tkey_test.c 13.8 KB
Newer Older
1
/*
Brian Wellington's avatar
Brian Wellington committed
2
 * Copyright (C) 1999-2001  Internet Software Consortium.
3
 *
4
5
6
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
7
 *
8
9
10
11
12
13
14
15
 * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
 * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
 * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
 * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
 * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
 * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16
17
 */

18
/* $Id: tkey_test.c,v 1.36 2001/01/11 04:12:29 bwelling Exp $ */
David Lawrence's avatar
David Lawrence committed
19

20
/*
21
 * Principal Author: Brian Wellington (core copied from res_test.c)
22
23
24
25
26
 */

#include <config.h>

#include <stdlib.h>
Brian Wellington's avatar
Brian Wellington committed
27
#include <string.h>
28

29
30
#include <isc/app.h>
#include <isc/base64.h>
31
#include <isc/commandline.h>
Brian Wellington's avatar
Brian Wellington committed
32
#include <isc/entropy.h>
33
34
35
#include <isc/lex.h>
#include <isc/log.h>
#include <isc/mem.h>
Brian Wellington's avatar
Brian Wellington committed
36
#include <isc/sockaddr.h>
37
#include <isc/socket.h>
38
39
#include <isc/task.h>
#include <isc/timer.h>
Michael Graff's avatar
Michael Graff committed
40
#include <isc/util.h>
41

42
#include <dns/fixedname.h>
43
#include <dns/keyvalues.h>
44
#include <dns/message.h>
45
#include <dns/name.h>
46
#include <dns/result.h>
47
#include <dns/tkey.h>
48
#include <dns/tsig.h>
49
#include <dns/view.h>
50

51
52
#include <dst/result.h>

53
54
55
56
57
58
59
#define CHECK(str, x) { \
	if ((x) != ISC_R_SUCCESS) { \
		printf("%s: %s\n", (str), isc_result_totext(x)); \
		exit(-1); \
	} \
}

60
61
62
63
#ifndef INADDR_LOOPBACK
#define INADDR_LOOPBACK (unsigned long)0x7F000001UL
#endif

64
65
66
67
68
static void buildquery(void);
static void buildquery2(void);

isc_mutex_t lock;
isc_taskmgr_t *taskmgr;
69
isc_task_t *task1;
70
71
72
73
74
dst_key_t *ourkey;
isc_socket_t *s;
isc_sockaddr_t address;
dns_message_t *query, *response, *query2, *response2;
isc_mem_t *mctx;
Brian Wellington's avatar
Brian Wellington committed
75
isc_entropy_t *ectx;
76
dns_tsigkey_t *tsigkey, *initialkey;
77
isc_log_t *log = NULL;
78
isc_logconfig_t *logconfig = NULL;
Brian Wellington's avatar
Brian Wellington committed
79
dns_tsig_keyring_t *ring = NULL;
Brian Wellington's avatar
Brian Wellington committed
80
dns_tkeyctx_t *tctx = NULL;
Brian Wellington's avatar
Brian Wellington committed
81
isc_buffer_t *nonce = NULL;
82
dns_view_t *view = NULL;
83
84
char output[10 * 1024];
isc_buffer_t outbuf;
85
in_port_t port = 53;
86
unsigned char qdata1[2048], qdata2[2048], rdata1[2048], rdata2[2048];
87
88
89
90
91
92

static void
senddone(isc_task_t *task, isc_event_t *event) {
	isc_socketevent_t *sevent = (isc_socketevent_t *)event;

	REQUIRE(sevent != NULL);
93
	REQUIRE(sevent->ev_type == ISC_SOCKEVENT_SENDDONE);
94
95
96
97
98
99
100
101
102
103
104
105
106
107
	REQUIRE(task == task1);

	printf("senddone\n");

	isc_event_free(&event);
}

static void
recvdone(isc_task_t *task, isc_event_t *event) {
	isc_socketevent_t *sevent = (isc_socketevent_t *)event;
	isc_buffer_t source;
	isc_result_t result;

	REQUIRE(sevent != NULL);
108
	REQUIRE(sevent->ev_type == ISC_SOCKEVENT_RECVDONE);
109
110
111
112
113
114
115
116
	REQUIRE(task == task1);

	printf("recvdone\n");
	if (sevent->result != ISC_R_SUCCESS) {
		printf("failed\n");
		exit(-1);
	}

117
	isc_buffer_init(&source, sevent->region.base, sevent->region.length);
118
119
	isc_buffer_add(&source, sevent->n);

120
121
	isc_event_free(&event);

122
123
124
	response = NULL;
	result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &response);
	CHECK("dns_message_create", result);
125
	result = dns_message_parse(response, &source, 0);
126
127
	CHECK("dns_message_parse", result);

128
129
130
131
132
133
134
	isc_buffer_init(&outbuf, output, sizeof(output));
	result = dns_message_totext(response, 0, &outbuf);
	CHECK("dns_message_totext", result);
	printf("%.*s\n", (int)isc_buffer_usedlength(&outbuf),
	       (char *)isc_buffer_base(&outbuf));


135
	tsigkey = NULL;
Brian Wellington's avatar
Brian Wellington committed
136
137
	result = dns_tkey_processdhresponse(query, response, ourkey, nonce,
					    &tsigkey, ring);
138
139
140
	CHECK("dns_tkey_processdhresponse", result);
	printf("response ok\n");

141
142
143
144
145
	isc_buffer_free(&nonce);

	dns_message_destroy(&query);
	dns_message_destroy(&response);

146
147
148
149
150
151
152
153
	buildquery2();
}

static void
senddone2(isc_task_t *task, isc_event_t *event) {
	isc_socketevent_t *sevent = (isc_socketevent_t *)event;

	REQUIRE(sevent != NULL);
154
	REQUIRE(sevent->ev_type == ISC_SOCKEVENT_SENDDONE);
155
	REQUIRE(task == task1);
156
157
158
159
160
161
162
163
164
165
166

	printf("senddone2\n");

	isc_event_free(&event);
}

static void
recvdone2(isc_task_t *task, isc_event_t *event) {
	isc_socketevent_t *sevent = (isc_socketevent_t *)event;
	isc_buffer_t source;
	isc_result_t result;
Brian Wellington's avatar
Brian Wellington committed
167
	isc_buffer_t *tsigbuf = NULL;
168
169

	REQUIRE(sevent != NULL);
170
	REQUIRE(sevent->ev_type == ISC_SOCKEVENT_RECVDONE);
171
	REQUIRE(task == task1);
172
173
174
175
176
177
178

	printf("recvdone2\n");
	if (sevent->result != ISC_R_SUCCESS) {
		printf("failed\n");
		exit(-1);
	}

179
	isc_buffer_init(&source, sevent->region.base, sevent->region.length);
180
181
	isc_buffer_add(&source, sevent->n);

182
183
	isc_event_free(&event);

184
185
	response = NULL;
	result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &response2);
Brian Wellington's avatar
Brian Wellington committed
186
187
188
189
190
	result = dns_message_getquerytsig(query2, mctx, &tsigbuf);
	CHECK("dns_message_getquerytsig", result);
	result = dns_message_setquerytsig(response2, tsigbuf);
	CHECK("dns_message_setquerytsig", result);
	isc_buffer_free(&tsigbuf);
191
	dns_message_settsigkey(response2, tsigkey);
192
	CHECK("dns_message_create", result);
193
	result = dns_message_parse(response2, &source, 0);
194
	CHECK("dns_message_parse", result);
195
196
197
198
199
	isc_buffer_init(&outbuf, output, sizeof(output));
	result = dns_message_totext(response2, 0, &outbuf);
	CHECK("dns_message_totext", result);
	printf("%.*s\n", (int)isc_buffer_usedlength(&outbuf),
	       (char *)isc_buffer_base(&outbuf));
200
201
202
203
204
	result = dns_view_create(mctx, 0, "_test", &view);
	CHECK("dns_view_create", result);
	dns_view_setkeyring(view, ring);
	result = dns_message_checksig(response2, view);
	CHECK("dns_message_checksig", result);
205

Brian Wellington's avatar
Brian Wellington committed
206
	result = dns_tkey_processdeleteresponse(query2, response2, ring);
207
208
	CHECK("dns_tkey_processdeleteresponse", result);
	printf("response ok\n");
209
210
211
212
213

	dns_message_destroy(&query2);
	dns_message_destroy(&response2);

	isc_app_shutdown();
214
215
216
217
218
219
220
}

static void
buildquery(void) {
	isc_buffer_t qbuffer;
	isc_region_t r, inr;
	isc_result_t result;
221
222
223
224
	dns_fixedname_t keyname;
	isc_buffer_t namestr, keybuf, keybufin;
	isc_lex_t *lex = NULL;
	unsigned char keydata[3];
Brian Wellington's avatar
Brian Wellington committed
225
	isc_sockaddr_t sa;
226
227

	dns_fixedname_init(&keyname);
228
	isc_buffer_init(&namestr, "tkeytest.", 9);
229
230
231
232
233
234
235
236
	isc_buffer_add(&namestr, 9);
	result = dns_name_fromtext(dns_fixedname_name(&keyname), &namestr,
				   NULL, ISC_FALSE, NULL);
	CHECK("dns_name_fromtext", result);

	result = isc_lex_create(mctx, 1024, &lex);
	CHECK("isc_lex_create", result);

237
	isc_buffer_init(&keybufin, "1234", 4);
238
239
240
241
	isc_buffer_add(&keybufin, 4);
	result = isc_lex_openbuffer(lex, &keybufin);
	CHECK("isc_lex_openbuffer", result);

242
	isc_buffer_init(&keybuf, keydata, 3);
243
244
245
	result = isc_base64_tobuffer(lex, &keybuf, -1);
	CHECK("isc_base64_tobuffer", result);

246
247
248
	isc_lex_close(lex);
	isc_lex_destroy(&lex);

249
	isc_buffer_usedregion(&keybuf, &r);
250

251
	initialkey = NULL;
252
253
254
	result = dns_tsigkey_create(dns_fixedname_name(&keyname),
				    DNS_TSIG_HMACMD5_NAME,
				    r.base, r.length, ISC_FALSE,
255
				    NULL, 0, 0, mctx, ring, &initialkey);
256
	CHECK("dns_tsigkey_create", result);
257

258
	result = isc_buffer_allocate(mctx, &nonce, 16);
Brian Wellington's avatar
Brian Wellington committed
259
260
	CHECK("isc_buffer_allocate", result);

Brian Wellington's avatar
Brian Wellington committed
261
262
263
264
	result = isc_entropy_getdata(ectx, isc_buffer_base(nonce),
				     isc_buffer_length(nonce), NULL,
				     ISC_ENTROPY_BLOCKING);
	CHECK("isc_entropy_getdata", result);
265

266
267
268
269
	query = NULL;
	result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &query);
	CHECK("dns_message_create", result);

270
	dns_message_settsigkey(query, initialkey);
271

272
	result = dns_tkey_builddhquery(query, ourkey, dns_rootname,
273
				       DNS_TSIG_HMACMD5_NAME, nonce, 3600);
274
275
	CHECK("dns_tkey_builddhquery", result);

276
	isc_buffer_init(&qbuffer, qdata1, sizeof(qdata1));
277
278
279

	result = dns_message_renderbegin(query, &qbuffer);
	CHECK("dns_message_renderbegin", result);
Michael Graff's avatar
Michael Graff committed
280
	result = dns_message_rendersection(query, DNS_SECTION_QUESTION, 0);
281
	CHECK("dns_message_rendersection(question)", result);
Michael Graff's avatar
Michael Graff committed
282
	result = dns_message_rendersection(query, DNS_SECTION_ANSWER, 0);
283
	CHECK("dns_message_rendersection(answer)", result);
Michael Graff's avatar
Michael Graff committed
284
	result = dns_message_rendersection(query, DNS_SECTION_AUTHORITY, 0);
285
	CHECK("dns_message_rendersection(auth)", result);
Michael Graff's avatar
Michael Graff committed
286
	result = dns_message_rendersection(query, DNS_SECTION_ADDITIONAL, 0);
287
288
289
290
	CHECK("dns_message_rendersection(add)", result);
	result = dns_message_renderend(query);
	CHECK("dns_message_renderend", result);

291
292
293
294
295
296
	isc_buffer_init(&outbuf, output, sizeof(output));
	result = dns_message_totext(query, 0, &outbuf);
	CHECK("dns_message_totext", result);
	printf("%.*s\n", (int)isc_buffer_usedlength(&outbuf),
	       (char *)isc_buffer_base(&outbuf));

297
	isc_buffer_usedregion(&qbuffer, &r);
Brian Wellington's avatar
Brian Wellington committed
298
299
300
	isc_sockaddr_any(&sa);
	result = isc_socket_bind(s, &sa);
	CHECK("isc_socket_bind", result);
Michael Graff's avatar
Michael Graff committed
301
302
	result = isc_socket_sendto(s, &r, task1, senddone, NULL, &address,
				   NULL);
303
	CHECK("isc_socket_sendto", result);
304
305
	inr.base = rdata1;
	inr.length = sizeof(rdata1);
306
307
308
309
310
311
312
313
314
315
316
317
318
	result = isc_socket_recv(s, &inr, 1, task1, recvdone, NULL);
	CHECK("isc_socket_recv", result);
}

static void
buildquery2(void) {
	isc_buffer_t qbuffer;
	isc_region_t r, inr;
	isc_result_t result;

	query2 = NULL;
	result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &query2);
	CHECK("dns_message_create", result);
319
	dns_message_settsigkey(query2, tsigkey);
320
321
322
323

	result = dns_tkey_builddeletequery(query2, tsigkey);
	CHECK("dns_tkey_builddeletequery", result);

324
	isc_buffer_init(&qbuffer, qdata2, sizeof(qdata2));
325
326
327

	result = dns_message_renderbegin(query2, &qbuffer);
	CHECK("dns_message_renderbegin", result);
Michael Graff's avatar
Michael Graff committed
328
	result = dns_message_rendersection(query2, DNS_SECTION_QUESTION, 0);
329
	CHECK("dns_message_rendersection(question)", result);
Michael Graff's avatar
Michael Graff committed
330
	result = dns_message_rendersection(query2, DNS_SECTION_ANSWER, 0);
331
	CHECK("dns_message_rendersection(answer)", result);
Michael Graff's avatar
Michael Graff committed
332
	result = dns_message_rendersection(query2, DNS_SECTION_AUTHORITY, 0);
333
	CHECK("dns_message_rendersection(auth)", result);
Michael Graff's avatar
Michael Graff committed
334
	result = dns_message_rendersection(query2, DNS_SECTION_ADDITIONAL, 0);
335
336
337
338
	CHECK("dns_message_rendersection(add)", result);
	result = dns_message_renderend(query2);
	CHECK("dns_message_renderend", result);

339
340
341
342
343
344
	isc_buffer_init(&outbuf, output, sizeof(output));
	result = dns_message_totext(query2, 0, &outbuf);
	CHECK("dns_message_totext", result);
	printf("%.*s\n", (int)isc_buffer_usedlength(&outbuf),
	       (char *)isc_buffer_base(&outbuf));

345
	isc_buffer_usedregion(&qbuffer, &r);
346
	result = isc_socket_sendto(s, &r, task1, senddone2, NULL, &address,
Michael Graff's avatar
Michael Graff committed
347
				   NULL);
348
	CHECK("isc_socket_sendto", result);
349
350
	inr.base = rdata2;
	inr.length = sizeof(rdata2);
351
	result = isc_socket_recv(s, &inr, 1, task1, recvdone2, NULL);
352
353
354
355
356
357
358
359
360
361
362
	CHECK("isc_socket_recv", result);
}

int
main(int argc, char *argv[]) {
	isc_boolean_t verbose = ISC_FALSE;
	unsigned int workers = 2;
	isc_timermgr_t *timermgr;
	int ch;
	isc_socketmgr_t *socketmgr;
	struct in_addr inaddr;
363
364
365
	dns_fixedname_t fname;
	dns_name_t *name;
	isc_buffer_t b;
366
367
368
369
370
371
372
373
374
	isc_result_t result;

	RUNTIME_CHECK(isc_app_start() == ISC_R_SUCCESS);

	RUNTIME_CHECK(isc_mutex_init(&lock) == ISC_R_SUCCESS);

	mctx = NULL;
	RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS);

Brian Wellington's avatar
Brian Wellington committed
375
376
377
	ectx = NULL;
	RUNTIME_CHECK(isc_entropy_create(mctx, &ectx) == ISC_R_SUCCESS);

378
379
#ifdef PATH_RANDOMDEV
	result = isc_entropy_createfilesource(ectx, PATH_RANDOMDEV);
380
381
382
#else
	result = ISC_R_NOTFOUND;
#endif
383
	if (result != ISC_R_SUCCESS) {
Brian Wellington's avatar
Brian Wellington committed
384
		fprintf(stderr,
385
			"%s only runs when a random device is available.\n",
Brian Wellington's avatar
Brian Wellington committed
386
387
388
389
			argv[0]);
		exit(-1);
	}

