Release 0.3.3
This commit is contained in:
parent
39d5049c44
commit
2b6054a939
|
@ -7,6 +7,11 @@ iodine - IP over DNS is now easy
|
||||||
|
|
||||||
CHANGES:
|
CHANGES:
|
||||||
|
|
||||||
|
2006-11-06: 0.3.3
|
||||||
|
- Fixed possible buffer overflow
|
||||||
|
(Found by poplix)
|
||||||
|
- Reworked dns hostname encoding
|
||||||
|
|
||||||
2006-09-11: 0.3.2
|
2006-09-11: 0.3.2
|
||||||
- Support for NetBSD
|
- Support for NetBSD
|
||||||
- Fixed potential security problems
|
- Fixed potential security problems
|
||||||
|
|
3
README
3
README
|
@ -67,7 +67,7 @@ If you have problems, try inspecting the traffic with network monitoring tools
|
||||||
and make sure that the relaying DNS server has not cached the response. A
|
and make sure that the relaying DNS server has not cached the response. A
|
||||||
cached error message could mean that you started the client before the server.
|
cached error message could mean that you started the client before the server.
|
||||||
|
|
||||||
The upstream data is sent gzipped encoded in hexadecimal. DNS protocol allows
|
The upstream data is sent gzipped encoded with Base32. DNS protocol allows
|
||||||
one query per packet, and one query can be max 256 chars. Each domain name part
|
one query per packet, and one query can be max 256 chars. Each domain name part
|
||||||
can be max 63 chars. So your domain name and subdomain should be as short as
|
can be max 63 chars. So your domain name and subdomain should be as short as
|
||||||
possible to allow maximum throughput.
|
possible to allow maximum throughput.
|
||||||
|
@ -91,6 +91,7 @@ iodine has atomic number 53, which happens to be the DNS port number.
|
||||||
THANKS:
|
THANKS:
|
||||||
|
|
||||||
- To kuxien for FreeBSD and OS X testing
|
- To kuxien for FreeBSD and OS X testing
|
||||||
|
- To poplix for code audit
|
||||||
|
|
||||||
|
|
||||||
AUTHORS & LICENSE:
|
AUTHORS & LICENSE:
|
||||||
|
|
22
dns.c
22
dns.c
|
@ -43,7 +43,6 @@
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
||||||
static int host2dns(const char *, char *, int);
|
|
||||||
static int dns_write(int, int, char *, int, char);
|
static int dns_write(int, int, char *, int, char);
|
||||||
static void dns_query(int, int, char *, int);
|
static void dns_query(int, int, char *, int);
|
||||||
|
|
||||||
|
@ -207,7 +206,7 @@ dns_query(int fd, int id, char *host, int type)
|
||||||
header->arcount = htons(1);
|
header->arcount = htons(1);
|
||||||
|
|
||||||
p = buf + sizeof(HEADER);
|
p = buf + sizeof(HEADER);
|
||||||
p += host2dns(host, p, strlen(host));
|
p += dns_encode_hostname(host, p, strlen(host));
|
||||||
|
|
||||||
putshort(&p, type);
|
putshort(&p, type);
|
||||||
putshort(&p, C_IN);
|
putshort(&p, C_IN);
|
||||||
|
@ -320,11 +319,12 @@ dns_parse_reply(char *outbuf, int buflen, char *packet, int packetlen)
|
||||||
readshort(packet, &data, &class);
|
readshort(packet, &data, &class);
|
||||||
readlong(packet, &data, &ttl);
|
readlong(packet, &data, &ttl);
|
||||||
readshort(packet, &data, &rlen);
|
readshort(packet, &data, &rlen);
|
||||||
readdata(packet, &data, rdata, rlen);
|
rv = MIN(rlen, sizeof(rdata));
|
||||||
|
readdata(packet, &data, rdata, rv);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(type == T_NULL && rlen > 2) {
|
if(type == T_NULL && rv > 2) {
|
||||||
rv = MIN(rlen, sizeof(rdata));
|
rv = MIN(rv, buflen);
|
||||||
memcpy(outbuf, rdata, rv);
|
memcpy(outbuf, rdata, rv);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -332,19 +332,25 @@ dns_parse_reply(char *outbuf, int buflen, char *packet, int packetlen)
|
||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
int
|
||||||
host2dns(const char *host, char *buffer, int size)
|
dns_encode_hostname(const char *host, char *buffer, int size)
|
||||||
{
|
{
|
||||||
char *h;
|
char *h;
|
||||||
char *p;
|
char *p;
|
||||||
char *word;
|
