Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
BIND
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
600
Issues
600
List
Boards
Labels
Service Desk
Milestones
Merge Requests
111
Merge Requests
111
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Packages & Registries
Packages & Registries
Container Registry
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
ISC Open Source Projects
BIND
Commits
e5c75445
Commit
e5c75445
authored
Oct 27, 1999
by
Brian Wellington
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
dns_message_signer
parent
2bcb48cf
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
50 additions
and
0 deletions
+50
-0
lib/dns/include/dns/message.h
lib/dns/include/dns/message.h
+31
-0
lib/dns/message.c
lib/dns/message.c
+19
-0
No files found.
lib/dns/include/dns/message.h
View file @
e5c75445
...
...
@@ -835,6 +835,37 @@ dns_message_takebuffer(dns_message_t *msg, isc_buffer_t **buffer);
* dynamincally allocated via isc_buffer_allocate().
*/
isc_result_t
dns_message_signer
(
dns_message_t
*
msg
,
dns_name_t
**
signer
);
/*
* If this response message was signed and the signature has been validated,
* return the identity of the signer.
*
* Requires:
*
* msg be a valid response message.
* signer != NULL && *signer is NULL
*
* Returns:
*
* ISC_R_SUCCESS - the message was signed, and *signer
* contains the signing identity
*
* ISC_R_NOTFOUND - no TSIG record or key is present in the
* message
*
* DNS_R_KEYUNAUTHORIZED - the message was signed and verified, but
* the key has no identity since it was
* generated by an unsigned TKEY process
* (new error code?)
*
* DNS_R_TSIGVERIFYFAILURE - the message was signed, but the signature
* failed to verify
*
* DNS_R_TSIGERRORSET - the message was signed and verified, but
* the query was rejected by the server
*/
ISC_LANG_ENDDECLS
#endif
/* DNS_DNS_H */
lib/dns/message.c
View file @
e5c75445
...
...
@@ -1904,3 +1904,22 @@ dns_message_takebuffer(dns_message_t *msg, isc_buffer_t **buffer)
ISC_LIST_APPEND
(
msg
->
cleanup
,
*
buffer
,
link
);
*
buffer
=
NULL
;
}
isc_result_t
dns_message_signer
(
dns_message_t
*
msg
,
dns_name_t
**
signer
)
{
REQUIRE
(
DNS_MESSAGE_VALID
(
msg
));
REQUIRE
(
signer
!=
NULL
);
REQUIRE
(
*
signer
==
NULL
);
REQUIRE
(
msg
->
flags
&
DNS_MESSAGEFLAG_QR
);
if
(
msg
->
tsigkey
==
NULL
||
msg
->
tsig
==
NULL
)
return
(
ISC_R_NOTFOUND
);
if
(
msg
->
tsigkey
->
generated
)
return
(
DNS_R_KEYUNAUTHORIZED
);
if
(
msg
->
tsigstatus
!=
dns_rcode_noerror
)
return
(
DNS_R_TSIGVERIFYFAILURE
);
if
(
msg
->
tsig
->
error
!=
dns_rcode_noerror
)
return
(
DNS_R_TSIGERRORSET
);
*
signer
=
&
msg
->
tsigkey
->
name
;
return
(
ISC_R_SUCCESS
);
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment