remove config.go
This commit is contained in:
parent
bce6b62bc0
commit
19bfc93c5a
1
Makefile
1
Makefile
|
@ -9,7 +9,6 @@ TARG=dns
|
||||||
GOFILES=\
|
GOFILES=\
|
||||||
clientconfig.go\
|
clientconfig.go\
|
||||||
client.go\
|
client.go\
|
||||||
config.go\
|
|
||||||
defaults.go\
|
defaults.go\
|
||||||
dns.go\
|
dns.go\
|
||||||
dnssec.go\
|
dnssec.go\
|
||||||
|
|
10
client.go
10
client.go
|
@ -32,6 +32,7 @@ type reply struct {
|
||||||
addr string
|
addr string
|
||||||
req *Msg
|
req *Msg
|
||||||
conn net.Conn
|
conn net.Conn
|
||||||
|
tsigTimersOnly bool
|
||||||
}
|
}
|
||||||
|
|
||||||
type Request struct {
|
type Request struct {
|
||||||
|
@ -126,6 +127,7 @@ type Client struct {
|
||||||
ChannelReply chan []*Msg // read DNS request from this channel
|
ChannelReply chan []*Msg // read DNS request from this channel
|
||||||
ReadTimeout int64 // the net.Conn.SetReadTimeout value for new connections
|
ReadTimeout int64 // the net.Conn.SetReadTimeout value for new connections
|
||||||
WriteTimeout int64 // the net.Conn.SetWriteTimeout value for new connections
|
WriteTimeout int64 // the net.Conn.SetWriteTimeout value for new connections
|
||||||
|
TsigSecret map[string]string // secret(s) for Tsig map[<zonename>]<base64 secret>
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewClient() *Client {
|
func NewClient() *Client {
|
||||||
|
@ -288,7 +290,15 @@ func (w *reply) readClient(p []byte) (n int, err os.Error) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Send a msg to the address specified in w.
|
||||||
|
// If the message m contains a TSIG record the transaction
|
||||||
|
// signature is calculated.
|
||||||
func (w *reply) Send(m *Msg) os.Error {
|
func (w *reply) Send(m *Msg) os.Error {
|
||||||
|
if m.IsTsig() {
|
||||||
|
// Do tsig
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
out, ok := m.Pack()
|
out, ok := m.Pack()
|
||||||
if !ok {
|
if !ok {
|
||||||
return ErrPack
|
return ErrPack
|
||||||
|
|
13
config.go
13
config.go
|
@ -1,13 +0,0 @@
|
||||||
// Copyright 2009 The Go Authors. All rights reserved.
|
|
||||||
// Use of this source code is governed by a BSD-style
|
|
||||||
// license that can be found in the LICENSE file.
|
|
||||||
|
|
||||||
// Generic configuration that is used for nameserver.
|
|
||||||
// It is meant to be as generic as possible.
|
|
||||||
|
|
||||||
package dns
|
|
||||||
|
|
||||||
type Config interface {
|
|
||||||
// Returns any Tsig information.
|
|
||||||
Tsig() *Tsig
|
|
||||||
}
|
|
23
defaults.go
23
defaults.go
|
@ -47,7 +47,7 @@ func (dns *Msg) IsNotify() (ok bool) {
|
||||||
ok = dns.MsgHdr.Opcode == OpcodeNotify
|
ok = dns.MsgHdr.Opcode == OpcodeNotify
|
||||||
ok = ok && dns.Question[0].Qclass == ClassINET
|
ok = ok && dns.Question[0].Qclass == ClassINET
|
||||||
ok = ok && dns.Question[0].Qtype == TypeSOA
|
ok = ok && dns.Question[0].Qtype == TypeSOA
|
||||||
return ok
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create a dns msg suitable for requesting an ixfr.
|
// Create a dns msg suitable for requesting an ixfr.
|
||||||
|
@ -78,7 +78,7 @@ func (dns *Msg) IsAxfr() (ok bool) {
|
||||||
ok = dns.MsgHdr.Opcode == OpcodeQuery
|
ok = dns.MsgHdr.Opcode == OpcodeQuery
|
||||||
ok = ok && dns.Question[0].Qclass == ClassINET
|
ok = ok && dns.Question[0].Qclass == ClassINET
|
||||||
ok = ok && dns.Question[0].Qtype == TypeAXFR
|
ok = ok && dns.Question[0].Qtype == TypeAXFR
|
||||||
return ok
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Is the message a valid ixfr request packet?
|
// Is the message a valid ixfr request packet?
|
||||||
|
@ -89,5 +89,22 @@ func (dns *Msg) IsIxfr() (ok bool) {
|
||||||
ok = dns.MsgHdr.Opcode == OpcodeQuery
|
ok = dns.MsgHdr.Opcode == OpcodeQuery
|
||||||
ok = ok && dns.Question[0].Qclass == ClassINET
|
ok = ok && dns.Question[0].Qclass == ClassINET
|
||||||
ok = ok && dns.Question[0].Qtype == TypeIXFR
|
ok = ok && dns.Question[0].Qtype == TypeIXFR
|
||||||
return ok
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// Has a message a TSIG record as the last record?
|
||||||
|
func (dns *Msg) IsTsig() (ok bool) {
|
||||||
|
if len(dns.Extra) > 0 {
|
||||||
|
return dns.Extra[0].Header().Rrtype == TypeTSIG
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
func (dns *Msg) SetTsig(z, algo string, fudge uint16, timesigned uint64) {
|
||||||
|
t := new(RR_TSIG)
|
||||||
|
t.Hdr = RR_Header{z, TypeTSIG, ClassANY, 0, 0}
|
||||||
|
t.Algorithm = algo
|
||||||
|
t.Fudge = fudge
|
||||||
|
t.TimeSigned = timesigned
|
||||||
|
dns.Extra = append(dns.Extra, t)
|
||||||
}
|
}
|
||||||
|
|
10
server.go
10
server.go
|
@ -82,7 +82,7 @@ func Refused(w ResponseWriter, r *Msg) {
|
||||||
func RefusedHandler() Handler { return HandlerFunc(Refused) }
|
func RefusedHandler() Handler { return HandlerFunc(Refused) }
|
||||||
|
|
||||||
func ListenAndServe(addr string, network string, handler Handler) os.Error {
|
func ListenAndServe(addr string, network string, handler Handler) os.Error {
|
||||||
server := &Server{Addr: addr, Network: network, Handler: handler}
|
server := &Server{Addr: addr, Net: network, Handler: handler}
|
||||||
return server.ListenAndServe()
|
return server.ListenAndServe()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -158,7 +158,7 @@ func HandleFunc(pattern string, handler func(ResponseWriter, *Msg)) {
|
||||||
// A Server defines parameters for running an DNS server.
|
// A Server defines parameters for running an DNS server.
|
||||||
type Server struct {
|
type Server struct {
|
||||||
Addr string // address to listen on, ":dns" if empty
|
Addr string // address to listen on, ":dns" if empty
|
||||||
Network string // if "tcp" it will invoke a TCP listener, otherwise an UDP one
|
Net string // if "tcp" it will invoke a TCP listener, otherwise an UDP one
|
||||||
Handler Handler // handler to invoke, dns.DefaultServeMux if nil
|
Handler Handler // handler to invoke, dns.DefaultServeMux if nil
|
||||||
ReadTimeout int64 // the net.Conn.SetReadTimeout value for new connections
|
ReadTimeout int64 // the net.Conn.SetReadTimeout value for new connections
|
||||||
WriteTimeout int64 // the net.Conn.SetWriteTimeout value for new connections
|
WriteTimeout int64 // the net.Conn.SetWriteTimeout value for new connections
|
||||||
|
@ -169,7 +169,7 @@ type Server struct {
|
||||||
// read requests and then call handler to reply to them.
