<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><meta http-equiv="Content-Type"
content="text/html;charset=iso-8859-1">
<title>ldns documentation</title>
<link href="doxygen.css" rel="stylesheet" type="text/css">
<link href="tabs.css" rel="stylesheet" type="text/css">
</head><body>
<div class="logo">
<img src="LogoInGradientBar2-y100.png"/>
</div>
<!-- Generated by Doxygen 1.7.4 -->
<div id="navrow1" class="tabs">
<ul class="tablist">
<li><a href="index.html"><span>Main Page</span></a></li>
<li><a href="pages.html"><span>Related Pages</span></a></li>
<li><a href="annotated.html"><span>Data Structures</span></a></li>
<li class="current"><a href="files.html"><span>Files</span></a></li>
<li><a href="dirs.html"><span>Directories</span></a></li>
</ul>
</div>
<div id="navrow2" class="tabs2">
<ul class="tablist">
<li><a href="files.html"><span>File List</span></a></li>
<li><a href="globals.html"><span>Globals</span></a></li>
</ul>
</div>
<div class="header">
<div class="headertitle">
<div class="title">tsig.c</div> </div>
</div>
<div class="contents">
<a href="tsig_8c.html">Go to the documentation of this file.</a><div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">/*</span>
<a name="l00002"></a>00002 <span class="comment"> * tsig.c</span>
<a name="l00003"></a>00003 <span class="comment"> *</span>
<a name="l00004"></a>00004 <span class="comment"> * contains the functions needed for TSIG [RFC2845]</span>
<a name="l00005"></a>00005 <span class="comment"> *</span>
<a name="l00006"></a>00006 <span class="comment"> * (c) 2005-2006 NLnet Labs</span>
<a name="l00007"></a>00007 <span class="comment"> * See the file LICENSE for the license</span>
<a name="l00008"></a>00008 <span class="comment"> */</span>
<a name="l00009"></a>00009
<a name="l00010"></a>00010 <span class="preprocessor">#include <<a class="code" href="ldns_2config_8h.html">ldns/config.h</a>></span>
<a name="l00011"></a>00011
<a name="l00012"></a>00012 <span class="preprocessor">#include <<a class="code" href="ldns_8h.html" title="Including this file will include all ldns files, and define some lookup tables.">ldns/ldns.h</a>></span>
<a name="l00013"></a>00013
<a name="l00014"></a>00014 <span class="preprocessor">#include <strings.h></span>
<a name="l00015"></a>00015
<a name="l00016"></a>00016 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00017"></a>00017 <span class="preprocessor"></span><span class="preprocessor">#include <openssl/hmac.h></span>
<a name="l00018"></a>00018 <span class="preprocessor">#include <openssl/md5.h></span>
<a name="l00019"></a>00019 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00020"></a>00020
<a name="l00021"></a>00021 <span class="keywordtype">char</span> *
<a name="l00022"></a><a class="code" href="tsig_8h.html#aca550e17c298427668a50b0389647b59">00022</a> <a class="code" href="tsig_8c.html#a155f3406a1cc1e31fba85dc379cd8dfa">ldns_tsig_algorithm</a>(<a class="code" href="structldns__tsig__credentials__struct.html" title="Contains credentials for TSIG.">ldns_tsig_credentials</a> *tc)
<a name="l00023"></a>00023 {
<a name="l00024"></a>00024 <span class="keywordflow">return</span> tc-><a class="code" href="structldns__tsig__credentials__struct.html#a6bba96e18ba121c59a7302db8eb17fa8">algorithm</a>;
<a name="l00025"></a>00025 }
<a name="l00026"></a>00026
<a name="l00027"></a>00027 <span class="keywordtype">char</span> *
<a name="l00028"></a><a class="code" href="tsig_8h.html#a7ed494b8c90b39c19cb560a30864c31a">00028</a> <a class="code" href="tsig_8c.html#ab71975423ad0fbdc1d78504be9d84a8f">ldns_tsig_keyname</a>(<a class="code" href="structldns__tsig__credentials__struct.html" title="Contains credentials for TSIG.">ldns_tsig_credentials</a> *tc)
<a name="l00029"></a>00029 {
<a name="l00030"></a>00030 <span class="keywordflow">return</span> tc-><a class="code" href="structldns__tsig__credentials__struct.html#a0e95d7d417633ac7b8f4efce53e7782a">keyname</a>;
<a name="l00031"></a>00031 }
<a name="l00032"></a>00032
<a name="l00033"></a>00033 <span class="keywordtype">char</span> *
<a name="l00034"></a><a class="code" href="tsig_8h.html#a86916f3e93c1fe5412877c617354d362">00034</a> <a class="code" href="tsig_8c.html#a9ce66c3ca6941cb8f5f5e692efcc2880">ldns_tsig_keydata</a>(<a class="code" href="structldns__tsig__credentials__struct.html" title="Contains credentials for TSIG.">ldns_tsig_credentials</a> *tc)
<a name="l00035"></a>00035 {
<a name="l00036"></a>00036 <span class="keywordflow">return</span> tc-><a class="code" href="structldns__tsig__credentials__struct.html#a3dbc89c94bf1b42f6bcb639b9a1fd957">keydata</a>;
<a name="l00037"></a>00037 }
<a name="l00038"></a>00038
<a name="l00039"></a>00039 <span class="keywordtype">char</span> *
<a name="l00040"></a><a class="code" href="tsig_8h.html#afedfdf9070ed1be6d805a27c82be05c7">00040</a> <a class="code" href="tsig_8c.html#a9d5e9783ecaea1e123980b60d3d38283">ldns_tsig_keyname_clone</a>(<a class="code" href="structldns__tsig__credentials__struct.html" title="Contains credentials for TSIG.">ldns_tsig_credentials</a> *tc)
<a name="l00041"></a>00041 {
<a name="l00042"></a>00042 <span class="keywordflow">return</span> strdup(tc-><a class="code" href="structldns__tsig__credentials__struct.html#a0e95d7d417633ac7b8f4efce53e7782a">keyname</a>);
<a name="l00043"></a>00043 }
<a name="l00044"></a>00044
<a name="l00045"></a>00045 <span class="keywordtype">char</span> *
<a name="l00046"></a><a class="code" href="tsig_8h.html#a1732cec545178ccc6e42e0183bdeb7c2">00046</a> <a class="code" href="tsig_8c.html#a32ae0d4e9a81afce92b02f221da3230e">ldns_tsig_keydata_clone</a>(<a class="code" href="structldns__tsig__credentials__struct.html" title="Contains credentials for TSIG.">ldns_tsig_credentials</a> *tc)
<a name="l00047"></a>00047 {
<a name="l00048"></a>00048 <span class="keywordflow">return</span> strdup(tc-><a class="code" href="structldns__tsig__credentials__struct.html#a3dbc89c94bf1b42f6bcb639b9a1fd957">keydata</a>);
<a name="l00049"></a>00049 }
<a name="l00050"></a>00050
<a name="l00051"></a>00051 <span class="comment">/*</span>
<a name="l00052"></a>00052 <span class="comment"> * Makes an exact copy of the wire, but with the tsig rr removed</span>
<a name="l00053"></a>00053 <span class="comment"> */</span>
<a name="l00054"></a>00054 uint8_t *
<a name="l00055"></a><a class="code" href="tsig_8c.html#a0218b13e33f1da73b70c22830df937d5">00055</a> <a class="code" href="tsig_8c.html#a0218b13e33f1da73b70c22830df937d5">ldns_tsig_prepare_pkt_wire</a>(uint8_t *wire, <span class="keywordtype">size_t</span> wire_len, <span class="keywordtype">size_t</span> *result_len)
<a name="l00056"></a>00056 {
<a name="l00057"></a>00057 uint8_t *wire2 = NULL;
<a name="l00058"></a>00058 uint16_t qd_count;
<a name="l00059"></a>00059 uint16_t an_count;
<a name="l00060"></a>00060 uint16_t ns_count;
<a name="l00061"></a>00061 uint16_t ar_count;
<a name="l00062"></a>00062 <a class="code" href="structldns__struct__rr.html" title="Resource Record.">ldns_rr</a> *rr;
<a name="l00063"></a>00063
<a name="l00064"></a>00064 <span class="keywordtype">size_t</span> pos;
<a name="l00065"></a>00065 uint16_t i;
<a name="l00066"></a>00066
<a name="l00067"></a>00067 <a class="code" href="error_8h.html#aaa6d98f86f535cf87b83b89e91f488f9">ldns_status</a> status;
<a name="l00068"></a>00068
<a name="l00069"></a>00069 <span class="keywordflow">if</span>(wire_len < <a class="code" href="wire2host_8h.html#a94452854ef88ae92a200a2cdb08fb07f">LDNS_HEADER_SIZE</a>) {
<a name="l00070"></a>00070 <span class="keywordflow">return</span> NULL;
<a name="l00071"></a>00071 }
<a name="l00072"></a>00072 <span class="comment">/* fake parse the wire */</span>
<a name="l00073"></a>00073 qd_count = <a class="code" href="wire2host_8h.html#a8d02271cbd1a6dc33460c9f8560d7167">LDNS_QDCOUNT</a>(wire);
<a name="l00074"></a>00074 an_count = <a class="code" href="wire2host_8h.html#ac2b5f503ea3462fb7a20edf851f46ff0">LDNS_ANCOUNT</a>(wire);
<a name="l00075"></a>00075 ns_count = <a class="code" href="wire2host_8h.html#aa9c3fa931e7b4e8385d3fd1590ccda72">LDNS_NSCOUNT</a>(wire);
<a name="l00076"></a>00076 ar_count = <a class="code" href="wire2host_8h.html#ac5e039a650ff8d74c982a5c00400af67">LDNS_ARCOUNT</a>(wire);
<a name="l00077"></a>00077
<a name="l00078"></a>00078 <span class="keywordflow">if</span> (ar_count > 0) {
<a name="l00079"></a>00079 ar_count--;
<a name="l00080"></a>00080 } <span class="keywordflow">else</span> {
<a name="l00081"></a>00081 <span class="keywordflow">return</span> NULL;
<a name="l00082"></a>00082 }
<a name="l00083"></a>00083
<a name="l00084"></a>00084 pos = <a class="code" href="wire2host_8h.html#a94452854ef88ae92a200a2cdb08fb07f">LDNS_HEADER_SIZE</a>;
<a name="l00085"></a>00085
<a name="l00086"></a>00086 <span class="keywordflow">for</span> (i = 0; i < qd_count; i++) {
<a name="l00087"></a>00087 status = <a class="code" href="wire2host_8c.html#a5e32cefa04dd6b44e342556c46d4f02f" title="converts the data on the uint8_t bytearray (in wire format) to a DNS resource record.">ldns_wire2rr</a>(&rr, wire, wire_len, &pos, <a class="code" href="packet_8h.html#adad42096a5200b78a988227bd8c59b71a7f20925b013173d60eccb9d0cf18997e">LDNS_SECTION_QUESTION</a>);
<a name="l00088"></a>00088 <span class="keywordflow">if</span> (status != <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afac58492ee3fc8d23f33c79824ed08c465">LDNS_STATUS_OK</a>) {
<a name="l00089"></a>00089 <span class="keywordflow">return</span> NULL;
<a name="l00090"></a>00090 }
<a name="l00091"></a>00091 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(rr);
<a name="l00092"></a>00092 }
<a name="l00093"></a>00093
<a name="l00094"></a>00094 <span class="keywordflow">for</span> (i = 0; i < an_count; i++) {
<a name="l00095"></a>00095 status = <a class="code" href="wire2host_8c.html#a5e32cefa04dd6b44e342556c46d4f02f" title="converts the data on the uint8_t bytearray (in wire format) to a DNS resource record.">ldns_wire2rr</a>(&rr, wire, wire_len, &pos, <a class="code" href="packet_8h.html#adad42096a5200b78a988227bd8c59b71a80effb31e9d19e57c89b79424a0b08ec">LDNS_SECTION_ANSWER</a>);
<a name="l00096"></a>00096 <span class="keywordflow">if</span> (status != <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afac58492ee3fc8d23f33c79824ed08c465">LDNS_STATUS_OK</a>) {
<a name="l00097"></a>00097 <span class="keywordflow">return</span> NULL;
<a name="l00098"></a>00098 }
<a name="l00099"></a>00099 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(rr);
<a name="l00100"></a>00100 }
<a name="l00101"></a>00101
<a name="l00102"></a>00102 <span class="keywordflow">for</span> (i = 0; i < ns_count; i++) {
<a name="l00103"></a>00103 status = <a class="code" href="wire2host_8c.html#a5e32cefa04dd6b44e342556c46d4f02f" title="converts the data on the uint8_t bytearray (in wire format) to a DNS resource record.">ldns_wire2rr</a>(&rr, wire, wire_len, &pos, <a class="code" href="packet_8h.html#adad42096a5200b78a988227bd8c59b71ab4c0eddd3ed0bfc089a7eb0cded20558">LDNS_SECTION_AUTHORITY</a>);
<a name="l00104"></a>00104 <span class="keywordflow">if</span> (status != <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afac58492ee3fc8d23f33c79824ed08c465">LDNS_STATUS_OK</a>) {
<a name="l00105"></a>00105 <span class="keywordflow">return</span> NULL;
<a name="l00106"></a>00106 }
<a name="l00107"></a>00107 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(rr);
<a name="l00108"></a>00108 }
<a name="l00109"></a>00109
<a name="l00110"></a>00110 <span class="keywordflow">for</span> (i = 0; i < ar_count; i++) {
<a name="l00111"></a>00111 status = <a class="code" href="wire2host_8c.html#a5e32cefa04dd6b44e342556c46d4f02f" title="converts the data on the uint8_t bytearray (in wire format) to a DNS resource record.">ldns_wire2rr</a>(&rr, wire, wire_len, &pos,
<a name="l00112"></a>00112 <a class="code" href="packet_8h.html#adad42096a5200b78a988227bd8c59b71a9bf00ce2a238c55f94ceeaf64aecdfbb">LDNS_SECTION_ADDITIONAL</a>);
<a name="l00113"></a>00113 <span class="keywordflow">if</span> (status != <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afac58492ee3fc8d23f33c79824ed08c465">LDNS_STATUS_OK</a>) {
<a name="l00114"></a>00114 <span class="keywordflow">return</span> NULL;
<a name="l00115"></a>00115 }
<a name="l00116"></a>00116 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(rr);
<a name="l00117"></a>00117 }
<a name="l00118"></a>00118
<a name="l00119"></a>00119 *result_len = pos;
<a name="l00120"></a>00120 wire2 = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(uint8_t, *result_len);
<a name="l00121"></a>00121 <span class="keywordflow">if</span>(!wire2) {
<a name="l00122"></a>00122 <span class="keywordflow">return</span> NULL;
<a name="l00123"></a>00123 }
<a name="l00124"></a>00124 memcpy(wire2, wire, *result_len);
<a name="l00125"></a>00125
<a name="l00126"></a>00126 ldns_write_uint16(wire2 + <a class="code" href="wire2host_8h.html#a891a74da1cac8a630f0f6f269ee574c2">LDNS_ARCOUNT_OFF</a>, ar_count);
<a name="l00127"></a>00127
<a name="l00128"></a>00128 <span class="keywordflow">return</span> wire2;
<a name="l00129"></a>00129 }
<a name="l00130"></a>00130
<a name="l00131"></a>00131 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00132"></a>00132 <span class="preprocessor"></span><span class="keyword">static</span> <span class="keyword">const</span> EVP_MD *
<a name="l00133"></a>00133 ldns_digest_function(<span class="keywordtype">char</span> *name)
<a name="l00134"></a>00134 {
<a name="l00135"></a>00135 <span class="comment">/* these are the mandatory algorithms from RFC4635 */</span>
<a name="l00136"></a>00136 <span class="comment">/* The optional algorithms are not yet implemented */</span>
<a name="l00137"></a>00137 <span class="keywordflow">if</span> (strlen(name) == 12
<a name="l00138"></a>00138 && strncasecmp(name, <span class="stringliteral">"hmac-sha256."</span>, 11) == 0) {
<a name="l00139"></a>00139 <span class="preprocessor">#ifdef HAVE_EVP_SHA256</span>
<a name="l00140"></a>00140 <span class="preprocessor"></span> <span class="keywordflow">return</span> EVP_sha256();
<a name="l00141"></a>00141 <span class="preprocessor">#else</span>
<a name="l00142"></a>00142 <span class="preprocessor"></span> <span class="keywordflow">return</span> NULL;
<a name="l00143"></a>00143 <span class="preprocessor">#endif</span>
<a name="l00144"></a>00144 <span class="preprocessor"></span> } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (strlen(name) == 10
<a name="l00145"></a>00145 && strncasecmp(name, <span class="stringliteral">"hmac-sha1."</span>, 9) == 0) {
<a name="l00146"></a>00146 <span class="keywordflow">return</span> EVP_sha1();
<a name="l00147"></a>00147 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (strlen(name) == 25
<a name="l00148"></a>00148 && strncasecmp(name, <span class="stringliteral">"hmac-md5.sig-alg.reg.int."</span>, 25)
<a name="l00149"></a>00149 == 0) {
<a name="l00150"></a>00150 <span class="keywordflow">return</span> EVP_md5();
<a name="l00151"></a>00151 } <span class="keywordflow">else</span> {
<a name="l00152"></a>00152 <span class="keywordflow">return</span> NULL;
<a name="l00153"></a>00153 }
<a name="l00154"></a>00154 }
<a name="l00155"></a>00155 <span class="preprocessor">#endif</span>
<a name="l00156"></a>00156 <span class="preprocessor"></span>
<a name="l00157"></a>00157 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00158"></a>00158 <span class="preprocessor"></span><span class="keyword">static</span> <a class="code" href="error_8h.html#aaa6d98f86f535cf87b83b89e91f488f9">ldns_status</a>
<a name="l00159"></a>00159 ldns_tsig_mac_new(<a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> **tsig_mac, uint8_t *pkt_wire, <span class="keywordtype">size_t</span> pkt_wire_size,
<a name="l00160"></a>00160 <span class="keyword">const</span> <span class="keywordtype">char</span> *key_data, <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *key_name_rdf, <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *fudge_rdf,
<a name="l00161"></a>00161 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *algorithm_rdf, <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *time_signed_rdf, <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *error_rdf,
<a name="l00162"></a>00162 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *other_data_rdf, <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *orig_mac_rdf, <span class="keywordtype">int</span> tsig_timers_only)
<a name="l00163"></a>00163 {
<a name="l00164"></a>00164 <a class="code" href="error_8h.html#aaa6d98f86f535cf87b83b89e91f488f9">ldns_status</a> status;
<a name="l00165"></a>00165 <span class="keywordtype">char</span> *wireformat;
<a name="l00166"></a>00166 <span class="keywordtype">int</span> wiresize;
<a name="l00167"></a>00167 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *mac_bytes = NULL;
<a name="l00168"></a>00168 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *key_bytes = NULL;
<a name="l00169"></a>00169 <span class="keywordtype">int</span> key_size;
<a name="l00170"></a>00170 <span class="keyword">const</span> EVP_MD *digester;
<a name="l00171"></a>00171 <span class="keywordtype">char</span> *algorithm_name = NULL;
<a name="l00172"></a>00172 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> md_len = EVP_MAX_MD_SIZE;
<a name="l00173"></a>00173 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *result = NULL;
<a name="l00174"></a>00174 <a class="code" href="structldns__struct__buffer.html" title="implementation of buffers to ease operations">ldns_buffer</a> *data_buffer = NULL;
<a name="l00175"></a>00175 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *canonical_key_name_rdf = NULL;
<a name="l00176"></a>00176 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *canonical_algorithm_rdf = NULL;
<a name="l00177"></a>00177
<a name="l00178"></a>00178 <span class="keywordflow">if</span> (key_name_rdf == NULL || algorithm_rdf == NULL) {
<a name="l00179"></a>00179 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa6d2e84d0a5c36fd156f348d9f9913dcf">LDNS_STATUS_NULL</a>;
<a name="l00180"></a>00180 }
<a name="l00181"></a>00181 canonical_key_name_rdf = <a class="code" href="rdata_8c.html#af9a39f2f8b749efa6a20ba91cb696961" title="clones a rdf structure.">ldns_rdf_clone</a>(key_name_rdf);
<a name="l00182"></a>00182 canonical_algorithm_rdf = <a class="code" href="rdata_8c.html#af9a39f2f8b749efa6a20ba91cb696961" title="clones a rdf structure.">ldns_rdf_clone</a>(algorithm_rdf);
<a name="l00183"></a>00183
<a name="l00184"></a>00184 <span class="keywordflow">if</span> (canonical_key_name_rdf == NULL
<a name="l00185"></a>00185 || canonical_algorithm_rdf == NULL) {
<a name="l00186"></a>00186 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa81e80e66a14551db514726fa49290498">LDNS_STATUS_MEM_ERR</a>;
<a name="l00187"></a>00187 }
<a name="l00188"></a>00188 <span class="comment">/*</span>
<a name="l00189"></a>00189 <span class="comment"> * prepare the digestable information</span>
<a name="l00190"></a>00190 <span class="comment"> */</span>
<a name="l00191"></a>00191 data_buffer = <a class="code" href="buffer_8c.html#ac6d413e9a76bf7e7c2022f13e36b9900" title="creates a new buffer with the specified capacity.">ldns_buffer_new</a>(<a class="code" href="packet_8h.html#a0335fad1ab5f49839cd6c5a71e3d721b">LDNS_MAX_PACKETLEN</a>);
<a name="l00192"></a>00192 <span class="keywordflow">if</span> (!data_buffer) {
<a name="l00193"></a>00193 status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa81e80e66a14551db514726fa49290498">LDNS_STATUS_MEM_ERR</a>;
<a name="l00194"></a>00194 <span class="keywordflow">goto</span> clean;
<a name="l00195"></a>00195 }
<a name="l00196"></a>00196 <span class="comment">/* if orig_mac is not NULL, add it too */</span>
<a name="l00197"></a>00197 <span class="keywordflow">if</span> (orig_mac_rdf) {
<a name="l00198"></a>00198 (void) <a class="code" href="host2wire_8c.html#a0147a3a16d5a149a6aee49cc967a9897" title="Copies the rdata data to the buffer in wire format.">ldns_rdf2buffer_wire</a>(data_buffer, orig_mac_rdf);
<a name="l00199"></a>00199 }
<a name="l00200"></a>00200 ldns_buffer_write(data_buffer, pkt_wire, pkt_wire_size);
<a name="l00201"></a>00201 <span class="keywordflow">if</span> (!tsig_timers_only) {
<a name="l00202"></a>00202 <a class="code" href="dname_8c.html#a86a798d6401b11e85d4592b1609ffd8f" title="Put a dname into canonical fmt - ie.">ldns_dname2canonical</a>(canonical_key_name_rdf);
<a name="l00203"></a>00203 (void)<a class="code" href="host2wire_8c.html#a0147a3a16d5a149a6aee49cc967a9897" title="Copies the rdata data to the buffer in wire format.">ldns_rdf2buffer_wire</a>(data_buffer,
<a name="l00204"></a>00204 canonical_key_name_rdf);
<a name="l00205"></a>00205 ldns_buffer_write_u16(data_buffer, <a class="code" href="rr_8h.html#adc72070b39f210fae670577de8136600ad14392298b1cf7e8dba6140b21d7aaff" title="Any class.">LDNS_RR_CLASS_ANY</a>);
<a name="l00206"></a>00206 ldns_buffer_write_u32(data_buffer, 0);
<a name="l00207"></a>00207 <a class="code" href="dname_8c.html#a86a798d6401b11e85d4592b1609ffd8f" title="Put a dname into canonical fmt - ie.">ldns_dname2canonical</a>(canonical_algorithm_rdf);
<a name="l00208"></a>00208 (void)<a class="code" href="host2wire_8c.html#a0147a3a16d5a149a6aee49cc967a9897" title="Copies the rdata data to the buffer in wire format.">ldns_rdf2buffer_wire</a>(data_buffer,
<a name="l00209"></a>00209 canonical_algorithm_rdf);
<a name="l00210"></a>00210 }
<a name="l00211"></a>00211 (void)<a class="code" href="host2wire_8c.html#a0147a3a16d5a149a6aee49cc967a9897" title="Copies the rdata data to the buffer in wire format.">ldns_rdf2buffer_wire</a>(data_buffer, time_signed_rdf);
<a name="l00212"></a>00212 (void)<a class="code" href="host2wire_8c.html#a0147a3a16d5a149a6aee49cc967a9897" title="Copies the rdata data to the buffer in wire format.">ldns_rdf2buffer_wire</a>(data_buffer, fudge_rdf);
<a name="l00213"></a>00213 <span class="keywordflow">if</span> (!tsig_timers_only) {
<a name="l00214"></a>00214 (void)<a class="code" href="host2wire_8c.html#a0147a3a16d5a149a6aee49cc967a9897" title="Copies the rdata data to the buffer in wire format.">ldns_rdf2buffer_wire</a>(data_buffer, error_rdf);
<a name="l00215"></a>00215 (void)<a class="code" href="host2wire_8c.html#a0147a3a16d5a149a6aee49cc967a9897" title="Copies the rdata data to the buffer in wire format.">ldns_rdf2buffer_wire</a>(data_buffer, other_data_rdf);
<a name="l00216"></a>00216 }
<a name="l00217"></a>00217
<a name="l00218"></a>00218 wireformat = (<span class="keywordtype">char</span> *) data_buffer-><a class="code" href="structldns__struct__buffer.html#ae4e2615ee600913816488ec2945b85c7" title="The data contained in the buffer.">_data</a>;
<a name="l00219"></a>00219 wiresize = (<span class="keywordtype">int</span>) ldns_buffer_position(data_buffer);
<a name="l00220"></a>00220
<a name="l00221"></a>00221 algorithm_name = <a class="code" href="host2str_8c.html#ae404881f2bc2bd31588e32e250f2c46b" title="Converts the data in the rdata field to presentation format and returns that as a char *...">ldns_rdf2str</a>(algorithm_rdf);
<a name="l00222"></a>00222 <span class="keywordflow">if</span>(!algorithm_name) {
<a name="l00223"></a>00223 status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa81e80e66a14551db514726fa49290498">LDNS_STATUS_MEM_ERR</a>;
<a name="l00224"></a>00224 <span class="keywordflow">goto</span> clean;
<a name="l00225"></a>00225 }
<a name="l00226"></a>00226
<a name="l00227"></a>00227 <span class="comment">/* prepare the key */</span>
<a name="l00228"></a>00228 key_bytes = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>,
<a name="l00229"></a>00229 ldns_b64_pton_calculate_size(strlen(key_data)));
<a name="l00230"></a>00230 <span class="keywordflow">if</span>(!key_bytes) {
<a name="l00231"></a>00231 status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa81e80e66a14551db514726fa49290498">LDNS_STATUS_MEM_ERR</a>;
<a name="l00232"></a>00232 <span class="keywordflow">goto</span> clean;
<a name="l00233"></a>00233 }
<a name="l00234"></a>00234 key_size = <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>(key_data, key_bytes,
<a name="l00235"></a>00235 ldns_b64_pton_calculate_size(strlen(key_data)));
<a name="l00236"></a>00236 <span class="keywordflow">if</span> (key_size < 0) {
<a name="l00237"></a>00237 status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afadb4c7f5c75af41904d2de6947c96fb2f">LDNS_STATUS_INVALID_B64</a>;
<a name="l00238"></a>00238 <span class="keywordflow">goto</span> clean;
<a name="l00239"></a>00239 }
<a name="l00240"></a>00240 <span class="comment">/* hmac it */</span>
<a name="l00241"></a>00241 <span class="comment">/* 2 spare bytes for the length */</span>
<a name="l00242"></a>00242 mac_bytes = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>, md_len+2);
<a name="l00243"></a>00243 <span class="keywordflow">if</span>(!mac_bytes) {
<a name="l00244"></a>00244 status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa81e80e66a14551db514726fa49290498">LDNS_STATUS_MEM_ERR</a>;
<a name="l00245"></a>00245 <span class="keywordflow">goto</span> clean;
<a name="l00246"></a>00246 }
<a name="l00247"></a>00247 memset(mac_bytes, 0, md_len+2);
<a name="l00248"></a>00248
<a name="l00249"></a>00249 digester = ldns_digest_function(algorithm_name);
<a name="l00250"></a>00250
<a name="l00251"></a>00251 <span class="keywordflow">if</span> (digester) {
<a name="l00252"></a>00252 (void) HMAC(digester, key_bytes, key_size, (<span class="keywordtype">void</span> *)wireformat,
<a name="l00253"></a>00253 (size_t) wiresize, mac_bytes + 2, &md_len);
<a name="l00254"></a>00254
<a name="l00255"></a>00255 ldns_write_uint16(mac_bytes, md_len);
<a name="l00256"></a>00256 result = <a class="code" href="rdata_8c.html#afeaa67dccf9c97ac9209776936279319" title="allocates a new rdf structure and fills it.">ldns_rdf_new_frm_data</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9aa66f3cec1402d326c773715de32c748e" title="variable length any type rdata where the length is specified by the first 2 bytes">LDNS_RDF_TYPE_INT16_DATA</a>, md_len + 2,
<a name="l00257"></a>00257 mac_bytes);
<a name="l00258"></a>00258 } <span class="keywordflow">else</span> {
<a name="l00259"></a>00259 status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afabf20385a3bf3e8dd3f6d3a3bf6ccc9cf">LDNS_STATUS_CRYPTO_UNKNOWN_ALGO</a>;
<a name="l00260"></a>00260 <span class="keywordflow">goto</span> clean;
<a name="l00261"></a>00261 }
<a name="l00262"></a>00262 *tsig_mac = result;
<a name="l00263"></a>00263 status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afac58492ee3fc8d23f33c79824ed08c465">LDNS_STATUS_OK</a>;
<a name="l00264"></a>00264 clean:
<a name="l00265"></a>00265 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(mac_bytes);
<a name="l00266"></a>00266 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(key_bytes);
<a name="l00267"></a>00267 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(algorithm_name);
<a name="l00268"></a>00268 <a class="code" href="buffer_8c.html#a1615da957ad5a24a8b5cc1ba2f2b7f44" title="frees the buffer.">ldns_buffer_free</a>(data_buffer);
<a name="l00269"></a>00269 <a class="code" href="rdata_8c.html#ae31cf54f363a70e01db4b6d15c3ad190" title="frees a rdf structure, leaving the data pointer intact.">ldns_rdf_free</a>(canonical_algorithm_rdf);
<a name="l00270"></a>00270 <a class="code" href="rdata_8c.html#ae31cf54f363a70e01db4b6d15c3ad190" title="frees a rdf structure, leaving the data pointer intact.">ldns_rdf_free</a>(canonical_key_name_rdf);
<a name="l00271"></a>00271 <span class="keywordflow">return</span> status;
<a name="l00272"></a>00272 }
<a name="l00273"></a>00273 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00274"></a>00274
<a name="l00275"></a>00275
<a name="l00276"></a>00276 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00277"></a>00277 <span class="preprocessor"></span><span class="keywordtype">bool</span>
<a name="l00278"></a><a class="code" href="tsig_8h.html#afbca7a3db9333bf434e741f983ec90b6">00278</a> <a class="code" href="tsig_8c.html#a586dcebbdc6982d05d27277b4972849d" title="verifies the tsig rr for the given packet and key.">ldns_pkt_tsig_verify</a>(<a class="code" href="structldns__struct__pkt.html" title="DNS packet.">ldns_pkt</a> *pkt, uint8_t *wire, <span class="keywordtype">size_t</span> wirelen, <span class="keyword">const</span> <span class="keywordtype">char</span> *key_name,
<a name="l00279"></a>00279 <span class="keyword">const</span> <span class="keywordtype">char</span> *key_data, <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *orig_mac_rdf)
<a name="l00280"></a>00280 {
<a name="l00281"></a>00281 <span class="keywordflow">return</span> <a class="code" href="tsig_8c.html#ac24cfebc33e7cb5486624ed89e93fddf" title="verifies the tsig rr for the given packet and key.">ldns_pkt_tsig_verify_next</a>(pkt, wire, wirelen, key_name, key_data, orig_mac_rdf, 0);
<a name="l00282"></a>00282 }
<a name="l00283"></a>00283
<a name="l00284"></a>00284 <span class="keywordtype">bool</span>
<a name="l00285"></a><a class="code" href="tsig_8h.html#a401dcc6594991f4990d61e48134d8017">00285</a> <a class="code" href="tsig_8c.html#ac24cfebc33e7cb5486624ed89e93fddf" title="verifies the tsig rr for the given packet and key.">ldns_pkt_tsig_verify_next</a>(<a class="code" href="structldns__struct__pkt.html" title="DNS packet.">ldns_pkt</a> *pkt, uint8_t *wire, <span class="keywordtype">size_t</span> wirelen, <span class="keyword">const</span> <span class="keywordtype">char</span>* key_name,
<a name="l00286"></a>00286 <span class="keyword">const</span> <span class="keywordtype">char</span> *key_data, <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *orig_mac_rdf, <span class="keywordtype">int</span> tsig_timers_only)
<a name="l00287"></a>00287 {
<a name="l00288"></a>00288 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *fudge_rdf;
<a name="l00289"></a>00289 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *algorithm_rdf;
<a name="l00290"></a>00290 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *time_signed_rdf;
<a name="l00291"></a>00291 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *orig_id_rdf;
<a name="l00292"></a>00292 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *error_rdf;
<a name="l00293"></a>00293 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *other_data_rdf;
<a name="l00294"></a>00294 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *pkt_mac_rdf;
<a name="l00295"></a>00295 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *my_mac_rdf;
<a name="l00296"></a>00296 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *key_name_rdf = <a class="code" href="rdata_8c.html#a6d9420f844225b552ffc3e84a37741ba" title="creates a new rdf from a string.">ldns_rdf_new_frm_str</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9a72cb73467bcbfbb41168e2a2b4a8283a" title="domain name">LDNS_RDF_TYPE_DNAME</a>, key_name);
<a name="l00297"></a>00297 uint16_t pkt_id, orig_pkt_id;
<a name="l00298"></a>00298 <a class="code" href="error_8h.html#aaa6d98f86f535cf87b83b89e91f488f9">ldns_status</a> status;
<a name="l00299"></a>00299
<a name="l00300"></a>00300 uint8_t *prepared_wire = NULL;
<a name="l00301"></a>00301 <span class="keywordtype">size_t</span> prepared_wire_size = 0;
<a name="l00302"></a>00302
<a name="l00303"></a>00303 <a class="code" href="structldns__struct__rr.html" title="Resource Record.">ldns_rr</a> *orig_tsig = <a class="code" href="packet_8c.html#ad7dead450927dc5d6db4dd4ef7c738e1" title="Return the packet's tsig pseudo rr's.">ldns_pkt_tsig</a>(pkt);
<a name="l00304"></a>00304
<a name="l00305"></a>00305 <span class="keywordflow">if</span> (!orig_tsig || <a class="code" href="rr_8c.html#a6e9df34d3869e840e9aa9b9d325d96b1" title="returns the rd_count of an rr structure.">ldns_rr_rd_count</a>(orig_tsig) <= 6) {
<a name="l00306"></a>00306 <a class="code" href="rdata_8c.html#a47cb2779f76f2f6561ff8ede8e41afec" title="frees a rdf structure _and_ frees the data.">ldns_rdf_deep_free</a>(key_name_rdf);
<a name="l00307"></a>00307 <span class="keywordflow">return</span> <span class="keyword">false</span>;
<a name="l00308"></a>00308 }
<a name="l00309"></a>00309 algorithm_rdf = <a class="code" href="rr_8c.html#aed836e7b90f7c11993d92a4569d7e29b" title="returns the rdata field member counter.">ldns_rr_rdf</a>(orig_tsig, 0);
<a name="l00310"></a>00310 time_signed_rdf = <a class="code" href="rr_8c.html#aed836e7b90f7c11993d92a4569d7e29b" title="returns the rdata field member counter.">ldns_rr_rdf</a>(orig_tsig, 1);
<a name="l00311"></a>00311 fudge_rdf = <a class="code" href="rr_8c.html#aed836e7b90f7c11993d92a4569d7e29b" title="returns the rdata field member counter.">ldns_rr_rdf</a>(orig_tsig, 2);
<a name="l00312"></a>00312 pkt_mac_rdf = <a class="code" href="rr_8c.html#aed836e7b90f7c11993d92a4569d7e29b" title="returns the rdata field member counter.">ldns_rr_rdf</a>(orig_tsig, 3);
<a name="l00313"></a>00313 orig_id_rdf = <a class="code" href="rr_8c.html#aed836e7b90f7c11993d92a4569d7e29b" title="returns the rdata field member counter.">ldns_rr_rdf</a>(orig_tsig, 4);
<a name="l00314"></a>00314 error_rdf = <a class="code" href="rr_8c.html#aed836e7b90f7c11993d92a4569d7e29b" title="returns the rdata field member counter.">ldns_rr_rdf</a>(orig_tsig, 5);
<a name="l00315"></a>00315 other_data_rdf = <a class="code" href="rr_8c.html#aed836e7b90f7c11993d92a4569d7e29b" title="returns the rdata field member counter.">ldns_rr_rdf</a>(orig_tsig, 6);
<a name="l00316"></a>00316
<a name="l00317"></a>00317 <span class="comment">/* remove temporarily */</span>
<a name="l00318"></a>00318 <a class="code" href="packet_8c.html#a19d8214fc5305aea0403fd70c529b151" title="Set the packet's tsig rr.">ldns_pkt_set_tsig</a>(pkt, NULL);
<a name="l00319"></a>00319 <span class="comment">/* temporarily change the id to the original id */</span>
<a name="l00320"></a>00320 pkt_id = <a class="code" href="packet_8c.html#a439764a9c9642e71cc1e65394ff4ab12" title="Read the packet id.">ldns_pkt_id</a>(pkt);
<a name="l00321"></a>00321 orig_pkt_id = <a class="code" href="rdata_8c.html#a5906b621eda1380a2993255fa649c21d" title="returns the native uint16_t representation from the rdf.">ldns_rdf2native_int16</a>(orig_id_rdf);
<a name="l00322"></a>00322 <a class="code" href="packet_8c.html#ace4a28c5ddb36917440db70bc4bd9614" title="Set the packet's id.">ldns_pkt_set_id</a>(pkt, orig_pkt_id);
<a name="l00323"></a>00323
<a name="l00324"></a>00324 prepared_wire = <a class="code" href="tsig_8c.html#a0218b13e33f1da73b70c22830df937d5">ldns_tsig_prepare_pkt_wire</a>(wire, wirelen, &prepared_wire_size);
<a name="l00325"></a>00325
<a name="l00326"></a>00326 status = ldns_tsig_mac_new(&my_mac_rdf, prepared_wire, prepared_wire_size,
<a name="l00327"></a>00327 key_data, key_name_rdf, fudge_rdf, algorithm_rdf,
<a name="l00328"></a>00328 time_signed_rdf, error_rdf, other_data_rdf, orig_mac_rdf, tsig_timers_only);
<a name="l00329"></a>00329
<a name="l00330"></a>00330 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(prepared_wire);
<a name="l00331"></a>00331
<a name="l00332"></a>00332 <span class="keywordflow">if</span> (status != <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afac58492ee3fc8d23f33c79824ed08c465">LDNS_STATUS_OK</a>) {
<a name="l00333"></a>00333 <a class="code" href="rdata_8c.html#a47cb2779f76f2f6561ff8ede8e41afec" title="frees a rdf structure _and_ frees the data.">ldns_rdf_deep_free</a>(key_name_rdf);
<a name="l00334"></a>00334 <span class="keywordflow">return</span> <span class="keyword">false</span>;
<a name="l00335"></a>00335 }
<a name="l00336"></a>00336 <span class="comment">/* Put back the values */</span>
<a name="l00337"></a>00337 <a class="code" href="packet_8c.html#a19d8214fc5305aea0403fd70c529b151" title="Set the packet's tsig rr.">ldns_pkt_set_tsig</a>(pkt, orig_tsig);
<a name="l00338"></a>00338 <a class="code" href="packet_8c.html#ace4a28c5ddb36917440db70bc4bd9614" title="Set the packet's id.">ldns_pkt_set_id</a>(pkt, pkt_id);
<a name="l00339"></a>00339
<a name="l00340"></a>00340 <a class="code" href="rdata_8c.html#a47cb2779f76f2f6561ff8ede8e41afec" title="frees a rdf structure _and_ frees the data.">ldns_rdf_deep_free</a>(key_name_rdf);
<a name="l00341"></a>00341
<a name="l00342"></a>00342 <span class="keywordflow">if</span> (<a class="code" href="rdata_8c.html#ae5813414a2392d94d20ec1f9f3705ad5" title="compares two rdf's on their wire formats.">ldns_rdf_compare</a>(pkt_mac_rdf, my_mac_rdf) == 0) {
<a name="l00343"></a>00343 <a class="code" href="rdata_8c.html#a47cb2779f76f2f6561ff8ede8e41afec" title="frees a rdf structure _and_ frees the data.">ldns_rdf_deep_free</a>(my_mac_rdf);
<a name="l00344"></a>00344 <span class="keywordflow">return</span> <span class="keyword">true</span>;
<a name="l00345"></a>00345 } <span class="keywordflow">else</span> {
<a name="l00346"></a>00346 <a class="code" href="rdata_8c.html#a47cb2779f76f2f6561ff8ede8e41afec" title="frees a rdf structure _and_ frees the data.">ldns_rdf_deep_free</a>(my_mac_rdf);
<a name="l00347"></a>00347 <span class="keywordflow">return</span> <span class="keyword">false</span>;
<a name="l00348"></a>00348 }
<a name="l00349"></a>00349 }
<a name="l00350"></a>00350 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00351"></a>00351
<a name="l00352"></a>00352 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00353"></a>00353 <span class="preprocessor"></span><a class="code" href="error_8h.html#aaa6d98f86f535cf87b83b89e91f488f9">ldns_status</a>
<a name="l00354"></a><a class="code" href="tsig_8h.html#a77501f37821c68328382bccdca956805">00354</a> <a class="code" href="tsig_8c.html#a77501f37821c68328382bccdca956805" title="creates a tsig rr for the given packet and key.">ldns_pkt_tsig_sign</a>(<a class="code" href="structldns__struct__pkt.html" title="DNS packet.">ldns_pkt</a> *pkt, <span class="keyword">const</span> <span class="keywordtype">char</span> *key_name, <span class="keyword">const</span> <span class="keywordtype">char</span> *key_data,
<a name="l00355"></a>00355 uint16_t fudge, <span class="keyword">const</span> <span class="keywordtype">char</span> *algorithm_name, <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *query_mac)
<a name="l00356"></a>00356 {
<a name="l00357"></a>00357 <span class="keywordflow">return</span> <a class="code" href="tsig_8c.html#a6ad3d9062abc5920fb30ea12d4d4967e" title="creates a tsig rr for the given packet and key.">ldns_pkt_tsig_sign_next</a>(pkt, key_name, key_data, fudge, algorithm_name, query_mac, 0);
<a name="l00358"></a>00358 }
<a name="l00359"></a>00359
<a name="l00360"></a>00360 <a class="code" href="error_8h.html#aaa6d98f86f535cf87b83b89e91f488f9">ldns_status</a>
<a name="l00361"></a><a class="code" href="tsig_8h.html#a6ad3d9062abc5920fb30ea12d4d4967e">00361</a> <a class="code" href="tsig_8c.html#a6ad3d9062abc5920fb30ea12d4d4967e" title="creates a tsig rr for the given packet and key.">ldns_pkt_tsig_sign_next</a>(<a class="code" href="structldns__struct__pkt.html" title="DNS packet.">ldns_pkt</a> *pkt, <span class="keyword">const</span> <span class="keywordtype">char</span> *key_name, <span class="keyword">const</span> <span class="keywordtype">char</span> *key_data,
<a name="l00362"></a>00362 uint16_t fudge, <span class="keyword">const</span> <span class="keywordtype">char</span> *algorithm_name, <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *query_mac, <span class="keywordtype">int</span> tsig_timers_only)
<a name="l00363"></a>00363 {
<a name="l00364"></a>00364 <a class="code" href="structldns__struct__rr.html" title="Resource Record.">ldns_rr</a> *tsig_rr;
<a name="l00365"></a>00365 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *key_name_rdf = <a class="code" href="rdata_8c.html#a6d9420f844225b552ffc3e84a37741ba" title="creates a new rdf from a string.">ldns_rdf_new_frm_str</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9a72cb73467bcbfbb41168e2a2b4a8283a" title="domain name">LDNS_RDF_TYPE_DNAME</a>, key_name);
<a name="l00366"></a>00366 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *fudge_rdf = NULL;
<a name="l00367"></a>00367 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *orig_id_rdf = NULL;
<a name="l00368"></a>00368 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *algorithm_rdf;
<a name="l00369"></a>00369 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *error_rdf = NULL;
<a name="l00370"></a>00370 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *mac_rdf = NULL;
<a name="l00371"></a>00371 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *other_data_rdf = NULL;
<a name="l00372"></a>00372
<a name="l00373"></a>00373 <a class="code" href="error_8h.html#aaa6d98f86f535cf87b83b89e91f488f9">ldns_status</a> status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afac58492ee3fc8d23f33c79824ed08c465">LDNS_STATUS_OK</a>;
<a name="l00374"></a>00374
<a name="l00375"></a>00375 uint8_t *pkt_wire = NULL;
<a name="l00376"></a>00376 <span class="keywordtype">size_t</span> pkt_wire_len;
<a name="l00377"></a>00377
<a name="l00378"></a>00378 <span class="keyword">struct </span>timeval tv_time_signed;
<a name="l00379"></a>00379 uint8_t *time_signed = NULL;
<a name="l00380"></a>00380 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *time_signed_rdf = NULL;
<a name="l00381"></a>00381
<a name="l00382"></a>00382 algorithm_rdf = <a class="code" href="rdata_8c.html#a6d9420f844225b552ffc3e84a37741ba" title="creates a new rdf from a string.">ldns_rdf_new_frm_str</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9a72cb73467bcbfbb41168e2a2b4a8283a" title="domain name">LDNS_RDF_TYPE_DNAME</a>, algorithm_name);
<a name="l00383"></a>00383 <span class="keywordflow">if</span>(!key_name_rdf || !algorithm_rdf) {
<a name="l00384"></a>00384 status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa81e80e66a14551db514726fa49290498">LDNS_STATUS_MEM_ERR</a>;
<a name="l00385"></a>00385 <span class="keywordflow">goto</span> clean;
<a name="l00386"></a>00386 }
<a name="l00387"></a>00387
<a name="l00388"></a>00388 <span class="comment">/* eww don't have create tsigtime rdf yet :( */</span>
<a name="l00389"></a>00389 <span class="comment">/* bleh :p */</span>
<a name="l00390"></a>00390 <span class="keywordflow">if</span> (gettimeofday(&tv_time_signed, NULL) == 0) {
<a name="l00391"></a>00391 time_signed = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(uint8_t, 6);
<a name="l00392"></a>00392 <span class="keywordflow">if</span>(!time_signed) {
<a name="l00393"></a>00393 status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa81e80e66a14551db514726fa49290498">LDNS_STATUS_MEM_ERR</a>;
<a name="l00394"></a>00394 <span class="keywordflow">goto</span> clean;
<a name="l00395"></a>00395 }
<a name="l00396"></a>00396 ldns_write_uint64_as_uint48(time_signed,
<a name="l00397"></a>00397 (uint64_t)tv_time_signed.tv_sec);
<a name="l00398"></a>00398 } <span class="keywordflow">else</span> {
<a name="l00399"></a>00399 status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa9029a7994da0e2f27cff8848a6c6f9da">LDNS_STATUS_INTERNAL_ERR</a>;
<a name="l00400"></a>00400 <span class="keywordflow">goto</span> clean;
<a name="l00401"></a>00401 }
<a name="l00402"></a>00402
<a name="l00403"></a>00403 time_signed_rdf = <a class="code" href="rdata_8c.html#a5074dfaf129822d72061d81b290bd332" title="allocates a new rdf structure and fills it.">ldns_rdf_new</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9af92739b2430f01ad89cec4a53bcc08b5" title="tsig time 48 bits">LDNS_RDF_TYPE_TSIGTIME</a>, 6, time_signed);
<a name="l00404"></a>00404 <span class="keywordflow">if</span>(!time_signed_rdf) {
<a name="l00405"></a>00405 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(time_signed);
<a name="l00406"></a>00406 status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa81e80e66a14551db514726fa49290498">LDNS_STATUS_MEM_ERR</a>;
<a name="l00407"></a>00407 <span class="keywordflow">goto</span> clean;
<a name="l00408"></a>00408 }
<a name="l00409"></a>00409
<a name="l00410"></a>00410 fudge_rdf = <a class="code" href="rdata_8c.html#a73fc4d5c6e12d7ac79b0778f51b60e13" title="returns the rdf containing the native uint16_t representation.">ldns_native2rdf_int16</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9adef66c8791f83ba190e5f5775791e4c6" title="16 bits">LDNS_RDF_TYPE_INT16</a>, fudge);
<a name="l00411"></a>00411
<a name="l00412"></a>00412 orig_id_rdf = <a class="code" href="rdata_8c.html#a73fc4d5c6e12d7ac79b0778f51b60e13" title="returns the rdf containing the native uint16_t representation.">ldns_native2rdf_int16</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9adef66c8791f83ba190e5f5775791e4c6" title="16 bits">LDNS_RDF_TYPE_INT16</a>, <a class="code" href="packet_8c.html#a439764a9c9642e71cc1e65394ff4ab12" title="Read the packet id.">ldns_pkt_id</a>(pkt));
<a name="l00413"></a>00413
<a name="l00414"></a>00414 error_rdf = <a class="code" href="rdata_8c.html#a73fc4d5c6e12d7ac79b0778f51b60e13" title="returns the rdf containing the native uint16_t representation.">ldns_native2rdf_int16</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9adef66c8791f83ba190e5f5775791e4c6" title="16 bits">LDNS_RDF_TYPE_INT16</a>, 0);
<a name="l00415"></a>00415
<a name="l00416"></a>00416 other_data_rdf = <a class="code" href="rdata_8c.html#a51986f5bd77358b1e6f6c8a2e4f7fec2" title="returns an int16_data rdf that contains the data in the given array, preceded by an int16 specifying ...">ldns_native2rdf_int16_data</a>(0, NULL);
<a name="l00417"></a>00417
<a name="l00418"></a>00418 <span class="keywordflow">if</span>(!fudge_rdf || !orig_id_rdf || !error_rdf || !other_data_rdf) {
<a name="l00419"></a>00419 status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa81e80e66a14551db514726fa49290498">LDNS_STATUS_MEM_ERR</a>;
<a name="l00420"></a>00420 <span class="keywordflow">goto</span> clean;
<a name="l00421"></a>00421 }
<a name="l00422"></a>00422
<a name="l00423"></a>00423 <span class="keywordflow">if</span> (<a class="code" href="host2wire_8c.html#a2e9c17a2c51bbe8c8a41527211e7157c" title="Allocates an array of uint8_t at dest, and puts the wireformat of the given packet in that array...">ldns_pkt2wire</a>(&pkt_wire, pkt, &pkt_wire_len) != <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afac58492ee3fc8d23f33c79824ed08c465">LDNS_STATUS_OK</a>) {
<a name="l00424"></a>00424 status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa804a996d5f13cda0806bf1d54114d2ca">LDNS_STATUS_ERR</a>;
<a name="l00425"></a>00425 <span class="keywordflow">goto</span> clean;
<a name="l00426"></a>00426 }
<a name="l00427"></a>00427
<a name="l00428"></a>00428 status = ldns_tsig_mac_new(&mac_rdf, pkt_wire, pkt_wire_len,
<a name="l00429"></a>00429 key_data, key_name_rdf, fudge_rdf, algorithm_rdf,
<a name="l00430"></a>00430 time_signed_rdf, error_rdf, other_data_rdf, query_mac, tsig_timers_only);
<a name="l00431"></a>00431
<a name="l00432"></a>00432 <span class="keywordflow">if</span> (!mac_rdf) {
<a name="l00433"></a>00433 <span class="keywordflow">goto</span> clean;
<a name="l00434"></a>00434 }
<a name="l00435"></a>00435
<a name="l00436"></a>00436 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(pkt_wire);
<a name="l00437"></a>00437
<a name="l00438"></a>00438 <span class="comment">/* Create the TSIG RR */</span>
<a name="l00439"></a>00439 tsig_rr = <a class="code" href="rr_8c.html#af0921b9dc51c173c6e7007c2fcedfce3" title="creates a new rr structure.">ldns_rr_new</a>();
<a name="l00440"></a>00440 <span class="keywordflow">if</span>(!tsig_rr) {
<a name="l00441"></a>00441 status = <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa81e80e66a14551db514726fa49290498">LDNS_STATUS_MEM_ERR</a>;
<a name="l00442"></a>00442 <span class="keywordflow">goto</span> clean;
<a name="l00443"></a>00443 }
<a name="l00444"></a>00444 <a class="code" href="rr_8c.html#a2c7374383b168ce0d33b56f43a91c940" title="sets the owner in the rr structure.">ldns_rr_set_owner</a>(tsig_rr, key_name_rdf);
<a name="l00445"></a>00445 <a class="code" href="rr_8c.html#aac682e10305e017760e65a423e6e6374" title="sets the class in the rr.">ldns_rr_set_class</a>(tsig_rr, <a class="code" href="rr_8h.html#adc72070b39f210fae670577de8136600ad14392298b1cf7e8dba6140b21d7aaff" title="Any class.">LDNS_RR_CLASS_ANY</a>);
<a name="l00446"></a>00446 <a class="code" href="rr_8c.html#a613e90c7efbdbb3da546fe1f244023c0" title="sets the type in the rr.">ldns_rr_set_type</a>(tsig_rr, <a class="code" href="rr_8h.html#a640100112b0009efe3d61bbf799b33daa46daaae4a76c2af7f42135aa2cb4c6b9">LDNS_RR_TYPE_TSIG</a>);
<a name="l00447"></a>00447 <a class="code" href="rr_8c.html#a84a12460eb7ffe5c5fd3d84e9efbe3cf" title="sets the ttl in the rr structure.">ldns_rr_set_ttl</a>(tsig_rr, 0);
<a name="l00448"></a>00448
<a name="l00449"></a>00449 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(tsig_rr, algorithm_rdf);
<a name="l00450"></a>00450 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(tsig_rr, time_signed_rdf);
<a name="l00451"></a>00451 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(tsig_rr, fudge_rdf);
<a name="l00452"></a>00452 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(tsig_rr, mac_rdf);
<a name="l00453"></a>00453 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(tsig_rr, orig_id_rdf);
<a name="l00454"></a>00454 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(tsig_rr, error_rdf);
<a name="l00455"></a>00455 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(tsig_rr, other_data_rdf);
<a name="l00456"></a>00456
<a name="l00457"></a>00457 <a class="code" href="packet_8c.html#a19d8214fc5305aea0403fd70c529b151" title="Set the packet's tsig rr.">ldns_pkt_set_tsig</a>(pkt, tsig_rr);
<a name="l00458"></a>00458
<a name="l00459"></a>00459 <span class="keywordflow">return</span> status;
<a name="l00460"></a>00460
<a name="l00461"></a>00461 clean:
<a name="l00462"></a>00462 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(pkt_wire);
<a name="l00463"></a>00463 <a class="code" href="rdata_8c.html#ae31cf54f363a70e01db4b6d15c3ad190" title="frees a rdf structure, leaving the data pointer intact.">ldns_rdf_free</a>(key_name_rdf);
<a name="l00464"></a>00464 <a class="code" href="rdata_8c.html#ae31cf54f363a70e01db4b6d15c3ad190" title="frees a rdf structure, leaving the data pointer intact.">ldns_rdf_free</a>(algorithm_rdf);
<a name="l00465"></a>00465 <a class="code" href="rdata_8c.html#ae31cf54f363a70e01db4b6d15c3ad190" title="frees a rdf structure, leaving the data pointer intact.">ldns_rdf_free</a>(time_signed_rdf);
<a name="l00466"></a>00466 <a class="code" href="rdata_8c.html#ae31cf54f363a70e01db4b6d15c3ad190" title="frees a rdf structure, leaving the data pointer intact.">ldns_rdf_free</a>(fudge_rdf);
<a name="l00467"></a>00467 <a class="code" href="rdata_8c.html#ae31cf54f363a70e01db4b6d15c3ad190" title="frees a rdf structure, leaving the data pointer intact.">ldns_rdf_free</a>(orig_id_rdf);
<a name="l00468"></a>00468 <a class="code" href="rdata_8c.html#ae31cf54f363a70e01db4b6d15c3ad190" title="frees a rdf structure, leaving the data pointer intact.">ldns_rdf_free</a>(error_rdf);
<a name="l00469"></a>00469 <a class="code" href="rdata_8c.html#ae31cf54f363a70e01db4b6d15c3ad190" title="frees a rdf structure, leaving the data pointer intact.">ldns_rdf_free</a>(other_data_rdf);
<a name="l00470"></a>00470 <span class="keywordflow">return</span> status;
<a name="l00471"></a>00471 }
<a name="l00472"></a>00472 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
</pre></div></div>
</div>
<hr class="footer"/><address class="footer"><small>Generated on Wed Jan 11 2012 for ldns by 
<a href="http://www.doxygen.org/index.html">
<img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.7.4 </small></address>
</body>
</html>
