Lines Matching +full:no +full:- +full:srv +full:- +full:ipv4 +full:- +full:single +full:- +full:target

1 /* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
24 ((size_t)((pp) - (unsigned char*) (header) + (len)) <= (plen))
45 /* check that there are the correct no of bytes after the name */ in extract_name()
49 if (cp != (unsigned char*) name) cp--; in extract_name()
90 digs = ((count - 1) >> 2) + 1; in extract_name()
93 if (cp - (unsigned char*) name + digs + 9 >= MAXDNAME) return 0; in extract_name()
94 if (!CHECK_LEN(header, p, plen, (count - 1) >> 3)) return 0; in extract_name()
106 *cp++ = dig < 10 ? dig + '0' : dig + 'A' - 10; in extract_name()
111 } else { /* label_type = 0 -> label. */ in extract_name()
112 if (cp - (unsigned char*) name + l + 1 >= MAXDNAME) return 0; in extract_name()
129 if (c1 >= 'A' && c1 <= 'Z') c1 += 'a' - 'A'; in extract_name()
130 if (c2 >= 'A' && c2 <= 'Z') c2 += 'a' - 'A'; in extract_name()
157 /* j counts no of labels */ in in_arpa_name_2_addr()
171 if (hostname_isequal(lastchunk, "arpa") && hostname_isequal(penchunk, "in-addr")) { in in_arpa_name_2_addr()
174 www.xxx.yyy.zzz.in-addr.arpa in in_arpa_name_2_addr()
179 50.0/24.67.28.64.in-addr.arpa which are used in in_arpa_name_2_addr()
201 left-over from the many DNS-for-IPv6 wars. We support all the formats in in_arpa_name_2_addr()
202 that we can since there is no reason not to. in in_arpa_name_2_addr()
223 for (j = sizeof(struct all_addr) - 1; j > 0; j--) in in_arpa_name_2_addr()
224 addr[j] = (addr[j] >> 4) | (addr[j - 1] << 4); in in_arpa_name_2_addr()
263 ansp += ((count - 1) >> 3) + 1; in skip_name()
282 for (q = ntohs(header->qdcount); q != 0; q--) { in skip_questions()
307 We ignore case in the names for the same reason. Return all-ones
314 for (q = ntohs(header->qdcount); q != 0; q--) { in questions_crc()
321 if (c >= 'A' && c <= 'Z') c += 'a' - 'A'; in questions_crc()
324 while (i--) crc = crc & 0x80000000 ? (crc << 1) ^ 0x04c11db7 : crc << 1; in questions_crc()
331 while (i--) crc = crc & 0x80000000 ? (crc << 1) ^ 0x04c11db7 : crc << 1; in questions_crc()
344 /* if packet is malformed, just return as-is. */ in resize_packet()
348 ansp, ntohs(header->ancount) + ntohs(header->nscount) + ntohs(header->arcount), in resize_packet()
353 if (pheader && ntohs(header->arcount) == 0) { in resize_packet()
356 header->arcount = htons(1); in resize_packet()
360 return ansp - (unsigned char*) header; in resize_packet()
367 Finally, check to see if a packet is signed. If it is we cannot change a single bit before in find_pseudoheader()
368 … forwarding. We look for SIG and TSIG in the addition section, and TKEY queries (for GSS-TSIG) */ in find_pseudoheader()
370 int i, arcount = ntohs(header->arcount); in find_pseudoheader()
378 if (header->opcode == QUERY) { in find_pseudoheader()
379 for (i = ntohs(header->qdcount); i != 0; i--) { in find_pseudoheader()
394 if (!(ansp = skip_section(ansp, ntohs(header->ancount) + ntohs(header->nscount), header, plen))) in find_pseudoheader()
408 if (len) *len = ansp - start; in find_pseudoheader()
411 } else if (is_sign && i == arcount - 1 && class == C_ANY && in find_pseudoheader()
419 /* is addr in the non-globally-routed IP space? */
434 for (i = count; i != 0; i--) { in do_doctor()
451 for (doctor = daemon->doctors; doctor; doctor = doctor->next) { in do_doctor()
452 if (doctor->end.s_addr == 0) { in do_doctor()
453 if (!is_same_net(doctor->in, addr, doctor->mask)) continue; in do_doctor()
454 } else if (ntohl(doctor->in.s_addr) > ntohl(addr.s_addr) || in do_doctor()
455 ntohl(doctor->end.s_addr) < ntohl(addr.s_addr)) in do_doctor()
458 addr.s_addr &= ~doctor->mask.s_addr; in do_doctor()
459 addr.s_addr |= (doctor->out.s_addr & doctor->mask.s_addr); in do_doctor()
460 /* Since we munged the data, the server it came from is no longer authoritative */ in do_doctor()
461 header->aa = 0; in do_doctor()
481 !(p = do_doctor(p, ntohs(header->ancount), header, qlen))) in find_soa()
