mirror of
https://github.com/miekg/dns.git
synced 2025-10-11 18:01:02 +02:00
Add server side tsig support
This commit is contained in:
Miek Gieben
parent
f7f1d2ab42
commit
acba7a84fc
34
server.go
34
server.go
@ -36,17 +36,19 @@ type ResponseWriter interface {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type conn struct {
|
type conn struct {
|
||||||
remoteAddr net.Addr // address of remote side
|
remoteAddr net.Addr // address of remote side
|
||||||
handler Handler // request handler
|
handler Handler // request handler
|
||||||
request []byte // bytes read
|
request []byte // bytes read
|
||||||
_UDP *net.UDPConn // i/o connection if UDP was used
|
_UDP *net.UDPConn // i/o connection if UDP was used
|
||||||
_TCP *net.TCPConn // i/o connection if TCP was used
|
_TCP *net.TCPConn // i/o connection if TCP was used
|
||||||
hijacked bool // connection has been hijacked by hander TODO(mg)
|
hijacked bool // connection has been hijacked by hander TODO(mg)
|
||||||
|
tsigSecret map[string]string // the tsig secrets
|
||||||
}
|
}
|
||||||
|
|
||||||
type response struct {
|
type response struct {
|
||||||
conn *conn
|
conn *conn
|
||||||
req *Msg
|
req *Msg
|
||||||
|
tsigStatus int
|
||||||
}
|
}
|
||||||
|
|
||||||
// ServeMux is an DNS request multiplexer. It matches the
|
// ServeMux is an DNS request multiplexer. It matches the
|
||||||
@ -74,7 +76,7 @@ func (f HandlerFunc) ServeDNS(w ResponseWriter, r *Msg) {
|
|||||||
f(w, r)
|
f(w, r)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Helper handler that returns an answer with
|
// Refused is a helper handler that returns an answer with
|
||||||
// RCODE = refused for every request.
|
// RCODE = refused for every request.
|
||||||
func Refused(w ResponseWriter, r *Msg) {
|
func Refused(w ResponseWriter, r *Msg) {
|
||||||
m := new(Msg)
|
m := new(Msg)
|
||||||
@ -101,7 +103,6 @@ func ListenAndServeTsig(addr string, network string, handler Handler, tsig map[s
|
|||||||
return server.ListenAndServe()
|
return server.ListenAndServe()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
func (mux *ServeMux) match(zone string) Handler {
|
func (mux *ServeMux) match(zone string) Handler {
|
||||||
var h Handler
|
var h Handler
|
||||||
var n = 0
|
var n = 0
|
||||||
@ -190,7 +191,7 @@ func (srv *Server) ListenAndServe() error {
|
|||||||
}
|
}
|
||||||
return srv.ServeUDP(l)
|
return srv.ServeUDP(l)
|
||||||
}
|
}
|
||||||
return nil // os.Error with wrong network
|
return &Error{Err: "bad network"}
|
||||||
}
|
}
|
||||||
|
|
||||||
// ServeTCP starts a TCP listener for the server.
|
// ServeTCP starts a TCP listener for the server.
|
||||||
@ -237,7 +238,7 @@ forever:
|
|||||||
i += j
|
i += j
|
||||||
}
|
}
|
||||||
n = i
|
n = i
|
||||||
d, err := newConn(rw, nil, rw.RemoteAddr(), m, handler)
|
d, err := newConn(rw, nil, rw.RemoteAddr(), m, handler, srv.TsigSecret)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
@ -272,7 +273,7 @@ func (srv *Server) ServeUDP(l *net.UDPConn) error {
|
|||||||
if srv.WriteTimeout != 0 {
|
if srv.WriteTimeout != 0 {
|
||||||
l.SetWriteDeadline(time.Now().Add(srv.WriteTimeout))
|
l.SetWriteDeadline(time.Now().Add(srv.WriteTimeout))
|
||||||
}
|
}
|
||||||
d, err := newConn(nil, l, a, m, handler)
|
d, err := newConn(nil, l, a, m, handler, srv.TsigSecret)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
@ -281,13 +282,14 @@ func (srv *Server) ServeUDP(l *net.UDPConn) error {
|
|||||||
panic("not reached")
|
panic("not reached")
|
||||||
}
|
}
|
||||||
|
|
||||||
func newConn(t *net.TCPConn, u *net.UDPConn, a net.Addr, buf []byte, handler Handler) (*conn, error) {
|
func newConn(t *net.TCPConn, u *net.UDPConn, a net.Addr, buf []byte, handler Handler, tsig map[string]string) (*conn, error) {
|
||||||
c := new(conn)
|
c := new(conn)
|
||||||
c.handler = handler
|
c.handler = handler
|
||||||
c._TCP = t
|
c._TCP = t
|
||||||
c._UDP = u
|
c._UDP = u
|
||||||
c.remoteAddr = a
|
c.remoteAddr = a
|
||||||
c.request = buf
|
c.request = buf
|
||||||
|
c.tsigSecret = tsig
|
||||||
return c, nil
|
return c, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -318,8 +320,10 @@ func (c *conn) serve() {
|
|||||||
w.Write(buf)
|
w.Write(buf)
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
|
// Check the tsig here TODO
|
||||||
w.req = req
|
w.req = req
|
||||||
c.handler.ServeDNS(w, w.req) // this does the writing back to the client
|
c.handler.ServeDNS(w, w.req) // this does the writing back to the client
|
||||||
|
w.tsigStatus = TsigNone
|
||||||
if c.hijacked {
|
if c.hijacked {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
@ -372,5 +376,5 @@ func (w *response) RemoteAddr() net.Addr { return w.conn.remoteAddr }
|
|||||||
|
|
||||||
// TsigStatus implements the ResponseWriter.TsigStatus method
|
// TsigStatus implements the ResponseWriter.TsigStatus method
|
||||||
func (w *response) TsigStatus() int {
|
func (w *response) TsigStatus() int {
|
||||||
return TsigNone
|
return w.tsigStatus
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user