PDNS_RECURSOR_OBJECTS=syncres.o misc.o unix_utility.o qtype.o logger.o \
arguments.o lwres.o pdns_recursor.o recursor_cache.o dnsparser.o \
dnswriter.o dnsrecords.o rcpgenerator.o base64.o zoneparser-tng.o \
-rec_channel.o rec_channel_rec.o malloc.o selectmplexer.o sillyrecords.o
+rec_channel.o rec_channel_rec.o malloc.o selectmplexer.o sillyrecords.o \
+dns_random.o aescrypt.o aeskey.o aes_modes.o aestab.o
+
REC_CONTROL_OBJECTS=rec_channel.o rec_control.o arguments.o
-rm -f dep *.o *~ pdns_recursor rec_control optional/*.o
dep:
- $(CXX) $(CXXFLAGS) -MM -MG *.cc *.hh > $@
+ $(CXX) $(CXXFLAGS) -MM -MG *.cc *.c *.hh > $@
-include dep
backends/gsql/gsqlbackend.hh backends/gsql/ssql.hh \
base64.cc sillyrecords.cc \
base64.hh zoneparser-tng.cc dnsrecords.cc dnswriter.cc \
-rcpgenerator.cc dnsparser.cc
+rcpgenerator.cc dnsparser.cc \
+aes/dns_random.cc aes/aescrypt.c aes/aeskey.c aes/aestab.c aes/aes_modes.c
#
pdns_server_LDFLAGS= @moduleobjects@ @modulelibs@ @DYNLINKFLAGS@ @LIBDL@ @THREADFLAGS@
base64.cc base64.hh dnswriter.cc dnswriter.hh rcpgenerator.cc rcpgenerator.hh \
utility.hh dnsparser.hh sillyrecords.cc
-
-
-
-# INCLUDES=-I/usr/include/mysql
-
rec_control_SOURCES=rec_channel.cc rec_channel.hh rec_control.cc arguments.cc arguments.hh
pdns_recursor_SOURCES=syncres.cc resolver.hh misc.cc unix_utility.cc qtype.cc \
mtasker.hh syncres.hh recursor_cache.cc recursor_cache.hh dnsparser.cc \
dnswriter.cc dnswriter.hh dnsrecords.cc dnsrecords.hh rcpgenerator.cc rcpgenerator.hh \
base64.cc base64.hh zoneparser-tng.cc zoneparser-tng.hh rec_channel.cc rec_channel.hh \
-rec_channel_rec.cc selectmplexer.cc epollmplexer.cc sillyrecords.cc htimer.cc htimer.hh
+rec_channel_rec.cc selectmplexer.cc epollmplexer.cc sillyrecords.cc htimer.cc htimer.hh \
+aes/dns_random.cc aes/aescrypt.c aes/aeskey.c aes/aestab.c aes/aes_modes.c
if NEDMALLOC
pdns_recursor_SOURCES += ext/nedmalloc/malloc.c
recursor_cache.hh rec_channel.hh qtype.hh misc.hh dns.hh syncres.hh \
sstuff.hh mtasker.hh mtasker.cc lwres.hh logger.hh ahuexception.hh \
mplexer.hh win32_mtasker.hh win32_utility.cc ntservice.hh singleton.hh \
-recursorservice.hh"
+recursorservice.hh dns_random.hh"
CFILES="syncres.cc misc.cc unix_utility.cc qtype.cc \
logger.cc arguments.cc lwres.cc pdns_recursor.cc \
mkdir $DIRNAME/rrd
cp tools/rrd/{create,update,makegraphs,index.html} $DIRNAME/rrd
cp ext/dlmalloc/malloc.{c,h} $DIRNAME
+cp aes/*.{c,cc,h} $DIRNAME
cp pdns-recursor.init.d $DIRNAME
cp docs/pdns_recursor.1 docs/rec_control.1 $DIRNAME
cp configure-recursor $DIRNAME/configure
/*
PowerDNS Versatile Database Driven Nameserver
- Copyright (C) 2002 - 2007 PowerDNS.COM BV
+ Copyright (C) 2002 - 2008 PowerDNS.COM BV
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
#include "dnswriter.hh"
#include "dnsparser.hh"
#include "logger.hh"
+#include "dns_random.hh"
#include <boost/scoped_array.hpp>
+#include <boost/algorithm/string.hpp>
+
+string dns0x20(const std::string& in)
+{
+ string ret(in);
+ string::size_type len=ret.size();
+ for(string::size_type pos = 0 ; pos < len; ++pos) {
+ if(isalpha(in[pos]) && dns_random(2))
+ ret[pos]^=0x20;
+ }
+ // cerr<<"'"<<in<<"' -> '"<<ret<<"'\n";
+ return ret;
+}
//! returns -2 for OS limits error, -1 for permanent error that has to do with remote, 0 for timeout, 1 for success
/** Never throws! */
int bufsize=1500;
scoped_array<unsigned char> buf(new unsigned char[bufsize]);
vector<uint8_t> vpacket;
+ // string mapped0x20=dns0x20(domain);
DNSPacketWriter pw(vpacket, domain, type);
pw.getHeader()->rd=0;
- pw.getHeader()->id=Utility::random();
+ pw.getHeader()->id=dns_random(0xffff);
if(doEDNS0 && !doTCP) {
pw.addOpt(1200, 0, 0); // 1200 bytes answer size
}
goto out;
}
-
+
for(MOADNSParser::answers_t::const_iterator i=mdp.d_answers.begin(); i!=mdp.d_answers.end(); ++i) {
