From ac687f284aeea8a9892d52c9a3bcd49d8574b4e2 Mon Sep 17 00:00:00 2001 From: Miek Gieben Date: Sun, 9 Jan 2011 00:11:22 +0100 Subject: [PATCH] Tsig * add some testcases for tsig * add unpack/pack stuff -- doesn't work correctly yet --- resolver/resolverTsig_test.go | 49 +++++++++++++++++++++++++++++++++++ tsig.go | 13 ++++++++-- tsig_test.go | 18 +++++++++++-- types.go | 4 ++- 4 files changed, 79 insertions(+), 5 deletions(-) create mode 100644 resolver/resolverTsig_test.go diff --git a/resolver/resolverTsig_test.go b/resolver/resolverTsig_test.go new file mode 100644 index 00000000..2930fe0a --- /dev/null +++ b/resolver/resolverTsig_test.go @@ -0,0 +1,49 @@ +package resolver + +import ( + "testing" + "dns" + "fmt" +) + +func TestResolverTsig(t *testing.T) { + res := new(Resolver) + ch := res.NewQuerier() + + res.Servers = []string{"127.0.0.1"} + res.Timeout = 2 + res.Attempts = 1 + + m := new(dns.Msg) + m.MsgHdr.RecursionDesired = true //only set this bit + m.Question = make([]dns.Question, 1) + + // ask something + m.Question[0] = dns.Question{"powerdns.nl", dns.TypeDNSKEY, dns.ClassINET} + m.Extra = make([]dns.RR, 1) + m.SetId() + + tsig := new(dns.RR_TSIG) + tsig.Hdr.Name = "miek.nl" // for tsig this is the key's name + tsig.Hdr.Rrtype = dns.TypeTSIG + tsig.Hdr.Class = dns.ClassANY + tsig.Hdr.Ttl = 0 + tsig.GenerateMAC(m, "geheim") + // Add it to the msg + m.Extra[0] = tsig + + + ch <- DnsMsg{m, nil} + in := <-ch + if in.Dns != nil { + if in.Dns.Rcode != dns.RcodeSuccess { + t.Log("Failed to get an valid answer") + t.Fail() + } + fmt.Printf("%v\n", in.Dns) + } else { + fmt.Printf("Failed to get a good anwer") + } + ch <- DnsMsg{nil, nil} + <-ch // wait for ch to close channel +} diff --git a/tsig.go b/tsig.go index 28244a68..89f185f3 100644 --- a/tsig.go +++ b/tsig.go @@ -30,9 +30,10 @@ type tsig_generation_fmt struct { } // Generate the HMAC for msg. The TSIG RR is modified -// to include the MAC and MACSize +// to include the MAC and MACSize. Note the the msg Id must +// be set, otherwise the MAC is not correct func (rr *RR_TSIG) GenerateMAC(msg *Msg, secret string) bool { - buf := make([]byte, 2048) // TODO(mg) bufsize! + buf := make([]byte, 4096) // TODO(mg) bufsize! tsigbuf := new(tsig_generation_fmt) // Fill the struct and generate the wiredata @@ -46,11 +47,19 @@ func (rr *RR_TSIG) GenerateMAC(msg *Msg, secret string) bool { tsigbuf.OtherLen = rr.OtherLen tsigbuf.OtherData = rr.OtherData packStruct(tsigbuf, buf, 0) + + msgbuf, ok := msg.Pack() + if !ok { + return false + } + buf = append(buf, msgbuf...) + //func NewMD5(key []byte) hash.Hash hmac := hmac.NewMD5([]byte(secret)) io.WriteString(hmac, string(buf)) rr.MAC = string(hmac.Sum()) rr.MACSize = uint16(len(rr.MAC)) + rr.OrigId = msg.MsgHdr.Id return true } diff --git a/tsig_test.go b/tsig_test.go index ba62df72..d62081f2 100644 --- a/tsig_test.go +++ b/tsig_test.go @@ -2,18 +2,32 @@ package dns import ( "testing" + "fmt" ) func TestTsig(t *testing.T) { tsig := new(RR_TSIG) - tsig.Hdr.Name = "miek.nl" + tsig.Hdr.Name = "miek.nl" // for tsig this is the key's name tsig.Hdr.Rrtype = TypeTSIG tsig.Hdr.Class = ClassANY tsig.Hdr.Ttl = 0 - ok := tsig.GenerateMAC() + out := new(Msg) + out.MsgHdr.RecursionDesired = true + out.Question = make([]Question, 1) + out.Question[0] = Question{"miek.nl", TypeSOA, ClassINET} + + ok := tsig.GenerateMAC(out, "geheim") if !ok { t.Log("Failed") t.Fail() } + fmt.Printf("%v\n", tsig) + + // Having the TSIG record, it must now be added to the msg + // in the extra section + out.Extra = make([]RR, 1) + out.Extra[0] = tsig + + fmt.Printf("%v\n", out) } diff --git a/types.go b/types.go index 011b90a9..d15d99b0 100644 --- a/types.go +++ b/types.go @@ -543,7 +543,9 @@ func (rr *RR_TSIG) Header() *RR_Header { func (rr *RR_TSIG) String() string { // It has no presentation format - return "" + return rr.Hdr.String() + + " " + strconv.Itoa(int(rr.MACSize)) + + " " + rr.MAC } // Translate the RRSIG's incep. and expir. time to the correct date.