+++ /dev/null
-/*
- This file is part of GNUnet
- (C) 2012 Christian Grothoff (and other contributing authors)
-
- GNUnet is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published
- by the Free Software Foundation; either version 2, or (at your
- option) any later version.
-
- GNUnet is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with GNUnet; see the file COPYING. If not, write to the
- Free Software Foundation, Inc., 59 Temple Place - Suite 330,
- Boston, MA 02111-1307, USA.
- */
-
-/**
- * @file gns/gns_records.h
- * @brief Resource Record definitions
- * @author Martin Schanzenbach
- */
-#ifndef GNS_RECORDS_H
-#define GNS_RECORDS_H
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Payload of DNS SOA record (header).
- */
-struct soa_data
-{
- /**
- * The version number of the original copy of the zone. (NBO)
- */
- uint32_t serial GNUNET_PACKED;
-
- /**
- * Time interval before the zone should be refreshed. (NBO)
- */
- uint32_t refresh GNUNET_PACKED;
-
- /**
- * Time interval that should elapse before a failed refresh should
- * be retried. (NBO)
- */
- uint32_t retry GNUNET_PACKED;
-
- /**
- * Time value that specifies the upper limit on the time interval
- * that can elapse before the zone is no longer authoritative. (NBO)
- */
- uint32_t expire GNUNET_PACKED;
-
- /**
- * The bit minimum TTL field that should be exported with any RR
- * from this zone. (NBO)
- */
- uint32_t minimum GNUNET_PACKED;
-};
-
-
-/**
- * Payload of DNS SRV record (header).
- */
-struct srv_data
-{
-
- /**
- * Preference for this entry (lower value is higher preference). Clients
- * will contact hosts from the lowest-priority group first and fall back
- * to higher priorities if the low-priority entries are unavailable. (NBO)
- */
- uint16_t prio GNUNET_PACKED;
-
- /**
- * Relative weight for records with the same priority. Clients will use
- * the hosts of the same (lowest) priority with a probability proportional
- * to the weight given. (NBO)
- */
- uint16_t weight GNUNET_PACKED;
-
- /**
- * TCP or UDP port of the service. (NBO)
- */
- uint16_t port GNUNET_PACKED;
-
- /* followed by 'target' name */
-};
-
-
-/**
- * Payload of DNSSEC TLSA record.
- * http://datatracker.ietf.org/doc/draft-ietf-dane-protocol/
- */
-struct tlsa_data
-{
-
- /**
- * Certificate usage
- * 0: CA cert
- * 1: Entity cert
- * 2: Trust anchor
- * 3: domain-issued cert
- */
- uint8_t usage;
-
- /**
- * Selector
- * What part will be matched against the cert
- * presented by server
- * 0: Full cert (in binary)
- * 1: Full cert (in DER)
- */
- uint8_t selector;
-
- /**
- * Matching type (of selected content)
- * 0: exact match
- * 1: SHA-256 hash
- * 2: SHA-512 hash
- */
- uint8_t matching_type;
-
- /**
- * followed by certificate association data
- * The "certificate association data" to be matched.
- * These bytes are either raw data (that is, the full certificate or
- * its SubjectPublicKeyInfo, depending on the selector) for matching
- * type 0, or the hash of the raw data for matching types 1 and 2.
- * The data refers to the certificate in the association, not to the
- * TLS ASN.1 Certificate object.
