Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
7
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Open sidebar
ISC Open Source Projects
BIND
Commits
e5c75445
Commit
e5c75445
authored
Oct 27, 1999
by
Brian Wellington
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
dns_message_signer
parent
2bcb48cf
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
50 additions
and
0 deletions
+50
-0
lib/dns/include/dns/message.h
lib/dns/include/dns/message.h
+31
-0
lib/dns/message.c
lib/dns/message.c
+19
-0
No files found.
lib/dns/include/dns/message.h
View file @
e5c75445
...
...
@@ -835,6 +835,37 @@ dns_message_takebuffer(dns_message_t *msg, isc_buffer_t **buffer);
* dynamincally allocated via isc_buffer_allocate().
*/
isc_result_t
dns_message_signer
(
dns_message_t
*
msg
,
dns_name_t
**
signer
);
/*
* If this response message was signed and the signature has been validated,
* return the identity of the signer.
*
* Requires:
*
* msg be a valid response message.
* signer != NULL && *signer is NULL
*
* Returns:
*
* ISC_R_SUCCESS - the message was signed, and *signer
* contains the signing identity
*
* ISC_R_NOTFOUND - no TSIG record or key is present in the
* message
*
* DNS_R_KEYUNAUTHORIZED - the message was signed and verified, but
* the key has no identity since it was
* generated by an unsigned TKEY process
* (new error code?)
*
* DNS_R_TSIGVERIFYFAILURE - the message was signed, but the signature
* failed to verify
*
* DNS_R_TSIGERRORSET - the message was signed and verified, but
* the query was rejected by the server
*/
ISC_LANG_ENDDECLS
#endif
/* DNS_DNS_H */
lib/dns/message.c
View file @
e5c75445
...
...
@@ -1904,3 +1904,22 @@ dns_message_takebuffer(dns_message_t *msg, isc_buffer_t **buffer)
ISC_LIST_APPEND
(
msg
->
cleanup
,
*
buffer
,
link
);
*
buffer
=
NULL
;
}
isc_result_t
dns_message_signer
(
dns_message_t
*
msg
,
dns_name_t
**
signer
)
{
REQUIRE
(
DNS_MESSAGE_VALID
(
msg
));
REQUIRE
(
signer
!=
NULL
);
REQUIRE
(
*
signer
==
NULL
);
REQUIRE
(
msg
->
flags
&
DNS_MESSAGEFLAG_QR
);
if
(
msg
->
tsigkey
==
NULL
||
msg
->
tsig
==
NULL
)
return
(
ISC_R_NOTFOUND
);
if
(
msg
->
tsigkey
->
generated
)
return
(
DNS_R_KEYUNAUTHORIZED
);
if
(
msg
->
tsigstatus
!=
dns_rcode_noerror
)
return
(
DNS_R_TSIGVERIFYFAILURE
);
if
(
msg
->
tsig
->
error
!=
dns_rcode_noerror
)
return
(
DNS_R_TSIGERRORSET
);
*
signer
=
&
msg
->
tsigkey
->
name
;
return
(
ISC_R_SUCCESS
);
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment