diff --git a/mio/lib/dns-cli.c b/mio/lib/dns-cli.c index 32c81df..0acd612 100644 --- a/mio/lib/dns-cli.c +++ b/mio/lib/dns-cli.c @@ -725,6 +725,7 @@ mio_svc_dnc_t* mio_svc_dnc_start (mio_t* mio, const mio_skad_t* serv_addr, const mio_svc_dnc_t* dnc = MIO_NULL; mio_dev_sck_make_t mkinfo; dnc_sck_xtn_t* sckxtn; + mio_ntime_t now; dnc = (mio_svc_dnc_t*)mio_callocmem(mio, MIO_SIZEOF(*dnc)); if (MIO_UNLIKELY(!dnc)) goto oops; @@ -769,6 +770,12 @@ mio_svc_dnc_t* mio_svc_dnc_start (mio_t* mio, const mio_skad_t* serv_addr, const if (mio_dev_sck_bind(dnc->udp_sck, &bi) <= -1) goto oops; } + + /* initialize the dns cookie key */ + mio_gettime (mio, &now); + MIO_MEMCPY (&dnc->cookie.key[0], &now.sec, (MIO_SIZEOF(now.sec) < 8? MIO_SIZEOF(now.sec): 8)); + MIO_MEMCPY (&dnc->cookie.key[8], &now.nsec, (MIO_SIZEOF(now.nsec) < 8? MIO_SIZEOF(now.nsec): 8)); + MIO_SVCL_APPEND_SVC (&mio->actsvc, (mio_svc_t*)dnc); MIO_DEBUG1 (mio, "DNC - STARTED SERVICE %p\n", dnc); return dnc; @@ -1019,9 +1026,14 @@ mio_dns_msg_t* mio_svc_dnc_resolve (mio_svc_dnc_t* dnc, const mio_bch_t* qname, if (resolve_flags & MIO_SVC_DNC_RESOLVE_FLAG_COOKIE) { beopt_cookie.code = MIO_DNS_EOPT_COOKIE; + beopt_cookie.dptr = &dnc->cookie.data; + beopt_cookie.dlen = MIO_DNS_COOKIE_CLIENT_LEN; if (dnc->cookie.server_len > 0) beopt_cookie.dlen += dnc->cookie.server_len; - beopt_cookie.dptr = &dnc->cookie.data; + + /* compute the client cookie */ + MIO_STATIC_ASSERT (MIO_SIZEOF(dnc->cookie.data.client) == MIO_DNS_COOKIE_CLIENT_LEN); + mio_sip_hash_24 (dnc->cookie.key, &dnc->serv_addr, MIO_SIZEOF(dnc->serv_addr), dnc->cookie.data.client); qedns.beonum = 1; qedns.beoptr = &beopt_cookie; diff --git a/mio/lib/mio-dns.h b/mio/lib/mio-dns.h index b371889..9fd7757 100644 --- a/mio/lib/mio-dns.h +++ b/mio/lib/mio-dns.h @@ -434,6 +434,7 @@ struct mio_dns_cookie_t mio_dns_cookie_data_t data; mio_uint8_t client_len; mio_uint8_t server_len; + mio_uint8_t key[16]; }; /* ---------------------------------------------------------------- */ diff --git a/mio/lib/mio-utl.h b/mio/lib/mio-utl.h index cf914f8..c3c4fce 100644 --- a/mio/lib/mio-utl.h +++ b/mio/lib/mio-utl.h @@ -974,10 +974,10 @@ static MIO_INLINE mio_uint128_t mio_bswap128 (mio_uint128_t x) * SIP-HASH-PRF * ========================================================================= */ MIO_EXPORT void mio_sip_hash_24 ( - const mio_uint8_t key[16], - mio_uint8_t* dptr, - mio_oow_t dlen, - mio_uint8_t out[8] + const mio_uint8_t key[16], + const void* dptr, + mio_oow_t dlen, + mio_uint8_t out[8] ); #ifdef __cplusplus diff --git a/mio/lib/utl-siph.c b/mio/lib/utl-siph.c index aab877c..76422f5 100644 --- a/mio/lib/utl-siph.c +++ b/mio/lib/utl-siph.c @@ -169,17 +169,17 @@ static const mio_uint8_t sip_init_v_bin[] = XOR64_TO((v0), (m)); \ } while (0) -void mio_sip_hash_24 (const mio_uint8_t key[16], mio_uint8_t *dptr, mio_oow_t dlen, mio_uint8_t out[8]) +void mio_sip_hash_24 (const mio_uint8_t key[16], const void* dptr, mio_oow_t dlen, mio_uint8_t out[8]) { sip_uint64_t k0, k1; sip_uint64_t v0, v1, v2, v3; sip_uint64_t m, b; - mio_oow_t rem; - mio_uint8_t* end; + const mio_uint8_t* ptr, * end; rem = dlen & 7; /* dlen % 8 */ - end = dptr + dlen - rem; + ptr = (const mio_uint8_t*)dptr; + end = ptr + dlen - rem; k0 = U8TO64_LE(key); k1 = U8TO64_LE(key + 8); @@ -189,9 +189,9 @@ void mio_sip_hash_24 (const mio_uint8_t key[16], mio_uint8_t *dptr, mio_oow_t dl v2 = k0; XOR64_TO(v2, sip_init_v[2]); v3 = k1; XOR64_TO(v3, sip_init_v[3]); - for (; dptr != end; dptr += 8) + for (; ptr != end; ptr += 8) { - m = U8TO64_LE(dptr); + m = U8TO64_LE(ptr); SIP_2_ROUND (m, v0, v1, v2, v3); }