#include <config.h>#include <isc/buffer.h>#include <isc/entropy.h>#include <isc/md5.h>#include <isc/mem.h>#include <isc/string.h>#include <isc/util.h>#include <dns/dnssec.h>#include <dns/fixedname.h>#include <dns/keyvalues.h>#include <dns/log.h>#include <dns/message.h>#include <dns/name.h>#include <dns/rdata.h>#include <dns/rdatalist.h>#include <dns/rdataset.h>#include <dns/rdatastruct.h>#include <dns/result.h>#include <dns/tkey.h>#include <dns/tsig.h>#include <dst/dst.h>#include <dst/gssapi.h>#include "dst_internal.h"Go to the source code of this file.
Defines | |
| #define | TKEY_RANDOM_AMOUNT 16 |
| #define | RETERR(x) |
Functions | |
| static void | tkey_log (const char *fmt,...) ISC_FORMAT_PRINTF(1 |
| static void | _dns_tkey_dumpmessage (dns_message_t *msg) |
| isc_result_t | dns_tkeyctx_create (isc_mem_t *mctx, isc_entropy_t *ectx, dns_tkeyctx_t **tctxp) |
| Create an empty TKEY context. | |
| void | dns_tkeyctx_destroy (dns_tkeyctx_t **tctxp) |
| Frees all data associated with the TKEY context. | |
| static isc_result_t | add_rdata_to_list (dns_message_t *msg, dns_name_t *name, dns_rdata_t *rdata, isc_uint32_t ttl, dns_namelist_t *namelist) |
| static void | free_namelist (dns_message_t *msg, dns_namelist_t *namelist) |
| static isc_result_t | compute_secret (isc_buffer_t *shared, isc_region_t *queryrandomness, isc_region_t *serverrandomness, isc_buffer_t *secret) |
| static isc_result_t | process_dhtkey (dns_message_t *msg, dns_name_t *signer, dns_name_t *name, dns_rdata_tkey_t *tkeyin, dns_tkeyctx_t *tctx, dns_rdata_tkey_t *tkeyout, dns_tsig_keyring_t *ring, dns_namelist_t *namelist) |
| static isc_result_t | process_gsstkey (dns_name_t *name, dns_rdata_tkey_t *tkeyin, dns_tkeyctx_t *tctx, dns_rdata_tkey_t *tkeyout, dns_tsig_keyring_t *ring) |
| static isc_result_t | process_deletetkey (dns_name_t *signer, dns_name_t *name, dns_rdata_tkey_t *tkeyin, dns_rdata_tkey_t *tkeyout, dns_tsig_keyring_t *ring) |
| isc_result_t | dns_tkey_processquery (dns_message_t *msg, dns_tkeyctx_t *tctx, dns_tsig_keyring_t *ring) |
| Processes a query containing a TKEY record, adding or deleting TSIG keys if necessary, and modifies the message to contain the response. | |
| static isc_result_t | buildquery (dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkey, isc_boolean_t win2k) |
| isc_result_t | dns_tkey_builddhquery (dns_message_t *msg, dst_key_t *key, dns_name_t *name, dns_name_t *algorithm, isc_buffer_t *nonce, isc_uint32_t lifetime) |
| Builds a query containing a TKEY that will generate a shared secret using a Diffie-Hellman key exchange. The shared key will be of the specified algorithm (only DNS_TSIG_HMACMD5_NAME is supported), and will be named either 'name', 'name' + server chosen domain, or random data + server chosen domain if 'name' == dns_rootname. If nonce is not NULL, it supplies random data used in the shared secret computation. The key is requested to have the specified lifetime (in seconds). | |
| isc_result_t | dns_tkey_buildgssquery (dns_message_t *msg, dns_name_t *name, dns_name_t *gname, isc_buffer_t *intoken, isc_uint32_t lifetime, gss_ctx_id_t *context, isc_boolean_t win2k, isc_mem_t *mctx, char **err_message) |
| Builds a query containing a TKEY that will generate a GSSAPI context. The key is requested to have the specified lifetime (in seconds). | |
| isc_result_t | dns_tkey_builddeletequery (dns_message_t *msg, dns_tsigkey_t *key) |
| Builds a query containing a TKEY record that will delete the specified shared secret from the server. | |
| static isc_result_t | find_tkey (dns_message_t *msg, dns_name_t **name, dns_rdata_t *rdata, int section) |
| isc_result_t | dns_tkey_processdhresponse (dns_message_t *qmsg, dns_message_t *rmsg, dst_key_t *key, isc_buffer_t *nonce, dns_tsigkey_t **outkey, dns_tsig_keyring_t *ring) |
| Processes a response to a query containing a TKEY that was designed to generate a shared secret using a Diffie-Hellman key exchange. If the query was successful, a new shared key is created and added to the list of shared keys. | |
| isc_result_t | dns_tkey_processgssresponse (dns_message_t *qmsg, dns_message_t *rmsg, dns_name_t *gname, gss_ctx_id_t *context, isc_buffer_t *outtoken, dns_tsigkey_t **outkey, dns_tsig_keyring_t *ring, char **err_message) |
| XXX. | |
| isc_result_t | dns_tkey_processdeleteresponse (dns_message_t *qmsg, dns_message_t *rmsg, dns_tsig_keyring_t *ring) |
| Processes a response to a query containing a TKEY that was designed to delete a shared secret. If the query was successful, the shared key is deleted from the list of shared keys. | |
| isc_result_t | dns_tkey_gssnegotiate (dns_message_t *qmsg, dns_message_t *rmsg, dns_name_t *server, gss_ctx_id_t *context, dns_tsigkey_t **outkey, dns_tsig_keyring_t *ring, isc_boolean_t win2k, char **err_message) |
Definition in file tkey.c.
| #define TKEY_RANDOM_AMOUNT 16 |
| #define RETERR | ( | x | ) |
Value:
do { \ result = (x); \ if (result != ISC_R_SUCCESS) \ goto failure; \ } while (0)
| static void static void tkey_log | ( | const char * | fmt, | |
| ... | ||||
| ) | [static] |
Definition at line 66 of file tkey.c.
References dns_lctx, DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_REQUEST, ISC_LOG_DEBUG, and isc_log_vwrite().
Referenced by dns_tkey_gssnegotiate(), dns_tkey_processdeleteresponse(), dns_tkey_processdhresponse(), dns_tkey_processgssresponse(), dns_tkey_processquery(), process_dhtkey(), and process_gsstkey().
| static void _dns_tkey_dumpmessage | ( | dns_message_t * | msg | ) | [static] |
Definition at line 76 of file tkey.c.
References dns_master_style_debug, dns_message_totext(), dns_result_totext(), isc_buffer_base, isc_buffer_init, isc_buffer_usedlength, ISC_R_SUCCESS, and output().
Referenced by dns_tkey_processgssresponse().
| isc_result_t dns_tkeyctx_create | ( | isc_mem_t * | mctx, | |
| isc_entropy_t * | ectx, | |||
| dns_tkeyctx_t ** | tctxp | |||
| ) |
Create an empty TKEY context.
Requires:
Definition at line 92 of file tkey.c.
References dns_tkeyctx::dhkey, dns_tkeyctx::domain, dns_tkeyctx::ectx, dns_tkeyctx::gssapi_keytab, dns_tkeyctx::gsscred, isc_entropy_attach(), isc_mem_attach(), isc_mem_get, ISC_R_NOMEMORY, ISC_R_SUCCESS, dns_tkeyctx::mctx, and REQUIRE.
Referenced by ns_server_create(), and ns_tkeyctx_fromconfig().
| void dns_tkeyctx_destroy | ( | dns_tkeyctx_t ** | tctxp | ) |
Frees all data associated with the TKEY context.
Requires:
Definition at line 117 of file tkey.c.
References dns_tkeyctx::dhkey, dns_name_dynamic(), dns_name_free(), dns_tkeyctx::domain, dst_gssapi_releasecred(), dst_key_free(), dns_tkeyctx::ectx, dns_tkeyctx::gssapi_keytab, dns_tkeyctx::gsscred, isc_entropy_detach(), isc_mem_detach(), isc_mem_free, isc_mem_put, dns_tkeyctx::mctx, mctx, and REQUIRE.
Referenced by load_configuration(), ns_server_destroy(), and ns_tkeyctx_fromconfig().
| static isc_result_t add_rdata_to_list | ( | dns_message_t * | msg, | |
| dns_name_t * | name, | |||
| dns_rdata_t * | rdata, | |||
| isc_uint32_t | ttl, | |||
| dns_namelist_t * | namelist | |||
| ) | [static] |
Definition at line 145 of file tkey.c.
References isc_region::base, dns_message_gettempname(), dns_message_gettemprdata(), dns_message_gettemprdatalist(), dns_message_gettemprdataset(), dns_message_puttempname(), dns_message_puttemprdata(), dns_message_puttemprdatalist(), dns_message_puttemprdataset(), dns_message_takebuffer(), dns_name_dup(), dns_name_init(), dns_rdata_fromregion(), dns_rdata_toregion(), dns_rdatalist_tordataset(), dns_rdataset_disassociate(), dns_rdataset_init(), INSIST, isc_buffer_allocate(), isc_buffer_availableregion, ISC_LINK_LINKED, ISC_LIST_APPEND, ISC_LIST_INIT, ISC_LIST_UNLINK, ISC_R_SUCCESS, isc_region::length, dns_message::mctx, newrdata(), r, dns_rdatalist::rdclass, dns_rdata::rdclass, RETERR, dns_rdatalist::ttl, dns_rdatalist::type, and dns_rdata::type.
Referenced by dns_tkey_builddhquery(), dns_tkey_processquery(), and process_dhtkey().
| static void free_namelist | ( | dns_message_t * | msg, | |
| dns_namelist_t * | namelist | |||
| ) | [static] |
Definition at line 206 of file tkey.c.
References dns_message_puttempname(), dns_message_puttemprdataset(), ISC_LIST_EMPTY, ISC_LIST_HEAD, ISC_LIST_UNLINK, and name.
Referenced by dns_tkey_processquery(), and process_dhtkey().
| static isc_result_t compute_secret | ( | isc_buffer_t * | shared, | |
| isc_region_t * | queryrandomness, | |||
| isc_region_t * | serverrandomness, | |||
| isc_buffer_t * | secret | |||
| ) | [static] |
Definition at line 223 of file tkey.c.
References isc_region::base, isc_buffer_add, isc_buffer_availableregion, isc_buffer_usedregion, ISC_MD5_DIGESTLENGTH, isc_md5_final(), isc_md5_init(), isc_md5_update(), ISC_R_NOSPACE, ISC_R_SUCCESS, isc_region::length, r, and r2.
Referenced by dns_tkey_processdhresponse(), and process_dhtkey().
| static isc_result_t process_dhtkey | ( | dns_message_t * | msg, | |
| dns_name_t * | signer, | |||
| dns_name_t * | name, | |||
| dns_rdata_tkey_t * | tkeyin, | |||
| dns_tkeyctx_t * | tctx, | |||
| dns_rdata_tkey_t * | tkeyout, | |||
| dns_tsig_keyring_t * | ring, | |||
| dns_namelist_t * | namelist | |||
| ) | [static] |
Definition at line 274 of file tkey.c.
References add_rdata_to_list(), isc_region::base, compute_secret(), dns_tkeyctx::dhkey, dns_dnssec_keyfromrdata(), DNS_KEYALG_DH, dns_message_currentname(), dns_message_findtype(), dns_message_firstname(), dns_message_nextname(), dns_name_clone(), dns_name_equal(), dns_name_init(), DNS_R_FORMERR, DNS_R_REFUSED, dns_rdata_fromregion(), DNS_RDATA_INIT, dns_rdata_reset(), dns_rdataset_current(), dns_rdataset_first(), dns_rdataset_next(), DNS_SECTION_ADDITIONAL, DNS_TSIG_HMACMD5_NAME, dns_tsigerror_badalg, dns_tsigerror_badkey, dns_tsigkey_create(), dst__entropy_getdata(), dst_key_alg(), dst_key_computesecret(), dst_key_free(), DST_KEY_MAXSIZE, dst_key_name(), dst_key_paramcompare(), dst_key_secretsize(), dst_key_todns(), free_namelist(), isc_buffer_allocate(), isc_buffer_base, isc_buffer_free(), isc_buffer_init, isc_buffer_usedlength, isc_buffer_usedregion, ISC_FALSE, ISC_LIST_EMPTY, isc_mem_get, isc_mem_put, ISC_R_SUCCESS, isc_result_totext(), ISC_TRUE, isc_region::length, dns_tsig_keyring::mctx, dns_message::mctx, r, r2, RETERR, secret, tkey_log(), TKEY_RANDOM_AMOUNT, dns_rdataset::ttl, and ttl.
Referenced by dns_tkey_processquery().
| static isc_result_t process_gsstkey | ( | dns_name_t * | name, | |
| dns_rdata_tkey_t * | tkeyin, | |||
| dns_tkeyctx_t * | tctx, | |||
| dns_rdata_tkey_t * | tkeyout, | |||
| dns_tsig_keyring_t * | ring | |||
| ) | [static] |
Definition at line 432 of file tkey.c.
References isc_region::base, dns_fixedname_init, dns_fixedname_name, dns_name_equal(), DNS_R_CONTINUE, DNS_R_INVALIDTKEY, dns_rcode_noerror, DNS_TSIG_GSSAPI_NAME, DNS_TSIG_GSSAPIMS_NAME, dns_tsigerror_badalg, dns_tsigerror_badkey, dns_tsigkey_createfromkey(), dns_tsigkey_detach(), dns_tsigkey_find(), dst_gssapi_acceptctx(), dst_key_free(), dst_key_fromgssapi(), dst_key_getgssctx(), dns_tsigkey::expire, dns_tkeyctx::gssapi_keytab, dns_tkeyctx::gsscred, dns_tsigkey::inception, isc_buffer_base, isc_buffer_free(), isc_buffer_usedlength, isc_mem_get, ISC_R_NOMEMORY, ISC_R_NOPERM, ISC_R_SUCCESS, isc_result_totext(), isc_stdtime_get(), ISC_TRUE, dns_tsigkey::key, isc_region::length, dns_tsig_keyring::mctx, dns_tkeyctx::mctx, now, RETERR, tkey_log(), and tsigkey.
Referenced by dns_tkey_processquery().
| static isc_result_t process_deletetkey | ( | dns_name_t * | signer, | |
| dns_name_t * | name, | |||
| dns_rdata_tkey_t * | tkeyin, | |||
| dns_rdata_tkey_t * | tkeyout, | |||
| dns_tsig_keyring_t * | ring | |||
| ) | [static] |
Definition at line 577 of file tkey.c.
References dns_name_equal(), DNS_R_REFUSED, dns_tsigerror_badname, dns_tsigkey_detach(), dns_tsigkey_find(), dns_tsigkey_identity, dns_tsigkey_setdeleted(), ISC_R_SUCCESS, and tsigkey.
Referenced by dns_tkey_processquery().
| isc_result_t dns_tkey_processquery | ( | dns_message_t * | msg, | |
| dns_tkeyctx_t * | tctx, | |||
| dns_tsig_keyring_t * | ring | |||
| ) |
Processes a query containing a TKEY record, adding or deleting TSIG keys if necessary, and modifies the message to contain the response.
Requires:
Definition at line 615 of file tkey.c.
References add_rdata_to_list(), dns_fixedname_init, dns_fixedname_name, dns_message_addname(), dns_message_currentname(), dns_message_findname(), dns_message_firstname(), dns_message_reply(), dns_message_signer(), dns_name_clone(), dns_name_concatenate(), dns_name_copy(), dns_name_countlabels(), dns_name_equal(), dns_name_fromtext(), dns_name_getlabelsequence(), dns_name_init(), DNS_R_FORMERR, DNS_R_NOTIMP, DNS_R_REFUSED, dns_rcode_noerror, dns_rdata_freestruct(), dns_rdata_fromstruct(), dns_rdata_init(), dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_first(), dns_rootname, DNS_SECTION_ADDITIONAL, DNS_SECTION_ANSWER, DNS_SECTION_QUESTION, DNS_TKEYMODE_DELETE, DNS_TKEYMODE_DIFFIEHELLMAN, DNS_TKEYMODE_GSSAPI, DNS_TKEYMODE_RESOLVERASSIGNED, DNS_TKEYMODE_SERVERASSIGNED, dns_tsigerror_badmode, dns_tsigerror_badname, dns_tsigkey_detach(), dns_tsigkey_find(), dns_tkeyctx::domain, dns_tkeyctx::ectx, free_namelist(), hexdigits, isc_buffer_add, isc_buffer_init, isc_entropy_getdata(), ISC_FALSE, ISC_LINK_INIT, ISC_LIST_EMPTY, ISC_LIST_HEAD, ISC_LIST_INIT, ISC_LIST_NEXT, ISC_LIST_UNLINK, isc_mem_put, ISC_R_NOTFOUND, ISC_R_SUCCESS, ISC_TRUE, dns_message::mctx, name, process_deletetkey(), process_dhtkey(), process_gsstkey(), dns_rdata::rdclass, REQUIRE, RETERR, RUNTIME_CHECK, tkey_log(), and tsigkey.
Referenced by ns_query_start().
| static isc_result_t buildquery | ( | dns_message_t * | msg, | |
| dns_name_t * | name, | |||
| dns_rdata_tkey_t * | tkey, | |||
| isc_boolean_t | win2k | |||
| ) | [static] |
Definition at line 859 of file tkey.c.
References dns_message_addname(), dns_message_gettempname(), dns_message_gettemprdata(), dns_message_gettemprdatalist(), dns_message_gettemprdataset(), dns_message_puttempname(), dns_message_puttemprdataset(), dns_message_takebuffer(), dns_name_copy(), dns_name_init(), DNS_NAME_MAXWIRE, dns_rdata_fromstruct(), dns_rdatalist_tordataset(), dns_rdataset_disassociate(), dns_rdataset_init(), dns_rdataset_makequestion(), DNS_SECTION_ADDITIONAL, DNS_SECTION_ANSWER, DNS_SECTION_QUESTION, isc_buffer_allocate(), isc_buffer_free(), ISC_LIST_APPEND, ISC_R_SUCCESS, dns_message::mctx, dns_rdatalist::rdclass, REQUIRE, RETERR, and dns_rdatalist::type.
Referenced by dns_tkey_builddeletequery(), dns_tkey_builddhquery(), and dns_tkey_buildgssquery().
| isc_result_t dns_tkey_builddhquery | ( | dns_message_t * | msg, | |
| dst_key_t * | key, | |||
| dns_name_t * | name, | |||
| dns_name_t * | algorithm, | |||
| isc_buffer_t * | nonce, | |||
| isc_uint32_t | lifetime | |||
| ) |
Builds a query containing a TKEY that will generate a shared secret using a Diffie-Hellman key exchange. The shared key will be of the specified algorithm (only DNS_TSIG_HMACMD5_NAME is supported), and will be named either 'name', 'name' + server chosen domain, or random data + server chosen domain if 'name' == dns_rootname. If nonce is not NULL, it supplies random data used in the shared secret computation. The key is requested to have the specified lifetime (in seconds).
Requires:
Definition at line 943 of file tkey.c.
References add_rdata_to_list(), isc_region::base, buildquery(), DNS_KEYALG_DH, dns_message_addname(), dns_message_gettemprdata(), dns_message_takebuffer(), dns_name_clone(), dns_name_init(), dns_rdata_fromregion(), DNS_SECTION_ADDITIONAL, DNS_TKEYMODE_DIFFIEHELLMAN, dst_key_alg(), dst_key_isprivate(), dst_key_name(), dst_key_todns(), isc_buffer_allocate(), isc_buffer_free(), isc_buffer_usedregion, ISC_FALSE, ISC_LINK_INIT, ISC_LIST_HEAD, ISC_LIST_INIT, ISC_LIST_NEXT, ISC_LIST_UNLINK, isc_mem_get, isc_mem_put, ISC_R_SUCCESS, isc_stdtime_get(), isc_region::length, dns_message::mctx, now, r, REQUIRE, and RETERR.
| isc_result_t dns_tkey_buildgssquery | ( | dns_message_t * | msg, | |
| dns_name_t * | name, | |||
| dns_name_t * | gname, | |||
| isc_buffer_t * | intoken, | |||
| isc_uint32_t | lifetime, | |||
| gss_ctx_id_t * | context, | |||
| isc_boolean_t | win2k, | |||
| isc_mem_t * | mctx, | |||
| char ** | err_message | |||
| ) |
Builds a query containing a TKEY that will generate a GSSAPI context. The key is requested to have the specified lifetime (in seconds).
Requires:
Definition at line 1021 of file tkey.c.
References buildquery(), dns_name_clone(), dns_name_init(), DNS_R_CONTINUE, DNS_TKEYMODE_GSSAPI, DNS_TSIG_GSSAPI_NAME, DNS_TSIG_GSSAPIMS_NAME, dst_gssapi_initctx(), isc_buffer_base, isc_buffer_init, isc_buffer_usedlength, ISC_LINK_INIT, ISC_R_SUCCESS, isc_stdtime_get(), now, REQUIRE, RETERR, token, and UNUSED.
| isc_result_t dns_tkey_builddeletequery | ( | dns_message_t * | msg, | |
| dns_tsigkey_t * | key | |||
| ) |
Builds a query containing a TKEY record that will delete the specified shared secret from the server.
Requires:
Definition at line 1076 of file tkey.c.
References dns_tsigkey::algorithm, buildquery(), dns_name_clone(), dns_name_init(), DNS_TKEYMODE_DELETE, ISC_FALSE, ISC_LINK_INIT, dns_message::mctx, dns_tsigkey::name, and REQUIRE.
| static isc_result_t find_tkey | ( | dns_message_t * | msg, | |
| dns_name_t ** | name, | |||
| dns_rdata_t * | rdata, | |||
| int | section | |||
| ) | [static] |
Definition at line 1098 of file tkey.c.
References dns_message_currentname(), dns_message_findtype(), dns_message_firstname(), dns_message_nextname(), dns_rdataset_current(), dns_rdataset_first(), ISC_R_NOMORE, ISC_R_NOTFOUND, and ISC_R_SUCCESS.
Referenced by dns_tkey_gssnegotiate(), dns_tkey_processdeleteresponse(), dns_tkey_processdhresponse(), and dns_tkey_processgssresponse().
| isc_result_t dns_tkey_processdhresponse | ( | dns_message_t * | qmsg, | |
| dns_message_t * | rmsg, | |||
| dst_key_t * | key, | |||
| isc_buffer_t * | nonce, | |||
| dns_tsigkey_t ** | outkey, | |||
| dns_tsig_keyring_t * | ring | |||
| ) |
Processes a response to a query containing a TKEY that was designed to generate a shared secret using a Diffie-Hellman key exchange. If the query was successful, a new shared key is created and added to the list of shared keys.
Requires:
Definition at line 1126 of file tkey.c.
References isc_region::base, compute_secret(), dns_dnssec_keyfromrdata(), DNS_KEYALG_DH, dns_message_currentname(), dns_message_findname(), dns_message_findtype(), dns_message_firstname(), dns_message_nextname(), dns_name_clone(), dns_name_equal(), dns_name_init(), DNS_R_INVALIDTKEY, dns_rcode_noerror, dns_rdata_freestruct(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_first(), DNS_SECTION_ADDITIONAL, DNS_SECTION_ANSWER, DNS_TKEYMODE_DIFFIEHELLMAN, dns_tsigkey_create(), dst_key_alg(), dst_key_computesecret(), dst_key_free(), dst_key_isprivate(), dst_key_name(), dst_key_secretsize(), find_tkey(), isc_buffer_allocate(), isc_buffer_free(), isc_buffer_init, isc_buffer_usedregion, ISC_FALSE, isc_mem_get, isc_mem_put, ISC_R_NOTFOUND, ISC_R_SUCCESS, ISC_RESULTCLASS_DNSRCODE, ISC_TRUE, isc_region::length, dns_message::mctx, r, r2, dns_message::rcode, REQUIRE, RETERR, secret, tempname, and tkey_log().
