Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
ISC Open Source Projects
BIND
Commits
e1368a77
Commit
e1368a77
authored
Aug 17, 2000
by
Andreas Gustafsson
Browse files
397. [func] Added utility functions dns_view_gettsig() and
dns_view_getpeertsig().
parent
90c91752
Changes
5
Hide whitespace changes
Inline
Side-by-side
CHANGES
View file @
e1368a77
397. [func] Added utility functions dns_view_gettsig() and
dns_view_getpeertsig().
396. [doc] There is now a man page for "nsupdate"
in doc/man/bin/nsupdate.8.
...
...
lib/dns/include/dns/view.h
View file @
e1368a77
...
...
@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: view.h,v 1.4
7
2000/08/
01 01:24:55 tale
Exp $ */
/* $Id: view.h,v 1.4
8
2000/08/
17 00:18:12 gson
Exp $ */
#ifndef DNS_VIEW_H
#define DNS_VIEW_H 1
...
...
@@ -532,6 +532,38 @@ dns_view_load(dns_view_t *view, isc_boolean_t stop);
* 'view' is a valid.
*/
isc_result_t
dns_view_gettsig
(
dns_view_t
*
view
,
dns_name_t
*
keyname
,
dns_tsigkey_t
**
keyp
);
/*
* Find the TSIG key configured in 'view' with name 'keyname',
* if any.
*
* Reqires:
* keyp points to a NULL dns_tsigkey_t *.
*
* Returns:
* ISC_R_SUCCESS A key was found and '*keyp' now points to it.
* ISC_R_NOTFOUND No key was found.
* others An error occurred.
*/
isc_result_t
dns_view_getpeertsig
(
dns_view_t
*
view
,
isc_netaddr_t
*
peeraddr
,
dns_tsigkey_t
**
keyp
);
/*
* Find the TSIG key configured in 'view' for the server whose
* address is 'peeraddr', if any.
*
* Reqires:
* keyp points to a NULL dns_tsigkey_t *.
*
* Returns:
* ISC_R_SUCCESS A key was found and '*keyp' now points to it.
* ISC_R_NOTFOUND No key was found.
* others An error occurred.
*/
isc_result_t
dns_view_checksig
(
dns_view_t
*
view
,
isc_buffer_t
*
source
,
dns_message_t
*
msg
);
/*
...
...
lib/dns/resolver.c
View file @
e1368a77
...
...
@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: resolver.c,v 1.16
4
2000/08/1
5
00:
21:03 bwelling
Exp $ */
/* $Id: resolver.c,v 1.16
5
2000/08/1
7
00:
18:08 gson
Exp $ */
#include <config.h>
...
...
@@ -806,9 +806,8 @@ resquery_send(resquery_t *query) {
isc_buffer_t
tcpbuffer
;
isc_sockaddr_t
*
address
;
isc_buffer_t
*
buffer
;
dns_peer_t
*
peer
=
NULL
;
dns_name_t
*
keyname
=
NULL
;
isc_netaddr_t
ipaddr
;
dns_tsigkey_t
*
tsigkey
=
NULL
;
fctx
=
query
->
fctx
;
QTRACE
(
"send"
);
...
...
@@ -941,26 +940,13 @@ resquery_send(resquery_t *query) {
* Add TSIG record tailored to the current recipient.
*/
isc_netaddr_fromsockaddr
(
&
ipaddr
,
&
query
->
addrinfo
->
sockaddr
);
result
=
dns_peerlist_peerbyaddr
(
fctx
->
res
->
view
->
peers
,
&
ipaddr
,
&
peer
);
if
(
result
==
ISC_R_SUCCESS
&&
dns_peer_getkey
(
peer
,
&
keyname
)
==
ISC_R_SUCCESS
)
{
dns_tsigkey_t
*
tsigkey
=
NULL
;
result
=
dns_tsigkey_find
(
&
tsigkey
,
keyname
,
NULL
,
fctx
->
res
->
view
->
statickeys
);
if
(
result
==
ISC_R_NOTFOUND
)
result
=
dns_tsigkey_find
(
&
tsigkey
,
keyname
,
NULL
,
fctx
->
res
->
view
->
dynamickeys
);
if
(
result
!=
ISC_R_SUCCESS
&&
result
!=
ISC_R_NOTFOUND
)
goto
cleanup_message
;
result
=
dns_view_getpeertsig
(
fctx
->
res
->
view
,
&
ipaddr
,
&
tsigkey
);
if
(
result
!=
ISC_R_SUCCESS
&&
result
!=
ISC_R_NOTFOUND
)
goto
cleanup_message
;
if
(
tsigkey
!=
NULL
)
{
dns_message_settsigkey
(
fctx
->
qmessage
,
tsigkey
);
dns_tsigkey_detach
(
&
tsigkey
);
}
if
(
tsigkey
!=
NULL
)
{
dns_message_settsigkey
(
fctx
->
qmessage
,
tsigkey
);
dns_tsigkey_detach
(
&
tsigkey
);
}
result
=
dns_message_rendersection
(
fctx
->
qmessage
,
...
...
lib/dns/view.c
View file @
e1368a77
...