|
// read requests and then call handler to reply to them.
|
||||||
// Handler is typically nil, in which case the DefaultServeMux is used.
|
// Handler is typically nil, in which case the DefaultServeMux is used.
|
||||||
func ServeTCP(l *net.TCPListener, handler Handler) os.Error {
|
func ServeTCP(l *net.TCPListener, handler Handler) os.Error {
|
||||||
srv := &Server{Handler: handler, Network: "tcp"}
|
srv := &Server{Handler: handler, Net: "tcp"}
|
||||||
return srv.ServeTCP(l)
|
return srv.ServeTCP(l)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -178,7 +178,7 @@ func ServeTCP(l *net.TCPListener, handler Handler) os.Error {
|
||||||
// read requests and then call handler to reply to them.
|
// read requests and then call handler to reply to them.
|
||||||
// Handler is typically nil, in which case the DefaultServeMux is used.
|
// Handler is typically nil, in which case the DefaultServeMux is used.
|
||||||
func ServeUDP(l *net.UDPConn, handler Handler) os.Error {
|
func ServeUDP(l *net.UDPConn, handler Handler) os.Error {
|
||||||
srv := &Server{Handler: handler, Network: "udp"}
|
srv := &Server{Handler: handler, Net: "udp"}
|
||||||
return srv.ServeUDP(l)
|
return srv.ServeUDP(l)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -188,7 +188,7 @@ func (srv *Server) ListenAndServe() os.Error {
|
||||||
if addr == "" {
|
if addr == "" {
|
||||||
addr = ":domain"
|
addr = ":domain"
|
||||||
}
|
}
|
||||||
switch srv.Network {
|
switch srv.Net {
|
||||||
case "tcp":
|
case "tcp":
|
||||||
a, e := net.ResolveTCPAddr(addr)
|
a, e := net.ResolveTCPAddr(addr)
|
||||||
if e != nil {
|
if e != nil {
|
||||||
|
|
141
tsig.go
141
tsig.go
|
@ -21,49 +21,6 @@ import (
|
||||||
// tsig.TimeSigned = uint64(time.Seconds())
|
// tsig.TimeSigned = uint64(time.Seconds())
|
||||||
// tsig.Secret = "so6ZGir4GPAqINNh9U5c3A==" // Secret encoded in base64.
|
// tsig.Secret = "so6ZGir4GPAqINNh9U5c3A==" // Secret encoded in base64.
|
||||||
|
|
||||||
type TsigWriter struct {
|
|
||||||
secrets map[string]string
|
|
||||||
w io.Writer
|
|
||||||
name string
|
|
||||||
fudge uint16
|
|
||||||
algorithm string
|
|
||||||
timersOnly bool
|
|
||||||
}
|
|
||||||
|
|
||||||
// NewTsigWriter creates a new writer that implements TSIG, secrets
|
|
||||||
// should contain a mapping from key names to secrets. A message
|
|
||||||
// should be written with the TSIG record appends. Tsig
|
|
||||||
func NewTsigWriter(w io.Writer, secrets map[string]string) *TsigWriter {
|
|
||||||
t := new(TsigWriter)
|
|
||||||
t.secrets = secrets
|
|
||||||
return t
|
|
||||||
}
|
|
||||||
|
|
||||||
func (t *TsigWriter) Write(p []byte) (int, os.Error) {
|
|
||||||
return 0, nil
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
type Tsig struct {
|
|
||||||
// The name of the key.
|
|
||||||
Name string
|
|
||||||
// Fudge to take into account.
|
|
||||||
Fudge uint16
|
|
||||||
// When is the TSIG created
|
|
||||||
TimeSigned uint64
|
|
||||||
// Which algorithm is used.
|
|
||||||
Algorithm string
|
|
||||||
// Tsig secret encoded in base64.
|
|
||||||
Secret string
|
|
||||||
// MAC (if known)
|
|
||||||
MAC string
|
|
||||||
// Request MAC
|
|
||||||
RequestMAC string
|
|
||||||
// Only include the timers in the MAC if set to true.
|
|
||||||
TimersOnly bool
|
|
||||||
}
|
|
||||||
|
|
||||||
// HMAC hashing codes. These are transmitted as domain names.
|
// HMAC hashing codes. These are transmitted as domain names.
|
||||||
const (
|
const (
|
||||||
HmacMD5 = "hmac-md5.sig-alg.reg.int."
|
HmacMD5 = "hmac-md5.sig-alg.reg.int."
|
||||||
|
@ -101,50 +58,42 @@ type timerWireFmt struct {
|
||||||
Fudge uint16
|
Fudge uint16
|
||||||
}
|
}
|
||||||
|
|
||||||
// Add a Tsig to add message.
|
// Add a Tsig to an message. // Must return the mac
|
||||||
func (t *Tsig) Generate(msg []byte) ([]byte, os.Error) {
|
func TsigGenerate(m *Msg, secret string, timersOnly bool) (*Msg, os.Error) {
|
||||||
rawsecret, err := packBase64([]byte(t.Secret))
|
if !m.IsTsig() {
|
||||||
|
panic("TSIG not last RR in additional")
|
||||||
|
}
|
||||||
|
rawsecret, err := packBase64([]byte(secret))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
if t.Fudge == 0 {
|
|
||||||
t.Fudge = 300
|
|
||||||
}
|
|
||||||
if t.TimeSigned == 0 {
|
|
||||||
t.TimeSigned = uint64(time.Seconds())
|
|
||||||
}
|
|
||||||
|
|
||||||
buf, err := t.Buffer(msg)
|
rr := m.Extra[len(m.Extra)-1].(*RR_TSIG)
|
||||||
|
m.Extra = m.Extra[0:len(m.Extra)-1] // kill the TSIG from the msg
|
||||||
|
buf, err := tsigBuffer(m, rr, timersOnly)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
t := new(RR_TSIG)
|
||||||
|
|
||||||
h := hmac.NewMD5([]byte(rawsecret))
|
h := hmac.NewMD5([]byte(rawsecret))
|
||||||
io.WriteString(h, string(buf))
|
io.WriteString(h, string(buf))
|
||||||
t.MAC = hex.EncodeToString(h.Sum()) // Size is half!
|
t.MAC = hex.EncodeToString(h.Sum()) // Size is half!
|
||||||
|
|
||||||
// Create TSIG and add it to the message.
|
t.Hdr = RR_Header{Name: rr.Hdr.Name, Rrtype: TypeTSIG, Class: ClassANY, Ttl: 0}
|
||||||
q := new(Msg)
|
t.Fudge = t.Fudge
|
||||||
if !q.Unpack(msg) {
|
t.TimeSigned = t.TimeSigned
|
||||||
return nil, ErrUnpack
|
t.Algorithm = t.Algorithm
|
||||||
}
|
t.OrigId = m.MsgHdr.Id
|
||||||
|
t.MAC = t.MAC
|
||||||
rr := new(RR_TSIG)
|
t.MACSize = uint16(len(t.MAC) / 2)
|
||||||
rr.Hdr = RR_Header{Name: t.Name, Rrtype: TypeTSIG, Class: ClassANY, Ttl: 0}
|
|
||||||
rr.Fudge = t.Fudge
|
m.Extra = append(m.Extra, t)
|
||||||
rr.TimeSigned = t.TimeSigned
|
return m, nil
|
||||||
rr.Algorithm = t.Algorithm
|
|
||||||
rr.OrigId = q.Id
|
|
||||||
rr.MAC = t.MAC
|
|
||||||
rr.MACSize = uint16(len(t.MAC) / 2)
|
|
||||||
|
|
||||||
q.Extra = append(q.Extra, rr)
|
|
||||||
send, ok := q.Pack()
|
|
||||||
if !ok {
|
|
||||||
return send, ErrPack
|
|
||||||
}
|
|
||||||
return send, nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
// Verify a TSIG on a message.