484 for (i = ntohs(header->nscount); i != 0; i--) { in find_soa()
509 if (!do_doctor(p, ntohs(header->arcount), header, qlen)) return 0; in find_soa()
511 if (!found_soa) minttl = daemon->neg_ttl; in find_soa()
519 Return 1 if we reject an address because it look like parct of dns-rebinding attack. */
528 /* find_soa is needed for dns_doctor side-effects, so don't call it lazily if there are any. */ in extract_addresses()
529 if (daemon->doctors) { in extract_addresses()
537 for (i = ntohs(header->qdcount); i != 0; i--) { in extract_addresses()
540 int flags = header->rcode == NXDOMAIN ? F_NXDOMAIN : 0; in extract_addresses()
551 /* PTRs: we chase CNAMEs here, since we have no way to in extract_addresses()
562 for (j = ntohs(header->ancount); j != 0; j--) { in extract_addresses()
582 if (!cname_count--) return 0; /* looped CNAMES */ in extract_addresses()
595 if (!found && !(daemon->options & OPT_NO_NEG)) { in extract_addresses()
625 for (j = ntohs(header->ancount); j != 0; j--) { in extract_addresses()
637 if (!cname_count--) return 0; /* looped CNAMES */ in extract_addresses()
640 cpp->addr.cname.cache = newc; in extract_addresses()
641 cpp->addr.cname.uid = newc->uid; in extract_addresses()
657 if ((daemon->options & OPT_NO_REBIND) && (flags & F_IPV4) && in extract_addresses()
663 cpp->addr.cname.cache = newc; in extract_addresses()
664 cpp->addr.cname.uid = newc->uid; in extract_addresses()
675 if (!found && !(daemon->options & OPT_NO_NEG)) { in extract_addresses()
680 /* If there's no SOA to get the TTL from, but there is a CNAME in extract_addresses()
686 cpp->addr.cname.cache = newc; in extract_addresses()
687 cpp->addr.cname.uid = newc->uid; in extract_addresses()
695 if (!header->tc) cache_end_insert(); in extract_addresses()
702 Abuse F_BIGNAME to indicate an NS query - yuck. */
710 if (ntohs(header->qdcount) != 1 || header->opcode != QUERY) in extract_request()
736 header->qr = 1; /* response */ in setup_reply()
737 header->aa = 0; /* authoritive */ in setup_reply()
738 header->ra = 1; /* recursion if available */ in setup_reply()
739 header->tc = 0; /* not truncated */ in setup_reply()
740 header->nscount = htons(0); in setup_reply()
741 header->arcount = htons(0); in setup_reply()
742 header->ancount = htons(0); /* no answers unless changed below */ in setup_reply()
744 header->rcode = SERVFAIL; /* couldn't get memory */ in setup_reply()
746 header->rcode = NOERROR; /* empty domain */ in setup_reply()
748 header->rcode = NXDOMAIN; in setup_reply()
750 header->rcode = NOERROR; in setup_reply()
751 header->ancount = htons(1); in setup_reply()
752 header->aa = 1; in setup_reply()
758 header->rcode = NOERROR; in setup_reply()
759 header->ancount = htons(1); in setup_reply()
760 header->aa = 1; in setup_reply()
766 header->rcode = REFUSED; in setup_reply()
768 return p - (unsigned char*) header; in setup_reply()
780 (crecp->flags & (F_HOSTS | F_DHCP))) in check_for_local_domain()
783 for (mx = daemon->mxnames; mx; mx = mx->next) in check_for_local_domain()
784 if (hostname_isequal(name, mx->name)) return 1; in check_for_local_domain()
786 for (txt = daemon->txt; txt; txt = txt->next) in check_for_local_domain()
787 if (hostname_isequal(name, txt->name)) return 1; in check_for_local_domain()
789 for (intr = daemon->int_names; intr; intr = intr->next) in check_for_local_domain()
790 if (hostname_isequal(name, intr->name)) return 1; in check_for_local_domain()
792 for (ptr = daemon->ptr; ptr; ptr = ptr->next) in check_for_local_domain()
793 if (hostname_isequal(name, ptr->name)) return 1; in check_for_local_domain()
811 for (i = ntohs(header->ancount); i != 0; i--) { in check_for_bogus_wildcard()
822 for (baddrp = baddr; baddrp; baddrp = baddrp->next) in check_for_bogus_wildcard()
823 if (memcmp(&baddrp->addr, p, INADDRSZ) == 0) { in check_for_bogus_wildcard()
824 /* Found a bogus address. Insert that info here, since there no SOA record in check_for_bogus_wildcard()