char *word;
|
||||||
|
int left;
|
||||||
|
|
||||||
h = strdup(host);
|
h = strdup(host);
|
||||||
memset(buffer, 0, size);
|
memset(buffer, 0, size);
|
||||||
p = buffer;
|
p = buffer;
|
||||||
|
left = size;
|
||||||
|
|
||||||
word = strtok(h, ".");
|
word = strtok(h, ".");
|
||||||
while(word) {
|
while(word) {
|
||||||
|
if (strlen(word) > 63 || strlen(word) > left) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
left -= (strlen(word) + 1);
|
||||||
*p++ = (char)strlen(word);
|
*p++ = (char)strlen(word);
|
||||||
memcpy(p, word, strlen(word));
|
memcpy(p, word, strlen(word));
|
||||||
p += strlen(word);
|
p += strlen(word);
|
||||||
|
@ -387,7 +393,7 @@ dnsd_send(int fd, struct query *q, char *data, int datalen)
|
||||||
p = buf + sizeof(HEADER);
|
p = buf + sizeof(HEADER);
|
||||||
|
|
||||||
name = 0xc000 | ((p - buf) & 0x3fff);
|
name = 0xc000 | ((p - buf) & 0x3fff);
|
||||||
p += host2dns(q->name, p, strlen(q->name));
|
p += dns_encode_hostname(q->name, p, strlen(q->name));
|
||||||
putshort(&p, q->type);
|
putshort(&p, q->type);
|
||||||
putshort(&p, C_IN);
|
putshort(&p, C_IN);
|
||||||
|
|
||||||
|
|
1
dns.h
1
dns.h
|
@ -26,6 +26,7 @@ void dns_handle_tun(int, char *, int);
|
||||||
void dns_ping(int);
|
void dns_ping(int);
|
||||||
void dns_handshake(int);
|
void dns_handshake(int);
|
||||||
int dns_read(int, char *, int);
|
int dns_read(int, char *, int);
|
||||||
|
int dns_encode_hostname(const char *, char *, int);
|
||||||
|
|
||||||
extern struct sockaddr_in peer;
|
extern struct sockaddr_in peer;
|
||||||
|
|
||||||
|
|
2
iodine.c
2
iodine.c
|
@ -190,7 +190,7 @@ help() {
|
||||||
static void
|
static void
|
||||||
version() {
|
version() {
|
||||||
printf("iodine IP over DNS tunneling client\n");
|
printf("iodine IP over DNS tunneling client\n");
|
||||||
printf("version: 0.3.2 from 2006-09-11\n");
|
printf("version: 0.3.3 from 2006-11-05\n");
|
||||||
exit(0);
|
exit(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -196,7 +196,7 @@ help() {
|
||||||
static void
|
static void
|
||||||
version() {
|
version() {
|
||||||
printf("iodine IP over DNS tunneling server\n");
|
printf("iodine IP over DNS tunneling server\n");
|
||||||
printf("version: 0.3.2 from 2006-09-11\n");
|
printf("version: 0.3.3 from 2006-11-05\n");
|
||||||
exit(0);
|
exit(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
28
test.c
28
test.c
|
@ -162,6 +162,33 @@ test_readname()
|
||||||
printf("OK\n");
|
printf("OK\n");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
test_encode_hostname() {
|
||||||
|
char buf[256];
|
||||||
|
int len;
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
len = 256;
|
||||||
|
printf(" * Testing hostname encoding... ");
|
||||||
|
|
||||||
|
memset(buf, 0, 256);
|
||||||
|
ret = dns_encode_hostname( // More than 63 chars between dots
|
||||||
|
"ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ"
|
||||||
|
, buf, len);
|
||||||
|
assert(ret == -1);
|
||||||
|
|
||||||
|
memset(buf, 0, 256);
|
||||||
|
ret = dns_encode_hostname( // More chars than fits into array
|
||||||
|
"ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ."
|
||||||
|
"ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ."
|
||||||
|
"ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ."
|
||||||
|
, buf, len);
|
||||||
|
assert(ret == -1);
|
||||||
|
assert(strlen(buf) < len);
|
||||||
|
|
||||||
|
printf("OK\n");
|
||||||
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
main()
|
main()
|
||||||
{
|
{
|
||||||
|
@ -170,6 +197,7 @@ main()
|
||||||
test_readputshort();
|
test_readputshort();
|
||||||
test_readputlong();
|
test_readputlong();
|
||||||
test_readname();
|
test_readname();
|
||||||
|
test_encode_hostname();
|
||||||
|
|
||||||
printf("** All went well :)\n");
|
printf("** All went well :)\n");
|
||||||
return 0;
|
return 0;
|
||||||
|
|
Loading…
Reference in New Issue