本文整理汇总了C++中dns_rdata_tostruct函数的典型用法代码示例。如果您正苦于以下问题:C++ dns_rdata_tostruct函数的具体用法?C++ dns_rdata_tostruct怎么用?C++ dns_rdata_tostruct使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了dns_rdata_tostruct函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: setresign
static isc_stdtime_t
setresign(dns_rdataset_t *modified) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_rrsig_t sig;
isc_stdtime_t when;
isc_result_t result;
result = dns_rdataset_first(modified);
INSIST(result == ISC_R_SUCCESS);
dns_rdataset_current(modified, &rdata);
(void)dns_rdata_tostruct(&rdata, &sig, NULL);
if ((rdata.flags & DNS_RDATA_OFFLINE) != 0)
when = 0;
else
when = sig.timeexpire;
dns_rdata_reset(&rdata);
result = dns_rdataset_next(modified);
while (result == ISC_R_SUCCESS) {
dns_rdataset_current(modified, &rdata);
(void)dns_rdata_tostruct(&rdata, &sig, NULL);
if ((rdata.flags & DNS_RDATA_OFFLINE) != 0) {
goto next_rr;
}
if (when == 0 || sig.timeexpire < when)
when = sig.timeexpire;
next_rr:
dns_rdata_reset(&rdata);
result = dns_rdataset_next(modified);
}
INSIST(result == ISC_R_NOMORE);
return (when);
}
开发者ID:ajinkya93,项目名称:netbsd-src,代码行数:33,代码来源:diff.c
示例2: dns_nsec_typepresent
isc_boolean_t
dns_nsec_typepresent(dns_rdata_t *nsec, dns_rdatatype_t type) {
dns_rdata_nsec_t nsecstruct;
isc_result_t result;
isc_boolean_t present;
unsigned int i, len, window;
REQUIRE(nsec != NULL);
REQUIRE(nsec->type == dns_rdatatype_nsec);
/* This should never fail */
result = dns_rdata_tostruct(nsec, &nsecstruct, NULL);
INSIST(result == ISC_R_SUCCESS);
present = ISC_FALSE;
for (i = 0; i < nsecstruct.len; i += len) {
INSIST(i + 2 <= nsecstruct.len);
window = nsecstruct.typebits[i];
len = nsecstruct.typebits[i + 1];
INSIST(len > 0 && len <= 32);
i += 2;
INSIST(i + len <= nsecstruct.len);
if (window * 256 > type)
break;
if ((window + 1) * 256 <= type)
continue;
if (type < (window * 256) + len * 8)
present = ISC_TF(bit_isset(&nsecstruct.typebits[i],
type % 256));
break;
}
dns_rdata_freestruct(&nsec);
return (present);
}
开发者ID:mnagy,项目名称:bind-dynamic_db,代码行数:34,代码来源:nsec.c
示例3: dns_nsec_nseconly
isc_result_t
dns_nsec_nseconly(dns_db_t *db, dns_dbversion_t *version,
isc_boolean_t *answer)
{
dns_dbnode_t *node = NULL;
dns_rdataset_t rdataset;
dns_rdata_dnskey_t dnskey;
isc_result_t result;
REQUIRE(answer != NULL);
dns_rdataset_init(&rdataset);
result = dns_db_getoriginnode(db, &node);
if (result != ISC_R_SUCCESS)
return (result);
result = dns_db_findrdataset(db, node, version, dns_rdatatype_dnskey,
0, 0, &rdataset, NULL);
dns_db_detachnode(db, &node);
if (result == ISC_R_NOTFOUND) {
*answer = ISC_FALSE;
return (ISC_R_SUCCESS);
}
if (result != ISC_R_SUCCESS)
return (result);
for (result = dns_rdataset_first(&rdataset);
result == ISC_R_SUCCESS;
result = dns_rdataset_next(&rdataset)) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &dnskey, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
if (dnskey.algorithm == DST_ALG_RSAMD5 ||
dnskey.algorithm == DST_ALG_RSASHA1 ||
dnskey.algorithm == DST_ALG_DSA ||
dnskey.algorithm == DST_ALG_ECC)
break;
}
dns_rdataset_disassociate(&rdataset);
if (result == ISC_R_SUCCESS)
*answer = ISC_TRUE;
if (result == ISC_R_NOMORE) {
*answer = ISC_FALSE;
result = ISC_R_SUCCESS;
}
return (result);
}
开发者ID:mnagy,项目名称:bind-dynamic_db,代码行数:51,代码来源:nsec.c
示例4: printsoa
static void
printsoa(dns_rdata_t *rdata) {
dns_rdata_soa_t soa;
isc_result_t result;
char namebuf[DNS_NAME_FORMATSIZE];
result = dns_rdata_tostruct(rdata, &soa, NULL);
check_result(result, "dns_rdata_tostruct");
dns_name_format(&soa.origin, namebuf, sizeof(namebuf));
printf("\torigin = %s\n", namebuf);
dns_name_format(&soa.contact, namebuf, sizeof(namebuf));
printf("\tmail addr = %s\n", namebuf);
printf("\tserial = %u\n", soa.serial);
printf("\trefresh = %u\n", soa.refresh);
printf("\tretry = %u\n", soa.retry);
printf("\texpire = %u\n", soa.expire);
printf("\tminimum = %u\n", soa.minimum);
dns_rdata_freestruct(&soa);
}
开发者ID:krichter722,项目名称:bind9,代码行数:20,代码来源:nslookup.c
示例5: add_mac
static isc_result_t
add_mac(dst_context_t *tsigctx, isc_buffer_t *buf) {
dns_rdata_any_tsig_t tsig;
dns_rdata_t rdata = DNS_RDATA_INIT;
isc_buffer_t databuf;
isc_region_t r;
isc_result_t result;
unsigned char tsigbuf[1024];
isc_buffer_usedregion(buf, &r);
dns_rdata_fromregion(&rdata, dns_rdataclass_any,
dns_rdatatype_tsig, &r);
isc_buffer_init(&databuf, tsigbuf, sizeof(tsigbuf));
CHECK(dns_rdata_tostruct(&rdata, &tsig, NULL));
isc_buffer_putuint16(&databuf, tsig.siglen);
isc_buffer_putmem(&databuf, tsig.signature, tsig.siglen);
isc_buffer_usedregion(&databuf, &r);
result = dst_context_adddata(tsigctx, &r);
dns_rdata_freestruct(&tsig);
cleanup:
return (result);
}
开发者ID:k-matsuyama,项目名称:bind9-alt,代码行数:22,代码来源:tsig_test.c
示例6: in_rootns
static isc_result_t
in_rootns(dns_rdataset_t *rootns, dns_name_t *name) {
isc_result_t result;
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_ns_t ns;
if (!dns_rdataset_isassociated(rootns))
return (ISC_R_NOTFOUND);
result = dns_rdataset_first(rootns);
while (result == ISC_R_SUCCESS) {
dns_rdataset_current(rootns, &rdata);
result = dns_rdata_tostruct(&rdata, &ns, NULL);
if (result != ISC_R_SUCCESS)
return (result);
if (dns_name_compare(name, &ns.name) == 0)
return (ISC_R_SUCCESS);
result = dns_rdataset_next(rootns);
}
if (result == ISC_R_NOMORE)
result = ISC_R_NOTFOUND;
return (result);
}
开发者ID:miettal,项目名称:armadillo420_standard,代码行数:23,代码来源:rootns.c
示例7: chase_cnamechain
static void
chase_cnamechain(dns_message_t *msg, dns_name_t *qname) {
isc_result_t result;
dns_rdataset_t *rdataset;
dns_rdata_cname_t cname;
dns_rdata_t rdata = DNS_RDATA_INIT;
unsigned int i = msg->counts[DNS_SECTION_ANSWER];
while (i-- > 0) {
rdataset = NULL;
result = dns_message_findname(msg, DNS_SECTION_ANSWER, qname,
dns_rdatatype_cname, 0, NULL, &rdataset);
if (result != ISC_R_SUCCESS)
return;
result = dns_rdataset_first(rdataset);
check_result(result, "dns_rdataset_first");
dns_rdata_reset(&rdata);
dns_rdataset_current(rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &cname, NULL);
check_result(result, "dns_rdata_tostruct");
dns_name_copy(&cname.cname, qname, NULL);
dns_rdata_freestruct(&cname);
}
}
开发者ID:pspacek,项目名称:bind,代码行数:24,代码来源:nslookup.c
示例8: dns_root_checkhints
void
dns_root_checkhints(dns_view_t *view, dns_db_t *hints, dns_db_t *db) {
isc_result_t result;
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_ns_t ns;
dns_rdataset_t hintns, rootns;
const char *viewname = "", *sep = "";
isc_stdtime_t now;
dns_name_t *name;
dns_fixedname_t fixed;
REQUIRE(hints != NULL);
REQUIRE(db != NULL);
REQUIRE(view != NULL);
isc_stdtime_get(&now);
if (strcmp(view->name, "_bind") != 0 &&
strcmp(view->name, "_default") != 0) {
viewname = view->name;
sep = ": view ";
}
dns_rdataset_init(&hintns);
dns_rdataset_init(&rootns);
dns_fixedname_init(&fixed);
name = dns_fixedname_name(&fixed);
result = dns_db_find(hints, dns_rootname, NULL, dns_rdatatype_ns, 0,
now, NULL, name, &hintns, NULL);
if (result != ISC_R_SUCCESS) {
isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
"checkhints%s%s: unable to get root NS rrset "
"from hints: %s", sep, viewname,
dns_result_totext(result));
goto cleanup;
}
result = dns_db_find(db, dns_rootname, NULL, dns_rdatatype_ns, 0,
now, NULL, name, &rootns, NULL);
if (result != ISC_R_SUCCESS) {
isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
"checkhints%s%s: unable to get root NS rrset "
"from cache: %s", sep, viewname,
dns_result_totext(result));
goto cleanup;
}
/*
* Look for missing root NS names.
*/
result = dns_rdataset_first(&rootns);
while (result == ISC_R_SUCCESS) {
dns_rdataset_current(&rootns, &rdata);
result = dns_rdata_tostruct(&rdata, &ns, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
result = in_rootns(&hintns, &ns.name);
if (result != ISC_R_SUCCESS) {
char namebuf[DNS_NAME_FORMATSIZE];
/* missing from hints */
dns_name_format(&ns.name, namebuf, sizeof(namebuf));
isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
"checkhints%s%s: unable to find root "
"NS '%s' in hints", sep, viewname,
namebuf);
} else
check_address_records(view, hints, db, &ns.name, now);
dns_rdata_reset(&rdata);
result = dns_rdataset_next(&rootns);
}
if (result != ISC_R_NOMORE) {
goto cleanup;
}
/*
* Look for extra root NS names.
*/
result = dns_rdataset_first(&hintns);
while (result == ISC_R_SUCCESS) {
dns_rdataset_current(&hintns, &rdata);
result = dns_rdata_tostruct(&rdata, &ns, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
result = in_rootns(&rootns, &ns.name);
if (result != ISC_R_SUCCESS) {
char namebuf[DNS_NAME_FORMATSIZE];
/* extra entry in hints */
dns_name_format(&ns.name, namebuf, sizeof(namebuf));
isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
"checkhints%s%s: extra NS '%s' in hints",
sep, viewname, namebuf);
}
dns_rdata_reset(&rdata);
result = dns_rdataset_next(&hintns);
}
if (result != ISC_R_NOMORE) {
goto cleanup;
//.........这里部分代码省略.........
开发者ID:execunix,项目名称:vinos,代码行数:101,代码来源:rootns.c
示例9: viastruct
static void
viastruct(dns_rdata_t *rdata, isc_mem_t *mctx,
dns_rdata_t *rdata2, isc_buffer_t *b)
{
isc_result_t result;
void *sp = NULL;
isc_boolean_t need_free = ISC_FALSE;
dns_rdatatype_t rdt;
dns_rdataclass_t rdc;
UNUSED(rdata2); /* XXXMPA remove when fromstruct is ready. */
UNUSED(b);
switch (rdata->type) {
case dns_rdatatype_a6: {
static dns_rdata_in_a6_t in_a6;
result = dns_rdata_tostruct(rdata, sp = &in_a6, NULL);
break;
}
case dns_rdatatype_a: {
switch (rdata->rdclass) {
case dns_rdataclass_hs: {
static dns_rdata_hs_a_t hs_a;
result = dns_rdata_tostruct(rdata, sp = &hs_a, NULL);
break;
}
case dns_rdataclass_in: {
static dns_rdata_in_a_t in_a;
result = dns_rdata_tostruct(rdata, sp = &in_a, NULL);
break;
}
default:
result = ISC_R_NOTIMPLEMENTED;
break;
}
break;
}
case dns_rdatatype_aaaa: {
static dns_rdata_in_aaaa_t in_aaaa;
result = dns_rdata_tostruct(rdata, sp = &in_aaaa, NULL);
break;
}
case dns_rdatatype_afsdb: {
static dns_rdata_afsdb_t afsdb;
result = dns_rdata_tostruct(rdata, sp = &afsdb, NULL);
break;
}
case dns_rdatatype_any: {
result = ISC_R_NOTIMPLEMENTED;
break;
}
case dns_rdatatype_apl: {
switch (rdata->rdclass) {
case dns_rdataclass_in: {
static dns_rdata_in_apl_t in_apl;
result = dns_rdata_tostruct(rdata, sp = &in_apl, NULL);
break;
}
default:
result = ISC_R_NOTIMPLEMENTED;
break;
}
break;
}
case dns_rdatatype_cert: {
static dns_rdata_cert_t cert;
result = dns_rdata_tostruct(rdata, sp = &cert, NULL);
break;
}
case dns_rdatatype_cname: {
static dns_rdata_cname_t cname;
result = dns_rdata_tostruct(rdata, sp = &cname, NULL);
break;
}
case dns_rdatatype_dname: {
static dns_rdata_dname_t dname;
result = dns_rdata_tostruct(rdata, sp = &dname, NULL);
break;
}
case dns_rdatatype_gpos: {
static dns_rdata_gpos_t gpos;
result = dns_rdata_tostruct(rdata, sp = &gpos, NULL);
break;
}
case dns_rdatatype_hinfo: {
static dns_rdata_hinfo_t hinfo;
result = dns_rdata_tostruct(rdata, sp = &hinfo, NULL);
break;
}
case dns_rdatatype_isdn: {
static dns_rdata_isdn_t isdn;
result = dns_rdata_tostruct(rdata, sp = &isdn, NULL);
break;
}
case dns_rdatatype_key: {
static dns_rdata_key_t key;
result = dns_rdata_tostruct(rdata, sp = &key, NULL);
break;
}
case dns_rdatatype_kx: {
//.........这里部分代码省略.........
开发者ID:enukane,项目名称:netbsd-src,代码行数:101,代码来源:rdata_test.c
示例10: dns_tsig_sign
isc_result_t
dns_tsig_sign(dns_message_t *msg) {
dns_tsigkey_t *key;
dns_rdata_any_tsig_t tsig, querytsig;
unsigned char data[128];
isc_buffer_t databuf, sigbuf;
isc_buffer_t *dynbuf;
dns_name_t *owner;
dns_rdata_t *rdata = NULL;
dns_rdatalist_t *datalist;
dns_rdataset_t *dataset;
isc_region_t r;
isc_stdtime_t now;
isc_mem_t *mctx;
dst_context_t *ctx = NULL;
isc_result_t ret;
unsigned char badtimedata[BADTIMELEN];
unsigned int sigsize = 0;
isc_boolean_t response = is_response(msg);
REQUIRE(msg != NULL);
REQUIRE(VALID_TSIG_KEY(dns_message_gettsigkey(msg)));
/*
* If this is a response, there should be a query tsig.
*/
if (response && msg->querytsig == NULL)
return (DNS_R_EXPECTEDTSIG);
dynbuf = NULL;
mctx = msg->mctx;
key = dns_message_gettsigkey(msg);
tsig.mctx = mctx;
tsig.common.rdclass = dns_rdataclass_any;
tsig.common.rdtype = dns_rdatatype_tsig;
ISC_LINK_INIT(&tsig.common, link);
dns_name_init(&tsig.algorithm, NULL);
dns_name_clone(key->algorithm, &tsig.algorithm);
isc_stdtime_get(&now);
tsig.timesigned = now + msg->timeadjust;
tsig.fudge = DNS_TSIG_FUDGE;
tsig.originalid = msg->id;
isc_buffer_init(&databuf, data, sizeof(data));
if (response)
tsig.error = msg->querytsigstatus;
else
tsig.error = dns_rcode_noerror;
if (tsig.error != dns_tsigerror_badtime) {
tsig.otherlen = 0;
tsig.other = NULL;
} else {
isc_buffer_t otherbuf;
tsig.otherlen = BADTIMELEN;
tsig.other = badtimedata;
isc_buffer_init(&otherbuf, tsig.other, tsig.otherlen);
isc_buffer_putuint48(&otherbuf, tsig.timesigned);
}
if (key->key != NULL && tsig.error != dns_tsigerror_badsig) {
unsigned char header[DNS_MESSAGE_HEADERLEN];
isc_buffer_t headerbuf;
isc_uint16_t digestbits;
ret = dst_context_create3(key->key, mctx,
DNS_LOGCATEGORY_DNSSEC,
ISC_TRUE, &ctx);
if (ret != ISC_R_SUCCESS)
return (ret);
/*
* If this is a response, digest the query signature.
*/
if (response) {
dns_rdata_t querytsigrdata = DNS_RDATA_INIT;
ret = dns_rdataset_first(msg->querytsig);
if (ret != ISC_R_SUCCESS)
goto cleanup_context;
dns_rdataset_current(msg->querytsig, &querytsigrdata);
ret = dns_rdata_tostruct(&querytsigrdata, &querytsig,
NULL);
if (ret != ISC_R_SUCCESS)
goto cleanup_context;
isc_buffer_putuint16(&databuf, querytsig.siglen);
if (isc_buffer_availablelength(&databuf) <
querytsig.siglen) {
ret = ISC_R_NOSPACE;
goto cleanup_context;
}
isc_buffer_putmem(&databuf, querytsig.signature,
querytsig.siglen);
isc_buffer_usedregion(&databuf, &r);
//.........这里部分代码省略.........
开发者ID:execunix,项目名称:vinos,代码行数:101,代码来源:tsig.c
示例11: tsig_verify_tcp
static isc_result_t
tsig_verify_tcp(isc_buffer_t *source, dns_message_t *msg) {
dns_rdata_any_tsig_t tsig, querytsig;
isc_region_t r, source_r, header_r, sig_r;
isc_buffer_t databuf;
unsigned char data[32];
dns_name_t *keyname;
dns_rdata_t rdata = DNS_RDATA_INIT;
isc_stdtime_t now;
isc_result_t ret;
dns_tsigkey_t *tsigkey;
dst_key_t *key = NULL;
unsigned char header[DNS_MESSAGE_HEADERLEN];
isc_uint16_t addcount, id;
isc_boolean_t has_tsig = ISC_FALSE;
isc_mem_t *mctx;
REQUIRE(source != NULL);
REQUIRE(msg != NULL);
REQUIRE(dns_message_gettsigkey(msg) != NULL);
REQUIRE(msg->tcp_continuation == 1);
REQUIRE(msg->querytsig != NULL);
if (!is_response(msg))
return (DNS_R_EXPECTEDRESPONSE);
mctx = msg->mctx;
tsigkey = dns_message_gettsigkey(msg);
/*
* Extract and parse the previous TSIG
*/
ret = dns_rdataset_first(msg->querytsig);
if (ret != ISC_R_SUCCESS)
return (ret);
dns_rdataset_current(msg->querytsig, &rdata);
ret = dns_rdata_tostruct(&rdata, &querytsig, NULL);
if (ret != ISC_R_SUCCESS)
return (ret);
dns_rdata_reset(&rdata);
/*
* If there is a TSIG in this message, do some checks.