- *
- * The data is represented as a string of hex chars
- */
-};
-
-/**
- * Payload of GNS VPN record
- */
-struct vpn_data
-{
- /**
- * The protocol to use
- */
- uint16_t proto;
-
- /**
- * The peer to contact
- */
- struct GNUNET_HashCode peer;
-
- /* followed by the servicename */
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-#endif
#include "gnunet_dns_service.h"
#include "gnunet_resolver_service.h"
#include "gnunet_dnsparser_lib.h"
-#include "gns_records.h"
+#include "gns_protocol.h"
#include "gnunet_gns_service.h"
#include "block_gns.h"
#include "gns.h"
#include "gnunet_namestore_service.h"
#include "../namestore/namestore.h"
#include "gnunet_dnsparser_lib.h"
-#include "gns_records.h"
+#include "gns_protocol.h"
#include "gnunet_gns_service.h"
/* DEFINES */
--- /dev/null
+/*
+ This file is part of GNUnet
+ (C) 2012 Christian Grothoff (and other contributing authors)
+
+ GNUnet is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 2, or (at your
+ option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNUnet; see the file COPYING. If not, write to the
+ Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+ */
+
+/**
+ * @file gns/gns_records.h
+ * @brief Resource Record definitions
+ * @author Martin Schanzenbach
+ */
+#ifndef GNS_RECORDS_H
+#define GNS_RECORDS_H
+
+GNUNET_NETWORK_STRUCT_BEGIN
+
+/**
+ * Payload of DNS SOA record (header).
+ */
+struct soa_data
+{
+ /**
+ * The version number of the original copy of the zone. (NBO)
+ */
+ uint32_t serial GNUNET_PACKED;
+
+ /**
+ * Time interval before the zone should be refreshed. (NBO)
+ */
+ uint32_t refresh GNUNET_PACKED;
+
+ /**
+ * Time interval that should elapse before a failed refresh should
+ * be retried. (NBO)
+ */
+ uint32_t retry GNUNET_PACKED;
+
+ /**
+ * Time value that specifies the upper limit on the time interval
+ * that can elapse before the zone is no longer authoritative. (NBO)
+ */
+ uint32_t expire GNUNET_PACKED;
+
+ /**
+ * The bit minimum TTL field that should be exported with any RR
+ * from this zone. (NBO)
+ */
+ uint32_t minimum GNUNET_PACKED;
+};
+
+
+/**
+ * Payload of DNS SRV record (header).
+ */
+struct srv_data
+{
+
+ /**
+ * Preference for this entry (lower value is higher preference). Clients
+ * will contact hosts from the lowest-priority group first and fall back
+ * to higher priorities if the low-priority entries are unavailable. (NBO)
+ */
+ uint16_t prio GNUNET_PACKED;
+
+ /**
+ * Relative weight for records with the same priority. Clients will use
+ * the hosts of the same (lowest) priority with a probability proportional
+ * to the weight given. (NBO)
+ */
+ uint16_t weight GNUNET_PACKED;
+
+ /**
+ * TCP or UDP port of the service. (NBO)
+ */
+ uint16_t port GNUNET_PACKED;
+
+ /* followed by 'target' name */
+};
+
+
+/**
+ * Payload of DNSSEC TLSA record.
+ * http://datatracker.ietf.org/doc/draft-ietf-dane-protocol/
+ */
+struct tlsa_data
+{
+
+ /**
+ * Certificate usage
+ * 0: CA cert
+ * 1: Entity cert
+ * 2: Trust anchor
+ * 3: domain-issued cert
+ */
+ uint8_t usage;
+
+ /**
+ * Selector
+ * What part will be matched against the cert
+ * presented by server
+ * 0: Full cert (in binary)
+ * 1: Full cert (in DER)
+ */
+ uint8_t selector;
+
+ /**
+ * Matching type (of selected content)
+ * 0: exact match
+ * 1: SHA-256 hash
+ * 2: SHA-512 hash
+ */
+ uint8_t matching_type;
+
+ /**
+ * followed by certificate association data
+ * The "certificate association data" to be matched.
+ * These bytes are either raw data (that is, the full certificate or
+ * its SubjectPublicKeyInfo, depending on the selector) for matching
+ * type 0, or the hash of the raw data for matching types 1 and 2.
+ * The data refers to the certificate in the association, not to the
+ * TLS ASN.1 Certificate object.
+ *
+ * The data is represented as a string of hex chars
+ */
+};
+
+/**
+ * Payload of GNS VPN record
+ */
+struct vpn_data
+{
+ /**
+ * The protocol to use
+ */
+ uint16_t proto;
+
+ /**
+ * The peer to contact
+ */
+ struct GNUNET_HashCode peer;
+
+ /* followed by the servicename */
+};
+
+GNUNET_NETWORK_STRUCT_END
+
+#endif
#define GNUNET_DNSPARSER_TYPE_TXT 16
#define GNUNET_DNSPARSER_TYPE_AAAA 28
#define GNUNET_DNSPARSER_TYPE_SRV 33
+#define GNUNET_DNSPARSER_TYPE_TLSA 52
/**
* A few common DNS classes (ok, only one is common, but I list a
* @brief API to the GNS service
* @author Martin Schanzenbach
*
- * TODO:
- * - decide what goes into storage API and what into GNS-service API
- * - decide where to pass/expose/check keys / signatures
- * - are GNS private keys per peer or per user?
*/
#include "gnunet_arm_service.h"
#include "gnunet_namestore_service.h"
#include "gnunet_dnsparser_lib.h"
-#include "../dns/dnsparser.h"
+#include "gns_protocol.h"
#include "namestore.h"
const void *data,
size_t data_size)
{
- char tmp[INET6_ADDRSTRLEN];
- struct GNUNET_CRYPTO_ShortHashAsciiEncoded enc;
uint16_t mx_pref;
- char* result;
- char* soa_rname;
- char* soa_mname;
struct soa_data *soa;
-
struct vpn_data *vpn;
+ struct srv_data *srv;
+ struct tlsa_data *tlsa;
+ struct GNUNET_CRYPTO_ShortHashAsciiEncoded enc;
+ struct GNUNET_CRYPTO_HashAsciiEncoded s_peer;
char* vpn_str;
char* srv_str;
- struct GNUNET_CRYPTO_HashAsciiEncoded s_peer;
- struct srv_data *srv;
+ char* tlsa_str;
+ char* result;
+ char* soa_rname;
+ char* soa_mname;
+ char tmp[INET6_ADDRSTRLEN];
switch (type)
{
(char*)&srv[1]))
return NULL;
return srv_str;
+ case GNUNET_DNSPARSER_TYPE_TLSA:
+ tlsa = (struct tlsa_data*)data;
+
+ if (GNUNET_OK != GNUNET_asprintf (&tlsa_str, "%c %c %c %s",
+ tlsa->usage,
+ tlsa->selector,
+ tlsa->matching_type,
+ tlsa[1]))
+ return NULL;
+ return tlsa_str;
default:
GNUNET_break (0);
}
struct in_addr value_a;
struct in6_addr value_aaaa;
struct GNUNET_CRYPTO_ShortHashCode pkey;
- uint16_t mx_pref;
- uint16_t mx_pref_n;
struct soa_data *soa;
+ struct vpn_data *vpn;
+ struct tlsa_data *tlsa;
char result[253];
char soa_rname[63];
char soa_mname[63];
+ char s_peer[104];
+ char s_serv[253];
uint32_t soa_serial;
uint32_t soa_refresh;
uint32_t soa_retry;
uint32_t soa_expire;
uint32_t soa_min;
- char s_peer[104];
- char s_serv[253];
- struct vpn_data* vpn;
+ uint16_t mx_pref;
+ uint16_t mx_pref_n;
uint16_t proto;
int ret;
vpn->proto = htons (proto);
strcpy ((char*)&vpn[1], s_serv);
+ return GNUNET_OK;
+ case GNUNET_DNSPARSER_TYPE_TLSA:
+ tlsa = (struct tlsa_data*)*data;
+ *data_size = sizeof (struct tlsa_data) + strlen (s) - 6;
+ tlsa = GNUNET_malloc (*data_size);
+ ret = SSCANF (s, "%c %c %c %s",
+ &tlsa->usage,
+ &tlsa->selector,
+ &tlsa->matching_type,
+ (char*)&tlsa[1]);
+
+ if (4 != ret)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Unable to parse TLSA record string %s\n", s);
+ *data_size = 0;
+ GNUNET_free (tlsa);
+ return GNUNET_SYSERR;
+ }
+
return GNUNET_OK;
default:
GNUNET_break (0);
projects / oweals / gnunet.git / commitdiff