From: bert hubert Date: Wed, 9 Dec 2015 12:57:39 +0000 (+0100) Subject: implement fixupCase(true) or fixupCase(false) so you can make your 0x20 violating... X-Git-Tag: dnsdist-1.0.0-alpha1~87 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b29edbeed90662e27e804977d804ad2de251af98;p=pdns implement fixupCase(true) or fixupCase(false) so you can make your 0x20 violating code work on today's internet. Enjoy. --- diff --git a/pdns/dnsdist-lua.cc b/pdns/dnsdist-lua.cc index f50beee1e..62a45fd8d 100644 --- a/pdns/dnsdist-lua.cc +++ b/pdns/dnsdist-lua.cc @@ -273,6 +273,7 @@ vector> setupLua(bool client, const std::string& confi }); g_lua.writeFunction("truncateTC", [](bool tc) { g_truncateTC=tc; }); + g_lua.writeFunction("fixupCase", [](bool fu) { g_fixupCase=fu; }); g_lua.registerMember("name", &ServerPolicy::name); g_lua.registerMember("policy", &ServerPolicy::policy); diff --git a/pdns/dnsdist-tcp.cc b/pdns/dnsdist-tcp.cc index 3b77395aa..77e63045b 100644 --- a/pdns/dnsdist-tcp.cc +++ b/pdns/dnsdist-tcp.cc @@ -366,6 +366,11 @@ void* tcpClientThread(int pipefd) } } + if(g_fixupCase) { + string realname = qname.toDNSString(); + memcpy(response+12, realname.c_str(), realname.length()); + } + if (putNonBlockingMsgLen(ci.fd, responseLen, ds->tcpSendTimeout)) writen2WithTimeout(ci.fd, response, responseLen, ds->tcpSendTimeout); diff --git a/pdns/dnsdist.cc b/pdns/dnsdist.cc index 3695b54c4..d8080c237 100644 --- a/pdns/dnsdist.cc +++ b/pdns/dnsdist.cc @@ -109,6 +109,7 @@ int g_tcpRecvTimeout{2}; int g_tcpSendTimeout{2}; bool g_truncateTC{1}; +bool g_fixupCase{0}; static void truncateTC(const char* packet, unsigned int* len) try { @@ -171,10 +172,14 @@ void* responderThread(std::shared_ptr state) else --state->outstanding; // you'd think an attacker could game this, but we're using connected socket + if(g_fixupCase) { + string realname = ids->qname.toDNSString(); + memcpy(packet+12, realname.c_str(), realname.length()); + } + if(dh->tc && g_truncateTC) { truncateTC(packet, (unsigned int*)&len); } - uint16_t * flags = getFlagsFromDNSHeader(dh); uint16_t origFlags = ids->origFlags; /* clear the flags we are about to restore */ diff --git a/pdns/dnsdist.hh b/pdns/dnsdist.hh index 444dc910b..115361f7c 100644 --- a/pdns/dnsdist.hh +++ b/pdns/dnsdist.hh @@ -398,6 +398,7 @@ extern std::vector> g_locals; // not changed at ru extern vector g_frontends; extern std::string g_key; // in theory needs locking extern bool g_truncateTC; +extern bool g_fixupCase; extern int g_tcpRecvTimeout; extern int g_tcpSendTimeout; extern uint16_t g_maxOutstanding;