Dnia piątek, 19 listopada 2004 17:28, Marc Krochmal napisał:
> Hi Jakub,
>
> Sorry for not responding to your earlier patch. Things are pretty
> hectic right now at Apple with Mac OS X Tiger development, so everyone
> is really busy. We haven't had time to evaluate your patch yet, but
> we'll definitely consider it.
>
> > 2) it doesn't read list of zones and keys for DynDNS updates. This
> > seems easy
> > to fix by just copying (with minor fixes) relevant functions from
> > MacOSX
> > daemon.
>
> Yep, as you've noticed, all our work around Wide-Area Rendezvous is
> focused on Mac OS X right now, but we fully intend to add support to
> Posix and Windows in the near future.
I see. But you seem to have overlooked nasty buffer overflow in your haste.
See function GetConfigOption from mDNSMacOSX.c: it assumes that destination
buffer is at least 1024-len(optionname) bytes long and buffers declared in
ReadDDNSSettingsFromConfFile are shorter. Simple test case: put very long
zone parameter (1200 bytes was enough) - mdnsd will corrupt memory and crash.
You can probably execute arbitrary code this way.
Another problem: registering service via dns-sd -R name _type._tcp test. 90
results in "Format Error" from bind 9.2.4. It doesn't like TXT record with
0-sized data in update request.
>
> > 3) how you can set default browsing domains? on MacOSX it is read from
> > system
> > configuration. In Posix daemon it probably should be read from config
> > file.
>
> There's a few ways to discover the default browsing domains, one of
> which is using DHCP, and from there, using DNS, or they can be read out
> of a config file. All of these methods will be supported by Posix and
> Windows soon.
>
> > 4) IDN problems again. You cannot just send UTF-8 encoded domain names
> > to DNS
> > server. It has to be encoded according to RFC 3490.
>
> Yep, this is on our list of things to consider. No decision yet.
>
> > I would be grateful for information if and how are you going to fix
> > these
> > issues.
>
> We're going to fix them, however, they take a back seat to the core
> functionally and to the Mac OS X platform support.
>
> > Or if enhancing Posix daemon is not a priority will you accept
> > patches for it?
>
> Definitely. We're very open to taking patches. Please feel free to
> submit patches to the list, and we'll consider each one. I don't think
> we've denied a patch yet.
That's good to know. Attached patch adds possbility to set uDNS host name,
secret and public ip (this is temporary - i just don't know good method to
retrieve address of interface with default route). This is just slightly
modified code from MacOSX daemon with fixed buffer overflow in
GetConfigOption.
Loading list of default browsing and publishing domain is still not done.
> Best Regards,
>
> -Marc
diff -urd mDNSResponder-mod/mDNSPosix/PosixDaemon.c mDNSResponder-modmod/mDNSPosix/PosixDaemon.c
--- mDNSResponder-mod/mDNSPosix/PosixDaemon.c 2004-11-20 14:51:47.000000000 +0100
+++ mDNSResponder-modmod/mDNSPosix/PosixDaemon.c 2004-11-20 14:47:21.000000000 +0100
@@ -106,6 +106,11 @@
static void Reconfigure( mDNS *m);
static mStatus MainLoop( mDNS *m);
+static domainname DynDNSZone; // Default wide-area zone for service registration
+static domainname DynDNSHostname;
+
+#define CONFIG_FILE "/etc/mdnsd.conf"
+
#define uDNS_SERVERS_FILE "/etc/dns-sd.resolv.conf"
#define RR_CACHE_SIZE 500
static CacheRecord gRRCache[RR_CACHE_SIZE];
@@ -156,6 +161,15 @@
return err;
}
+mDNSlocal void SCPrefsDynDNSCallback(mDNS *const m, AuthRecord *const rr, mStatus result)
+ {
+ (void)m; // unused
+
+
+ debugf("SCPrefsDynDNSCallback: result %d for registration of name %##s", result, rr->resrec.name.c);
+// SetDDNSNameStatus(&rr->resrec.name, result);
+ }
+
#ifdef NOT_HAVE_DAEMON
static int Daemon_Init( int nochdir, int noclose )
@@ -265,11 +279,88 @@
return (numOfServers > 0) ? 0 : -1;
}
+mDNSlocal mDNSBool GetConfigOption(char *dst, int dstlen, const char *option, FILE *f)
+ {
+ char buf[1024];
+ int len;
+
+ fseek(f, 0, SEEK_SET); // set position to beginning of stream
+ while (fgets(buf, 1024, f))
+ {
+ len = strlen(option);
+ if (!strncmp(buf, option, len))
+ {
+ strncpy(dst, buf + len + 1,dstlen-1);
+ dst[dstlen-1] = '\0'; // just to be safe
+ len = strlen(dst);
+ if ( len && dst[len-1] == '\n') dst[len-1] = '\0'; // chop newline
+ return mDNStrue;
+ }
+ }
+ debugf("Option %s not set", option);
+ return mDNSfalse;
+ }
+
+mDNSlocal void ReadDDNSSettingsFromConfFile(mDNS *const m)
+ {
+ char zone[MAX_ESCAPED_DOMAIN_NAME], fqdn[MAX_ESCAPED_DOMAIN_NAME];
+ char secret[1024], primary[15];
+ mDNSAddr DynDNSIP;
+ int slen;
+ mStatus err;
+ FILE *f = NULL;
+
+ secret[0] = 0;
+ DynDNSZone.c[0] = 0;
+ DynDNSHostname.c[0] = 0;
+ DynDNSIP = zeroAddr;
+ DynDNSIP.type=mDNSAddrType_IPv4;
+ mDNS_SetPrimaryInterfaceInfo(m, &DynDNSIP, NULL);
+
+ f = fopen(CONFIG_FILE, "r");
+ if (f)
+ {
+ if (GetConfigOption(fqdn,MAX_ESCAPED_DOMAIN_NAME, "hostname", f) && !MakeDomainNameFromDNSNameString(&DynDNSHostname, fqdn)) goto badf;
+ if (GetConfigOption(primary, 15, "publicip", f) && !inet_aton(primary, &DynDNSIP.ip.v4)) goto badf;
+ if (GetConfigOption(zone,MAX_ESCAPED_DOMAIN_NAME,"zone", f) && !MakeDomainNameFromDNSNameString(&DynDNSZone, zone)) goto badf;
+ GetConfigOption(secret,1024,"secret-64", f); // failure means no authentication
+ fclose(f);
+ f = NULL;
+ }
+ else
+ {
+ if (errno != ENOENT) LogMsg("ERROR: Config file exists, but cannot be opened.");
+ return;
+ }
+
+ if (secret[0])
+ {
+ // for now we assume keyname = service reg domain and we use same key for service and hostname registration
+ slen = strlen(secret);
+ err = mDNS_SetSecretForZone(m, &DynDNSZone, &DynDNSZone, secret, slen, mDNStrue);
+ if (err) LogMsg("ERROR: mDNS_SetSecretForZone returned %d for domain %##s", err, DynDNSZone.c);
+ }
+
+ // Note - set secret *before* passing hostname/zone to core
+// if (DynDNSZone.c[0]) AddDefRegDomain(&DynDNSZone); //set default (empty-string) service registration domain
+ if (DynDNSHostname.c[0]) mDNS_AddDynDNSHostName(m, &DynDNSHostname, SCPrefsDynDNSCallback, NULL);
+ if (!mDNSAddressIsZero(&DynDNSIP)) mDNS_SetPrimaryInterfaceInfo(m, &DynDNSIP, NULL);
+
+ return;
+
+ badf:
+ LogMsg("ERROR: malformatted config file");
+ if (f) fclose(f);
+ }
+
+
+
static void Reconfigure( mDNS *m)
{
mDNS_DeregisterDNSList(m);
if (ParseDNSServers( m, uDNS_SERVERS_FILE) < 0)
LogMsg("Unable to parse DNS server list. Unicast DNS-SD unavailable");
+ ReadDDNSSettingsFromConfFile(m);
}
static void DumpStateLog(mDNS *const m)
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Rendezvous-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/rendezvous-dev/email@hidden
This email sent to email@hidden
