1 diff -urN nstx-1.1-beta6/Makefile nstx-1.1-beta6.new/Makefile
2 --- nstx-1.1-beta6/Makefile 2004-06-27 23:46:38.000000000 +0200
3 +++ nstx-1.1-beta6.new/Makefile 2006-12-24 12:15:23.000000000 +0100
5 -CFLAGS += -ggdb -Wall -Werror
6 +CFLAGS += -ggdb -Wall -Werror -Wsign-compare
8 NSTXD_SRCS = nstxd.c nstx_encode.c nstx_pstack.c nstx_dns.c nstx_tuntap.c nstx_queue.c
9 NSTXD_OBJS = ${NSTXD_SRCS:.c=.o}
10 diff -urN nstx-1.1-beta6/nstx_dns.c nstx-1.1-beta6.new/nstx_dns.c
11 --- nstx-1.1-beta6/nstx_dns.c 2004-06-27 23:43:34.000000000 +0200
12 +++ nstx-1.1-beta6.new/nstx_dns.c 2006-12-24 12:15:23.000000000 +0100
22 * DNS-packet 'msg'. */
25 -decompress_label(const char *msg, int msglen, const char *lbl)
26 +decompress_label(const char *msg, unsigned int msglen, const char *lbl)
28 const char *ptr = lbl;
32 while ((chunklen = *ptr)) {
34 - if ((ptr-msg) >= (msglen-1)) {
35 + if ((ptr-msg) >= ((signed int)msglen-1)) {
36 DEBUG("Bad pointer at end of msg");
52 static const unsigned char *
53 -_cstringify(const unsigned char *data, int *dlen, int clen)
54 +_cstringify(const unsigned char *data, int *dlen, unsigned int clen)
56 static unsigned char *buf;
63 + len = strlen((char*)data);
64 return _cstringify(data, &len, 63);
68 static const unsigned char *
69 lbl2data (const unsigned char *data, size_t len)
71 - static unsigned char *buf;
73 + static signed char *buf = NULL;
74 const unsigned char *s = data;
80 d = buf = realloc(buf, len);
85 - if ((llen > 63) || (llen > len - (s - data)))
87 + if ((llen > 63) || (llen > (signed int)(len - (s - data))))
95 + return (const unsigned char*)buf;
103 - ptr = data2lbl(data);
104 + ptr = (char*)data2lbl((unsigned char*)data);
105 fqdn = realloc(fqdn, strlen(ptr)+strlen(suffix)+1);
107 strcat(fqdn, suffix);
111 off = strstr(fqdn, suffix);
113 - buf = strdup(lbl2data(fqdn, off - fqdn));
114 + /* only parse if the fqdn was found, and there is more than the fqdn */
115 + if (off && off != fqdn)
116 + buf = strdup((char*)lbl2data((unsigned char*)fqdn, off - fqdn));
118 /* Our suffix not found... */
124 - ptr = data2txt(data, &len);
125 + ptr = (char*)data2txt((unsigned char*)data, &len);
127 memcpy(buf, ptr, len);
131 offsets[i++] = ptr - buf;
132 rrp = _new_listitem(&pkt->query);
133 - rrp->data = decompress_label(buf, len, ptr);
134 + rrp->data = decompress_label((char*)buf, len, (char*)ptr);
137 syslog(LOG_ERR, "dns_extractpkt: decompress_label choked in qd\n");
142 - ptr = _skip_lbl(ptr, &remain);
143 - rrp->len = ptr[8]*256+ptr[9];
144 + // ptr = _skip_lbl(ptr, &remain);
145 + // rrp->len = ptr[8]*256+ptr[9];
146 + rrp->len = ptr[10]*256+ptr[11];
149 if (remain < rrp->len)
150 diff -urN nstx-1.1-beta6/nstx_encode.c nstx-1.1-beta6.new/nstx_encode.c
151 --- nstx-1.1-beta6/nstx_encode.c 2004-06-27 23:43:34.000000000 +0200
152 +++ nstx-1.1-beta6.new/nstx_encode.c 2006-12-24 12:15:23.000000000 +0100
155 void init_revmap (void)
160 revmap = malloc(256);
162 - for (i = 0; i < strlen(map); i++)
163 + for (i = 0; i < strlen((char*)map); i++)
171 - len = strlen(data)-1;
173 + len = strlen((char*)data);
175 buf = realloc(buf, ((len+3)/4)*3);
177 - while (off < len) {
178 + while (off+3 < len) {
179 buf[i+0] = (revmap[data[off]]<<2)|((revmap[data[off+1]]&48)>>4);
180 buf[i+1] = ((revmap[data[off+1]]&15)<<4)|((revmap[data[off+2]]&60)>>2);
181 buf[i+2] = ((revmap[data[off+2]]&3)<<6)|(revmap[data[off+3]]);
182 diff -urN nstx-1.1-beta6/nstx_pstack.c nstx-1.1-beta6.new/nstx_pstack.c
183 --- nstx-1.1-beta6/nstx_pstack.c 2004-06-27 23:43:34.000000000 +0200
184 +++ nstx-1.1-beta6.new/nstx_pstack.c 2006-12-24 12:15:23.000000000 +0100
189 - if ((!ptr) || len < sizeof(struct nstxhdr))
190 + if ((!ptr) || (signed int) len < (signed int) sizeof(struct nstxhdr))
194 diff -urN nstx-1.1-beta6/nstx_tuntap.c nstx-1.1-beta6.new/nstx_tuntap.c
195 --- nstx-1.1-beta6/nstx_tuntap.c 2004-06-27 23:43:34.000000000 +0200
196 +++ nstx-1.1-beta6.new/nstx_tuntap.c 2006-12-24 12:15:23.000000000 +0100
199 struct nstxmsg *nstx_select (int timeout)
205 static struct nstxmsg *ret = NULL;
206 diff -urN nstx-1.1-beta6/nstxcd.8 nstx-1.1-beta6.new/nstxcd.8
207 --- nstx-1.1-beta6/nstxcd.8 1970-01-01 01:00:00.000000000 +0100
208 +++ nstx-1.1-beta6.new/nstxcd.8 2006-12-24 12:15:23.000000000 +0100
210 +.TH NSTXCD "8" "May 2004" "nstx 1.1-beta4" "User Commands"
212 +nstxcd \- IP over DNS tunneling client
215 +.B "nstxcd \fIDOMAIN\fR \fIIPADDRESS\fR"
219 +tunnels IP packets over DNS, allowing them to be sent to a server without
220 +any protocols other than DNS being used.
224 +takes the following options:
226 +The domain that nstxcd will send requests to. This domain must be delegated
227 +to a machine that is running nstxd.
229 +The IP address of a DNS server that can be reached from the current machine.
233 +should be run against a domain that has been delegated to a machine running
234 +nstxd. It will then take any packets that are sent to the tun0 interface and
235 +send them over DNS to the other tunnel endpoint. Responses will appear on
241 +Florian Heinz <sky@sysv.de>
243 +Julien Oster <frodo@sysv.de>
245 +http://nstx.dereference.de/nstx/
246 diff -urN nstx-1.1-beta6/nstxcd.c nstx-1.1-beta6.new/nstxcd.c
247 --- nstx-1.1-beta6/nstxcd.c 2004-06-27 23:43:34.000000000 +0200
248 +++ nstx-1.1-beta6.new/nstxcd.c 2006-12-24 12:15:23.000000000 +0100
250 int main (int argc, char * argv[]) {
252 const char *device = NULL;
258 @@ -110,11 +110,11 @@
262 - pkt = dns_extractpkt (reply, len);
263 + pkt = dns_extractpkt ((unsigned char*)reply, len);
266 while ((data = dns_getanswerdata(pkt, &datalen))) {
267 - data = txt2data(data, &datalen);
268 + data = (char*)txt2data((unsigned char*)data, &datalen);
269 nstx_handlepacket (data, datalen, &sendtun);
271 dequeueitem(pkt->id);
276 - dns_addquery(pkt, dns_data2fqdn(nstx_encode(p, sizeof(nh)+l)));
277 + dns_addquery(pkt, dns_data2fqdn(nstx_encode((unsigned char*)p, sizeof(nh)+l)));
279 - p = dns_constructpacket(pkt, &l);
280 + p = (char*)dns_constructpacket(pkt, &l);
284 diff -urN nstx-1.1-beta6/nstxd.8 nstx-1.1-beta6.new/nstxd.8
285 --- nstx-1.1-beta6/nstxd.8 1970-01-01 01:00:00.000000000 +0100
286 +++ nstx-1.1-beta6.new/nstxd.8 2006-12-24 12:15:23.000000000 +0100
288 +.TH NSTXD "7" "Mar 2005" "nstx 1.1-beta6" "User Commands"
290 +nstxd \- IP over DNS tunneling daemon
293 +.B "nstxd \fIOPTION\fR \fIDOMAIN\fR"
297 +listens for well formed DNS requests and translates them into IP packets.
298 +Responses are sent in the form of DNS replies. This allows clients to
299 +tunnel IP packets over the DNS protocol.
303 +takes the following option:
305 +Use this tun device instead of tun0
307 +Bind to this IP address rather than every available address
309 +Chroot to this directory on startup
311 +Daemonize on startup
313 +Switch on debug messages
315 +Run as the following user
317 +The domain that nstxd will listen to requests for. This should be a domain
318 +that is delegated to the machine running nstxd.
321 +A domain should be delegated to the machine that will run nstxd. nstxd should
322 +then be run giving that domain as the only argument. nstxd will then listen
323 +for requests and translate them into IP packets that will appear on the tun0
324 +interface. Packets sent to the tun0 interface will be transferred back to
325 +the client as DNS answers.
330 +Florian Heinz <sky@sysv.de>
332 +Julien Oster <frodo@sysv.de>
334 +http://nstx.dereference.de/nstx/
335 diff -urN nstx-1.1-beta6/nstxd.c nstx-1.1-beta6.new/nstxd.c
336 --- nstx-1.1-beta6/nstxd.c 2004-06-27 23:55:17.000000000 +0200
337 +++ nstx-1.1-beta6.new/nstxd.c 2006-12-24 12:15:23.000000000 +0100
341 int main (int argc, char *argv[]) {
344 const char *device = NULL, *dir = NULL;
345 in_addr_t bindto = INADDR_ANY;
348 dns_setid(pkt, q->id);
349 dns_settype(pkt, DNS_RESPONSE);
350 dns_addanswer(pkt, "\xb4\x00\x00\x00", 4, dns_addquery(pkt, q->name));
351 - buf = dns_constructpacket (pkt, &len);
352 + buf = (char*)dns_constructpacket (pkt, &len);
353 sendns(buf, len, &q->peer);
359 if (msg->src == FROMNS) {
360 - pkt = dns_extractpkt(msg->data, msg->len);
361 + pkt = dns_extractpkt((unsigned char*)msg->data, msg->len);
364 name = dns_getquerydata(pkt);
367 queueitem(pkt->id, name, &msg->peer);
368 if ((data = dns_fqdn2data(name)) &&
369 - (buf = nstx_decode(data, &len)))
370 + (buf = nstx_decode((unsigned char*)data, &len)))
372 nstx_handlepacket(buf, len, &sendtun);
375 len = dns_getfreespace(pkt, DNS_RESPONSE);
376 buf = dequeue_senditem(&len);
377 dns_addanswer(pkt, buf, len, link);
378 - buf = dns_constructpacket(pkt, &len);
379 + buf = (char*)dns_constructpacket(pkt, &len);
380 sendns(buf, len, &qitem->peer);
382 timeoutqueue(do_timeout);