Progress Report #7 22-07-2017
- memset() in dns_empty_tsig() to initialize empty rdata fields in client_crypto.c
- full tsig generation and server mac validation in client_crypto.c
- minor changes in libcli_crypto.h
client_crypto.c
I used WERROR in accordance to error handling in the server code. Is there an advantage in using NTSTATUS instead?
Use of memset() must be reviewed, as it uses pointers and I am not fully aware if all related fields in rdata are declared as such.
dns_find_tkey() is used as coded for its respective use in /source4/dns_server/dns_server.c. It has been suggested that I use a new linked-list to manipulate the cache, though I've come across this tutorial, which suggests that linked-lists may not be ideal for locating specific nodes in the cache.
- added tcp connection handling in dns_tcp.c
- tstream_read_pdu_blob_send/recv() loop implemented in dns_tcp.c
- added missing callback assignments in dns_tcp.c
- changes in libdns_tcp to accomodate changes
dns_tcp.c
The send/recv loop should probably be reviewed, since tstream_read_pdu_blob does not appear to be defined in tsocket, so I'm not sure I've got it right.
Additionally, dns_tcp_req_done() is probably wrong, but I'd need some verification on this.
I'm starting writing tests for gss-tsig tomorrow, as I'm quite confident that the code appears to be a solid foundation for fine-tuning.
The TCP call handler needs a bit of work, so that I can add signature generation.
As always, feedback would be greatly appreciated.
Temporary GitHub repo here.
Cheers,
Dimitris
No comments:
Post a Comment