Skip to content

Commit

Permalink
Ensure name in SRV record is expanded, per RFC3597.
Browse files Browse the repository at this point in the history 
Very much a just in case, as name compression in SRV is no longer permitted. But play it safe. #12.

While there, add some tests checking expansion in MX and SRV.
  • Loading branch information
Jim Hague committed Jan 31, 2018
1 parent c093071 commit 0aa1d5e
Show file tree
Hide file tree
Showing 2 changed files with 111 additions and 2 deletions.
14 changes: 13 additions & 1 deletion src/capturedns.cpp
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2016-2017 Internet Corporation for Assigned Names and Numbers.
* Copyright 2016-2018 Internet Corporation for Assigned Names and Numbers.
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
Expand Down Expand Up @@ -249,6 +249,18 @@ byte_string CaptureDNS::expand_rr_data(uint16_t query_type, uint16_t offset, uin
res.append(buf + offset, 20);
break;

case SRV:
// RDATA is 2 bytes priority, 2 bytes weight, 2 bytes port and name.
// Name compression is forbidden by RFC2782, but was permitted by
// its predecessor RFC2052, so just in case...
if ( len < 8 )
throw Tins::malformed_packet();
res = byte_string(buf + offset, 6);
name = namebuf;
offset = read_dname_offset(offset + 6, buf, buflen, name, namebuf + sizeof(namebuf));
res.append(namebuf, name - namebuf);
break;

default:
res = byte_string(buf + offset, len);
break;
Expand Down
99 changes: 98 additions & 1 deletion tests/capturedns_test.cpp
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2016-2017 Internet Corporation for Assigned Names and Numbers.
* Copyright 2016-2018 Internet Corporation for Assigned Names and Numbers.
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
Expand Down Expand Up @@ -166,3 +166,100 @@ SCENARIO("Serialising DNS packets", "[dnspacket]")
}
}
}

SCENARIO("DNS messages with compressed labels in RRs", "[dnspacket]")
{
GIVEN("A sample MX message")
{
std::vector<uint8_t> MX
{ 0x2c,0x0a,0x81,0x80,0x00,0x01,0x00,0x01,
0x00,0x05,0x00,0x03,0x05,0x6c,0x75,0x6e,
0x63,0x68,0x03,0x6f,0x72,0x67,0x02,0x75,
0x6b,0x00,0x00,0x0f,0x00,0x01,0xc0,0x0c,
0x00,0x0f,0x00,0x01,0x00,0x00,0x0e,0x08,
0x00,0x09,0x00,0x00,0x04,0x6d,0x61,0x69,
0x6c,0xc0,0x0c,0xc0,0x0c,0x00,0x02,0x00,
0x01,0x00,0x01,0x4d,0x7b,0x00,0x10,0x04,
0x64,0x6e,0x73,0x31,0x05,0x6d,0x74,0x67,
0x73,0x79,0x02,0x63,0x6f,0xc0,0x16,0xc0,
0x0c,0x00,0x02,0x00,0x01,0x00,0x01,0x4d,
0x7b,0x00,0x07,0x04,0x64,0x6e,0x73,0x32,
0xc0,0x44,0xc0,0x0c,0x00,0x02,0x00,0x01,
0x00,0x01,0x4d,0x7b,0x00,0x10,0x04,0x64,
0x6e,0x73,0x34,0x05,0x6d,0x74,0x67,0x73,
0x79,0x03,0x63,0x6f,0x6d,0x00,0xc0,0x0c,
0x00,0x02,0x00,0x01,0x00,0x01,0x4d,0x7b,
0x00,0x07,0x04,0x64,0x6e,0x73,0x30,0xc0,
0x44,0xc0,0x0c,0x00,0x02,0x00,0x01,0x00,
0x01,0x4d,0x7b,0x00,0x07,0x04,0x64,0x6e,
0x73,0x33,0xc0,0x73,0xc0,0x2c,0x00,0x01,
0x00,0x01,0x00,0x00,0x0a,0x0b,0x00,0x04,
0xd5,0x8a,0x65,0x89,0xc0,0x2c,0x00,0x1c,
0x00,0x01,0x00,0x00,0x0e,0x08,0x00,0x10,
0x20,0x01,0x41,0xc8,0x00,0x51,0x01,0x89,
0xfe,0xff,0x00,0xff,0xfe,0x00,0x0b,0x1c,
0x00,0x00,0x29,0x10,0x00,0x00,0x00,0x00,
0x00,0x00,0x00
};
CaptureDNS msg(MX.data(), MX.size());

