EDNS(0) padding: fixup nitpicks and minor issues

author Vladimír Čunát <vladimir.cunat@nic.cz>

Mon, 28 Nov 2016 17:22:06 +0000 (18:22 +0100)

committer Vladimír Čunát <vladimir.cunat@nic.cz>

Mon, 28 Nov 2016 17:22:06 +0000 (18:22 +0100)
author Vladimír Čunát <vladimir.cunat@nic.cz>
Mon, 28 Nov 2016 17:22:06 +0000 (18:22 +0100)
committer Vladimír Čunát <vladimir.cunat@nic.cz>
Mon, 28 Nov 2016 17:22:06 +0000 (18:22 +0100)
diff --git a/daemon/lua/kres.lua b/daemon/lua/kres.lua

index 7256c3f2f9816b935ed5050a33f4f9df2f60682d..d69314f5f2361981eb892a02dcf6cf621e52ddb9 100644 (file)
--- a/daemon/lua/kres.lua
+++ b/daemon/lua/kres.lua
@@ -112,7 +112,6 @@ struct query_flag {
         static const int BADCOOKIE_AGAIN = 1 << 22;
         static const int CNAME       = 1 << 23;
         static const int REORDER_RR  = 1 << 24;
-       static const int TLS         = 1 << 25;
  };
  
  /*
diff --git a/daemon/worker.c b/daemon/worker.c

index bf468d1754e0ee86e6efd66db3bb622f9ec8fbad..e4cb889985d9a38abb05fa68df2260359a8783a7 100644 (file)
--- a/daemon/worker.c
+++ b/daemon/worker.c
@@ -721,7 +721,7 @@ static int qr_task_step(struct qr_task *task, const struct sockaddr *packet_sour
         task->addrlist = NULL;
         task->addrlist_count = 0;
         task->addrlist_turn = 0;
-       task->req.has_tls = (task->session && task->session->has_tls) ? true : false;
+       task->req.has_tls = (task->session && task->session->has_tls);
         int state = kr_resolve_consume(&task->req, packet_source, packet);
         while (state == KNOT_STATE_PRODUCE) {
                 state = kr_resolve_produce(&task->req, &task->addrlist, &sock_type, task->pktbuf);
diff --git a/lib/resolve.c b/lib/resolve.c

index 706c5b6a84a6d263efbcee7e406e171d2433c2ef..ae07927e50c7b49a3698347aa1d1dc578e593d4f 100644 (file)
--- a/lib/resolve.c
+++ b/lib/resolve.c
@@ -340,31 +340,36 @@ static void write_extra_records(rr_array_t *arr, knot_pkt_t *answer)
         }
  }
  
+/** @internal Add an EDNS padding RR into the answer if requested and required. */
  static int answer_padding(struct kr_request *request)
  {
+       if (!request || !request->answer || !request->ctx) {
+               assert(false);
+               return kr_error(EINVAL);
+       }
         uint16_t padding = request->ctx->tls_padding;
         knot_pkt_t *answer = request->answer;
         knot_rrset_t *opt_rr = answer->opt_rr;
-       
+
         if (padding < 2) {
-               return true;
+               return kr_ok();
         }
         int32_t max_pad_bytes = knot_edns_get_payload(opt_rr) - (answer->size + knot_rrset_size(opt_rr));
-       
+
         int32_t pad_bytes = MIN(knot_edns_alignment_size(answer->size, knot_rrset_size(opt_rr), padding),
                                 max_pad_bytes);
  
-       if (pad_bytes > 0) {
-               uint8_t zeros[pad_bytes];
+       if (pad_bytes >= 0) {
+               uint8_t zeros[MAX(1, pad_bytes)];
                 memset(zeros, 0, sizeof(zeros));
                 int r = knot_edns_add_option(opt_rr, KNOT_EDNS_OPTION_PADDING,
                                              pad_bytes, zeros, &answer->mm);
                 if (r != KNOT_EOK) {
                         knot_rrset_clear(opt_rr, &answer->mm);
-                       return false;
+                       return kr_error(r);
                 }
         }
-       return true;
+       return kr_ok();
  }
  
  static int answer_fail(struct kr_request *request)
@@ -377,7 +382,7 @@ static int answer_fail(struct kr_request *request)
         if (ret == 0 && answer->opt_rr) {
                 /* OPT in SERVFAIL response is still useful for cookies/additional info. */
                 knot_pkt_begin(answer, KNOT_ADDITIONAL);
-               answer_padding(request); /* Ignore failed padding in SERVFAIL answer a*/
+               answer_padding(request); /* Ignore failed padding in SERVFAIL answer. */
                 ret = edns_put(answer);
         }
         return ret;
@@ -408,7 +413,7 @@ static int answer_finalize(struct kr_request *request, int state)
         int ret = 0;
         if (answer->opt_rr) {
                 if (request->has_tls) {
-                       if (!answer_padding(request)) {
+                       if (answer_padding(request) != kr_ok()) {
                                 return answer_fail(request);
                         }
                 }
diff --git a/lib/resolve.h b/lib/resolve.h

index 099701cdabc487f74a3f0946b8bd31f6c0065ead..21d6a9424ffa051601037f38b37a946b58aec226 100644 (file)
--- a/lib/resolve.h
+++ b/lib/resolve.h
@@ -99,7 +99,7 @@ struct kr_context
          * module because of better access. */
         struct kr_cookie_ctx cookie_ctx;
         kr_cookie_lru_t *cache_cookie;
-       uint32_t tls_padding;
+       uint32_t tls_padding; /**< See net.tls_padding in ../daemon/README.rst */
         knot_mm_t *pool;
  };
  
diff --git a/lib/rplan.h b/lib/rplan.h

index 402a811f81b1a11576a6a035c68db570518bf75c..66bdef0995a1741aace3502913f302be04568bb3 100644 (file)
--- a/lib/rplan.h
+++ b/lib/rplan.h
@@ -49,8 +49,7 @@
         X(STRICT,          1 << 21) /**< Strict resolver mode. */ \
         X(BADCOOKIE_AGAIN, 1 << 22) /**< Query again because bad cookie returned. */ \
         X(CNAME,           1 << 23) /**< Query response contains CNAME in answer section. */ \
-       X(REORDER_RR,      1 << 24) /**< Reorder cached RRs. */ \
-       X(TLS,             1 << 25) /**< Use TLS for this query. */
+       X(REORDER_RR,      1 << 24) /**< Reorder cached RRs. */
  
  /** Query flags */
  enum kr_query_flag {
author	Vladimír Čunát <vladimir.cunat@nic.cz>
	Mon, 28 Nov 2016 17:22:06 +0000 (18:22 +0100)
committer	Vladimír Čunát <vladimir.cunat@nic.cz>
	Mon, 28 Nov 2016 17:22:06 +0000 (18:22 +0100)
daemon/lua/kres.lua		patch \| blob \| blame \| history
daemon/worker.c		patch \| blob \| blame \| history
lib/resolve.c		patch \| blob \| blame \| history
lib/resolve.h		patch \| blob \| blame \| history
lib/rplan.h		patch \| blob \| blame \| history