DNSResourceRecord rr;
rr.qtype=i->first.d_type;
rr.qname=i->first.d_label;
+ /*
+ if(i->first.d_label == mapped0x20)
+ rr.qname=domain;
+ else
+ rr.qname=i->first.d_label;
+ */
rr.ttl=i->first.d_ttl;
rr.content=i->first.d_content->getZoneRepresentation(); // this should be the serialised form
rr.d_place=(DNSResourceRecord::Place) i->first.d_place;
#endif // WIN32
#include "utility.hh"
+#include "dns_random.hh"
#include <iostream>
#include <errno.h>
#include <map>
}
}
+void seedRandom(const string& source);
+
int serviceMain(int argc, char*argv[])
{
L.setName("pdns_recursor");
L<<Logger::Error<<"Unknown logging facility "<<::arg().asNum("logging-facility") <<endl;
}
- L<<Logger::Warning<<"PowerDNS recursor "<<VERSION<<" (C) 2001-2007 PowerDNS.COM BV ("<<__DATE__", "__TIME__;
+ L<<Logger::Warning<<"PowerDNS recursor "<<VERSION<<" (C) 2001-2008 PowerDNS.COM BV ("<<__DATE__", "__TIME__;
#ifdef __GNUC__
L<<", gcc "__VERSION__;
#endif // add other compilers here
"according to the terms of the GPL version 2."<<endl;
L<<Logger::Warning<<"Operating in "<<(sizeof(unsigned long)*8) <<" bits mode"<<endl;
+
+ seedRandom(::arg()["entropy-source"]);
if(!::arg()["allow-from-file"].empty()) {
string line;
}
#endif
+void seedRandom(const string& source)
+{
+ L<<Logger::Warning<<"Reading random entropy from '"<<source<<"'"<<endl;
+
+ int fd=open(source.c_str(), O_RDONLY);
+ if(fd < 0) {
+ L<<Logger::Error<<"Unable to open source of random '"<<source<<"': "<<stringerror()<<endl;
+ exit(EXIT_FAILURE);
+ }
+ char seed[128];
+ int ret;
+ int pos=0;
+ while(pos!=sizeof(seed)) {
+ ret = read(fd, seed+pos, sizeof(seed)-pos);
+ if(ret < 0) {
+ L<<Logger::Error<<"Unable to read random seed from "<<source<<": "<<stringerror()<<endl;
+ close(fd);
+ exit(EXIT_FAILURE);
+ }
+ if(!ret) {
+ L<<Logger::Error<<"Unable to read random seed from "<<source<<": end of file"<<endl;
+ close(fd);
+ exit(EXIT_FAILURE);
+ }
+ pos+=ret;
+ }
+ close(fd);
+ dns_random_init(seed);
+}
+
int main(int argc, char **argv)
{
// HTimer mtimer("main");
#endif // WIN32
try {
- Utility::srandom(time(0));
::arg().set("stack-size","stack size per mthread")="200000";
::arg().set("soa-minimum-ttl","Don't change")="0";
::arg().set("soa-serial-offset","Don't change")="0";
::arg().set("version-string", "string reported on version.pdns or version.bind")="PowerDNS Recursor "VERSION" $Id$";
::arg().set("allow-from", "If set, only allow these comma separated netmasks to recurse")="127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fe80::/10";
::arg().set("allow-from-file", "If set, load allowed netmasks from this file")="";
+ ::arg().set("entropy-source", "If set, read entropy from this file")="/dev/urandom";
::arg().set("dont-query", "If set, do not query these netmasks for DNS data")="127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fe80::/10";
::arg().set("max-tcp-per-client", "If set, maximum number of TCP sessions per client (IP address)")="0";
::arg().set("fork", "If set, fork the daemon for possible double performance")="no";
exit(0);
}
+
#ifndef WIN32
serviceMain(argc, argv);
#else
#include "lwres.hh"
#include "recursor_cache.hh"
#include "dnsparser.hh"
+#include "dns_random.hh"
extern MemRecursorCache RC;
}
if(ret.size() > 1) {
- random_shuffle(ret.begin(), ret.end());
+ random_shuffle(ret.begin(), ret.end(), dns_random);
// move 'best' address for this nameserver name up front
nsspeeds_t::iterator best = s_nsSpeeds.find(qname);
rnameservers.push_back(*i);
speeds[*i]=s_nsSpeeds[*i].get(&d_now);
}
- random_shuffle(rnameservers.begin(),rnameservers.end());
+ random_shuffle(rnameservers.begin(),rnameservers.end(), dns_random);
speedOrder so(speeds);
stable_sort(rnameservers.begin(),rnameservers.end(), so);
projects / thirdparty / pdns.git / commitdiff
