Release 0.3.3

This commit is contained in:
Erik Ekman 2006-11-05 11:52:20 +00:00
parent 39d5049c44
commit 2b6054a939
7 changed files with 52 additions and 11 deletions

View File

@ -7,6 +7,11 @@ iodine - IP over DNS is now easy
CHANGES: CHANGES:
2006-11-06: 0.3.3
- Fixed possible buffer overflow
(Found by poplix)
- Reworked dns hostname encoding
2006-09-11: 0.3.2 2006-09-11: 0.3.2
- Support for NetBSD - Support for NetBSD
- Fixed potential security problems - Fixed potential security problems

3
README
View File

@ -67,7 +67,7 @@ If you have problems, try inspecting the traffic with network monitoring tools
and make sure that the relaying DNS server has not cached the response. A and make sure that the relaying DNS server has not cached the response. A
cached error message could mean that you started the client before the server. cached error message could mean that you started the client before the server.
The upstream data is sent gzipped encoded in hexadecimal. DNS protocol allows The upstream data is sent gzipped encoded with Base32. DNS protocol allows
one query per packet, and one query can be max 256 chars. Each domain name part one query per packet, and one query can be max 256 chars. Each domain name part
can be max 63 chars. So your domain name and subdomain should be as short as can be max 63 chars. So your domain name and subdomain should be as short as
possible to allow maximum throughput. possible to allow maximum throughput.
@ -91,6 +91,7 @@ iodine has atomic number 53, which happens to be the DNS port number.
THANKS: THANKS:
- To kuxien for FreeBSD and OS X testing - To kuxien for FreeBSD and OS X testing
- To poplix for code audit
AUTHORS & LICENSE: AUTHORS & LICENSE:

22
dns.c
View File

@ -43,7 +43,6 @@
#endif #endif
static int host2dns(const char *, char *, int);
static int dns_write(int, int, char *, int, char); static int dns_write(int, int, char *, int, char);
static void dns_query(int, int, char *, int); static void dns_query(int, int, char *, int);
@ -207,7 +206,7 @@ dns_query(int fd, int id, char *host, int type)
header->arcount = htons(1); header->arcount = htons(1);
p = buf + sizeof(HEADER); p = buf + sizeof(HEADER);
p += host2dns(host, p, strlen(host)); p += dns_encode_hostname(host, p, strlen(host));
putshort(&p, type); putshort(&p, type);
putshort(&p, C_IN); putshort(&p, C_IN);
@ -320,11 +319,12 @@ dns_parse_reply(char *outbuf, int buflen, char *packet, int packetlen)
readshort(packet, &data, &class); readshort(packet, &data, &class);
readlong(packet, &data, &ttl); readlong(packet, &data, &ttl);
readshort(packet, &data, &rlen); readshort(packet, &data, &rlen);
readdata(packet, &data, rdata, rlen); rv = MIN(rlen, sizeof(rdata));
readdata(packet, &data, rdata, rv);
} }
if(type == T_NULL && rlen > 2) { if(type == T_NULL && rv > 2) {
rv = MIN(rlen, sizeof(rdata)); rv = MIN(rv, buflen);
memcpy(outbuf, rdata, rv); memcpy(outbuf, rdata, rv);
} }
} }
@ -332,19 +332,25 @@ dns_parse_reply(char *outbuf, int buflen, char *packet, int packetlen)
return rv; return rv;
} }
static int int
host2dns(const char *host, char *buffer, int size) dns_encode_hostname(const char *host, char *buffer, int size)
{ {
char *h; char *h;
char *p; char *p;
char *word; char *word;
int left;
h = strdup(host); h = strdup(host);
memset(buffer, 0, size); memset(buffer, 0, size);
p = buffer; p = buffer;
left = size;
word = strtok(h, "."); word = strtok(h, ".");
while(word) { while(word) {
if (strlen(word) > 63 || strlen(word) > left) {
return -1;
}
left -= (strlen(word) + 1);
*p++ = (char)strlen(word); *p++ = (char)strlen(word);
memcpy(p, word, strlen(word)); memcpy(p, word, strlen(word));
p += strlen(word); p += strlen(word);
@ -387,7 +393,7 @@ dnsd_send(int fd, struct query *q, char *data, int datalen)
p = buf + sizeof(HEADER); p = buf + sizeof(HEADER);
name = 0xc000 | ((p - buf) & 0x3fff); name = 0xc000 | ((p - buf) & 0x3fff);
p += host2dns(q->name, p, strlen(q->name)); p += dns_encode_hostname(q->name, p, strlen(q->name));
putshort(&p, q->type); putshort(&p, q->type);
putshort(&p, C_IN); putshort(&p, C_IN);

1
dns.h
View File

@ -26,6 +26,7 @@ void dns_handle_tun(int, char *, int);
void dns_ping(int); void dns_ping(int);
void dns_handshake(int); void dns_handshake(int);
int dns_read(int, char *, int); int dns_read(int, char *, int);
int dns_encode_hostname(const char *, char *, int);
extern struct sockaddr_in peer; extern struct sockaddr_in peer;

View File

@ -190,7 +190,7 @@ help() {
static void static void
version() { version() {
printf("iodine IP over DNS tunneling client\n"); printf("iodine IP over DNS tunneling client\n");
printf("version: 0.3.2 from 2006-09-11\n"); printf("version: 0.3.3 from 2006-11-05\n");
exit(0); exit(0);
} }

View File

@ -196,7 +196,7 @@ help() {
static void static void
version() { version() {
printf("iodine IP over DNS tunneling server\n"); printf("iodine IP over DNS tunneling server\n");
printf("version: 0.3.2 from 2006-09-11\n"); printf("version: 0.3.3 from 2006-11-05\n");
exit(0); exit(0);
} }

28
test.c
View File

@ -162,6 +162,33 @@ test_readname()
printf("OK\n"); printf("OK\n");
} }
static void
test_encode_hostname() {
char buf[256];
int len;
int ret;
len = 256;
printf(" * Testing hostname encoding... ");
memset(buf, 0, 256);
ret = dns_encode_hostname( // More than 63 chars between dots
"ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ"
, buf, len);
assert(ret == -1);
memset(buf, 0, 256);
ret = dns_encode_hostname( // More chars than fits into array
"ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ."
"ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ."
"ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ABCDEFGHIJKLMNOPQRSTUVWXYZ."
, buf, len);
assert(ret == -1);
assert(strlen(buf) < len);
printf("OK\n");
}
int int
main() main()
{ {
@ -170,6 +197,7 @@ main()
test_readputshort(); test_readputshort();
test_readputlong(); test_readputlong();
test_readname(); test_readname();
test_encode_hostname();
printf("** All went well :)\n"); printf("** All went well :)\n");
return 0; return 0;