...
@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: view.c,v 1.7
4
2000/08/
01 01:23:06 tale
Exp $ */
/* $Id: view.c,v 1.7
5
2000/08/
17 00:18:09 gson
Exp $ */
#include <config.h>
...
...
@@ -982,12 +982,45 @@ dns_view_load(dns_view_t *view, isc_boolean_t stop) {
return
(
dns_zt_load
(
view
->
zonetable
,
stop
));
}
isc_result_t
dns_view_gettsig
(
dns_view_t
*
view
,
dns_name_t
*
keyname
,
dns_tsigkey_t
**
keyp
)
{
isc_result_t
result
;
REQUIRE
(
keyp
!=
NULL
&&
*
keyp
==
NULL
);
result
=
dns_tsigkey_find
(
keyp
,
keyname
,
NULL
,
view
->
statickeys
);
if
(
result
==
ISC_R_NOTFOUND
)
result
=
dns_tsigkey_find
(
keyp
,
keyname
,
NULL
,
view
->
dynamickeys
);
return
(
result
);
}
isc_result_t
dns_view_getpeertsig
(
dns_view_t
*
view
,
isc_netaddr_t
*
peeraddr
,
dns_tsigkey_t
**
keyp
)
{
isc_result_t
result
;
dns_name_t
*
keyname
=
NULL
;
dns_peer_t
*
peer
=
NULL
;
result
=
dns_peerlist_peerbyaddr
(
view
->
peers
,
peeraddr
,
&
peer
);
if
(
result
!=
ISC_R_SUCCESS
)
return
(
result
);
result
=
dns_peer_getkey
(
peer
,
&
keyname
);
if
(
result
!=
ISC_R_SUCCESS
)
return
(
result
);
return
(
dns_view_gettsig
(
view
,
keyname
,
keyp
));
}
isc_result_t
dns_view_checksig
(
dns_view_t
*
view
,
isc_buffer_t
*
source
,
dns_message_t
*
msg
)
{
REQUIRE
(
DNS_VIEW_VALID
(
view
));
REQUIRE
(
source
!=
NULL
);
return
dns_tsig_verify
(
source
,
msg
,
view
->
statickeys
,
view
->
dynamickeys
);
return
(
dns_tsig_verify
(
source
,
msg
,
view
->
statickeys
,
view
->
dynamickeys
)
)
;
}
lib/dns/zone.c
View file @
e1368a77
...
...
@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: zone.c,v 1.18
5
2000/08/1
6
0
2:41:08 tale
Exp $ */
/* $Id: zone.c,v 1.18
6
2000/08/1
7
0
0:18:10 gson
Exp $ */
#include <config.h>
...
...
@@ -1919,8 +1919,6 @@ notify_send_toaddr(isc_task_t *task, isc_event_t *event) {
dns_message_t
*
message
=
NULL
;
dns_zone_t
*
zone
=
NULL
;
isc_netaddr_t
dstip
;
dns_peer_t
*
peer
=
NULL
;
dns_name_t
*
keyname
=
NULL
;
dns_tsigkey_t
*
key
=
NULL
;
notify
=
event
->
ev_arg
;
...
...
@@ -1948,17 +1946,7 @@ notify_send_toaddr(isc_task_t *task, isc_event_t *event) {
goto
cleanup
;
isc_netaddr_fromsockaddr
(
&
dstip
,
&
notify
->
dst
);
result
=
dns_peerlist_peerbyaddr
(
zone
->
view
->
peers
,
&
dstip
,
&
peer
);
if
(
result
==
ISC_R_SUCCESS
&&
dns_peer_getkey
(
peer
,
&
keyname
)
==
ISC_R_SUCCESS
)
{
result
=
dns_tsigkey_find
(
&
key
,
keyname
,
NULL
,
zone
->
view
->
statickeys
);
if
(
result
==
ISC_R_NOTFOUND
)
(
void
)
dns_tsigkey_find
(
&
key
,
keyname
,
NULL
,
zone
->
view
->
dynamickeys
);
}
(
void
)
dns_view_getpeertsig
(
notify
->
zone
->
view
,
&
dstip
,
&
key
);
result
=
dns_request_create
(
notify
->
zone
->
view
->
requestmgr
,
message
,
&
notify
->
dst
,
0
,
key
,
15
,
...
...
@@ -2779,8 +2767,6 @@ soa_query(isc_task_t *task, isc_event_t *event) {
dns_message_t
*
message
=
NULL
;
dns_zone_t
*
zone
=
event
->
ev_arg
;
isc_netaddr_t
masterip
;
dns_peer_t
*
peer
=
NULL
;
dns_name_t
*
keyname
=
NULL
;
dns_tsigkey_t
*
key
=
NULL
;
isc_uint32_t
options
;
...
...
@@ -2813,17 +2799,7 @@ soa_query(isc_task_t *task, isc_event_t *event) {
UNLOCK
(
&
zone
->
lock
);
isc_netaddr_fromsockaddr
(
&
masterip
,
&
zone
->
masteraddr
);
result
=
dns_peerlist_peerbyaddr
(
zone
->
view
->
peers
,
&
masterip
,
&
peer
);
if
(
result
==
ISC_R_SUCCESS
&&
dns_peer_getkey
(
peer
,
&
keyname
)
==
ISC_R_SUCCESS
)
{
result
=
dns_tsigkey_find
(
&
key
,
keyname
,
NULL
,
zone
->
view
->
statickeys
);
if
(
result
==
ISC_R_NOTFOUND
)
(
void
)
dns_tsigkey_find
(
&
key
,
keyname
,
NULL
,
zone
->
view
->
dynamickeys
);
}
(
void
)
dns_view_getpeertsig
(
zone
->
view
,
&
masterip
,
&
key
);
options
=
DNS_ZONE_FLAG
(
zone
,
DNS_ZONEFLG_USEVC
)
?
DNS_REQUESTOPT_TCP
:
0
;
...
...
@@ -2859,8 +2835,6 @@ ns_query(dns_zone_t *zone, dns_rdataset_t *soardataset, dns_stub_t *stub) {
isc_result_t
result
;
dns_message_t
*
message
=
NULL
;
isc_netaddr_t
masterip
;
dns_peer_t
*
peer
=
NULL
;
dns_name_t
*
keyname
=
NULL
;
dns_tsigkey_t
*
key
=
NULL
;
dns_dbnode_t
*
node
=
NULL
;
...
...
@@ -2947,17 +2921,7 @@ ns_query(dns_zone_t *zone, dns_rdataset_t *soardataset, dns_stub_t *stub) {
UNLOCK
(
&
zone
->
lock
);
isc_netaddr_fromsockaddr
(
&
masterip
,
&
zone
->
masteraddr
);
result
=
dns_peerlist_peerbyaddr
(
zone
->
view
->
peers
,
&
masterip
,
&
peer
);
if
(
result
==
ISC_R_SUCCESS
&&
dns_peer_getkey
(
peer
,
&
keyname
)
==
ISC_R_SUCCESS
)
{
result
=
dns_tsigkey_find
(
&
key
,
keyname
,
NULL
,
zone
->
view
->
statickeys
);
if
(
result
==
ISC_R_NOTFOUND
)
(
void
)
dns_tsigkey_find
(
&
key
,
keyname
,
NULL
,
zone
->
view
->
dynamickeys
);
}
(
void
)
dns_view_getpeertsig
(
zone
->
view
,
&
masterip
,
&
key
);
/*
* Always use TCP so that we shouldn't truncate in additional section.
...
...
@@ -3998,7 +3962,6 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) {
dns_rdatatype_t
xfrtype
;
dns_zone_t
*
zone
=
event
->
ev_arg
;
isc_netaddr_t
masterip
;
isc_boolean_t
gotkey
=
ISC_FALSE
;
dns_view_t
*
view
=
NULL
;
UNUSED
(
task
);
...
...
@@ -4049,6 +4012,7 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) {
/*
* Determine if we should attempt to sign the request with TSIG.
*/
result
=
ISC_R_NOTFOUND
;
#ifndef NOMINUM_PUBLIC
/*
* First, look for a tsig key in the master statement, then
...
...
@@ -4058,29 +4022,17 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) {
(
zone
->
masterkeynames
[
zone
->
curmaster
]
!=
NULL
))
{
view
=
dns_zone_getview
(
zone
);
keyname
=
zone
->
masterkeynames
[
zone
->
curmaster
];
gotkey
=
ISC_TRUE
;
result
=
dns_view_gettsig
(
view
,
keyname
,
&
tsigkey
)
;
}
else
#endif
/* NOMINUM_PUBLIC */
if
(
peer
!=
NULL
&&
dns_peer_getkey
(
peer
,
&
keyname
)
==
ISC_R_SUCCESS
)
{
view
=
dns_zone_getview
(
zone
);
gotkey
=
ISC_TRUE
;
}
if
(
tsigkey
==
NULL
)
result
=
dns_view_getpeertsig
(
zone
->
view
,
&
masterip
,
&
tsigkey
);
if
(
gotkey
)
{
result
=
dns_tsigkey_find
(
&
tsigkey
,
keyname
,
NULL
,
view
->
statickeys
);
if
(
result
==
ISC_R_NOTFOUND
)
result
=
dns_tsigkey_find
(
&
tsigkey
,
keyname
,
NULL
,
view
->
dynamickeys
);
if
(
result
!=
ISC_R_SUCCESS
&&
result
!=
ISC_R_NOTFOUND
)
{
zone_log
(
zone
,
me
,
ISC_LOG_ERROR
,
"error getting tsig keys "
"for zone transfer: %s"
,
isc_result_totext
(
result
));
goto
cleanup
;
}
if
(
result
!=
ISC_R_SUCCESS
&&
result
!=
ISC_R_NOTFOUND
)
{
zone_log
(
zone
,
me
,
ISC_LOG_ERROR
,
"error getting tsig key "
"for zone transfer: %s"
,
isc_result_totext
(
result
));
}
result
=
dns_xfrin_create
(
zone
,
xfrtype
,
&
zone
->
masteraddr
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment