Commit 24694ab1 authored by Brian Wellington's avatar Brian Wellington

new fields needed for TCP-TSIG

parent b19b0cdd
...@@ -157,6 +157,7 @@ struct dns_message { ...@@ -157,6 +157,7 @@ struct dns_message {
unsigned int need_cctx_cleanup : 1; unsigned int need_cctx_cleanup : 1;
unsigned int header_ok : 1; unsigned int header_ok : 1;
unsigned int question_ok : 1; unsigned int question_ok : 1;
unsigned int tcp_continuation: 1;
unsigned int reserved; /* reserved space (render) */ unsigned int reserved; /* reserved space (render) */
...@@ -181,6 +182,7 @@ struct dns_message { ...@@ -181,6 +182,7 @@ struct dns_message {
dns_rdata_any_tsig_t *tsig; dns_rdata_any_tsig_t *tsig;
dns_rdata_any_tsig_t *querytsig; dns_rdata_any_tsig_t *querytsig;
dns_tsig_key_t *tsigkey; dns_tsig_key_t *tsigkey;
void *tsigctx;
int tsigstart; int tsigstart;
}; };
......
...@@ -322,6 +322,7 @@ msginittsig(dns_message_t *m) ...@@ -322,6 +322,7 @@ msginittsig(dns_message_t *m)
m->tsigstatus = m->querytsigstatus = dns_rcode_noerror; m->tsigstatus = m->querytsigstatus = dns_rcode_noerror;
m->tsig = m->querytsig = NULL; m->tsig = m->querytsig = NULL;
m->tsigkey = NULL; m->tsigkey = NULL;
m->tsigctx = NULL;
m->tsigstart = -1; m->tsigstart = -1;
} }
...@@ -337,6 +338,7 @@ msginit(dns_message_t *m) ...@@ -337,6 +338,7 @@ msginit(dns_message_t *m)
msginittsig(m); msginittsig(m);
m->header_ok = 0; m->header_ok = 0;
m->question_ok = 0; m->question_ok = 0;
m->tcp_continuation = 0;
} }
static inline void static inline void
...@@ -1219,8 +1221,13 @@ dns_message_parse(dns_message_t *msg, isc_buffer_t *source, ...@@ -1219,8 +1221,13 @@ dns_message_parse(dns_message_t *msg, isc_buffer_t *source,
if (r.length != 0) if (r.length != 0)
return (DNS_R_FORMERR); return (DNS_R_FORMERR);
if (!ISC_LIST_EMPTY(msg->sections[DNS_SECTION_TSIG])) { if (msg->tsigkey != NULL ||
ret = dns_tsig_verify(source, msg); !ISC_LIST_EMPTY(msg->sections[DNS_SECTION_TSIG]))
{
if (!msg->tcp_continuation)
ret = dns_tsig_verify(source, msg);
else
ret = dns_tsig_verify_tcp(source, msg);
if (ret != DNS_R_SUCCESS) if (ret != DNS_R_SUCCESS)
return ret; return ret;
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment