14c1a8db5f
git-svn-id: svn://svn.openwrt.org/openwrt/packages@6526 3c298f89-4303-0410-b956-a3cf2f4a3e73
383 lines
11 KiB
Diff
383 lines
11 KiB
Diff
diff -urN nstx-1.1-beta6/Makefile nstx-1.1-beta6.new/Makefile
|
|
--- nstx-1.1-beta6/Makefile 2004-06-27 23:46:38.000000000 +0200
|
|
+++ nstx-1.1-beta6.new/Makefile 2006-12-24 12:15:23.000000000 +0100
|
|
@@ -1,4 +1,4 @@
|
|
-CFLAGS += -ggdb -Wall -Werror
|
|
+CFLAGS += -ggdb -Wall -Werror -Wsign-compare
|
|
|
|
NSTXD_SRCS = nstxd.c nstx_encode.c nstx_pstack.c nstx_dns.c nstx_tuntap.c nstx_queue.c
|
|
NSTXD_OBJS = ${NSTXD_SRCS:.c=.o}
|
|
diff -urN nstx-1.1-beta6/nstx_dns.c nstx-1.1-beta6.new/nstx_dns.c
|
|
--- nstx-1.1-beta6/nstx_dns.c 2004-06-27 23:43:34.000000000 +0200
|
|
+++ nstx-1.1-beta6.new/nstx_dns.c 2006-12-24 12:15:23.000000000 +0100
|
|
@@ -6,6 +6,7 @@
|
|
#include <fcntl.h>
|
|
#include <syslog.h>
|
|
#include <unistd.h>
|
|
+#include <assert.h>
|
|
|
|
#include "nstxfun.h"
|
|
#include "nstxdns.h"
|
|
@@ -58,7 +59,7 @@
|
|
* DNS-packet 'msg'. */
|
|
|
|
static char *
|
|
-decompress_label(const char *msg, int msglen, const char *lbl)
|
|
+decompress_label(const char *msg, unsigned int msglen, const char *lbl)
|
|
{
|
|
const char *ptr = lbl;
|
|
char *buf;
|
|
@@ -69,7 +70,7 @@
|
|
|
|
while ((chunklen = *ptr)) {
|
|
if (chunklen > 63) {
|
|
- if ((ptr-msg) >= (msglen-1)) {
|
|
+ if ((ptr-msg) >= ((signed int)msglen-1)) {
|
|
DEBUG("Bad pointer at end of msg");
|
|
if (buf)
|
|
free(buf);
|
|
@@ -104,13 +105,15 @@
|
|
ptr += chunklen + 1;
|
|
}
|
|
}
|
|
- buf[buflen] = 0;
|
|
- buflen++;
|
|
+ if (buf) {
|
|
+ buf[buflen] = 0;
|
|
+ buflen++;
|
|
+ }
|
|
return buf;
|
|
}
|
|
|
|
static const unsigned char *
|
|
-_cstringify(const unsigned char *data, int *dlen, int clen)
|
|
+_cstringify(const unsigned char *data, int *dlen, unsigned int clen)
|
|
{
|
|
static unsigned char *buf;
|
|
|
|
@@ -143,7 +146,7 @@
|
|
{
|
|
int len;
|
|
|
|
- len = strlen(data);
|
|
+ len = strlen((char*)data);
|
|
return _cstringify(data, &len, 63);
|
|
}
|
|
|
|
@@ -183,24 +186,24 @@
|
|
static const unsigned char *
|
|
lbl2data (const unsigned char *data, size_t len)
|
|
{
|
|
- static unsigned char *buf;
|
|
-
|
|
+ static signed char *buf = NULL;
|
|
const unsigned char *s = data;
|
|
- unsigned char *d;
|
|
- unsigned int llen;
|
|
+ signed char *d;
|
|
+ signed int llen;
|
|
|
|
d = buf = realloc(buf, len);
|
|
+ assert(d);
|
|
do
|
|
{
|
|
llen = *s++;
|
|
- if ((llen > 63) || (llen > len - (s - data)))
|
|
- return NULL;
|
|
+ if ((llen > 63) || (llen > (signed int)(len - (s - data))))
|
|
+ break;
|
|
memcpy(d, s, llen);
|
|
s += llen;
|
|
d += llen;
|
|
} while (llen);
|
|
*d = '\0';
|
|
- return buf;
|
|
+ return (const unsigned char*)buf;
|
|
}
|
|
|
|
/* New DNS-Code */
|
|
@@ -318,7 +321,7 @@
|
|
const char *ptr;
|
|
static char *fqdn;
|
|
|
|
- ptr = data2lbl(data);
|
|
+ ptr = (char*)data2lbl((unsigned char*)data);
|
|
fqdn = realloc(fqdn, strlen(ptr)+strlen(suffix)+1);
|
|
strcpy(fqdn, ptr);
|
|
strcat(fqdn, suffix);
|
|
@@ -336,8 +339,9 @@
|
|
free(buf);
|
|
|
|
off = strstr(fqdn, suffix);
|
|
- if (off)
|
|
- buf = strdup(lbl2data(fqdn, off - fqdn));
|
|
+ /* only parse if the fqdn was found, and there is more than the fqdn */
|
|
+ if (off && off != fqdn)
|
|
+ buf = strdup((char*)lbl2data((unsigned char*)fqdn, off - fqdn));
|
|
else
|
|
/* Our suffix not found... */
|
|
buf = NULL;
|
|
@@ -364,7 +368,7 @@
|
|
const char *ptr;
|
|
char *buf;
|
|
|
|
- ptr = data2txt(data, &len);
|
|
+ ptr = (char*)data2txt((unsigned char*)data, &len);
|
|
buf = malloc(len);
|
|
memcpy(buf, ptr, len);
|
|
|
|
@@ -477,7 +481,7 @@
|
|
{
|
|
offsets[i++] = ptr - buf;
|
|
rrp = _new_listitem(&pkt->query);
|
|
- rrp->data = decompress_label(buf, len, ptr);
|
|
+ rrp->data = decompress_label((char*)buf, len, (char*)ptr);
|
|
if (!rrp->data)
|
|
{
|
|
syslog(LOG_ERR, "dns_extractpkt: decompress_label choked in qd\n");
|
|
@@ -517,8 +521,9 @@
|
|
if (j < i)
|
|
rrp->link = j;
|
|
}
|
|
- ptr = _skip_lbl(ptr, &remain);
|
|
- rrp->len = ptr[8]*256+ptr[9];
|
|
+ // ptr = _skip_lbl(ptr, &remain);
|
|
+ // rrp->len = ptr[8]*256+ptr[9];
|
|
+ rrp->len = ptr[10]*256+ptr[11];
|
|
ptr += 12;
|
|
remain -= 12;
|
|
if (remain < rrp->len)
|
|
diff -urN nstx-1.1-beta6/nstx_encode.c nstx-1.1-beta6.new/nstx_encode.c
|
|
--- nstx-1.1-beta6/nstx_encode.c 2004-06-27 23:43:34.000000000 +0200
|
|
+++ nstx-1.1-beta6.new/nstx_encode.c 2006-12-24 12:15:23.000000000 +0100
|
|
@@ -30,11 +30,11 @@
|
|
|
|
void init_revmap (void)
|
|
{
|
|
- int i;
|
|
+ unsigned int i;
|
|
|
|
revmap = malloc(256);
|
|
|
|
- for (i = 0; i < strlen(map); i++)
|
|
+ for (i = 0; i < strlen((char*)map); i++)
|
|
revmap[map[i]] = i;
|
|
}
|
|
|
|
@@ -70,11 +70,11 @@
|
|
if (!revmap)
|
|
init_revmap();
|
|
|
|
- len = strlen(data)-1;
|
|
-
|
|
+ len = strlen((char*)data);
|
|
+
|
|
buf = realloc(buf, ((len+3)/4)*3);
|
|
|
|
- while (off < len) {
|
|
+ while (off+3 < len) {
|
|
buf[i+0] = (revmap[data[off]]<<2)|((revmap[data[off+1]]&48)>>4);
|
|
buf[i+1] = ((revmap[data[off+1]]&15)<<4)|((revmap[data[off+2]]&60)>>2);
|
|
buf[i+2] = ((revmap[data[off+2]]&3)<<6)|(revmap[data[off+3]]);
|
|
diff -urN nstx-1.1-beta6/nstx_pstack.c nstx-1.1-beta6.new/nstx_pstack.c
|
|
--- nstx-1.1-beta6/nstx_pstack.c 2004-06-27 23:43:34.000000000 +0200
|
|
+++ nstx-1.1-beta6.new/nstx_pstack.c 2006-12-24 12:15:23.000000000 +0100
|
|
@@ -49,7 +49,7 @@
|
|
char *netpacket;
|
|
int netpacketlen;
|
|
|
|
- if ((!ptr) || len < sizeof(struct nstxhdr))
|
|
+ if ((!ptr) || (signed int) len < (signed int) sizeof(struct nstxhdr))
|
|
return;
|
|
|
|
if (!nstxpkt->id)
|
|
diff -urN nstx-1.1-beta6/nstx_tuntap.c nstx-1.1-beta6.new/nstx_tuntap.c
|
|
--- nstx-1.1-beta6/nstx_tuntap.c 2004-06-27 23:43:34.000000000 +0200
|
|
+++ nstx-1.1-beta6.new/nstx_tuntap.c 2006-12-24 12:15:23.000000000 +0100
|
|
@@ -215,7 +215,7 @@
|
|
|
|
struct nstxmsg *nstx_select (int timeout)
|
|
{
|
|
- int peerlen;
|
|
+ unsigned peerlen;
|
|
fd_set set;
|
|
struct timeval tv;
|
|
static struct nstxmsg *ret = NULL;
|
|
