Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
ISC Open Source Projects
BIND
Commits
3dfc806d
Commit
3dfc806d
authored
Aug 03, 2001
by
Brian Wellington
Browse files
fix key algorithm checks
parent
f8c304e5
Changes
4
Hide whitespace changes
Inline
Side-by-side
bin/named/config.c
View file @
3dfc806d
...
...
@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: config.c,v 1.
9
2001/0
6
/0
4 21:51:23
bwelling Exp $ */
/* $Id: config.c,v 1.
10
2001/0
8
/0
3 18:12:04
bwelling Exp $ */
#include
<config.h>
...
...
@@ -35,6 +35,7 @@
#include
<dns/fixedname.h>
#include
<dns/name.h>
#include
<dns/rdataclass.h>
#include
<dns/tsig.h>
#include
<dns/zone.h>
#include
<named/config.h>
...
...
@@ -435,3 +436,17 @@ ns_config_getport(cfg_obj_t *config, in_port_t *portp) {
*
portp
=
(
in_port_t
)
cfg_obj_asuint32
(
portobj
);
return
(
ISC_R_SUCCESS
);
}
isc_result_t
ns_config_getkeyalgorithm
(
const
char
*
str
,
dns_name_t
**
name
)
{
if
(
strcasecmp
(
str
,
"hmac-md5"
)
==
0
||
strcasecmp
(
str
,
"hmac-md5.sig-alg.reg.int"
)
==
0
||
strcasecmp
(
str
,
"hmac-md5.sig-alg.reg.int."
)
==
0
)
{
if
(
name
!=
NULL
)
*
name
=
dns_tsig_hmacmd5_name
;
return
(
ISC_R_SUCCESS
);
}
return
(
ISC_R_NOTFOUND
);
}
bin/named/controlconf.c
View file @
3dfc806d
...
...
@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: controlconf.c,v 1.2
0
2001/08/03 18:
03:02 gson
Exp $ */
/* $Id: controlconf.c,v 1.2
1
2001/08/03 18:
12:05 bwelling
Exp $ */
#include
<config.h>
...
...
@@ -51,6 +51,7 @@
#include
<dst/dst.h>
#include
<named/config.h>
#include
<named/control.h>
#include
<named/log.h>
#include
<named/server.h>
...
...
@@ -672,7 +673,9 @@ register_keys(cfg_obj_t *control, cfg_obj_t *keylist,
algstr
=
cfg_obj_asstring
(
algobj
);
secretstr
=
cfg_obj_asstring
(
secretobj
);
if
(
strcasecmp
(
algstr
,
"hmac-md5"
)
!=
0
)
{
if
(
ns_config_getkeyalgorithm
(
algstr
,
NULL
)
!=
ISC_R_SUCCESS
)
{
cfg_obj_log
(
control
,
ns_g_lctx
,
ISC_LOG_WARNING
,
"unsupported algorithm '%s' in "
...
...
@@ -760,7 +763,7 @@ get_rndckey(isc_mem_t *mctx, controlkeylist_t *keyids) {
algstr
=
cfg_obj_asstring
(
algobj
);
secretstr
=
cfg_obj_asstring
(
secretobj
);
if
(
strcasecmp
(
algstr
,
"hmac-md5"
)
!=
0
)
{
if
(
ns_config_getkeyalgorithm
(
algstr
,
NULL
)
!=
ISC_R_SUCCESS
)
{
cfg_obj_log
(
key
,
ns_g_lctx
,
ISC_LOG_WARNING
,
"unsupported algorithm '%s' in "
...
...
bin/named/include/named/config.h
View file @
3dfc806d
...
...
@@ -15,9 +15,9 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: config.h,v 1.
1
2001/0
3
/0
4 21:21:32
bwelling Exp $ */
/* $Id: config.h,v 1.
2
2001/0
8
/0
3 18:12:08
bwelling Exp $ */
/* $Id: config.h,v 1.
1
2001/0
3
/0
4 21:21:32
bwelling Exp $ */
/* $Id: config.h,v 1.
2
2001/0
8
/0
3 18:12:08
bwelling Exp $ */
#ifndef NAMED_CONFIG_H
#define NAMED_CONFIG_H 1
...
...
@@ -63,4 +63,7 @@ ns_config_putipandkeylist(isc_mem_t *mctx, isc_sockaddr_t **addrsp,
isc_result_t
ns_config_getport
(
cfg_obj_t
*
config
,
in_port_t
*
portp
);
isc_result_t
ns_config_getkeyalgorithm
(
const
char
*
str
,
dns_name_t
**
name
);
#endif
/* NAMED_CONFIG_H */
bin/named/tsigconf.c
View file @
3dfc806d
...
...
@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: tsigconf.c,v 1.
19
2001/0
7/26 20:54:34
bwelling Exp $ */
/* $Id: tsigconf.c,v 1.
20
2001/0
8/03 18:12:06
bwelling Exp $ */
#include
<config.h>
...
...
@@ -83,11 +83,7 @@ add_initial_keys(cfg_obj_t *list, dns_tsig_keyring_t *ring, isc_mem_t *mctx) {
* Create the algorithm.
*/
algstr
=
cfg_obj_asstring
(
algobj
);
if
(
strcasecmp
(
algstr
,
"hmac-md5"
)
==
0
||
strcasecmp
(
algstr
,
"hmac-md5.sig-alg.reg.int"
)
||
strcasecmp
(
algstr
,
"hmac-md5.sig-alg.reg.int."
))
alg
=
dns_tsig_hmacmd5_name
;
else
{
if
(
ns_config_getkeyalgorithm
(
algstr
,
&
alg
)
!=
ISC_R_SUCCESS
)
{
cfg_obj_log
(
algobj
,
ns_g_lctx
,
ISC_LOG_ERROR
,
"key '%s': the only supported algorithm "
"is hmac-md5"
,
keyid
);
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment