Release 0.3.3
This commit is contained in:
parent
39d5049c44
commit
2b6054a939
|
@ -7,6 +7,11 @@ iodine - IP over DNS is now easy
|
|||
|
||||
CHANGES:
|
||||
|
||||
2006-11-06: 0.3.3
|
||||
- Fixed possible buffer overflow
|
||||
(Found by poplix)
|
||||
- Reworked dns hostname encoding
|
||||
|
||||
2006-09-11: 0.3.2
|
||||
- Support for NetBSD
|
||||
- Fixed potential security problems
|
||||
|
|
3
README
3
README
|
@ -67,7 +67,7 @@ If you have problems, try inspecting the traffic with network monitoring tools
|
|||
and make sure that the relaying DNS server has not cached the response. A
|
||||
cached error message could mean that you started the client before the server.
|
||||
|
||||
The upstream data is sent gzipped encoded in hexadecimal. DNS protocol allows
|
||||
The upstream data is sent gzipped encoded with Base32. DNS protocol allows
|
||||
one query per packet, and one query can be max 256 chars. Each domain name part
|
||||
can be max 63 chars. So your domain name and subdomain should be as short as
|
||||
possible to allow maximum throughput.
|
||||
|
@ -91,6 +91,7 @@ iodine has atomic number 53, which happens to be the DNS port number.
|
|||
THANKS:
|
||||
|
||||
- To kuxien for FreeBSD and OS X testing
|
||||
- To poplix for code audit
|
||||
|
||||
|
||||
AUTHORS & LICENSE:
|
||||
|
|
22
dns.c
22
dns.c
|
@ -43,7 +43,6 @@
|
|||
#endif
|
||||
|
||||
|
||||
static int host2dns(const char *, char *, int);
|
||||
static int dns_write(int, int, char *, int, char);
|
||||
static void dns_query(int, int, char *, int);
|
||||
|
||||
|
@ -207,7 +206,7 @@ dns_query(int fd, int id, char *host, int type)
|
|||
header->arcount = htons(1);
|
||||
|
||||
p = buf + sizeof(HEADER);
|
||||
p += host2dns(host, p, strlen(host));
|
||||
p += dns_encode_hostname(host, p, strlen(host));
|
||||
|
||||
putshort(&p, type);
|
||||
putshort(&p, C_IN);
|
||||
|
@ -320,11 +319,12 @@ dns_parse_reply(char *outbuf, int buflen, char *packet, int packetlen)
|
|||
readshort(packet, &data, &class);
|
||||
readlong(packet, &data, &ttl);
|
||||
readshort(packet, &data, &rlen);
|
||||
readdata(packet, &data, rdata, rlen);
|
||||
rv = MIN(rlen, sizeof(rdata));
|
||||
readdata(packet, &data, rdata, rv);
|
||||
}
|
||||
|
||||
if(type == T_NULL && rlen > 2) {
|
||||
rv = MIN(rlen, sizeof(rdata));
|
||||
if(type == T_NULL && rv > 2) {
|
||||
rv = MIN(rv, buflen);
|
||||
memcpy(outbuf, rdata, rv);
|
||||
}
|
||||
}
|
||||
|
@ -332,19 +332,25 @@ dns_parse_reply(char *outbuf, int buflen, char *packet, int packetlen)
|
|||
return rv;
|
||||
}
|
||||
|
||||
static int
|
||||
host2dns(const char *host, char *buffer, int size)
|
||||
int
|
||||
dns_encode_hostname(const char *host, char *buffer, int size)
|
||||
{
|
||||
char *h;
|
||||
char *p;
|
||||
char *word;
|
||||
int left;
|
||||
|
||||
h = strdup(host);
|
||||
memset(buffer, 0, size);
|
||||
p = buffer;
|
||||
left = size;
|
||||
|
||||
word = strtok(h, ".");
|
||||
while(word) {
|
||||
if (strlen(word) > 63 || strlen(word) > left) {
|
||||
return -1;
|
||||
}
|
||||
left -= (strlen(word) + 1);
|
||||
*p++ = (char)strlen(word);
|
||||
memcpy(p, word, strlen(word));
|
||||
p += strlen(word);
|
||||
|
@ -387,7 +393,7 @@ dnsd_send(int fd, struct query *q, char *data, int datalen)
|
|||
p = buf + sizeof(HEADER);
|
||||
|
||||
name = 0xc000 | ((p - buf) & 0x3fff);
|
||||
p += host2dns(q->name, p, strlen(q->name));
|
||||
p += dns_encode_hostname(q->name, p, strlen(q->name));
|
||||
putshort(&p, q->type);
|
||||
putshort(&p, C_IN);
|
||||
|
||||
|
|
1
dns.h
1
dns.h
|
@ -26,6 +26,7 @@ void dns_handle_tun(int, char *, int);
|
|||
void dns_ping(int);
|
||||
void dns_handshake(int);
|
||||
int dns_read(int, char *, int);
|
||||
int dns_encode_hostname(const char *, char *, int);
|
||||
|
||||
extern struct sockaddr_in peer;
|
||||
|
||||
|
|
2
iodine.c
2
iodine.c
|
@ -190,7 +190,7 @@ help() {
|
|||
static void
|
||||
version() {
|
||||
printf("iodine IP over DNS tunneling client\n");
|
||||
printf("version: 0.3.2 from 2006-09-11\n");
|
||||
printf("version: 0.3.3 from 2006-11-05\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
|
|
|
@ -196,7 +196,7 @@ help() {
|
|||
static void
|
||||
version() {
|
||||
printf("iodine IP over DNS tunneling server\n");
|
||||
printf("version: 0.3.2 from 2006-09-11\n");
|
||||
printf("version: 0.3.3 from 2006-11-05\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
|
|
28
test.c
28
test.c
|
@ -162,6 +162,33 @@ test_readname()
|
|||
printf("OK\n");
|
||||
}
|
||||
|
||||
static void
|
||||
test_encode_hostname() {
|
||||
char buf[256];
|
||||
int len;
|
||||
int ret;
|
||||
|
||||
len = 256;
|
||||
printf(" * Testing hostname encoding... ");
|
||||
|
||||
memset(buf, 0, 256);
|
||||
ret = dns_encode_hostname( // More than 63 chars between dots
|
||||
"ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ"
|
||||
, buf, len);
|
||||
assert(ret == -1);
|
||||
|
||||
memset(buf, 0, 256);
|
||||
ret = dns_encode_hostname( // More chars than fits into array
|
||||
"ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ."
|
||||
"ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ."
|
||||
"ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ."
|
||||
, buf, len);
|
||||
assert(ret == -1);
|
||||
assert(strlen(buf) < len);
|
||||
|
||||
printf("OK\n");
|
||||
}
|
||||
|
||||
int
|
||||
main()
|
||||
{
|
||||
|
@ -170,6 +197,7 @@ main()
|
|||
test_readputshort();
|
||||
test_readputlong();
|
||||
test_readname();
|
||||
test_encode_hostname();
|
||||
|
||||
printf("** All went well :)\n");
|
||||
return 0;
|
||||
|
|
Loading…
Reference in New Issue