Commit 949d406b authored by Brian Wellington's avatar Brian Wellington
Browse files

reference counting on TSIG keys. Necessary for TKEY delete

parent 746e7fb3
......@@ -42,7 +42,9 @@ struct dns_tsigkey {
dst_key_t *key; /* Key */
dns_name_t name; /* Key name */
dns_name_t algorithm; /* Algorithm name */
isc_uint32_t refs; /* reference counter */
isc_boolean_t transient; /* dynamically created? */
isc_boolean_t deleted; /* has this been deleted? */
ISC_LINK(dns_tsigkey_t) link;
};
......@@ -79,6 +81,15 @@ dns_tsigkey_free(dns_tsigkey_t **key);
* 'key' is a valid TSIG key
*/
void
dns_tsigkey_setdeleted(dns_tsigkey_t *key);
/*
* Marks this key as deleted. It will be deleted when no references exist.
*
* Requires:
* 'key' is a valid TSIG key
*/
isc_result_t
dns_tsig_sign(dns_message_t *msg);
/*
......@@ -141,7 +152,8 @@ isc_result_t
dns_tsigkey_find(dns_tsigkey_t **tsigkey, dns_name_t *name,
dns_name_t *algorithm);
/*
* Returns the TSIG key corresponding to this name and algorithm
* Returns the TSIG key corresponding to this name and algorithm and
* increments the keys reference counter.
*
* Requires:
* 'tsigkey' is not NULL
......
......@@ -434,7 +434,7 @@ msgreset(dns_message_t *msg, isc_boolean_t everything)
sizeof(dns_rdata_any_tsig_t));
}
if (msg->tsigkey != NULL && dns_tsigkey_empty(msg->tsigkey))
if (msg->tsigkey != NULL)
dns_tsigkey_free(&msg->tsigkey);
/*
......
......@@ -16,7 +16,7 @@
*/
/*
* $Id: tsig.c,v 1.16 1999/10/08 18:36:51 bwelling Exp $
* $Id: tsig.c,v 1.17 1999/10/08 20:14:47 bwelling Exp $
* Principal Author: Brian Wellington
*/
......@@ -125,7 +125,9 @@ dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm,
else
tkey->key = NULL;
tkey->refs = 0;
tkey->transient = transient;
tkey->deleted = ISC_FALSE;
tkey->mctx = mctx;
tkey->magic = TSIG_MAGIC;
return (ISC_R_SUCCESS);
......@@ -140,7 +142,6 @@ cleanup_key:
return (ret);
}
/* Caller must be sure that this key is not in use. */
void
dns_tsigkey_free(dns_tsigkey_t **key) {
dns_tsigkey_t *tkey;
......@@ -148,7 +149,11 @@ dns_tsigkey_free(dns_tsigkey_t **key) {
REQUIRE(key != NULL);
REQUIRE(VALID_TSIG_KEY(*key));
tkey = *key;
*key = NULL;
tkey->refs--;
if (tkey->refs > 0 || !tkey->deleted)
return;
tkey->magic = 0;
if (tkey->key != NULL) {
isc_rwlock_lock(&tsiglock, isc_rwlocktype_write);
......@@ -162,6 +167,12 @@ dns_tsigkey_free(dns_tsigkey_t **key) {
isc_mem_put(tkey->mctx, tkey, sizeof(dns_tsigkey_t));
}
void
dns_tsigkey_setdeleted(dns_tsigkey_t *key) {
INSIST(VALID_TSIG_KEY(key));
key->deleted = ISC_TRUE;
}
isc_result_t
dns_tsig_sign(dns_message_t *msg) {
dns_tsigkey_t *key;
......@@ -846,6 +857,7 @@ dns_tsigkey_find(dns_tsigkey_t **tsigkey, dns_name_t *name,
dns_tsigkey_t *key;
REQUIRE(tsigkey != NULL);
REQUIRE(*tsigkey == NULL);
REQUIRE(name != NULL);
REQUIRE(algorithm != NULL);
......@@ -853,11 +865,13 @@ dns_tsigkey_find(dns_tsigkey_t **tsigkey, dns_name_t *name,
key = ISC_LIST_HEAD(tsigkeys);
while (key != NULL) {
if (dns_name_equal(&key->name, name) &&
dns_name_equal(&key->algorithm, algorithm))
dns_name_equal(&key->algorithm, algorithm) &&
!key->deleted)
{
key->refs++;
*tsigkey = key;
isc_rwlock_unlock(&tsiglock, isc_rwlocktype_read);
return (ISC_R_SUCCESS);
return (ISC_R_SUCCESS);
}
key = ISC_LIST_NEXT(key, link);
}
......@@ -911,6 +925,8 @@ void
dns_tsig_destroy() {
while (!ISC_LIST_EMPTY(tsigkeys)) {
dns_tsigkey_t *key = ISC_LIST_HEAD(tsigkeys);
key->refs = 0;
key->deleted = ISC_TRUE;
dns_tsigkey_free(&key);
}
dns_name_free(dns_tsig_hmacmd5_name, tsig_mctx);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment