| /* vi: set sw=4 ts=4: */ |
| |
| /* RFC1035 domain compression routines (C) 2007 Gabriel Somlo <somlo at cmu.edu> |
| * |
| * Loosely based on the isc-dhcpd implementation by dhankins@isc.org |
| * |
| * Licensed under GPLv2 or later, see file LICENSE in this tarball for details. |
| */ |
| |
| #if ENABLE_FEATURE_UDHCP_RFC3397 |
| |
| #include "common.h" |
| #include "options.h" |
| |
| #define NS_MAXDNAME 1025 /* max domain name length */ |
| #define NS_MAXCDNAME 255 /* max compressed domain name length */ |
| #define NS_MAXLABEL 63 /* max label length */ |
| #define NS_MAXDNSRCH 6 /* max domains in search path */ |
| #define NS_CMPRSFLGS 0xc0 /* name compression pointer flag */ |
| |
| |
| /* expand a RFC1035-compressed list of domain names "cstr", of length "clen"; |
| * returns a newly allocated string containing the space-separated domains, |
| * prefixed with the contents of string pre, or NULL if an error occurs. |
| */ |
| char* FAST_FUNC dname_dec(const uint8_t *cstr, int clen, const char *pre) |
| { |
| char *ret = ret; /* for compiler */ |
| char *dst = NULL; |
| |
| /* We make two passes over the cstr string. First, we compute |
| * how long the resulting string would be. Then we allocate a |
| * new buffer of the required length, and fill it in with the |
| * expanded content. The advantage of this approach is not |
| * having to deal with requiring callers to supply their own |
| * buffer, then having to check if it's sufficiently large, etc. |
| */ |
| while (1) { |
| /* note: "return NULL" below are leak-safe since |
| * dst isn't yet allocated */ |
| const uint8_t *c; |
| unsigned crtpos, retpos, depth, len; |
| |
| crtpos = retpos = depth = len = 0; |
| while (crtpos < clen) { |
| c = cstr + crtpos; |
| |
| if (*c & NS_CMPRSFLGS) { |
| /* pointer */ |
| if (crtpos + 2 > clen) /* no offset to jump to? abort */ |
| return NULL; |
| if (retpos == 0) /* toplevel? save return spot */ |
| retpos = crtpos + 2; |
| depth++; |
| crtpos = ((c[0] & 0x3f) << 8) | (c[1] & 0xff); /* jump */ |
| } else if (*c) { |
| /* label */ |
| if (crtpos + *c + 1 > clen) /* label too long? abort */ |
| return NULL; |
| if (dst) |
| memcpy(dst + len, c + 1, *c); |
| len += *c + 1; |
| crtpos += *c + 1; |
| if (dst) |
| dst[len - 1] = '.'; |
| } else { |
| /* null: end of current domain name */ |
| if (retpos == 0) { |
| /* toplevel? keep going */ |
| crtpos++; |
| } else { |
| /* return to toplevel saved spot */ |
| crtpos = retpos; |
| retpos = depth = 0; |
| } |
| if (dst) |
| dst[len - 1] = ' '; |
| } |
| |
| if (depth > NS_MAXDNSRCH /* too many jumps? abort, it's a loop */ |
| || len > NS_MAXDNAME * NS_MAXDNSRCH /* result too long? abort */ |
| ) { |
| return NULL; |
| } |
| } |
| |
| if (!len) /* expanded string has 0 length? abort */ |
| return NULL; |
| |
| if (!dst) { /* first pass? */ |
| /* allocate dst buffer and copy pre */ |
| unsigned plen = strlen(pre); |
| ret = dst = xmalloc(plen + len); |
| memcpy(dst, pre, plen); |
| dst += plen; |
| } else { |
| dst[len - 1] = '\0'; |
| break; |
| } |
| } |
| |
| return ret; |
| } |
| |
| /* Convert a domain name (src) from human-readable "foo.blah.com" format into |
| * RFC1035 encoding "\003foo\004blah\003com\000". Return allocated string, or |
| * NULL if an error occurs. |
| */ |
| static uint8_t *convert_dname(const char *src) |
| { |
| uint8_t c, *res, *lp, *rp; |
| int len; |
| |
| res = xmalloc(strlen(src) + 2); |
| rp = lp = res; |
| rp++; |
| |
| for (;;) { |
| c = (uint8_t)*src++; |
| if (c == '.' || c == '\0') { /* end of label */ |
| len = rp - lp - 1; |
| /* label too long, too short, or two '.'s in a row? abort */ |
| if (len > NS_MAXLABEL || len == 0 || (c == '.' && *src == '.')) { |
| free(res); |
| return NULL; |
| } |
| *lp = len; |
| lp = rp++; |
| if (c == '\0' || *src == '\0') /* end of dname */ |
| break; |
| } else { |
| if (c >= 0x41 && c <= 0x5A) /* uppercase? convert to lower */ |
| c += 0x20; |
| *rp++ = c; |
| } |
| } |
| |
| *lp = 0; |
| if (rp - res > NS_MAXCDNAME) { /* dname too long? abort */ |
| free(res); |
| return NULL; |
| } |
| return res; |
| } |
| |
| /* returns the offset within cstr at which dname can be found, or -1 |
| */ |
| static int find_offset(const uint8_t *cstr, int clen, const uint8_t *dname) |
| { |
| const uint8_t *c, *d; |
| int off, inc; |
| |
| /* find all labels in cstr */ |
| off = 0; |
| while (off < clen) { |
| c = cstr + off; |
| |
| if ((*c & NS_CMPRSFLGS) != 0) { /* pointer, skip */ |
| off += 2; |
| } else if (*c) { /* label, try matching dname */ |
| inc = *c + 1; |
| d = dname; |
| while (*c == *d && memcmp(c + 1, d + 1, *c) == 0) { |
| if (*c == 0) /* match, return offset */ |
| return off; |
| d += *c + 1; |
| c += *c + 1; |
| if ((*c & NS_CMPRSFLGS) != 0) /* pointer, jump */ |
| c = cstr + (((*c & 0x3f) << 8) | (*(c + 1) & 0xff)); |
| } |
| off += inc; |
| } else { /* null, skip */ |
| off++; |
| } |
| } |
| |
| return -1; |
| } |
| |
| /* computes string to be appended to cstr so that src would be added to |
| * the compression (best case, it's a 2-byte pointer to some offset within |
| * cstr; worst case, it's all of src, converted to rfc3011 format). |
| * The computed string is returned directly; its length is returned via retlen; |
| * NULL and 0, respectively, are returned if an error occurs. |
| */ |
| uint8_t* FAST_FUNC dname_enc(const uint8_t *cstr, int clen, const char *src, int *retlen) |
| { |
| uint8_t *d, *dname; |
| int off; |
| |
| dname = convert_dname(src); |
| if (dname == NULL) { |
| *retlen = 0; |
| return NULL; |
| } |
| |
| for (d = dname; *d != 0; d += *d + 1) { |
| off = find_offset(cstr, clen, d); |
| if (off >= 0) { /* found a match, add pointer and terminate string */ |
| *d++ = NS_CMPRSFLGS; |
| *d = off; |
| break; |
| } |
| } |
| |
| *retlen = d - dname + 1; |
| return dname; |
| } |
| |
| #endif /* ENABLE_FEATURE_UDHCP_RFC3397 */ |