diff -urN nstx-1.1-beta6/nstxcd.8 nstx-1.1-beta6.new/nstxcd.8
|
|
--- nstx-1.1-beta6/nstxcd.8 1970-01-01 01:00:00.000000000 +0100
|
|
+++ nstx-1.1-beta6.new/nstxcd.8 2006-12-24 12:15:23.000000000 +0100
|
|
@@ -0,0 +1,36 @@
|
|
+.TH NSTXCD "8" "May 2004" "nstx 1.1-beta4" "User Commands"
|
|
+.SH NAME
|
|
+nstxcd \- IP over DNS tunneling client
|
|
+
|
|
+.SH SYNOPSIS
|
|
+.B "nstxcd \fIDOMAIN\fR \fIIPADDRESS\fR"
|
|
+
|
|
+.SH DESCRIPTION
|
|
+.B nstxcd
|
|
+tunnels IP packets over DNS, allowing them to be sent to a server without
|
|
+any protocols other than DNS being used.
|
|
+
|
|
+.SH OPTIONS
|
|
+.B nstxcd
|
|
+takes the following options:
|
|
+.IP "domain"
|
|
+The domain that nstxcd will send requests to. This domain must be delegated
|
|
+to a machine that is running nstxd.
|
|
+.IP "IP address"
|
|
+The IP address of a DNS server that can be reached from the current machine.
|
|
+
|
|
+.SH USAGE
|
|
+.Bnstxcd
|
|
+should be run against a domain that has been delegated to a machine running
|
|
+nstxd. It will then take any packets that are sent to the tun0 interface and
|
|
+send them over DNS to the other tunnel endpoint. Responses will appear on
|
|
+the tun0 interface.
|
|
+
|
|
+.SH AUTHORS
|
|
+
|
|
+.IP
|
|
+Florian Heinz <sky@sysv.de>
|
|
+.IP
|
|
+Julien Oster <frodo@sysv.de>
|
|
+.IP
|
|
+http://nstx.dereference.de/nstx/
|
|
diff -urN nstx-1.1-beta6/nstxcd.c nstx-1.1-beta6.new/nstxcd.c
|
|
--- nstx-1.1-beta6/nstxcd.c 2004-06-27 23:43:34.000000000 +0200
|
|
+++ nstx-1.1-beta6.new/nstxcd.c 2006-12-24 12:15:23.000000000 +0100
|
|
@@ -63,7 +63,7 @@
|
|
int main (int argc, char * argv[]) {
|
|
struct nstxmsg *msg;
|
|
const char *device = NULL;
|
|
- char ch;
|
|
+ int ch;
|
|
|
|
nsid = time(NULL);
|
|
|
|
@@ -110,11 +110,11 @@
|
|
const char *data;
|
|
int datalen;
|
|
|
|
- pkt = dns_extractpkt (reply, len);
|
|
+ pkt = dns_extractpkt ((unsigned char*)reply, len);
|
|
if (!pkt)
|
|
return;
|
|
while ((data = dns_getanswerdata(pkt, &datalen))) {
|
|
- data = txt2data(data, &datalen);
|
|
+ data = (char*)txt2data((unsigned char*)data, &datalen);
|
|
nstx_handlepacket (data, datalen, &sendtun);
|
|
}
|
|
dequeueitem(pkt->id);
|
|
@@ -159,9 +159,9 @@
|
|
data += l;
|
|
datalen -= l;
|
|
|
|
- dns_addquery(pkt, dns_data2fqdn(nstx_encode(p, sizeof(nh)+l)));
|
|
+ dns_addquery(pkt, dns_data2fqdn(nstx_encode((unsigned char*)p, sizeof(nh)+l)));
|
|
free(p);
|
|
- p = dns_constructpacket(pkt, &l);
|
|
+ p = (char*)dns_constructpacket(pkt, &l);
|
|
sendns(p, l, NULL);
|
|
free(p);
|
|
|
|
diff -urN nstx-1.1-beta6/nstxd.8 nstx-1.1-beta6.new/nstxd.8
|
|
--- nstx-1.1-beta6/nstxd.8 1970-01-01 01:00:00.000000000 +0100
|
|
+++ nstx-1.1-beta6.new/nstxd.8 2006-12-24 12:15:23.000000000 +0100
|
|
@@ -0,0 +1,47 @@
|
|
+.TH NSTXD "7" "Mar 2005" "nstx 1.1-beta6" "User Commands"
|
|
+.SH NAME
|
|
+nstxd \- IP over DNS tunneling daemon
|
|
+
|
|
+.SH SYNOPSIS
|
|
+.B "nstxd \fIOPTION\fR \fIDOMAIN\fR"
|
|
+
|
|
+.SH DESCRIPTION
|
|
+.B nstxd
|
|
+listens for well formed DNS requests and translates them into IP packets.
|
|
+Responses are sent in the form of DNS replies. This allows clients to
|
|
+tunnel IP packets over the DNS protocol.
|
|
+
|
|
+.SH OPTIONS
|
|
+.B nstxd
|
|
+takes the following option:
|
|
+.IP \-d tun-device
|
|
+Use this tun device instead of tun0
|
|
+.IP \-i ipaddr
|
|
+Bind to this IP address rather than every available address
|
|
+.IP \-C dir
|
|
+Chroot to this directory on startup
|
|
+.IP \-D
|
|
+Daemonize on startup
|
|
+.IP \-g
|
|
+Switch on debug messages
|
|
+.IP \-u user
|
|
+Run as the following user
|
|
+.IP "domain"
|
|
+The domain that nstxd will listen to requests for. This should be a domain
|
|
+that is delegated to the machine running nstxd.
|
|
+
|
|
+.SH USAGE
|
|
+A domain should be delegated to the machine that will run nstxd. nstxd should
|
|
+then be run giving that domain as the only argument. nstxd will then listen
|
|
+for requests and translate them into IP packets that will appear on the tun0
|
|
+interface. Packets sent to the tun0 interface will be transferred back to
|
|
+the client as DNS answers.
|
|
+
|
|
+.SH AUTHORS
|
|
+
|
|
+.IP
|
|
+Florian Heinz <sky@sysv.de>
|
|
+.IP
|
|
+Julien Oster <frodo@sysv.de>
|
|
+.IP
|
|
+http://nstx.dereference.de/nstx/
|
|
diff -urN nstx-1.1-beta6/nstxd.c nstx-1.1-beta6.new/nstxd.c
|
|
--- nstx-1.1-beta6/nstxd.c 2004-06-27 23:55:17.000000000 +0200
|
|
+++ nstx-1.1-beta6.new/nstxd.c 2006-12-24 12:15:23.000000000 +0100
|
|
@@ -67,7 +67,7 @@
|
|
}
|
|
|
|
int main (int argc, char *argv[]) {
|
|
- char ch;
|
|
+ signed char ch;
|
|
const char *device = NULL, *dir = NULL;
|
|
in_addr_t bindto = INADDR_ANY;
|
|
uid_t uid = 0;
|
|
@@ -172,7 +172,7 @@
|
|
dns_setid(pkt, q->id);
|
|
dns_settype(pkt, DNS_RESPONSE);
|
|
dns_addanswer(pkt, "\xb4\x00\x00\x00", 4, dns_addquery(pkt, q->name));
|
|
- buf = dns_constructpacket (pkt, &len);
|
|
+ buf = (char*)dns_constructpacket (pkt, &len);
|
|
sendns(buf, len, &q->peer);
|
|
free(buf);
|
|
}
|
|
@@ -188,7 +188,7 @@
|
|
|
|
if (msg) {
|
|
if (msg->src == FROMNS) {
|
|
- pkt = dns_extractpkt(msg->data, msg->len);
|
|
+ pkt = dns_extractpkt((unsigned char*)msg->data, msg->len);
|
|
if (pkt)
|
|
{
|
|
name = dns_getquerydata(pkt);
|
|
@@ -198,7 +198,7 @@
|
|
name);
|
|
queueitem(pkt->id, name, &msg->peer);
|
|
if ((data = dns_fqdn2data(name)) &&
|
|
- (buf = nstx_decode(data, &len)))
|
|
+ (buf = nstx_decode((unsigned char*)data, &len)))
|
|
{
|
|
nstx_handlepacket(buf, len, &sendtun);
|
|
}
|
|
@@ -220,7 +220,7 @@
|
|
len = dns_getfreespace(pkt, DNS_RESPONSE);
|
|
buf = dequeue_senditem(&len);
|
|
dns_addanswer(pkt, buf, len, link);
|
|
- buf = dns_constructpacket(pkt, &len);
|
|
+ buf = (char*)dns_constructpacket(pkt, &len);
|
|
sendns(buf, len, &qitem->peer);
|
|
}
|
|
timeoutqueue(do_timeout);
|