390
	while ((ch = isc_commandline_parse(argc, argv, "vp:w:")) != -1) {
391
392
393
394
395
396
397
		switch (ch) {
		case 'v':
			verbose = ISC_TRUE;
			break;
		case 'w':
			workers = (unsigned int)atoi(isc_commandline_argument);
			break;
398
399
400
		case 'p':
			port = (unsigned int)atoi(isc_commandline_argument);
			break;
401
402
403
404
405
406
407
408
409
410
		}
	}

	if (verbose) {
		printf("%u workers\n", workers);
		printf("IPv4: %s\n", isc_result_totext(isc_net_probeipv4()));
		printf("IPv6: %s\n", isc_result_totext(isc_net_probeipv6()));
	}

	dns_result_register();
Brian Wellington's avatar
Brian Wellington committed
411
412
413
414

	RUNTIME_CHECK(dst_lib_init(mctx, ectx,
				   ISC_ENTROPY_BLOCKING|ISC_ENTROPY_GOODONLY)
		      == ISC_R_SUCCESS);
415
416
417
418
419

	taskmgr = NULL;
	RUNTIME_CHECK(isc_taskmgr_create(mctx, workers, 0, &taskmgr) ==
		      ISC_R_SUCCESS);
	task1 = NULL;
Bob Halley's avatar
Bob Halley committed
420
	RUNTIME_CHECK(isc_task_create(taskmgr, 0, &task1) ==
421
422
423
424
425
426
		      ISC_R_SUCCESS);
	timermgr = NULL;
	RUNTIME_CHECK(isc_timermgr_create(mctx, &timermgr) == ISC_R_SUCCESS);
	socketmgr = NULL;
	RUNTIME_CHECK(isc_socketmgr_create(mctx, &socketmgr) == ISC_R_SUCCESS);

427
	RUNTIME_CHECK(isc_log_create(mctx, &log, &logconfig) == ISC_R_SUCCESS);
Brian Wellington's avatar
Brian Wellington committed
428
	ring = NULL;
429
	RUNTIME_CHECK(dns_tsigkeyring_create(mctx, &ring) == ISC_R_SUCCESS);
Brian Wellington's avatar
Brian Wellington committed
430
	RUNTIME_CHECK(dns_tkeyctx_create(mctx, ectx, &tctx) == ISC_R_SUCCESS);
431
432
433
434
435
436
437
438
439
440
441
442
443

	argc -= isc_commandline_index;
	argv += isc_commandline_index;

	if (argc != 0)
		printf("ignoring trailing arguments\n");

	s = NULL;
	RUNTIME_CHECK(isc_socket_create(socketmgr, PF_INET,
					isc_sockettype_udp, &s) ==
		      ISC_R_SUCCESS);

	inaddr.s_addr = htonl(INADDR_LOOPBACK);
444
	isc_sockaddr_fromin(&address, &inaddr, port);
445

446
447
448
449
450
451
452
	dns_fixedname_init(&fname);
	name = dns_fixedname_name(&fname);
	isc_buffer_init(&b, "client.", strlen("client."));
	isc_buffer_add(&b, strlen("client."));
	result = dns_name_fromtext(name, &b, dns_rootname, ISC_FALSE, NULL);
	CHECK("dns_name_fromtext", result);

453
	ourkey = NULL;
454
	result = dst_key_fromfile(name, 2982, DNS_KEYALG_DH,
455
				  DST_TYPE_PRIVATE, NULL, mctx, &ourkey);
456
457
	CHECK("dst_key_fromfile", result);

458

459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
	buildquery();

	(void)isc_app_run();

	/*
	 * XXXRTH if we get a control-C before we get to isc_app_run(),
	 * we're in trouble (because we might try to destroy things before
	 * they've been created.
	 */

	isc_task_shutdown(task1);
	isc_task_detach(&task1);
	isc_taskmgr_destroy(&taskmgr);

	isc_socket_detach(&s);
	isc_socketmgr_destroy(&socketmgr);
	isc_timermgr_destroy(&timermgr);

477
478
	dst_key_free(&ourkey);

479
480
481
	dns_tsigkey_detach(&initialkey);
	dns_tsigkey_detach(&tsigkey);

482
	dns_tkeyctx_destroy(&tctx);
483
484
485
486
487

	dns_view_detach(&view);

	isc_log_destroy(&log);

Brian Wellington's avatar
Brian Wellington committed
488
489
490
	dst_lib_destroy();
	isc_entropy_detach(&ectx);

491
492
493
494
	if (verbose)
		isc_mem_stats(mctx, stdout);
	isc_mem_destroy(&mctx);

Brian Wellington's avatar
Brian Wellington committed
495
	DESTROYLOCK(&lock);
496
497
498
499
500

	isc_app_finish();

	return (0);
}