-
Notifications
You must be signed in to change notification settings - Fork 53
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactor: use wire-formatted byte arrays to represent names internally, no more strings #90
base: master
Are you sure you want to change the base?
Refactor: use wire-formatted byte arrays to represent names internally, no more strings #90
Commits on Sep 28, 2022
-
Configuration menu - View commit details
-
Copy full SHA for 80ff7b8 - Browse repository at this point
Copy the full SHA 80ff7b8View commit details -
Configuration menu - View commit details
-
Copy full SHA for 498e116 - Browse repository at this point
Copy the full SHA 498e116View commit details -
dns: refactor name_parse(): read wire format and keep in wire format
This function used to convert wire-formatted byte arrays to strings. We are no longer using strings for names internally so this function got much simpler. All it really needs to do now is un-compress a name from a DNS message packet. Because this function is the main entry point for all names in the program, it is also critical to verify label and name size rules. Once names are ingested by name_parse() and stored in structs, we can for the most part assume they are valid.
Configuration menu - View commit details
-
Copy full SHA for 99081df - Browse repository at this point
Copy the full SHA 99081dfView commit details -
dns: refactor name_serialize(): read and keep in wire format
This function used to convert names from strings to wire-formatted byte arrays. We are no longer using strings for names internally so this function got much simpler. All it really needs to do now is compress a name into a DNS message by adding label pointers where necessary. Because this function is the main output point for names it is critical to verify label and name lengths when we write.
Configuration menu - View commit details
-
Copy full SHA for 9f9f33f - Browse repository at this point
Copy the full SHA 9f9f33fView commit details -
dns: use dns-name-based hash map for label compression in serialize()
hsk_dns_name_serialize() takes an argument hsk_dns_cmp_t which includes a generic map object hsk_map_t. This map is used to track names and labels as a message is being written, so compression pointers can be applied. Since names are byte arrays now and not strings this map needs to be reimplemented with corrected hash and equality functions.
Configuration menu - View commit details
-
Copy full SHA for 081fedd - Browse repository at this point
Copy the full SHA 081feddView commit details -
dns: implement to/from string (DNS presentation format) for names
Internally, hnsd keeps all names in wire-formatted byte arrays. There are only a few places where the name must be converted to a printable string, which requires "presentation format" e.g. //DDD for unprintable characters, etc. To string: - Log messages that print names being resolved - libunbound's recursive resolver API From string: - Only needed for testing (hnsd doesn't accept strings as input nor use them internally)
Configuration menu - View commit details
-
Copy full SHA for e7d7c4b - Browse repository at this point
Copy the full SHA e7d7c4bView commit details -
dns: repurpose name_verify() to match hsd rules.verifyName()
In addition to procesisng byte arrays instead of strings, repurpose this function to check a single label for validity as a Handshake TLD. The most important time to use it is when receiving a user's request. TLDs need to be valid before hashing and requesting Urkel proofs from full nodes.
Configuration menu - View commit details
-
Copy full SHA for 58fc525 - Browse repository at this point
Copy the full SHA 58fc525View commit details -
dns: refactor label split/from/get for byte array instead of string
These label utilities used to process strings but now we represent all names as byte arrays. For consistency, these functions always output in DNS wire format, even single labels. That means output always begins with a length byte and ends with a 0x00 terminator (aka ".")
Configuration menu - View commit details
-
Copy full SHA for 5d12bc9 - Browse repository at this point
Copy the full SHA 5d12bc9View commit details -
ns: fix synth parsing in onrecv() and refactor for byte arrays
In addition to refactoring hsk_ns_onrecv() to deal with names as byte arrays instead of strings, this fixes a bug where the root server wasn't properly handling requests for _synth by itself. Since a request for `_synth` has only one label, we should not request label with index -2 using hsk_dns_label_from()
Configuration menu - View commit details
-
Copy full SHA for 7184186 - Browse repository at this point
Copy the full SHA 7184186View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0dde592 - Browse repository at this point
Copy the full SHA 0dde592View commit details -
pool: rename "name" to "tld" and update HNS namehash for byte arrays
Update the name_hash function (which is used when requesting proofs from full nodes) since names are not strings any more. In addition, try to be consistent with variable naming. "name" could be multiple labels, "tld" is always one label and, in the context of pool, important for requesting and verifying Urkel proofs.
Configuration menu - View commit details
-
Copy full SHA for 15018c0 - Browse repository at this point
Copy the full SHA 15018c0View commit details -
Configuration menu - View commit details
-
Copy full SHA for 272f216 - Browse repository at this point
Copy the full SHA 272f216View commit details -
Configuration menu - View commit details
-
Copy full SHA for da4f3bb - Browse repository at this point
Copy the full SHA da4f3bbView commit details -
Configuration menu - View commit details
-
Copy full SHA for 9d011d9 - Browse repository at this point
Copy the full SHA 9d011d9View commit details -
Configuration menu - View commit details
-
Copy full SHA for 406cd62 - Browse repository at this point
Copy the full SHA 406cd62View commit details -
Configuration menu - View commit details
-
Copy full SHA for c28676c - Browse repository at this point
Copy the full SHA c28676cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 48e9ddd - Browse repository at this point
Copy the full SHA 48e9dddView commit details -
Configuration menu - View commit details
-
Copy full SHA for 0b323c1 - Browse repository at this point
Copy the full SHA 0b323c1View commit details -
Configuration menu - View commit details
-
Copy full SHA for 40099a9 - Browse repository at this point
Copy the full SHA 40099a9View commit details -
Configuration menu - View commit details
-
Copy full SHA for 62ab53b - Browse repository at this point
Copy the full SHA 62ab53bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 60f7a23 - Browse repository at this point
Copy the full SHA 60f7a23View commit details -
dns: remove label compression from some record types data
https://www.rfc-editor.org/rfc/rfc3597#section-4 > To avoid such corruption, servers MUST NOT compress domain names > embedded in the RDATA of types that are class-specific or not well- > known. This requirement was stated in [RFC1123] without defining > the term "well-known"; it is hereby specified that only the RR types > defined in [RFC1035] are to be considered "well-known"." This commit was checked against pdns: https://github.com/PowerDNS/pdns/blob/master/pdns/dnsrecords.cc
Configuration menu - View commit details
-
Copy full SHA for d63f2e1 - Browse repository at this point
Copy the full SHA d63f2e1View commit details -
Configuration menu - View commit details
-
Copy full SHA for df6820a - Browse repository at this point
Copy the full SHA df6820aView commit details -
dns: prevent memory leak when reading invalid record data
Before this commmit, if record data was invalid and ..._read() failed, we would `goto fail` which would call hsk_dns_rrs_uninit(). However, uninit() only frees rr objects if the rrset has a size > 0 and only frees that many rr objects. By calling hsk_dns_rrs_push() BEFORE ..._read() we increment that size value and that ensures that if there is a failure, the rr will be freed. The rr is already allocated and pushing its pointer into the rrset before we write its data doesn't affect anything else.
Configuration menu - View commit details
-
Copy full SHA for f47ba8d - Browse repository at this point
Copy the full SHA f47ba8dView commit details -
Configuration menu - View commit details
-
Copy full SHA for e33e9c3 - Browse repository at this point
Copy the full SHA e33e9c3View commit details -
Configuration menu - View commit details
-
Copy full SHA for f2a7445 - Browse repository at this point
Copy the full SHA f2a7445View commit details -
Configuration menu - View commit details
-
Copy full SHA for ca447c8 - Browse repository at this point
Copy the full SHA ca447c8View commit details -
dns: read domain names from tld.h as bytes, not strings
Also updates the hard-coded root zone, see handshake-org/hs-names#12
Configuration menu - View commit details
-
Copy full SHA for bf6108b - Browse repository at this point
Copy the full SHA bf6108bView commit details -
Configuration menu - View commit details
-
Copy full SHA for e307bb7 - Browse repository at this point
Copy the full SHA e307bb7View commit details