diff --git a/CHANGES b/CHANGES index 107f9efe05..7e14745b0d 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +1281. [func] libbind: ns_sign2() and ns_sign_tcp() now provide + support for compressed TSIG owner names. + 1280. [func] libbind: res_update can now update IPv6 servers, new function res_findzonecut2(). diff --git a/lib/bind/include/arpa/nameser.h b/lib/bind/include/arpa/nameser.h index 9263d06917..9e2ce16a46 100644 --- a/lib/bind/include/arpa/nameser.h +++ b/lib/bind/include/arpa/nameser.h @@ -49,7 +49,7 @@ */ /* - * $Id: nameser.h,v 1.3 2001/11/01 04:59:15 marka Exp $ + * $Id: nameser.h,v 1.4 2002/05/06 06:29:39 marka Exp $ */ #ifndef _ARPA_NAMESER_H_ @@ -495,7 +495,9 @@ typedef enum __ns_cert_types { #define ns_name_skip __ns_name_skip #define ns_name_rollback __ns_name_rollback #define ns_sign __ns_sign +#define ns_sign2 __ns_sign2 #define ns_sign_tcp __ns_sign_tcp +#define ns_sign_tcp2 __ns_sign_tcp2 #define ns_sign_tcp_init __ns_sign_tcp_init #define ns_find_tsig __ns_find_tsig #define ns_verify __ns_verify @@ -540,8 +542,14 @@ void ns_name_rollback __P((const u_char *, const u_char **, const u_char **)); int ns_sign __P((u_char *, int *, int, int, void *, const u_char *, int, u_char *, int *, time_t)); +int ns_sign2 __P((u_char *, int *, int, int, void *, + const u_char *, int, u_char *, int *, time_t, + u_char **, u_char **)); int ns_sign_tcp __P((u_char *, int *, int, int, ns_tcp_tsig_state *, int)); +int ns_sign_tcp2 __P((u_char *, int *, int, int, + ns_tcp_tsig_state *, int, + u_char **, u_char **)); int ns_sign_tcp_init __P((void *, const u_char *, int, ns_tcp_tsig_state *)); u_char *ns_find_tsig __P((u_char *, u_char *)); diff --git a/lib/bind/nameser/ns_sign.c b/lib/bind/nameser/ns_sign.c index 2675444dcf..273d33cc91 100644 --- a/lib/bind/nameser/ns_sign.c +++ b/lib/bind/nameser/ns_sign.c @@ -16,7 +16,7 @@ */ #ifndef lint -static const char rcsid[] = "$Id: ns_sign.c,v 1.1 2001/03/29 06:31:57 marka Exp $"; +static const char rcsid[] = "$Id: ns_sign.c,v 1.2 2002/05/06 06:29:41 marka Exp $"; #endif /* Import. */ @@ -75,6 +75,16 @@ int ns_sign(u_char *msg, int *msglen, int msgsize, int error, void *k, const u_char *querysig, int querysiglen, u_char *sig, int *siglen, time_t in_timesigned) +{ + return(ns_sign2(msg, msglen, msgsize, error, k, + querysig, querysiglen, sig, siglen, + in_timesigned, NULL, NULL)); +} + +int +ns_sign2(u_char *msg, int *msglen, int msgsize, int error, void *k, + const u_char *querysig, int querysiglen, u_char *sig, int *siglen, + time_t in_timesigned, u_char **dnptrs, u_char **lastdnptr) { HEADER *hp = (HEADER *)msg; DST_KEY *key = (DST_KEY *)k; @@ -90,7 +100,7 @@ ns_sign(u_char *msg, int *msglen, int msgsize, int error, void *k, /* Name. */ if (key != NULL && error != ns_r_badsig && error != ns_r_badkey) - n = dn_comp(key->dk_key_name, cp, eob - cp, NULL, NULL); + n = dn_comp(key->dk_key_name, cp, eob - cp, dnptrs, lastdnptr); else n = dn_comp("", cp, eob - cp, NULL, NULL); if (n < 0) @@ -243,6 +253,15 @@ ns_sign_tcp_init(void *k, const u_char *querysig, int querysiglen, int ns_sign_tcp(u_char *msg, int *msglen, int msgsize, int error, ns_tcp_tsig_state *state, int done) +{ + return (ns_sign_tcp2(msg, msglen, msgsize, error, state, + done, NULL, NULL)); +} + +int +ns_sign_tcp2(u_char *msg, int *msglen, int msgsize, int error, + ns_tcp_tsig_state *state, int done, + u_char **dnptrs, u_char **lastdnptr) { u_char *cp, *eob, *lenp; u_char buf[MAXDNAME], *cp2; @@ -255,9 +274,10 @@ ns_sign_tcp(u_char *msg, int *msglen, int msgsize, int error, state->counter++; if (state->counter == 0) - return (ns_sign(msg, msglen, msgsize, error, state->key, - state->sig, state->siglen, - state->sig, &state->siglen, 0)); + return (ns_sign2(msg, msglen, msgsize, error, state->key, + state->sig, state->siglen, + state->sig, &state->siglen, 0, + dnptrs, lastdnptr)); if (state->siglen > 0) { u_int16_t siglen_n = htons(state->siglen); @@ -280,7 +300,7 @@ ns_sign_tcp(u_char *msg, int *msglen, int msgsize, int error, eob = msg + msgsize; /* Name. */ - n = dn_comp(state->key->dk_key_name, cp, eob - cp, NULL, NULL); + n = dn_comp(state->key->dk_key_name, cp, eob - cp, dnptrs, lastdnptr); if (n < 0) return (NS_TSIG_ERROR_NO_SPACE); cp += n;