mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-22 10:10:06 +00:00
Code Issues Releases Wiki Activity

TLS: isc__nm_senddns() support

Browse Source 
This commit adds support for isc_nm_senddns() to the generic TLS code.
This commit is contained in:
Artem Boldariev 2022-12-07 14:18:33 +02:00
parent ad876a65af
commit cb6f3dc3c8
3 changed files with 64 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/isc/netmgr/netmgr-int.h
View File

@ -1444,6 +1444,14 @@ isc__nm_tls_send(isc_nmhandle_t *handle, const isc_region_t *region,
* Back-end implementation of isc_nm_send() for TLSDNS handles.
*/
void
isc__nm_tls_senddns(isc_nmhandle_t *handle, const isc_region_t *region,
isc_nm_cb_t cb, void *cbarg);
/*%<
* The same as 'isc__nm_tls_send()', but with data length sent
* ahead of data (two bytes (16 bit) in big-endian format).
*/
void
isc__nm_tls_read(isc_nmhandle_t *handle, isc_nm_recv_cb_t cb, void *cbarg);
/*%<

3
lib/isc/netmgr/netmgr.c
View File

@ -1882,6 +1882,9 @@ isc__nm_senddns(isc_nmhandle_t *handle, isc_region_t *region, isc_nm_cb_t cb,
case isc_nm_tcpsocket:
isc__nm_tcp_senddns(handle, region, cb, cbarg);
break;
case isc_nm_tlssocket:
isc__nm_tls_senddns(handle, region, cb, cbarg);
break;
default:
UNREACHABLE();
}

52
lib/isc/netmgr/tlsstream.c
View File

@ -542,10 +542,41 @@ tls_do_bio(isc_nmsocket_t *sock, isc_region_t *received_data,
bool sent_shutdown =
((SSL_get_shutdown(sock->tlsstream.tls) &
SSL_SENT_SHUTDOWN) != 0);
bool write_failed = false;
if (*(uint16_t *)send_data->tcplen != 0) {
/*
* There is a DNS message length to write - do
* it.
*/
rv = SSL_write_ex(
sock->tlsstream.tls, send_data->tcplen,
sizeof(send_data->tcplen), &len);
if (rv != 1 || len != sizeof(send_data->tcplen))
{
write_failed = true;
} else {
/* Write data */
rv = SSL_write_ex(sock->tlsstream.tls,
send_data->uvbuf.base,
send_data->uvbuf.len,
&len);
if (rv != 1 ||
len != send_data->uvbuf.len)
{
write_failed = true;
}
}
} else {
/* Write data only */
rv = SSL_write_ex(sock->tlsstream.tls,
send_data->uvbuf.base,
send_data->uvbuf.len, &len);
if (rv != 1 || len != send_data->uvbuf.len) {
write_failed = true;
}
}
if (write_failed) {
result = received_shutdown || sent_shutdown
? ISC_R_CANCELED
: ISC_R_TLSERROR;
@ -931,9 +962,9 @@ done:
return;
}
void
isc__nm_tls_send(isc_nmhandle_t *handle, const isc_region_t *region,
isc_nm_cb_t cb, void *cbarg) {
static void
tls_send(isc_nmhandle_t *handle, const isc_region_t *region, isc_nm_cb_t cb,
void *cbarg, const bool dnsmsg) {
isc__netievent_tlssend_t *ievent = NULL;
isc__nm_uvreq_t *uvreq = NULL;
isc_nmsocket_t *sock = NULL;
@ -951,6 +982,9 @@ isc__nm_tls_send(isc_nmhandle_t *handle, const isc_region_t *region,
uvreq->cbarg = cbarg;
uvreq->uvbuf.base = (char *)region->base;
uvreq->uvbuf.len = region->length;
if (dnsmsg) {
*(uint16_t *)uvreq->tcplen = htons(region->length);
}
/*
* We need to create an event and pass it using async channel
@ -959,6 +993,18 @@ isc__nm_tls_send(isc_nmhandle_t *handle, const isc_region_t *region,
isc__nm_enqueue_ievent(sock->worker, (isc__netievent_t *)ievent);
}
void
isc__nm_tls_send(isc_nmhandle_t *handle, const isc_region_t *region,
isc_nm_cb_t cb, void *cbarg) {
tls_send(handle, region, cb, cbarg, false);
}
void
isc__nm_tls_senddns(isc_nmhandle_t *handle, const isc_region_t *region,
isc_nm_cb_t cb, void *cbarg) {
tls_send(handle, region, cb, cbarg, true);
}
void
isc__nm_tls_read(isc_nmhandle_t *handle, isc_nm_recv_cb_t cb, void *cbarg) {
isc_nmsocket_t *sock = NULL;