*/
if (msg->tsig != NULL) {
has_tsig = ISC_TRUE;
keyname = msg->tsigname;
ret = dns_rdataset_first(msg->tsig);
if (ret != ISC_R_SUCCESS)
goto cleanup_querystruct;
dns_rdataset_current(msg->tsig, &rdata);
ret = dns_rdata_tostruct(&rdata, &tsig, NULL);
if (ret != ISC_R_SUCCESS)
goto cleanup_querystruct;
/*
* Do the key name and algorithm match that of the query?
*/
if (!dns_name_equal(keyname, &tsigkey->name) ||
!dns_name_equal(&tsig.algorithm, &querytsig.algorithm)) {
msg->tsigstatus = dns_tsigerror_badkey;
ret = DNS_R_TSIGVERIFYFAILURE;
tsig_log(msg->tsigkey, 2,
"key name and algorithm do not match");
goto cleanup_querystruct;
}
/*
* Is the time ok?
*/
isc_stdtime_get(&now);
if (now + msg->timeadjust > tsig.timesigned + tsig.fudge) {
msg->tsigstatus = dns_tsigerror_badtime;
tsig_log(msg->tsigkey, 2, "signature has expired");
ret = DNS_R_CLOCKSKEW;
goto cleanup_querystruct;
} else if (now + msg->timeadjust <
tsig.timesigned - tsig.fudge) {
msg->tsigstatus = dns_tsigerror_badtime;
tsig_log(msg->tsigkey, 2,
"signature is in the future");
ret = DNS_R_CLOCKSKEW;
goto cleanup_querystruct;
}
}
key = tsigkey->key;
if (msg->tsigctx == NULL) {
ret = dst_context_create3(key, mctx,
DNS_LOGCATEGORY_DNSSEC,
ISC_FALSE, &msg->tsigctx);
if (ret != ISC_R_SUCCESS)
goto cleanup_querystruct;
/*
* Digest the length of the query signature
//.........这里部分代码省略.........
开发者ID:execunix,项目名称:vinos,代码行数:101,代码来源:tsig.c
示例12: dns_tsig_verify
isc_result_t
dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg,
dns_tsig_keyring_t *ring1, dns_tsig_keyring_t *ring2)
{
dns_rdata_any_tsig_t tsig, querytsig;
isc_region_t r, source_r, header_r, sig_r;
isc_buffer_t databuf;
unsigned char data[32];
dns_name_t *keyname;
dns_rdata_t rdata = DNS_RDATA_INIT;
isc_stdtime_t now;
isc_result_t ret;
dns_tsigkey_t *tsigkey;
dst_key_t *key = NULL;
unsigned char header[DNS_MESSAGE_HEADERLEN];
dst_context_t *ctx = NULL;
isc_mem_t *mctx;
isc_uint16_t addcount, id;
unsigned int siglen;
unsigned int alg;
isc_boolean_t response;
REQUIRE(source != NULL);
REQUIRE(DNS_MESSAGE_VALID(msg));
tsigkey = dns_message_gettsigkey(msg);
response = is_response(msg);
REQUIRE(tsigkey == NULL || VALID_TSIG_KEY(tsigkey));
msg->verify_attempted = 1;
if (msg->tcp_continuation) {
if (tsigkey == NULL || msg->querytsig == NULL)
return (DNS_R_UNEXPECTEDTSIG);
return (tsig_verify_tcp(source, msg));
}
/*
* There should be a TSIG record...
*/
if (msg->tsig == NULL)
return (DNS_R_EXPECTEDTSIG);
/*
* If this is a response and there's no key or query TSIG, there
* shouldn't be one on the response.
*/
if (response && (tsigkey == NULL || msg->querytsig == NULL))
return (DNS_R_UNEXPECTEDTSIG);
mctx = msg->mctx;
/*
* If we're here, we know the message is well formed and contains a
* TSIG record.
*/
keyname = msg->tsigname;
ret = dns_rdataset_first(msg->tsig);
if (ret != ISC_R_SUCCESS)
return (ret);
dns_rdataset_current(msg->tsig, &rdata);
ret = dns_rdata_tostruct(&rdata, &tsig, NULL);
if (ret != ISC_R_SUCCESS)
return (ret);
dns_rdata_reset(&rdata);
if (response) {
ret = dns_rdataset_first(msg->querytsig);
if (ret != ISC_R_SUCCESS)
return (ret);
dns_rdataset_current(msg->querytsig, &rdata);
ret = dns_rdata_tostruct(&rdata, &querytsig, NULL);
if (ret != ISC_R_SUCCESS)
return (ret);
}
#if defined(__clang__) && \
( __clang_major__ < 3 || \
(__clang_major__ == 3 && __clang_minor__ < 2) || \
(__clang_major__ == 4 && __clang_minor__ < 2))
/* false positive: http://llvm.org/bugs/show_bug.cgi?id=14461 */
else memset(&querytsig, 0, sizeof(querytsig));
#endif
/*
* Do the key name and algorithm match that of the query?