|
// Verify a TSIG on a message.
|
||||||
// If the signature does not validate err contains the
|
// If the signature does not validate err contains the
|
||||||
// error. If the it validates err is nil
|
// error. If the it validates err is nil
|
||||||
|
@ -164,25 +113,32 @@ func (t *Tsig) Verify(msg []byte) (bool, os.Error) {
|
||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// Time needs to be checked */
|
// Time needs to be checked
|
||||||
|
|
||||||
h := hmac.NewMD5([]byte(rawsecret))
|
h := hmac.NewMD5([]byte(rawsecret))
|
||||||
io.WriteString(h, string(buf))
|
io.WriteString(h, string(buf))
|
||||||
return strings.ToUpper(hex.EncodeToString(h.Sum())) == strings.ToUpper(t.MAC), nil
|
return strings.ToUpper(hex.EncodeToString(h.Sum())) == strings.ToUpper(t.MAC), nil
|
||||||
}
|
}
|
||||||
|
*/
|
||||||
|
|
||||||
// Create a wiredata buffer for the MAC calculation.
|
// Create a wiredata buffer for the MAC calculation.
|
||||||
func (t *Tsig) Buffer(msg []byte) ([]byte, os.Error) {
|
func tsigBuffer(msg *Msg, rr *RR_TSIG, timersOnly bool) ([]byte, os.Error) {
|
||||||
var (
|
var (
|
||||||
macbuf []byte
|
macbuf []byte
|
||||||
buf []byte
|
buf []byte
|
||||||
)
|
)
|
||||||
|
if rr.TimeSigned == 0 {
|
||||||
|
rr.TimeSigned = uint64(time.Seconds())
|
||||||
|
}
|
||||||
|
if rr.Fudge == 0 {
|
||||||
|
rr.Fudge = 300
|
||||||
|
}
|
||||||
|
|
||||||
if t.RequestMAC != "" {
|
if rr.MAC != "" {
|
||||||
m := new(macWireFmt)
|
m := new(macWireFmt)
|
||||||
m.MACSize = uint16(len(t.RequestMAC) / 2)
|
m.MACSize = uint16(len(rr.MAC) / 2)
|
||||||
m.MAC = t.RequestMAC
|
m.MAC = rr.MAC
|
||||||
macbuf = make([]byte, len(t.RequestMAC)) // reqmac should be twice as long
|
macbuf = make([]byte, len(rr.MAC)) // reqmac should be twice as long
|
||||||
n, ok := packStruct(m, macbuf, 0)
|
n, ok := packStruct(m, macbuf, 0)
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, ErrSigGen
|
return nil, ErrSigGen
|
||||||
|
@ -191,10 +147,10 @@ func (t *Tsig) Buffer(msg []byte) ([]byte, os.Error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
tsigvar := make([]byte, DefaultMsgSize)
|
tsigvar := make([]byte, DefaultMsgSize)
|
||||||
if t.TimersOnly {
|
if timersOnly {
|
||||||
tsig := new(timerWireFmt)
|
tsig := new(timerWireFmt)
|
||||||
tsig.TimeSigned = t.TimeSigned
|
tsig.TimeSigned = rr.TimeSigned
|
||||||
tsig.Fudge = t.Fudge
|
tsig.Fudge = rr.Fudge
|
||||||
n, ok1 := packStruct(tsig, tsigvar, 0)
|
n, ok1 := packStruct(tsig, tsigvar, 0)
|
||||||
if !ok1 {
|
if !ok1 {
|
||||||
return nil, ErrSigGen
|
return nil, ErrSigGen
|
||||||
|
@ -202,12 +158,12 @@ func (t *Tsig) Buffer(msg []byte) ([]byte, os.Error) {
|
||||||
tsigvar = tsigvar[:n]
|
tsigvar = tsigvar[:n]
