end()); + d_record.clear(); + } + + d_stuff = sizeof(dnsrecordheader); // this is needed to get compressed label offsets right, the dnsrecordheader will be interspersed + d_sor=d_content.size() + d_stuff; // start of real record +} + +void DNSPacketWriter::addOpt(int udpsize, int extRCode, int Z, const vector >& options) +{ + uint32_t ttl=0; + + EDNS0Record stuff; + + stuff.extRCode=extRCode; + stuff.version=0; + stuff.Z=htons(Z); + + memcpy(&ttl, &stuff, sizeof(stuff)); + + ttl=ntohl(ttl); // will be reversed later on + + startRecord("", ns_t_opt, ttl, udpsize, ADDITIONAL); + for(optvect_t::const_iterator iter = options.begin(); iter != options.end(); ++iter) { + xfr16BitInt(iter->first); + xfr16BitInt(iter->second.length()); + xfrBlob(iter->second); + } +} + +void DNSPacketWriter::xfr48BitInt(uint64_t val) +{ + unsigned char bytes[6]; + uint16_t theLeft = htons((val >> 32)&0xffffU); + uint32_t theRight = htonl(val & 0xffffffffU); + memcpy(bytes, (void*)&theLeft, 2); + memcpy(bytes+2, (void*)&theRight, 4); + + d_record.insert(d_record.end(), bytes, bytes + 6); +} + + +void DNSPacketWriter::xfr32BitInt(uint32_t val) +{ + int rval=htonl(val); + uint8_t* ptr=reinterpret_cast(&rval); + d_record.insert(d_record.end(), ptr, ptr+4); +} + +void DNSPacketWriter::xfr16BitInt(uint16_t val) +{ + uint16_t rval=htons(val); + uint8_t* ptr=reinterpret_cast(&rval); + d_record.insert(d_record.end(), ptr, ptr+2); +} + +void DNSPacketWriter::xfr8BitInt(uint8_t val) +{ + d_record.push_back(val); +} + + +/* input: + "" -> 0 + "blah" -> 4blah + "blah" "blah" -> output 4blah4blah + "verylongstringlongerthan256....characters" \xffverylongstring\x23characters (autosplit) + "blah\"blah" -> 9blah"blah + "blah\97" -> 5blahb + */ +void DNSPacketWriter::xfrText(const string& text, bool) +{ + if(text.empty()) { + d_record.push_back(0); + return; + } + vector segments = segmentDNSText(text); + BOOST_FOREACH(const string& str, segments) { + d_record.push_back(str.length()); + d_record.insert(d_record.end(), str.c_str(), str.c_str() + str.length()); + } +} + +DNSPacketWriter::lmap_t::iterator find(DNSPacketWriter::lmap_t& lmap, const string& label) +{ + DNSPacketWriter::lmap_t::iterator ret; + for(ret=lmap.begin(); ret != lmap.end(); ++ret) + if(pdns_iequals(ret->first ,label)) + break; + return ret; +} + +//! tokenize a label into parts, the parts describe a begin offset and an end offset +bool labeltokUnescape(labelparts_t& parts, const string& label) +{ + string::size_type epos = label.size(), lpos(0), pos; + bool unescapedSomething = false; + const char* ptr=label.c_str(); + + parts.clear(); + + for(pos = 0 ; pos < epos; ++pos) { + if(ptr[pos]=='\\') { + pos++; + unescapedSomething = true; + continue; + } + if(ptr[pos]=='.') { + parts.push_back(make_pair(lpos, pos)); + lpos=pos+1; + } + } + + if(lpos < pos) + parts.push_back(make_pair(lpos, pos)); + return unescapedSomething; +} + +// this is the absolute hottest function in the pdns recursor +void DNSPacketWriter::xfrLabel(const string& Label, bool compress) +{ + string label = d_lowerCase ? toLower(Label) : Label; + labelparts_t parts; + + if(d_canonic) + compress=false; + + string::size_type labellen = label.size(); + if(labellen==1 && label[0]=='.') { // otherwise we encode '..' + d_record.push_back(0); + return; + } + bool unescaped=labeltokUnescape(parts, label); + + // d_stuff is amount of stuff that is yet to be written out - the dnsrecordheader for example + unsigned int pos=d_content.size() + d_record.size() + d_stuff; + string chopped; + bool deDot = labellen && (label[labellen-1]=='.'); // make sure we don't store trailing dots in the labelmap + + for(labelparts_t::const_iterator i=parts.begin(); i!=parts.end(); ++i) { + if(deDot) + chopped.assign(label.c_str() + i->first, labellen - i->first -1); + else + chopped.assign(label.c_str() + i->first); + + lmap_t::iterator li=d_labelmap.end(); + // see if we've written out this domain before + // cerr<<"Searching for compression pointer to '"<second<second; + offset|=0xc000; + d_record.push_back((char)(offset >> 8)); + d_record.push_back((char)(offset & 0xff)); + goto out; // skip trailing 0 in case of compression + } + + if(li==d_labelmap.end() && pos< 16384) { + // cerr<<"\tStoring a compression pointer to '"< 16384, won't work + } + + if(unescaped) { + string part(label.c_str() + i -> first, i->second - i->first); + boost::replace_all(part, "\\.", "."); + boost::replace_all(part, "\\032", " "); + boost::replace_all(part, "\\\\", "\\"); + if(part.size() > 255) + throw MOADNSException("DNSPacketWriter::xfrLabel() tried to write an overly large label"); + d_record.push_back(part.size()); + unsigned int len=d_record.size(); + d_record.resize(len + part.size()); + + memcpy(((&*d_record.begin()) + len), part.c_str(), part.size()); + pos+=(part.size())+1; + } + else { + d_record.push_back((char)(i->second - i->first)); + unsigned int len=d_record.size(); + d_record.resize(len + i->second - i->first); + memcpy(((&*d_record.begin()) + len), label.c_str() + i-> first, i->second - i->first); + pos+=(i->second - i->first)+1; + } + } + d_record.push_back(0); + + out:; +} + +void DNSPacketWriter::xfrBlob(const string& blob, int ) +{ + const uint8_t* ptr=reinterpret_cast(blob.c_str()); + d_record.insert(d_record.end(), ptr, ptr+blob.size()); +} + +void DNSPacketWriter::xfrHexBlob(const string& blob, bool keepReading) +{ + xfrBlob(blob); +} + +void DNSPacketWriter::getRecords(string& records) +{ + records.assign(d_content.begin() + d_sor, d_content.end()); +} + +uint32_t DNSPacketWriter::size() +{ + return d_content.size() + d_stuff + d_record.size(); +} + +void DNSPacketWriter::rollback() +{ + d_content.resize(d_rollbackmarker); + d_record.clear(); + d_stuff=0; +} + +void DNSPacketWriter::commit() +{ + if(d_stuff==0xffff && (d_content.size()!=d_sor || !d_record.empty())) + throw MOADNSException("DNSPacketWriter::commit() called without startRecord ever having been called, but a record was added"); + // build dnsrecordheader + struct dnsrecordheader drh; + drh.d_type=htons(d_recordqtype); + drh.d_class=htons(d_recordqclass); + drh.d_ttl=htonl(d_recordttl); + drh.d_clen=htons(d_record.size()); + + // and write out the header + const uint8_t* ptr=(const uint8_t*)&drh; + d_content.insert(d_content.end(), ptr, ptr+sizeof(drh)); + + d_stuff=0; + + // write out pending d_record + d_content.insert(d_content.end(), d_record.begin(), d_record.end()); + + dnsheader* dh=reinterpret_cast( &*d_content.begin()); + switch(d_recordplace) { + case ANSWER: + dh->ancount = htons(ntohs(dh->ancount) + 1); + break; + case AUTHORITY: + dh->nscount = htons(ntohs(dh->nscount) + 1); + break; + case ADDITIONAL: + dh->arcount = htons(ntohs(dh->arcount) + 1); + break; + } + + d_record.clear(); // clear d_record, ready for next record +} + + + + + + diff -Nru pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/dnswriter.hh pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/dnswriter.hh --- pdns-recursor-3.3/pdns-recursor-3.5-pre.20120708.2673/dnswriter.hh 1970-01-01 00:00:00.000000000 +0000 +++ pdns-recursor-3.5.pre.20120708.2673~crass~precise/pdns-recursor-3.5-pre.20120708.2673/dnswriter.hh 2012-07-08 18:20:53.000000000 +0000 @@ -0,0 +1,131 @@ +#ifndef PDNS_DNSWRITER_HH +#define PDNS_DNSWRITER_HH + +#include +#include +#include +#if !defined SOLARIS8 && !defined WIN32 + +#elif defined WIN32 +#include "utility.hh" +#endif +#include "dns.hh" +#include "namespaces.hh" + +/** this class can be used to write DNS packets. It knows about DNS in the sense that it makes + the packet header and record headers. + + The model is: + + packetheader (recordheader recordcontent)* + + The packetheader needs to be updated with the amount of packets of each kind (answer, auth, additional) + + Each recordheader contains the length of a dns record. + + Calling convention: + + vector content; + DNSPacketWriter dpw(content, const string& qname, uint16_t qtype, uint16_t qclass=1); // sets the question + dpw.startrecord("this.is.an.ip.address.", ns_t_a); // does nothing, except store qname and qtype + dpw.xfr32BitInt(0x01020304); // adds 4 bytes (0x01020304) to the record buffer + dpw.startrecord("this.is.an.ip.address.", ns_t_a); // aha! writes out dnsrecord header containing qname and qtype and length 4, plus the recordbuffer, which gets emptied + // new qname and qtype are stored + dpw.xfr32BitInt(0x04030201); // adds 4 bytes (0x04030201) to the record buffer + dpw.commit(); // writes out dnsrecord header containing qname and qtype and length 4, plus the recordbuffer + + // content now contains the ready packet, with 1 question and 2 answers + +*/ + +class DNSPacketWriter : public boost::noncopyable +{ + +public: + typedef vector

Questions	End-user initiated DNS questions
Out-queries	Recursor initiated questions to other +nameservers
Throttled	If a certain nameserver is not responding, or if +it is, but returning unuseful answers, it is not useful to keep repeating +identical queries. If PowerDNS prevents a duplicate query, and therefore +prevents needless server load and delays, this is called a 'throttled +out-query'
Outgoing timeout	An out-query that did not generate an +answer within 1 or 2 seconds
Noerror answer	A Question that was answered without an error +status
NXDOMAIN answer	A Question that was answered with a positive +indication that there is no answer
SERVFAIL answer	No answer could be given because the nameservers +carrying the answer did not respond, or were throttled
Cache hits/misses	A query is judged a cache-hit if it could +be answered without generating any out-queries
User/System CPU usage	Actual amount of CPU used exclusively +by the recursor, either in user or in system (kernel) mode

PowerDNS Recursor Performance Graphs