| isc_result_t dns_tkey_processgssresponse | ( | dns_message_t * | qmsg, | |
| dns_message_t * | rmsg, | |||
| dns_name_t * | gname, | |||
| gss_ctx_id_t * | context, | |||
| isc_buffer_t * | outtoken, | |||
| dns_tsigkey_t ** | outkey, | |||
| dns_tsig_keyring_t * | ring, | |||
| char ** | err_message | |||
| ) |
XXX.
Definition at line 1256 of file tkey.c.
References _dns_tkey_dumpmessage(), dns_name_equal(), DNS_R_INVALIDTKEY, dns_rcode_noerror, dns_rdata_freestruct(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rootname, DNS_SECTION_ADDITIONAL, DNS_SECTION_ANSWER, DNS_TKEYMODE_GSSAPI, DNS_TSIG_GSSAPI_NAME, dns_tsigkey_createfromkey(), dst_gssapi_initctx(), dst_key_free(), dst_key_fromgssapi(), find_tkey(), isc_buffer_init, ISC_FALSE, ISC_R_NOTFOUND, ISC_R_SUCCESS, ISC_RESULTCLASS_DNSRCODE, dns_message::mctx, dns_tsig_keyring::mctx, dns_message::rcode, REQUIRE, RETERR, and tkey_log().
| isc_result_t dns_tkey_processdeleteresponse | ( | dns_message_t * | qmsg, | |
| dns_message_t * | rmsg, | |||
| dns_tsig_keyring_t * | ring | |||
| ) |
Processes a response to a query containing a TKEY that was designed to delete a shared secret. If the query was successful, the shared key is deleted from the list of shared keys.
Requires:
Definition at line 1334 of file tkey.c.
References dns_name_equal(), DNS_R_INVALIDTKEY, dns_rcode_noerror, dns_rdata_freestruct(), DNS_RDATA_INIT, dns_rdata_tostruct(), DNS_SECTION_ADDITIONAL, DNS_SECTION_ANSWER, DNS_TKEYMODE_DELETE, dns_tsigkey_detach(), dns_tsigkey_find(), dns_tsigkey_setdeleted(), find_tkey(), ISC_RESULTCLASS_DNSRCODE, dns_message::rcode, REQUIRE, RETERR, tempname, tkey_log(), and tsigkey.
| isc_result_t dns_tkey_gssnegotiate | ( | dns_message_t * | qmsg, | |
| dns_message_t * | rmsg, | |||
| dns_name_t * | server, | |||
| gss_ctx_id_t * | context, | |||
| dns_tsigkey_t ** | outkey, | |||
| dns_tsig_keyring_t * | ring, | |||
| isc_boolean_t | win2k, | |||
| char ** | err_message | |||
| ) |
Definition at line 1389 of file tkey.c.
References dns_name_equal(), DNS_R_CONTINUE, DNS_R_INVALIDTKEY, dns_rcode_noerror, dns_rdata_freestruct(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rootname, DNS_SECTION_ADDITIONAL, DNS_SECTION_ANSWER, DNS_TKEYMODE_GSSAPI, DNS_TSIG_GSSAPI_NAME, DNS_TSIG_GSSAPIMS_NAME, dns_tsigkey_createfromkey(), dst_gssapi_initctx(), dst_key_free(), dst_key_fromgssapi(), find_tkey(), isc_buffer_init, ISC_FALSE, ISC_R_SUCCESS, ISC_RESULTCLASS_DNSRCODE, ISC_TRUE, dns_message::mctx, dns_tsig_keyring::mctx, dns_message::rcode, REQUIRE, RETERR, and tkey_log().