Skip to content

Commit

Permalink
randomize cached A and AAAA response
Browse files Browse the repository at this point in the history
  • Loading branch information
@janmojzis
janmojzis committed Oct 20, 2018
1 parent b74c430 commit 3135ae8
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 1 deletion.
1 change: 1 addition & 0 deletions dq/dns.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,7 @@ extern int dns_ip6_qualify(struct dns_data *, const char *);
extern char *dns_iptoname(char *, const unsigned char *);

/* utils */
extern void dns_sortip4(unsigned char *, long long);
extern void dns_sortip(unsigned char *, long long);
extern void dns_sortipkey(unsigned char *, unsigned char *, long long);

Expand Down
16 changes: 15 additions & 1 deletion dq/dns_sortip.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,20 @@ static void swap(unsigned char *x, long long len, unsigned char *y) {

}

void dns_sortip4(unsigned char *s, long long n) {

long long i;

if (n < 0) return;

n >>= 2;
while (n > 1) {
i = randommod(n);
--n;
swap(s + (i << 2), 4, s + (n << 2));
}
}

void dns_sortip(unsigned char *s, long long nn) {

long long i;
Expand All @@ -23,7 +37,7 @@ void dns_sortip(unsigned char *s, long long nn) {
while (n > 1) {
i = randommod(n);
--n;
swap(s + 16 * i, 16, s + 16 * n);
swap(s + (i << 4), 16, s + (n << 4));
}

for (i = 0; i + 16 <= nn; i += 16) {
Expand Down
5 changes: 5 additions & 0 deletions dq/query.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -565,6 +565,7 @@ static int doit(struct query *z,int state)
if (cached && (cachedlen || !byte_isequal(dtype,2,DNS_T_ANY))) {
if (z->level) {
flaghaskey = findkey(d,pubkey);
dns_sortip4(cached, cachedlen);
log_cachedanswer(d,DNS_T_A);
while (cachedlen >= 4) {
byte_copy(misc, 12, "\0\0\0\0\0\0\0\0\0\0\377\377");
Expand All @@ -578,6 +579,7 @@ static int doit(struct query *z,int state)
cached = cache_get(key,dlen + 2,&cachedlen,&ttl,&flagns);
if (cached && (cachedlen || !byte_isequal(dtype,2,DNS_T_ANY))) {
flaghaskey = findkey(d,pubkey);
dns_sortip(cached, cachedlen);
log_cachedanswer(d,DNS_T_AAAA);
while (cachedlen >= 16) {
addserver(z,cached,flaghaskey ? pubkey : 0);
Expand All @@ -588,6 +590,7 @@ static int doit(struct query *z,int state)
goto LOWERLEVEL;
}

dns_sortip4(cached, cachedlen);
log_cachedanswer(d,DNS_T_A);
if (!rqa(z)) goto DIE;
while (cachedlen >= 4) {
Expand Down Expand Up @@ -625,6 +628,7 @@ static int doit(struct query *z,int state)
if (cached && (cachedlen || !byte_isequal(dtype,2,DNS_T_ANY))) {
if (z->level) {
flaghaskey = findkey(d,pubkey);
dns_sortip(cached, cachedlen);
log_cachedanswer(d,DNS_T_AAAA);
while (cachedlen >= 16) {
byte_copy(misc, 16, cached);
Expand All @@ -635,6 +639,7 @@ static int doit(struct query *z,int state)
goto LOWERLEVEL;
}

dns_sortip(cached, cachedlen);
log_cachedanswer(d,DNS_T_AAAA);
if (!rqa(z)) goto DIE;
while (cachedlen >= 16) {
Expand Down

0 comments on commit 3135ae8

Please sign in to comment.