]>
git.ipfire.org Git - thirdparty/pdns.git/blob - pdns/nsecrecords.cc
2 * This file is part of PowerDNS or dnsdist.
3 * Copyright -- PowerDNS.COM B.V. and its contributors
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of version 2 of the GNU General Public License as
7 * published by the Free Software Foundation.
9 * In addition, for the avoidance of any doubt, permission is granted to
10 * link this program with OpenSSL and to (re)distribute the binaries
11 * produced as the result of such linking.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
25 #include "dnsrecords.hh"
27 class NSECBitmapGenerator
30 NSECBitmapGenerator(DNSPacketWriter
& pw_
): pw(pw_
)
32 memset(res
, 0, sizeof(res
));
35 void set(uint16_t type
)
37 uint16_t bit
= type
% 256;
38 int window
= static_cast<int>(type
/ 256);
40 if (window
!= oldWindow
) {
42 res
[0] = static_cast<unsigned char>(oldWindow
);
43 res
[1] = static_cast<unsigned char>(len
);
44 tmp
.assign(res
, res
+len
+2);
47 memset(res
, 0, sizeof(res
));
50 res
[2+bit
/8] |= 1 << (7-(bit
%8));
56 res
[0] = static_cast<unsigned char>(oldWindow
);
57 res
[1] = static_cast<unsigned char>(len
);
59 tmp
.assign(res
, res
+len
+2);
66 /* one byte for the window,
68 then the maximum of 32 bytes */
75 void NSECBitmap::toPacket(DNSPacketWriter
& pw
)
77 NSECBitmapGenerator
nbg(pw
);
79 size_t count
= d_bitset
->count();
81 for(size_t idx
= 0; idx
< nbTypes
&& found
< count
; ++idx
){
82 if (!d_bitset
->test(idx
)) {
90 for (const auto& type
: d_set
) {
98 void NSECBitmap::fromPacket(PacketReader
& pr
)
103 // 00 06 20 00 00 00 00 03 -> NS RRSIG NSEC ( 2, 46, 47 ) counts from left
108 if(bitmap
.size() < 2) {
109 throw MOADNSException("NSEC record with impossibly small bitmap");
112 for(unsigned int n
= 0; n
+1 < bitmap
.size();) {
113 unsigned int window
=static_cast<unsigned char>(bitmap
[n
++]);
114 unsigned int blen
=static_cast<unsigned char>(bitmap
[n
++]);
116 // end if zero padding and ensure packet length
117 if(window
== 0 && blen
== 0) {
121 if(n
+ blen
> bitmap
.size()) {
122 throw MOADNSException("NSEC record with bitmap length > packet length");
125 for(unsigned int k
=0; k
< blen
; k
++) {
126 uint8_t val
=bitmap
[n
++];
127 for(int bit
= 0; bit
< 8 ; ++bit
, val
>>=1) {
129 set((7-bit
) + 8*(k
) + 256*window
);
136 string
NSECBitmap::getZoneRepresentation() const
141 size_t count
= d_bitset
->count();
143 for(size_t idx
= 0; idx
< nbTypes
&& found
< count
; ++idx
) {
144 if (!d_bitset
->test(idx
)) {
150 ret
+=DNSRecordContent::NumberToType(idx
);
154 for(const auto& type
: d_set
) {
156 ret
+=DNSRecordContent::NumberToType(type
);
163 void NSECRecordContent::report(void)
165 regist(1, 47, &make
, &make
, "NSEC");
168 std::shared_ptr
<DNSRecordContent
> NSECRecordContent::make(const string
& content
)
170 return std::make_shared
<NSECRecordContent
>(content
);
173 NSECRecordContent::NSECRecordContent(const string
& content
, const string
& zone
)
175 RecordTextReader
rtr(content
, DNSName(zone
));
185 void NSECRecordContent::toPacket(DNSPacketWriter
& pw
)
188 d_bitmap
.toPacket(pw
);
191 std::shared_ptr
<NSECRecordContent::DNSRecordContent
> NSECRecordContent::make(const DNSRecord
&dr
, PacketReader
& pr
)
193 auto ret
=std::make_shared
<NSECRecordContent
>();
194 pr
.xfrName(ret
->d_next
);
196 ret
->d_bitmap
.fromPacket(pr
);
201 string
NSECRecordContent::getZoneRepresentation(bool noDot
) const
204 RecordTextWriter
rtw(ret
);
207 return ret
+ d_bitmap
.getZoneRepresentation();
210 ////// begin of NSEC3
212 void NSEC3RecordContent::report(void)
214 regist(1, 50, &make
, &make
, "NSEC3");
217 std::shared_ptr
<DNSRecordContent
> NSEC3RecordContent::make(const string
& content
)
219 return std::make_shared
<NSEC3RecordContent
>(content
);
222 NSEC3RecordContent::NSEC3RecordContent(const string
& content
, const string
& zone
)
224 RecordTextReader
rtr(content
, DNSName(zone
));
225 rtr
.xfr8BitInt(d_algorithm
);
226 rtr
.xfr8BitInt(d_flags
);
227 rtr
.xfr16BitInt(d_iterations
);
229 rtr
.xfrHexBlob(d_salt
);
230 rtr
.xfrBase32HexBlob(d_nexthash
);
239 void NSEC3RecordContent::toPacket(DNSPacketWriter
& pw
)
241 pw
.xfr8BitInt(d_algorithm
);
242 pw
.xfr8BitInt(d_flags
);
243 pw
.xfr16BitInt(d_iterations
);
244 pw
.xfr8BitInt(d_salt
.length());
247 pw
.xfr8BitInt(d_nexthash
.length());
248 pw
.xfrBlob(d_nexthash
);
250 d_bitmap
.toPacket(pw
);
253 std::shared_ptr
<NSEC3RecordContent::DNSRecordContent
> NSEC3RecordContent::make(const DNSRecord
&dr
, PacketReader
& pr
)
255 auto ret
=std::make_shared
<NSEC3RecordContent
>();
256 pr
.xfr8BitInt(ret
->d_algorithm
);
257 pr
.xfr8BitInt(ret
->d_flags
);
258 pr
.xfr16BitInt(ret
->d_iterations
);
261 pr
.xfrBlob(ret
->d_salt
, len
);
264 pr
.xfrBlob(ret
->d_nexthash
, len
);
266 ret
->d_bitmap
.fromPacket(pr
);
270 string
NSEC3RecordContent::getZoneRepresentation(bool noDot
) const
273 RecordTextWriter
rtw(ret
);
274 rtw
.xfr8BitInt(d_algorithm
);
275 rtw
.xfr8BitInt(d_flags
);
276 rtw
.xfr16BitInt(d_iterations
);
278 rtw
.xfrHexBlob(d_salt
);
279 rtw
.xfrBase32HexBlob(d_nexthash
);
281 return ret
+ d_bitmap
.getZoneRepresentation();
285 void NSEC3PARAMRecordContent::report(void)
287 regist(1, 51, &make
, &make
, "NSEC3PARAM");
288 regist(254, 51, &make
, &make
, "NSEC3PARAM");
291 std::shared_ptr
<DNSRecordContent
> NSEC3PARAMRecordContent::make(const string
& content
)
293 return std::make_shared
<NSEC3PARAMRecordContent
>(content
);
296 NSEC3PARAMRecordContent::NSEC3PARAMRecordContent(const string
& content
, const string
& zone
)
298 RecordTextReader
rtr(content
, DNSName(zone
));
299 rtr
.xfr8BitInt(d_algorithm
);
300 rtr
.xfr8BitInt(d_flags
);
301 rtr
.xfr16BitInt(d_iterations
);
302 rtr
.xfrHexBlob(d_salt
);
305 void NSEC3PARAMRecordContent::toPacket(DNSPacketWriter
& pw
)
307 pw
.xfr8BitInt(d_algorithm
);
308 pw
.xfr8BitInt(d_flags
);
309 pw
.xfr16BitInt(d_iterations
);
310 pw
.xfr8BitInt(d_salt
.length());
311 // cerr<<"salt: '"<<makeHexDump(d_salt)<<"', "<<d_salt.length()<<endl;
315 std::shared_ptr
<NSEC3PARAMRecordContent::DNSRecordContent
> NSEC3PARAMRecordContent::make(const DNSRecord
&dr
, PacketReader
& pr
)
317 auto ret
=std::make_shared
<NSEC3PARAMRecordContent
>();
318 pr
.xfr8BitInt(ret
->d_algorithm
);
319 pr
.xfr8BitInt(ret
->d_flags
);
320 pr
.xfr16BitInt(ret
->d_iterations
);
323 pr
.xfrHexBlob(ret
->d_salt
, len
);
327 string
NSEC3PARAMRecordContent::getZoneRepresentation(bool noDot
) const
330 RecordTextWriter
rtw(ret
);
331 rtw
.xfr8BitInt(d_algorithm
);
332 rtw
.xfr8BitInt(d_flags
);
333 rtw
.xfr16BitInt(d_iterations
);
334 rtw
.xfrHexBlob(d_salt
);