|
||||||
} else {
|
} else {
|
||||||
tsig := new(tsigWireFmt)
|
tsig := new(tsigWireFmt)
|
||||||
tsig.Name = strings.ToLower(t.Name)
|
tsig.Name = strings.ToLower(rr.Hdr.Name)
|
||||||
tsig.Class = ClassANY
|
tsig.Class = ClassANY
|
||||||
tsig.Ttl = 0
|
tsig.Ttl = 0
|
||||||
tsig.Algorithm = strings.ToLower(t.Algorithm)
|
tsig.Algorithm = strings.ToLower(rr.Algorithm)
|
||||||
tsig.TimeSigned = t.TimeSigned
|
tsig.TimeSigned = rr.TimeSigned
|
||||||
tsig.Fudge = t.Fudge
|
tsig.Fudge = rr.Fudge
|
||||||
tsig.Error = 0
|
tsig.Error = 0
|
||||||
tsig.OtherLen = 0
|
tsig.OtherLen = 0
|
||||||
tsig.OtherData = ""
|
tsig.OtherData = ""
|
||||||
|
@ -217,15 +173,17 @@ func (t *Tsig) Buffer(msg []byte) ([]byte, os.Error) {
|
||||||
}
|
}
|
||||||
tsigvar = tsigvar[:n]
|
tsigvar = tsigvar[:n]
|
||||||
}
|
}
|
||||||
if t.RequestMAC != "" {
|
if rr.MAC != "" {
|
||||||
x := append(macbuf, msg...)
|
msgbuf, _ := msg.Pack()
|
||||||
|
x := append(macbuf, msgbuf...)
|
||||||
buf = append(x, tsigvar...)
|
buf = append(x, tsigvar...)
|
||||||
} else {
|
} else {
|
||||||
buf = append(msg, tsigvar...)
|
msgbuf, _ := msg.Pack()
|
||||||
|
buf = append(msgbuf, tsigvar...)
|
||||||
}
|
}
|
||||||
return buf, nil
|
return buf, nil
|
||||||
}
|
}
|
||||||
|
/*
|
||||||
// Strip the TSIG from the pkt.
|
// Strip the TSIG from the pkt.
|
||||||
func (t *Tsig) stripTsig(orig []byte) ([]byte, os.Error) {
|
func (t *Tsig) stripTsig(orig []byte) ([]byte, os.Error) {
|
||||||
// Copied from msg.go's Unpack()
|
// Copied from msg.go's Unpack()
|
||||||
|
@ -292,3 +250,4 @@ func (t *Tsig) stripTsig(orig []byte) ([]byte, os.Error) {
|
||||||
}
|
}
|
||||||
return msg[:tsigoff], nil
|
return msg[:tsigoff], nil
|
||||||
}
|
}
|
||||||
|
*/
|
||||||
|
|
6
xfr.go
6
xfr.go
|
@ -11,7 +11,7 @@ func (c *Client) XfrReceive(q *Msg, a string) ([]*Msg, os.Error) {
|
||||||
w := new(reply)
|
w := new(reply)
|
||||||
w.client = c
|
w.client = c
|
||||||
w.addr = a
|
w.addr = a
|
||||||
w.req = q // is this needed??
|
w.req = q // is this needed TODO(mg)
|
||||||
|
|
||||||
if err := w.Send(q); err != nil {
|
if err := w.Send(q); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -45,9 +45,7 @@ func (w *reply) axfrReceive() ([]*Msg, os.Error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if !first {
|
if !first {
|
||||||
//if d.Tsig != nil {
|
w.tsigTimersOnly = true // Subsequent envelopes use this.
|
||||||
// d.Tsig.TimersOnly = true // Subsequent envelopes use this.
|
|
||||||
//}
|
|
||||||
if !checkXfrSOA(in, false) {
|
if !checkXfrSOA(in, false) {
|
||||||
// Soa record not the last one
|
// Soa record not the last one
|
||||||
continue
|
continue
|
||||||
|
|
Loading…
Reference in New Issue