upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-10 02:01:32 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

TSIG uses the new kdeflist accessor, other assorted TSIG/TKEY config updates

Browse source
This commit is contained in:
Brian Wellington 1999-10-29 13:56:56 +00:00
parent d13792dd52
commit ffdcf33647
6 changed files with 28 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
bin/named/server.c
View file

@ -376,7 +376,7 @@ load_configuration(const char *filename) {
/*
* Load the TSIG information from the configuration
*/
result = dns_tsig_init(ns_g_confctx, ns_g_mctx);
result = dns_tsig_init(ns_g_lctx, ns_g_confctx, ns_g_mctx);
if (result != ISC_R_SUCCESS)
ns_server_fatal(NS_LOGMODULE_SERVER, ISC_FALSE,
"dns_tsig_init() failed: %s",

6
bin/tests/tkey_test.c
View file

@ -35,6 +35,7 @@
#include <isc/boolean.h>
#include <isc/net.h>
#include <isc/socket.h>
#include <isc/log.h>
#include "../../isc/util.h" /* XXX Naughty. */
@ -72,6 +73,7 @@ isc_sockaddr_t address;
dns_message_t *query, *response, *query2, *response2;
isc_mem_t *mctx;
dns_tsigkey_t *tsigkey;
isc_log_t *log = NULL;
static void
senddone(isc_task_t *task, isc_event_t *event) {
@ -299,7 +301,9 @@ main(int argc, char *argv[]) {
socketmgr = NULL;
RUNTIME_CHECK(isc_socketmgr_create(mctx, &socketmgr) == ISC_R_SUCCESS);
RUNTIME_CHECK(dns_tsig_init(NULL, mctx) == ISC_R_SUCCESS);
RUNTIME_CHECK(isc_log_create(mctx, &log) == ISC_R_SUCCESS);
RUNTIME_CHECK(dns_tsig_init(log, NULL, mctx) == ISC_R_SUCCESS);
RUNTIME_CHECK(dns_tkey_init(log, NULL, mctx) == ISC_R_SUCCESS);
argc -= isc_commandline_index;
argv += isc_commandline_index;

3
lib/dns/include/dns/tkey.h
View file

@ -40,11 +40,10 @@ isc_result_t
dns_tkey_init(isc_log_t *lctx, dns_c_ctx_t *cfg, isc_mem_t *mctx);
/*
* Obtains TKEY configuration information, including default DH key
* and default domain.
* and default domain from the configuration, if it's not NULL.
*
* Requires:
* 'lctx' is not NULL
* 'cfg' is not NULL
* 'mctx' is not NULL
*
* Returns

6
lib/dns/include/dns/tsig.h
View file

@ -175,11 +175,15 @@ dns_tsigkey_find(dns_tsigkey_t **tsigkey, dns_name_t *name,
isc_result_t
dns_tsig_init(dns_c_ctx_t *confctx, isc_mem_t *mctx);
dns_tsig_init(isc_log_t *lctx, dns_c_ctx_t *confctx, isc_mem_t *mctx);
/*
* Initializes the TSIG subsystem. If confctx is not NULL, any
* specified keys are loaded.
*
* Requires:
* 'lctx' is not NULL
* 'mctx' is not NULL
* Returns:
* ISC_R_SUCCESS
* ISC_R_NOMEMORY

6
lib/dns/tkey.c
View file

@ -16,7 +16,7 @@
*/
/*
* $Id: tkey.c,v 1.8 1999/10/29 05:41:49 marka Exp $
* $Id: tkey.c,v 1.9 1999/10/29 13:56:55 bwelling Exp $
* Principal Author: Brian Wellington
*/
@ -77,9 +77,11 @@ dns_tkey_init(isc_log_t *lctx, dns_c_ctx_t *cfg, isc_mem_t *mctx) {
RUNTIME_CHECK(tkey_dhkey == NULL);
REQUIRE(lctx != NULL);
REQUIRE(cfg != NULL);
REQUIRE(mctx != NULL);
if (cfg == NULL)
return (ISC_R_SUCCESS);
s = NULL;
result = dns_c_ctx_gettkeydhkey(lctx, cfg, &s, &n);
if (result == ISC_R_NOTFOUND)

19
lib/dns/tsig.c
View file

@ -16,7 +16,7 @@
*/
/*
* $Id: tsig.c,v 1.26 1999/10/28 23:13:42 bwelling Exp $
* $Id: tsig.c,v 1.27 1999/10/29 13:56:56 bwelling Exp $
* Principal Author: Brian Wellington
*/
@ -937,7 +937,7 @@ dns_tsigkey_find(dns_tsigkey_t **tsigkey, dns_name_t *name,
}
static isc_result_t
add_initial_keys(dns_c_ctx_t *confctx, isc_mem_t *mctx) {
add_initial_keys(dns_c_kdeflist_t *list, isc_mem_t *mctx) {
isc_lex_t *lex = NULL;
dns_c_kdeflist_t *list;
dns_c_kdef_t *key;
@ -945,7 +945,6 @@ add_initial_keys(dns_c_ctx_t *confctx, isc_mem_t *mctx) {
int secretlen = 0;
isc_result_t ret;
list = confctx->keydefs;
key = ISC_LIST_HEAD(list->keydefs);
while (key != NULL) {
dns_name_t keyname;
@ -1031,11 +1030,15 @@ add_initial_keys(dns_c_ctx_t *confctx, isc_mem_t *mctx) {
}
isc_result_t
dns_tsig_init(dns_c_ctx_t *confctx, isc_mem_t *mctx) {
dns_tsig_init(isc_log_t *lctx, dns_c_ctx_t *confctx, isc_mem_t *mctx) {
isc_buffer_t hmacsrc, namebuf;
isc_result_t ret;
dns_name_t hmac_name;
unsigned char data[32];
dns_c_kdeflist_t *keylist = NULL;
REQUIRE(lctx != NULL);
REQUIRE(mctx != NULL);
ret = isc_rwlock_init(&tsiglock, 0, 0);
if (ret != ISC_R_SUCCESS) {
@ -1064,9 +1067,11 @@ dns_tsig_init(dns_c_ctx_t *confctx, isc_mem_t *mctx) {
if (ret != ISC_R_SUCCESS)
goto failure;
if (confctx != NULL && confctx->keydefs != NULL) {
ret = add_initial_keys(confctx, mctx);
if (ret != ISC_R_SUCCESS)
if (confctx != NULL) {
ret = dns_c_ctx_getkdeflist(lctx, confctx, &keylist);
if (ret == ISC_R_SUCCESS)
ret = add_initial_keys(keylist, mctx);
else if (ret != ISC_R_NOTFOUND)
goto failure;
}