Miek Gieben
parent
d46e21bcbd
commit
c46f003f76
3
TODO
3
TODO
|
|
@ -8,6 +8,9 @@ o Tsig will probably become an interface which has all configuration
|
|||
stuff, but this will come later. Config which has Tsig function
|
||||
-- get TSIG working in xfrprx and see how that impact the package.
|
||||
|
||||
responseWriter with tsig/axfr/ixfr
|
||||
requestWriter
|
||||
|
||||
Todo:
|
||||
* Parsing from strings, going with goyacc and .cz lexer?
|
||||
* encoding NSEC3/NSEC bitmaps, DEcoding works
|
||||
|
|
|
|||
21
server.go
21
server.go
|
|
@ -14,9 +14,11 @@ import (
|
|||
|
||||
type Handler interface {
|
||||
ServeDNS(w ResponseWriter, r *Msg)
|
||||
// IP based ACL mapping. The contains the string representation
|
||||
// of the IP address and a boolean saying it may connect (true) or not.
|
||||
}
|
||||
|
||||
// TODO(mg): fit axfr responses in here too
|
||||
// TODO(mg): fit axfr responses in here too???
|
||||
// A ResponseWriter interface is used by an DNS handler to
|
||||
// construct an DNS response.
|
||||
type ResponseWriter interface {
|
||||
|
|
@ -24,13 +26,6 @@ type ResponseWriter interface {
|
|||
RemoteAddr() string
|
||||
|
||||
Write([]byte) (int, os.Error)
|
||||
|
||||
// IP based ACL mapping. The contains the string representation
|
||||
// of the IP address and a boolean saying it may connect (true) or not.
|
||||
Acl() map[string]bool
|
||||
|
||||
// Tsig secrets. Its a mapping of key names to secrets.
|
||||
Tsig() map[string]string
|
||||
}
|
||||
|
||||
type conn struct {
|
||||
|
|
@ -41,14 +36,11 @@ type conn struct {
|
|||
_UDP *net.UDPConn // i/o connection if UDP was used
|
||||
_TCP *net.TCPConn // i/o connection if TCP was used
|
||||
hijacked bool // connection has been hijacked by hander TODO(mg)
|
||||
tsig map[string]string // tsig secrets
|
||||
acl map[string]bool // ip acl list
|
||||
}
|
||||
|
||||
type response struct {
|
||||
conn *conn
|
||||
req *Msg
|
||||
xfr bool // {i/a}xfr was requested
|
||||
}
|
||||
|
||||
// ServeMux is an DNS request multiplexer. It matches the
|
||||
|
|
@ -322,7 +314,6 @@ func (c *conn) serve() {
|
|||
// Request has been read in ServeUDP or ServeTCP
|
||||
w := new(response)
|
||||
w.conn = c
|
||||
w.xfr = false
|
||||
req := new(Msg)
|
||||
if !req.Unpack(c.request) {
|
||||
break
|
||||
|
|
@ -375,11 +366,5 @@ func (w *response) Write(data []byte) (n int, err os.Error) {
|
|||
return n, nil
|
||||
}
|
||||
|
||||
// Acl implements the ResponseWriter.Acl
|
||||
func (w *response) Acl() map[string]bool { return w.conn.acl }
|
||||
|
||||
// Tsig implements the ResponseWriter.Tsig
|
||||
func (w *response) Tsig() map[string]string { return w.conn.tsig }
|
||||
|
||||
// RemoteAddr implements the ResponseWriter.RemoteAddr method
|
||||
func (w *response) RemoteAddr() string { return w.conn.remoteAddr.String() }
|
||||
|
|
|
|||
24
tsig.go
24
tsig.go
|
|
@ -21,6 +21,30 @@ import (
|
|||
// tsig.TimeSigned = uint64(time.Seconds())
|
||||
// tsig.Secret = "so6ZGir4GPAqINNh9U5c3A==" // Secret encoded in base64.
|
||||
|
||||
type TsigWriter struct {
|
||||
secrets map[string]string
|
||||
w io.Writer
|
||||
name string
|
||||
fudge uint16
|
||||
algorithm string
|
||||
timersOnly bool
|
||||
}
|
||||
|
||||
// NewTsigWriter creates a new writer that implements TSIG, secrets
|
||||
// should contain a mapping from key names to secrets. A message
|
||||
// should be written with the TSIG record appends. Tsig
|
||||
func NewTsigWriter(w io.Writer, secrets map[string]string) *TsigWriter {
|
||||
t := new(TsigWriter)
|
||||
t.secrets = secrets
|
||||
return t
|
||||
}
|
||||
|
||||
func (t *TsigWriter) Write(p []byte) (int, os.Error) {
|
||||
return 0, nil
|
||||
|
||||
}
|
||||
|
||||
|
||||
type Tsig struct {
|
||||
// The name of the key.
|
||||
Name string
|
||||
|
|
|
|||
Loading…
Reference in New Issue