901 /* get domain-name answer arg and store it in RDATA field */ in add_resource_record()
902 if (offset) *offset = p - (unsigned char*) header; in add_resource_record()
934 j = p - sav - 2; in add_resource_record()
939 if (limit && ((unsigned char*) limit - p) < 0) { in add_resource_record()
953 if (crecp->flags & (F_IMMORTAL | F_DHCP)) return daemon->local_ttl; in crec_ttl()
955 return crecp->ttd - now; in crec_ttl()
961 char* name = daemon->namebuff; in answer_request()
975 if (qlen > (size_t)(limit - ((char*) header))) return 0; in answer_request()
997 if (!is_sign && (udpsz > daemon->edns_pktsz)) PUTSHORT(daemon->edns_pktsz, psave); in answer_request()
1002 if (ntohs(header->qdcount) == 0 || header->opcode != QUERY) return 0; in answer_request()
1004 for (rec = daemon->mxnames; rec; rec = rec->next) rec->offset = 0; in answer_request()
1013 for (q = ntohs(header->qdcount); q != 0; q--) { in answer_request()
1015 nameoffset = p - (unsigned char*) header; in answer_request()
1017 /* now extract name as .-concatenated string into name */ in answer_request()
1027 for (t = daemon->txt; t; t = t->next) { in answer_request()
1028 if (t->class == qclass && hostname_isequal(name, t->name)) { in answer_request()
1033 daemon->local_ttl, NULL, T_TXT, t->class, "t", in answer_request()
1034 t->len, t->txt)) in answer_request()
1043 /* see if it's w.z.y.z.in-addr.arpa format */ in answer_request()
1048 for (ptr = daemon->ptr; ptr; ptr = ptr->next) in answer_request()
1049 if (hostname_isequal(name, ptr->name)) break; in answer_request()
1052 for (intr = daemon->int_names; intr; intr = intr->next) { in answer_request()
1053 if (addr.addr.addr4.s_addr == get_ifaddr(intr->intr).s_addr) in answer_request()
1056 while (intr->next && strcmp(intr->intr, intr->next->intr) == 0) in answer_request()
1057 intr = intr->next; in answer_request()
1063 log_query(F_IPV4 | F_REVERSE | F_CONFIG, intr->name, &addr, NULL); in answer_request()
1065 daemon->local_ttl, NULL, T_PTR, C_IN, "d", in answer_request()
1066 intr->name)) in answer_request()
1073 for (ptr = daemon->ptr; ptr; ptr = ptr->next) in answer_request()
1074 if (hostname_isequal(name, ptr->name) && in answer_request()
1076 daemon->local_ttl, NULL, T_PTR, C_IN, "d", in answer_request()
1077 ptr->ptr)) in answer_request()
1083 if (qtype == T_ANY && !(crecp->flags & (F_HOSTS | F_DHCP))) continue; in answer_request()
1085 if (crecp->flags & F_NEG) { in answer_request()
1088 if (crecp->flags & F_NXDOMAIN) nxdomain = 1; in answer_request()
1089 if (!dryrun) log_query(crecp->flags & ~F_FORWARD, name, &addr, NULL); in answer_request()
1090 } else if ((crecp->flags & (F_HOSTS | F_DHCP)) || !sec_reqd) { in answer_request()
1092 if (!(crecp->flags & (F_HOSTS | F_DHCP))) auth = 0; in answer_request()
1094 log_query(crecp->flags & ~F_FORWARD, cache_get_name(crecp), &addr, in answer_request()
1095 record_source(crecp->uid)); in answer_request()
1104 else if (is_arpa == F_IPV4 && (daemon->options & OPT_BOGUSPRIV) && in answer_request()
1106 /* if not in cache, enabled and private IPV4 address, return NXDOMAIN */ in answer_request()
1128 if (qtype == T_A && (addr.addr.addr4.s_addr = inet_addr(name)) != (in_addr_t) -1) { in answer_request()
1133 daemon->local_ttl, NULL, type, C_IN, "4", &addr)) in answer_request()
1143 for (intr = daemon->int_names; intr; intr = intr->next) in answer_request()
1144 if (hostname_isequal(name, intr->name)) break; in answer_request()
1149 if ((addr.addr.addr4 = get_ifaddr(intr->intr)).s_addr == (in_addr_t) -1) in answer_request()
1154 daemon->local_ttl, NULL, type, C_IN, "4", in answer_request()
1169 if (local_addr.s_addr != 0 && (daemon->options & OPT_LOCALISE) && in answer_request()
1173 if ((crecp->flags & F_HOSTS) && in answer_request()
1174 is_same_net(*((struct in_addr*) &crecp->addr), local_addr, in answer_request()
1186 if (qtype == T_ANY && !(crecp->flags & (F_HOSTS | F_DHCP))) break; in answer_request()
1188 if (crecp->flags & F_CNAME) { in answer_request()
