mirror of
https://github.com/miekg/dns.git
synced 2025-10-18 05:11:01 +02:00
TSIG works!
This commit is contained in:
Miek Gieben
parent
3867e7d7d8
commit
b56344d41d
@ -262,7 +262,6 @@ func (res *Resolver) AxfrTSIG(q *Msg, m chan Xfr, secret string) {
|
|||||||
reqmac = q.Extra[len(q.Extra)-1].(*RR_TSIG).MAC
|
reqmac = q.Extra[len(q.Extra)-1].(*RR_TSIG).MAC
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
println("REQMAC", reqmac)
|
|
||||||
|
|
||||||
Server:
|
Server:
|
||||||
for i := 0; i < len(res.Servers); i++ {
|
for i := 0; i < len(res.Servers); i++ {
|
||||||
@ -276,12 +275,6 @@ Server:
|
|||||||
for {
|
for {
|
||||||
if first {
|
if first {
|
||||||
inb, err = exchangeTCP(c, sending, res, true)
|
inb, err = exchangeTCP(c, sending, res, true)
|
||||||
stripTSIG(inb)
|
|
||||||
/*
|
|
||||||
pt2 := new(Msg)
|
|
||||||
pt2.Unpack(t2)
|
|
||||||
//println("P", pt2.String())
|
|
||||||
*/
|
|
||||||
in.Unpack(inb)
|
in.Unpack(inb)
|
||||||
} else {
|
} else {
|
||||||
inb, err = exchangeTCP(c, sending, res, false)
|
inb, err = exchangeTCP(c, sending, res, false)
|
||||||
|
|||||||
26
tsig.go
26
tsig.go
@ -91,8 +91,14 @@ func (t *RR_TSIG) Generate(m *Msg, secret string) bool {
|
|||||||
}
|
}
|
||||||
t.OrigId = m.MsgHdr.Id
|
t.OrigId = m.MsgHdr.Id
|
||||||
|
|
||||||
msg, _ := m.Pack()
|
msg, ok := m.Pack()
|
||||||
buf, ok := tsigToBuf(t, msg, "")
|
if !ok {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
buf, ok1 := tsigToBuf(t, msg, "")
|
||||||
|
if !ok1 {
|
||||||
|
return false
|
||||||
|
}
|
||||||
h := hmac.NewMD5([]byte(rawsecret))
|
h := hmac.NewMD5([]byte(rawsecret))
|
||||||
io.WriteString(h, string(buf))
|
io.WriteString(h, string(buf))
|
||||||
|
|
||||||
@ -130,15 +136,13 @@ func (t *RR_TSIG) Verify(msg []byte, secret, reqmac string) bool {
|
|||||||
|
|
||||||
h := hmac.NewMD5([]byte(rawsecret))
|
h := hmac.NewMD5([]byte(rawsecret))
|
||||||
io.WriteString(h, string(buf))
|
io.WriteString(h, string(buf))
|
||||||
println("t.MAC", strings.ToUpper(t.MAC))
|
return strings.ToUpper(hex.EncodeToString(h.Sum())) == strings.ToUpper(t.MAC)
|
||||||
println("our MAC", strings.ToUpper(hex.EncodeToString(h.Sum())))
|
|
||||||
println("req mac", reqmac)
|
|
||||||
return strings.ToUpper(hex.EncodeToString(h.Sum())) == strings.ToUpper(reqmac)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Create the buffer which we use for the MAC calculation.
|
||||||
func tsigToBuf(rr *RR_TSIG, msg []byte, reqmac string) ([]byte, bool) {
|
func tsigToBuf(rr *RR_TSIG, msg []byte, reqmac string) ([]byte, bool) {
|
||||||
var (
|
var (
|
||||||
mb []byte
|
macbuf []byte
|
||||||
buf []byte
|
buf []byte
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -146,12 +150,12 @@ func tsigToBuf(rr *RR_TSIG, msg []byte, reqmac string) ([]byte, bool) {
|
|||||||
m := new(macWireFmt)
|
m := new(macWireFmt)
|
||||||
m.MACSize = uint16(len(reqmac) / 2)
|
m.MACSize = uint16(len(reqmac) / 2)
|
||||||
m.MAC = reqmac
|
m.MAC = reqmac
|
||||||
mb = make([]byte, len(reqmac)) // reqmac should be twice as long
|
macbuf = make([]byte, len(reqmac)) // reqmac should be twice as long
|
||||||
n, ok := packStruct(m, mb, 0)
|
n, ok := packStruct(m, macbuf, 0)
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, false
|
return nil, false
|
||||||
}
|
}
|
||||||
mb = mb[:n]
|
macbuf = macbuf[:n]
|
||||||
}
|
}
|
||||||
|
|
||||||
tsigvar := make([]byte, DefaultMsgSize)
|
tsigvar := make([]byte, DefaultMsgSize)
|
||||||
@ -171,7 +175,7 @@ func tsigToBuf(rr *RR_TSIG, msg []byte, reqmac string) ([]byte, bool) {
|
|||||||
}
|
}
|
||||||
tsigvar = tsigvar[:n]
|
tsigvar = tsigvar[:n]
|
||||||
if reqmac != "" {
|
if reqmac != "" {
|
||||||
x := append(mb, msg...)
|
x := append(macbuf, msg...)
|
||||||
buf = append(x, tsigvar...)
|
buf = append(x, tsigvar...)
|
||||||
} else {
|
} else {
|
||||||
buf = append(msg, tsigvar...)
|
buf = append(msg, tsigvar...)
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user