2
* Copyright (c) 2004,2007 by Internet Systems Consortium, Inc. ("ISC")
3
* Copyright (c) 1995-2003 by Internet Software Consortium
5
* Permission to use, copy, modify, and distribute this software for any
6
* purpose with or without fee is hereby granted, provided that the above
7
* copyright notice and this permission notice appear in all copies.
9
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES
10
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR
12
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
15
* OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
* Internet Systems Consortium, Inc.
19
* Redwood City, CA 94063
24
#include <sys/types.h>
25
#include <sys/param.h>
27
#include <netinet/in.h>
28
#include <arpa/inet.h>
29
#include <sys/socket.h>
38
#include "minires/minires.h"
39
#include "arpa/nameser.h"
41
#include <isc-dhcp/dst.h>
45
res_nsendsigned(res_state statp,
46
double *msg, unsigned msglen, ns_tsig_key *key,
47
double *answer, unsigned anslen, unsigned *anssize)
54
unsigned bufsize, siglen;
63
nstatp = (res_state) malloc(sizeof(*statp));
65
return ISC_R_NOMEMORY;
66
memcpy(nstatp, statp, sizeof(*statp));
68
bufsize = msglen + 1024;
69
newmsg = (double *) malloc(bufsize);
72
return ISC_R_NOMEMORY;
74
memcpy(newmsg, msg, msglen);
77
if (ns_samename(key->alg, NS_TSIG_ALG_HMAC_MD5) != 1)
80
dstkey = dst_buffer_to_key(key->name, KEY_HMAC_MD5,
81
NS_KEY_TYPE_AUTH_ONLY,
92
rcode = ns_sign((u_char *)newmsg, &newmsglen, bufsize,
93
NOERROR, dstkey, NULL, 0,
95
if (rcode != ISC_R_SUCCESS) {
102
if (newmsglen > PACKETSZ || (nstatp->options & RES_IGNTC))
105
nstatp->options |= RES_IGNTC;
107
nstatp->options |= RES_USEVC;
111
rcode = res_nsend(nstatp, newmsg, newmsglen, answer, anslen, &ret);
112
if (rcode != ISC_R_SUCCESS) {
113
dst_free_key(dstkey);
120
rcode = ns_verify((u_char *)answer, &anslen, dstkey, sig, siglen,
121
NULL, NULL, &tsig_time,
122
(nstatp->options & RES_KEEPTSIG) ? 1 : 0);
123
if (rcode != ISC_R_SUCCESS) {
124
Dprint(nstatp->pfcode & RES_PRF_REPLY,
125
(stdout, ";; TSIG invalid (%s)\n", p_rcode(ret)));
126
dst_free_key(dstkey);
131
Dprint(nstatp->pfcode & RES_PRF_REPLY, (stdout, ";; TSIG ok\n"));
133
hp = (HEADER *) answer;
134
if (hp->tc && usingTCP == 0) {
135
nstatp->options &= ~RES_IGNTC;
140
dst_free_key(dstkey);
144
return ISC_R_SUCCESS;