1190 log_query(crecp->flags, name, NULL, record_source(crecp->uid)); in answer_request()
1194 cache_get_name(crecp->addr.cname.cache))) in answer_request()
1198 strcpy(name, cache_get_name(crecp->addr.cname.cache)); in answer_request()
1202 if (crecp->flags & F_NEG) { in answer_request()
1205 if (crecp->flags & F_NXDOMAIN) nxdomain = 1; in answer_request()
1206 if (!dryrun) log_query(crecp->flags, name, NULL, NULL); in answer_request()
1207 } else if ((crecp->flags & (F_HOSTS | F_DHCP)) || !sec_reqd) { in answer_request()
1210 if (localise && (crecp->flags & F_HOSTS) && in answer_request()
1211 !is_same_net(*((struct in_addr*) &crecp->addr), local_addr, in answer_request()
1215 if (!(crecp->flags & (F_HOSTS | F_DHCP))) auth = 0; in answer_request()
1219 log_query(crecp->flags & ~F_REVERSE, name, &crecp->addr.addr, in answer_request()
1220 record_source(crecp->uid)); in answer_request()
1224 type == T_A ? "4" : "6", &crecp->addr)) in answer_request()
1234 for (rec = daemon->mxnames; rec; rec = rec->next) in answer_request()
1235 if (!rec->issrv && hostname_isequal(name, rec->name)) { in answer_request()
1242 daemon->local_ttl, &offset, T_MX, C_IN, "sd", in answer_request()
1243 rec->weight, rec->target)) { in answer_request()
1245 if (rec->target) rec->offset = offset; in answer_request()
1250 if (!found && (daemon->options & (OPT_SELFMX | OPT_LOCALMX)) && in answer_request()
1256 header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl, NULL, in answer_request()
1258 (daemon->options & OPT_SELFMX) ? name : daemon->mxtarget)) in answer_request()
1267 for (rec = daemon->mxnames; rec; rec = rec->next) in answer_request()
1268 if (rec->issrv && hostname_isequal(name, rec->name)) { in answer_request()
1273 "<SRV>"); in answer_request()
1275 daemon->local_ttl, &offset, T_SRV, C_IN, "sssd", in answer_request()
1276 rec->priority, rec->weight, rec->srvport, in answer_request()
1277 rec->target)) { in answer_request()
1279 if (rec->target) rec->offset = offset; in answer_request()
1284 if (!found && (daemon->options & OPT_FILTER) && in answer_request()
1293 for (na = daemon->naptr; na; na = na->next) in answer_request()
1294 if (hostname_isequal(name, na->name)) { in answer_request()
1300 daemon->local_ttl, NULL, T_NAPTR, C_IN, in answer_request()
1301 "sszzzd", na->order, na->pref, na->flags, in answer_request()
1302 na->services, na->regexp, na->replace)) in answer_request()
1310 if (qtype == T_SOA && (daemon->options & OPT_FILTER)) { in answer_request()
1324 /* create an additional data section, for stuff in SRV and MX record replies. */ in answer_request()
1325 for (rec = daemon->mxnames; rec; rec = rec->next) in answer_request()
1326 if (rec->offset != 0) { in answer_request()
1329 for (tmp = rec->next; tmp; tmp = tmp->next) in answer_request()
1330 if (tmp->offset != 0 && hostname_isequal(rec->target, tmp->target)) tmp->offset = 0; in answer_request()
1333 while ((crecp = cache_find_by_name(crecp, rec->target, now, F_IPV4 | F_IPV6))) { in answer_request()
1335 int type = crecp->flags & F_IPV4 ? T_A : T_AAAA; in answer_request()
1339 if (crecp->flags & F_NEG) continue; in answer_request()
1341 if (add_resource_record(header, limit, NULL, rec->offset, &ansp, in answer_request()
1343 crecp->flags & F_IPV4 ? "4" : "6", &crecp->addr)) in answer_request()
1349 header->qr = 1; /* response */ in answer_request()
1350 header->aa = auth; /* authoritive - only hosts and DHCP derived names. */ in answer_request()
1351 header->ra = 1; /* recursion if available */ in answer_request()
1352 header->tc = trunc; /* truncation */ in answer_request()
1354 header->rcode = NXDOMAIN; in answer_request()
1356 header->rcode = NOERROR; /* no error */ in answer_request()
1357 header->ancount = htons(anscount); in answer_request()
1358 header->nscount = htons(0); in answer_request()
1359 header->arcount = htons(addncount); in answer_request()
1360 return ansp - (unsigned char*) header; in answer_request()