From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE autolearn=ham
	autolearn_force=no version=3.4.4
Received: (qmail 3838 invoked from network); 18 Dec 2020 12:34:07 -0000
Received: from ewsd.inri.net (107.191.116.128)
  by inbox.vuxu.org with ESMTPUTF8; 18 Dec 2020 12:34:07 -0000
Received: from mail-ej1-f46.google.com ([209.85.218.46]) by ewsd; Fri Dec 18 07:26:28 -0500 2020
Received: by mail-ej1-f46.google.com with SMTP id w1so2905665ejf.11
        for <9front@9front.org>; Fri, 18 Dec 2020 04:25:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to;
        bh=Cw0NPOWeISIP4nATeKQg1+yepOlFtxfPpqtj4irNgM4=;
        b=VdLqXwHSyyCfL0lTPzlcNjaQDU2Je4n46/aEqkBSCWBQ1RCYVQ+vcJEsLfI6QNCkXw
         odVScjjwv4BACHWDCYl6JBSWIGYp2qd9j987jv08B55i2stcDbkYj95uPK8KSgRQo7uA
         v160QG/XHQ+fFCGzgb7JtK9jz+DxCT8hnKVA/OWoLbfI/3GbC754qVBTt+7x5zTdYFgO
         sVSRKkzJOt3ICM3KezSPE2dSCaQevbNhcyLJGGG8zN2evpl7JDI+h//FcG7rIQZdE6FW
         BEQUSgspHxmFKXrs37ygOpC0WGtizThHY9Ur6RqvM+X7Pxc+gz6JmB/8KKP9SdZyR/2u
         37tA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to;
        bh=Cw0NPOWeISIP4nATeKQg1+yepOlFtxfPpqtj4irNgM4=;
        b=FkU/97olDEIASHGBcXAR71dmIu4LUIXJYUiiWn5yMZKAHnxwAk238c5ed3TjsDpzqj
         vJk+YLG0BhnxaxfRZBT5gijkUPIh0IWfRt0AO7XPTY4W56TWkBQBSwXknb/+b6RFqX2O
         SK/wGm6qZvE3cWKskrM1z9f0boVR0tk6BcW38Fxgw2rfdcmyIVRcKXOIYG5P32gwGup+
         fQtgbee3KttzURoWbDf5P9T4MQk4BTpv0kTqdV3QLPu+IM+uKLatVtXzUFCHjq/93CJu
         iAx39Yl8z1RoBmflRen4/2K4OMxDGmRFELE5rHWyBrW+P0Aw/xZNyUCrFbDSN3tM2YQ6
         ECxg==
X-Gm-Message-State: AOAM532hYlmh098bZObxOk1qiHC6HgRFrJPJjzAwFfbO/3Mutx3E18x8
	qttuj/Mn+XhRGCCBsVFVY6zA26RIo35U7qv+cQ++8bcpbpI=
X-Google-Smtp-Source: ABdhPJzT4FjOMA2ODrXwxsPODE6imuivjouKOQo+6olfrenuLYCdZcK7W+xNnV0ZpTF0XTZG+oNy+dBRnGmX37w4x+Y=
X-Received: by 2002:a17:906:4d52:: with SMTP id b18mr3587277ejv.405.1608294345237;
 Fri, 18 Dec 2020 04:25:45 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a17:906:6848:0:0:0:0 with HTTP; Fri, 18 Dec 2020 04:25:44
 -0800 (PST)
In-Reply-To: <9df1d568-ff75-8e46-6b0f-98323786a8e1@mail.posixcafe.org>
References: <9df1d568-ff75-8e46-6b0f-98323786a8e1@mail.posixcafe.org>
From: hiro <23hiro@gmail.com>
Date: Fri, 18 Dec 2020 13:25:44 +0100
Message-ID: <CAFSF3XP2kyoYd2vXEUB-q5p6jOOK=Y74NzRSRhZYGjumHXdbDg@mail.gmail.com>
To: 9front@9front.org
Content-Type: text/plain; charset="UTF-8"
List-ID: <9front.9front.org>
List-Help: <http://lists.9front.org>
X-Glyph: ➈
X-Bullshit: just-in-time enhancement 
Subject: Re: [9front] [Patch] ndb/dns: DNSKEY and OPT RR types
Reply-To: 9front@9front.org
Precedence: bulk

i haven't read the rfc very closely but why would you have a separate
smaller maxudpin with a factor of 1/2 ?

why not just one line maxudp = 4096 ?


On 12/18/20, Jacob Moody <moody@mail.posixcafe.org> wrote:
> Hello,
>
>
>
> I recently ran in to some issues with pointing an unbound server towards a
> 9front dns server as its upstream.
> The parsing seemed to fail when ndb/dns received a DNSKEY RR from it's own
> upstream source on behalf of unbound.
> This patch catches and stores the DNSKEY from the upstream server to prevent
> this.
>
>
>
> While working on this I upped the max UDP size the server is willing to
> accept from clients,
> as well as the ability to broadcast this new size via EDNS through the OPT
> RR type when prompted by the client.
> The new size of 4096 is based on the suggestion listed in rfc6891.
>
>
> Thanks,
> moody
>
> diff -r 33920ebb68d1 sys/src/cmd/ndb/convDNS2M.c
> --- a/sys/src/cmd/ndb/convDNS2M.c	Thu Dec 17 21:02:11 2020 +0100
> +++ b/sys/src/cmd/ndb/convDNS2M.c	Thu Dec 17 17:48:13 2020 -0600
> @@ -268,6 +268,9 @@
>  		for(t = rp->txt; t != nil; t = t->next)
>  			STRING(t->p);
>  		break;
> +	case Topt:
> +		BYTES(rp->opt->data, rp->opt->dlen);
> +		break;
>  	case Tnull:
>  		BYTES(rp->null->data, rp->null->dlen);
>  		break;
> @@ -275,6 +278,7 @@
>  		NAME(rp->rmb->name);
>  		NAME(rp->rp->name);
>  		break;
> +	case Tdnskey:
>  	case Tkey:
>  		USHORT(rp->key->flags);
>  		UCHAR(rp->key->proto);
> diff -r 33920ebb68d1 sys/src/cmd/ndb/convM2DNS.c
> --- a/sys/src/cmd/ndb/convM2DNS.c	Thu Dec 17 21:02:11 2020 +0100
> +++ b/sys/src/cmd/ndb/convM2DNS.c	Thu Dec 17 17:48:13 2020 -0600
> @@ -441,6 +441,9 @@
>  			l = &t->next;
>  		}
>  		break;
> +	case Topt:
> +		BYTES(rp->opt->data, rp->opt->dlen);
> +		break;
>  	case Tnull:
>  		BYTES(rp->null->data, rp->null->dlen);
>  		break;
> @@ -448,6 +451,7 @@
>  		rp->rmb = dnlookup(NAME(dname), Cin, 1);
>  		rp->rp  = dnlookup(NAME(dname), Cin, 1);
>  		break;
> +	case Tdnskey:
>  	case Tkey:
>  		USHORT(rp->key->flags);
>  		UCHAR(rp->key->proto);
> diff -r 33920ebb68d1 sys/src/cmd/ndb/dn.c
> --- a/sys/src/cmd/ndb/dn.c	Thu Dec 17 21:02:11 2020 +0100
> +++ b/sys/src/cmd/ndb/dn.c	Thu Dec 17 17:48:13 2020 -0600
> @@ -1791,6 +1791,34 @@
>  	return rp;
>  }
>
> +RR*
> +mkopt(void)
> +{
> +	RR *rp;
> +	DN *dp;
> +
> +	rp = rralloc(Topt);
> +
> +	dp = emalloc(sizeof(*dp));
> +	dp->magic = DNmagic;
> +	dp->name = estrdup("");
> +	/* class holds our max UDP size */
> +	dp->class = Maxudp;
> +	dp->rr = nil;
> +	dp->referenced = now;
> +	dp->next = nil;
> +
> +	rp->owner = dp;
> +	/*
> +     * OPT TTL stores RSCODE, VERSION and DNSSEC Flag
> +	 * This signals RSCODE = 0, VERSION = 0, and no DNSSEC
> +     */
> +	rp->ttl = 0;
> +	rp->opt->dlen = 0;
> +	rp->opt->data = nil;
> +	return rp;
> +}
> +
>  void	bytes2nibbles(uchar *nibbles, uchar *bytes, int nbytes);
>
>  /*
> @@ -1951,6 +1979,7 @@
>  		rp->srv = emalloc(sizeof(*rp->srv));
>  		setmalloctag(rp->srv, rp->pc);
>  		break;
> +	case Tdnskey:
>  	case Tkey:
>  		rp->key = emalloc(sizeof(*rp->key));
>  		setmalloctag(rp->key, rp->pc);
> @@ -1963,6 +1992,10 @@
>  		rp->sig = emalloc(sizeof(*rp->sig));
>  		setmalloctag(rp->sig, rp->pc);
>  		break;
> +	case Topt:
> +		rp->opt = emalloc(sizeof(*rp->opt));
> +		setmalloctag(rp->opt, rp->pc);
> +		break;
>  	case Tnull:
>  		rp->null = emalloc(sizeof(*rp->null));
>  		setmalloctag(rp->null, rp->pc);
> @@ -1994,6 +2027,7 @@
>  		memset(rp->srv, 0, sizeof *rp->srv);	/* cause trouble */
>  		free(rp->srv);
>  		break;
> +	case Tdnskey:
>  	case Tkey:
>  		free(rp->key->data);
>  		memset(rp->key, 0, sizeof *rp->key);	/* cause trouble */
> @@ -2009,6 +2043,11 @@
>  		memset(rp->sig, 0, sizeof *rp->sig);	/* cause trouble */
>  		free(rp->sig);
>  		break;
> +	case Topt:
> +		free(rp->opt->data);
> +		memset(rp->opt, 0, sizeof *rp->opt);
> +		free(rp->opt);
> +		break;
>  	case Tnull:
>  		free(rp->null->data);
>  		memset(rp->null, 0, sizeof *rp->null);	/* cause trouble */
> diff -r 33920ebb68d1 sys/src/cmd/ndb/dns.h
> --- a/sys/src/cmd/ndb/dns.h	Thu Dec 17 21:02:11 2020 +0100
> +++ b/sys/src/cmd/ndb/dns.h	Thu Dec 17 17:48:13 2020 -0600
> @@ -135,7 +135,7 @@
>  	Reserved=	5*Min,
>
>  	/* packet sizes */
> -	Maxudp=		512,	/* maximum bytes per udp message sent */
> +	Maxudp=		4096,	/* maximum bytes per udp message sent */
>  	Maxudpin=	2048,	/* maximum bytes per udp message rcv'd */
>
>  	/* length of domain name hash table */
> @@ -171,6 +171,7 @@
>  typedef struct Sig	Sig;
>  typedef struct Srv	Srv;
>  typedef struct Txt	Txt;
> +typedef struct Opt	Opt;
>
>  /*
>   *  a structure to track a request and any slave process handling it
> @@ -236,6 +237,10 @@
>  {
>  	Block;
>  };
> +struct Opt
> +{
> +	Block;
> +};
>
>  /*
>   *  text strings
> @@ -292,6 +297,7 @@
>  		Sig	*sig;
>  		Null	*null;
>  		Txt	*txt;
> +		Opt	*opt;
>  	};
>  };
>
> @@ -485,6 +491,7 @@
>  int	tsame(int, int);
>  void	unique(RR*);
>  void	warning(char*, ...);
> +RR*	mkopt(void);
>
>  /* dnarea.c */
>  void	refresh_areas(Area*);
> diff -r 33920ebb68d1 sys/src/cmd/ndb/dnudpserver.c
> --- a/sys/src/cmd/ndb/dnudpserver.c	Thu Dec 17 21:02:11 2020 +0100
> +++ b/sys/src/cmd/ndb/dnudpserver.c	Thu Dec 17 17:48:13 2020 -0600
> @@ -9,6 +9,7 @@
>
>  static int	udpannounce(char*);
>  static void	reply(int, uchar*, DNSmsg*, Request*);
> +static void addopt(DNSmsg*, DNSmsg*);
>
>  typedef struct Inprogress Inprogress;
>  struct Inprogress
> @@ -258,6 +259,7 @@
>  				dnnotify(&reqmsg, &repmsg, &req);
>  				break;
>  			}
> +			addopt(&reqmsg, &repmsg);
>  			/* send reply on fd to address in buf's udp hdr */
>  			reply(fd, buf, &repmsg, &req);
>  			freeanswers(&repmsg);
> @@ -334,3 +336,18 @@
>  	if(write(fd, buf, len) != len)
>  		dnslog("error sending reply: %r");
>  }
> +
> +static void
> +addopt(DNSmsg *reqmsg, DNSmsg *repmsg)
> +{
> +	RR *qr, *rr;
> +
> +	for(qr = reqmsg->ar; qr != nil; qr = qr->next)
> +		if(qr->type == Topt){
> +			for(rr = repmsg->ar; rr->next != nil; rr = rr->next)
> +				;
> +			rr->next = mkopt();
> +			repmsg->arcount++;
> +			break;
> +		}
> +}
>