THEN("Domain in answer is expanded")
{
REQUIRE(msg.answers_count() == 1);
REQUIRE(msg.answers().front().query_type() == CaptureDNS::MX);
byte_string data = msg.answers().front().data();
REQUIRE(data.size() == 21);
byte_string label = data.substr(2);
REQUIRE(CaptureDNS::decode_domain_name(label) == "mail.lunch.org.uk");
}
}

GIVEN("A sample SRV message")
{
std::vector<uint8_t> SRV
{ 0xcc,0xdc,0x81,0x80,0x00,0x01,0x00,0x01,
0x00,0x05,0x00,0x03,0x05,0x5f,0x69,0x6d,
0x61,0x70,0x04,0x5f,0x74,0x63,0x70,0x05,
0x6c,0x75,0x6e,0x63,0x68,0x03,0x6f,0x72,
0x67,0x02,0x75,0x6b,0x00,0x00,0x21,0x00,
0x01,0xc0,0x0c,0x00,0x21,0x00,0x01,0x00,
0x00,0x0d,0xfd,0x00,0x19,0x00,0x00,0x00,
0x01,0x00,0x8f,0x04,0x6d,0x61,0x69,0x6c,
0x05,0x6c,0x75,0x6e,0x63,0x68,0x03,0x6f,
0x72,0x67,0x02,0x75,0x6b,0x00,0xc0,0x17,
0x00,0x02,0x00,0x01,0x00,0x01,0x47,0xbf,
0x00,0x10,0x04,0x64,0x6e,0x73,0x30,0x05,
0x6d,0x74,0x67,0x73,0x79,0x02,0x63,0x6f,
0xc0,0x21,0xc0,0x17,0x00,0x02,0x00,0x01,
0x00,0x01,0x47,0xbf,0x00,0x10,0x04,0x64,
0x6e,0x73,0x34,0x05,0x6d,0x74,0x67,0x73,
0x79,0x03,0x63,0x6f,0x6d,0x00,0xc0,0x17,
0x00,0x02,0x00,0x01,0x00,0x01,0x47,0xbf,
0x00,0x07,0x04,0x64,0x6e,0x73,0x31,0xc0,
0x5f,0xc0,0x17,0x00,0x02,0x00,0x01,0x00,
0x01,0x47,0xbf,0x00,0x07,0x04,0x64,0x6e,
0x73,0x32,0xc0,0x5f,0xc0,0x17,0x00,0x02,
0x00,0x01,0x00,0x01,0x47,0xbf,0x00,0x07,
0x04,0x64,0x6e,0x73,0x33,0xc0,0x7b,0x04,
0x6d,0x61,0x69,0x6c,0xc0,0x17,0x00,0x01,
0x00,0x01,0x00,0x00,0x04,0x4f,0x00,0x04,
0xd5,0x8a,0x65,0x89,0xc0,0xbf,0x00,0x1c,
0x00,0x01,0x00,0x00,0x08,0x4c,0x00,0x10,
0x20,0x01,0x41,0xc8,0x00,0x51,0x01,0x89,
0xfe,0xff,0x00,0xff,0xfe,0x00,0x0b,0x1c,
0x00,0x00,0x29,0x10,0x00,0x00,0x00,0x00,
0x00,0x00,0x00
};
CaptureDNS msg(SRV.data(), SRV.size());

THEN("Domain in answer is expanded")
{
REQUIRE(msg.answers_count() == 1);
REQUIRE(msg.answers().front().query_type() == CaptureDNS::SRV);
byte_string data = msg.answers().front().data();
REQUIRE(data.size() == 25);
byte_string label = data.substr(6);
REQUIRE(CaptureDNS::decode_domain_name(label) == "mail.lunch.org.uk");
}
}
}

0 comments on commit 0aa1d5e

Please sign in to comment.