*/
if (response &&
(!dns_name_equal(keyname, &tsigkey->name) ||
!dns_name_equal(&tsig.algorithm, &querytsig.algorithm))) {
msg->tsigstatus = dns_tsigerror_badkey;
tsig_log(msg->tsigkey, 2,
"key name and algorithm do not match");
return (DNS_R_TSIGVERIFYFAILURE);
}
/*
* Get the current time.
*/
isc_stdtime_get(&now);
//.........这里部分代码省略.........
开发者ID:execunix,项目名称:vinos,代码行数:101,代码来源:tsig.c
示例13: resolve_nsaddress
static void
resolve_nsaddress(isc_task_t *task, isc_event_t *event) {
struct probe_trans *trans = event->ev_arg;
dns_clientresevent_t *rev = (dns_clientresevent_t *)event;
dns_name_t *name;
dns_rdataset_t *rdataset;
dns_rdata_t rdata = DNS_RDATA_INIT;
struct probe_ns *pns = trans->current_ns;
isc_result_t result;
REQUIRE(task == probe_task);
REQUIRE(trans->inuse == ISC_TRUE);
REQUIRE(pns != NULL);
INSIST(outstanding_probes > 0);
for (name = ISC_LIST_HEAD(rev->answerlist); name != NULL;
name = ISC_LIST_NEXT(name, link)) {
for (rdataset = ISC_LIST_HEAD(name->list);
rdataset != NULL;
rdataset = ISC_LIST_NEXT(rdataset, link)) {
(void)print_rdataset(rdataset, name);
if (rdataset->type != dns_rdatatype_a)
continue;
for (result = dns_rdataset_first(rdataset);
result == ISC_R_SUCCESS;
result = dns_rdataset_next(rdataset)) {
dns_rdata_in_a_t rdata_a;
struct server *server;
dns_rdataset_current(rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &rdata_a,
NULL);
if (result != ISC_R_SUCCESS)
continue;
server = isc_mem_get(mctx, sizeof(*server));
if (server == NULL) {
fprintf(stderr, "resolve_nsaddress: "
"mem_get failed");
result = ISC_R_NOMEMORY;
POST(result);
goto cleanup;
}
isc_sockaddr_fromin(&server->address,
&rdata_a.in_addr, 53);
ISC_LINK_INIT(server, link);
server->result_a = none;
server->result_aaaa = none;
ISC_LIST_APPEND(pns->servers, server, link);
}
}
}
cleanup:
dns_client_freeresanswer(client, &rev->answerlist);
dns_client_destroyrestrans(&trans->resid);
isc_event_free(&event);
next_ns:
trans->current_ns = ISC_LIST_NEXT(pns, link);
if (trans->current_ns == NULL) {
trans->current_ns = ISC_LIST_HEAD(trans->nslist);
dns_fixedname_invalidate(&trans->fixedname);
trans->qname = NULL;
result = set_nextqname(trans);
if (result == ISC_R_SUCCESS)
result = probe_name(trans, dns_rdatatype_a);
} else {
result = fetch_nsaddress(trans);
if (result != ISC_R_SUCCESS)
goto next_ns; /* XXX: this is unlikely to succeed */
}
if (result != ISC_R_SUCCESS)
reset_probe(trans);
}
开发者ID:pombredanne,项目名称:NetBSD,代码行数:78,代码来源:nsprobe.c
示例14: ATF_TC_BODY
ATF_TC_BODY(isdn, tc) {
struct {
unsigned char data[64];
size_t len;
isc_boolean_t ok;
} test_data[] = {
{
/* "" */
{ 0x00 }, 1, ISC_TRUE
},
{
/* "\001" */
{ 0x1, 0x01 }, 2, ISC_TRUE
},
{
/* "\001" "" */
{ 0x1, 0x01, 0x00 }, 3, ISC_TRUE
},
{
/* "\000" "\001" */
{ 0x1, 0x01, 0x01, 0x01 }, 4, ISC_TRUE
},
{
/* sentinal */
{ 0x00 }, 0, ISC_FALSE
}
};
unsigned char buf1[1024];
unsigned char buf2[1024];
isc_buffer_t source, target1, target2;
dns_rdata_t rdata;
dns_decompress_t dctx;
isc_result_t result;
size_t i;
dns_rdata_isdn_t isdn;
UNUSED(tc);
for (i = 0; test_data[i].len != 0; i++) {
isc_buffer_init(&source, test_data[i].data, test_data[i].len);
isc_buffer_add(&source, test_data[i].len);
isc_buffer_setactive(&source, test_data[i].len);
isc_buffer_init(&target1, buf1, sizeof(buf1));
dns_rdata_init(&rdata);
dns_decompress_init(&dctx, -1, DNS_DECOMPRESS_ANY);
result = dns_rdata_fromwire(&rdata, dns_rdataclass_in,
dns_rdatatype_isdn, &source,
&dctx, 0, &target1);
dns_decompress_invalidate(&dctx);
if (test_data[i].ok)
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
else
ATF_REQUIRE(result != ISC_R_SUCCESS);
if (result != ISC_R_SUCCESS)
continue;
result = dns_rdata_tostruct(&rdata, &isdn, NULL);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
isc_buffer_init(&target2, buf2, sizeof(buf2));
dns_rdata_reset(&rdata);
result = dns_rdata_fromstruct(&rdata, dns_rdataclass_in,
dns_rdatatype_isdn, &isdn,
&target2);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
ATF_REQUIRE_EQ(isc_buffer_usedlength(&target2),
test_data[i].len);
ATF_REQUIRE_EQ(memcmp(buf2, test_data[i].data,
test_data[i].len), 0);
}
}
开发者ID:gokzy,项目名称:netbsd-src,代码行数:69,代码来源:rdata_test.c
示例15: dns_tkey_processquery
isc_result_t
dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx,
dns_tsig_keyring_t *ring)
{
isc_result_t result = ISC_R_SUCCESS;
dns_rdata_tkey_t tkeyin, tkeyout;
isc_boolean_t freetkeyin = ISC_FALSE;
dns_name_t *qname, *name, *keyname, *signer, tsigner;
dns_fixedname_t fkeyname;
dns_rdataset_t *tkeyset;
dns_rdata_t rdata;
dns_namelist_t namelist;
char tkeyoutdata[512];
isc_buffer_t tkeyoutbuf;
REQUIRE(msg != NULL);
REQUIRE(tctx != NULL);
REQUIRE(ring != NULL);
ISC_LIST_INIT(namelist);
/*
* Interpret the question section.
*/
result = dns_message_firstname(msg, DNS_SECTION_QUESTION);
if (result != ISC_R_SUCCESS)
return (DNS_R_FORMERR);
qname = NULL;
dns_message_currentname(msg, DNS_SECTION_QUESTION, &qname);
/*
* Look for a TKEY record that matches the question.
*/
tkeyset = NULL;
name = NULL;
result = dns_message_findname(msg, DNS_SECTION_ADDITIONAL, qname,
dns_rdatatype_tkey, 0, &name, &tkeyset);
if (result != ISC_R_SUCCESS) {
/*
* Try the answer section, since that's where Win2000
* puts it.
*/
name = NULL;
if (dns_message_findname(msg, DNS_SECTION_ANSWER, qname,
dns_rdatatype_tkey, 0, &name,
&tkeyset) != ISC_R_SUCCESS) {
result = DNS_R_FORMERR;
tkey_log("dns_tkey_processquery: couldn't find a TKEY "
"matching the question");
goto failure;
}
}
result = dns_rdataset_first(tkeyset);
if (result != ISC_R_SUCCESS) {
result = DNS_R_FORMERR;
goto failure;
}
dns_rdata_init(&rdata);
dns_rdataset_current(tkeyset, &rdata);
RETERR(dns_rdata_tostruct(&rdata, &tkeyin, NULL));
freetkeyin = ISC_TRUE;
if (tkeyin.error != dns_rcode_noerror) {
result = DNS_R_FORMERR;
goto failure;
}
/*
* Before we go any farther, verify that the message was signed.
* GSSAPI TKEY doesn't require a signature, the rest do.
*/
dns_name_init(&tsigner, NULL);
result = dns_message_signer(msg, &tsigner);
if (result != ISC_R_SUCCESS) {
if (tkeyin.mode == DNS_TKEYMODE_GSSAPI &&
result == ISC_R_NOTFOUND)
signer = NULL;
else {
tkey_log("dns_tkey_processquery: query was not "
"properly signed - rejecting");
result = DNS_R_FORMERR;
goto failure;
}
} else
signer = &tsigner;
tkeyout.common.rdclass = tkeyin.common.rdclass;
tkeyout.common.rdtype = tkeyin.common.rdtype;
ISC_LINK_INIT(&tkeyout.common, link);
tkeyout.mctx = msg->mctx;
dns_name_init(&tkeyout.algorithm, NULL);
dns_name_clone(&tkeyin.algorithm, &tkeyout.algorithm);
tkeyout.inception = tkeyout.expire = 0;
tkeyout.mode = tkeyin.mode;
tkeyout.error = 0;
tkeyout.keylen = tkeyout.otherlen = 0;
//.........这里部分代码省略.........
开发者ID:chris-wood,项目名称:bind-prime,代码行数:101,代码来源:tkey.c
示例16: dns_dnssec_verifymessage
isc_result_t
dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg,
dst_key_t *key)
{
dns_rdata_sig_t sig; /* SIG(0) */
unsigned char header[DNS_MESSAGE_HEADERLEN];
dns_rdata_t rdata = DNS_RDATA_INIT;
isc_region_t r, source_r, sig_r, header_r;
isc_stdtime_t now;
dst_context_t *ctx = NULL;
isc_mem_t *mctx;
isc_result_t result;
isc_uint16_t addcount;
isc_boolean_t signeedsfree = ISC_FALSE;
REQUIRE(source != NULL);
REQUIRE(msg != NULL);
REQUIRE(key != NULL);
mctx = msg->mctx;
msg->verify_attempted = 1;
if (is_response(msg)) {
if (msg->query.base == NULL)
return (DNS_R_UNEXPECTEDTSIG);
}
isc_buffer_usedregion(source, &source_r);
RETERR(dns_rdataset_first(msg->sig0));
dns_rdataset_current(msg->sig0, &rdata);
RETERR(dns_rdata_tostruct(&rdata, &sig, NULL));
signeedsfree = ISC_TRUE;
if (sig.labels != 0) {
result = DNS_R_SIGINVALID;
goto failure;
}
if (isc_serial_lt(sig.timeexpire, sig.timesigned)) {
result = DNS_R_SIGINVALID;
msg->sig0status = dns_tsigerror_badtime;
goto failure;
}
isc_stdtime_get(&now);
if (isc_serial_lt((isc_uint32_t)now, sig.timesigned)) {
result = DNS_R_SIGFUTURE;
msg->sig0status = dns_tsigerror_badtime;
goto failure;
}
else if (isc_serial_lt(sig.timeexpire, (isc_uint32_t)now)) {
result = DNS_R_SIGEXPIRED;
msg->sig0status = dns_tsigerror_badtime;
goto failure;
}
if (!dns_name_equal(dst_key_name(key), &sig.signer)) {
result = DNS_R_SIGINVALID;
msg->sig0status = dns_tsigerror_badkey;
goto failure;
}
RETERR(dst_context_create(key, mctx, &ctx));
/*
* Digest the SIG(0) record, except for the signature.
*/
dns_rdata_toregion(&rdata, &r);
r.length -= sig.siglen;
RETERR(dst_context_adddata(ctx, &r));
/*
* If this is a response, digest the query.
*/
if (is_response(msg))
RETERR(dst_context_adddata(ctx, &msg->query));
/*
* Extract the header.
*/
memcpy(header, source_r.base, DNS_MESSAGE_HEADERLEN);
/*
* Decrement the additional field counter.
*/
memcpy(&addcount, &header[DNS_MESSAGE_HEADERLEN - 2], 2);
addcount = htons((isc_uint16_t)(ntohs(addcount) - 1));
memcpy(&header[DNS_MESSAGE_HEADERLEN - 2], &addcount, 2);
/*
* Digest the modified header.
*/
header_r.base = (unsigned char *) header;
header_r.length = DNS_MESSAGE_HEADERLEN;
RETERR(dst_context_adddata(ctx, &header_r));
/*
//.........这里部分代码省略.........
开发者ID:OPSF,项目名称:uClinux,代码行数:101,代码来源:dnssec.c
示例17: dns_dnssec_verify2
isc_result_t
dns_dnssec_verify2(dns_name_t *name, dns_rdataset_t *set, dst_key_t *key,
isc_boolean_t ignoretime, isc_mem_t *mctx,
dns_rdata_t *sigrdata, dns_name_t *wild)
{
dns_rdata_rrsig_t sig;
dns_fixedname_t fnewname;
isc_region_t r;
isc_buffer_t envbuf;
dns_rdata_t *rdatas;
int nrdatas, i;
isc_stdtime_t now;
isc_result_t ret;
unsigned char data[300];
dst_context_t *ctx = NULL;
int labels = 0;
isc_uint32_t flags;
REQUIRE(name != NULL);
REQUIRE(set != NULL);
REQUIRE(key != NULL);
REQUIRE(mctx != NULL);
REQUIRE(sigrdata != NULL && sigrdata->type == dns_rdatatype_rrsig);
ret = dns_rdata_tostruct(sigrdata, &sig, NULL);
if (ret != ISC_R_SUCCESS)
return (ret);
if (isc_serial_lt(sig.timeexpire, sig.timesigned))
return (DNS_R_SIGINVALID);
if (!ignoretime) {
isc_stdtime_get(&now);
/*
* Is SIG temporally valid?
*/
if (isc_serial_lt((isc_uint32_t)now, sig.timesigned))
return (DNS_R_SIGFUTURE);
else if (isc_serial_lt(sig.timeexpire, (isc_uint32_t)now))
return (DNS_R_SIGEXPIRED);
}
/*
* Is the key allowed to sign data?
*/
flags = dst_key_flags(key);
if (flags & DNS_KEYTYPE_NOAUTH)
return (DNS_R_KEYUNAUTHORIZED);
if ((flags & DNS_KEYFLAG_OWNERMASK) != DNS_KEYOWNER_ZONE)
return (DNS_R_KEYUNAUTHORIZED);
ret = dst_context_create(key, mctx, &ctx);
if (ret != ISC_R_SUCCESS)
goto cleanup_struct;
/*
* Digest the SIG rdata (not including the signature).
*/
ret = digest_sig(ctx, sigrdata, &sig);
if (ret != ISC_R_SUCCESS)
goto cleanup_context;
/*
* If the name is an expanded wildcard, use the wildcard name.
*/
dns_fixedname_init(&fnewname);
labels = dns_name_countlabels(name) - 1;
RUNTIME_CHECK(dns_name_downcase(name, dns_fixedname_name(&fnewname),
NULL) == ISC_R_SUCCESS);
if (labels - sig.labels > 0)
dns_name_split(dns_fixedname_name(&fnewname), sig.labels + 1,
NULL, dns_fixedname_name(&fnewname));
dns_name_toregion(dns_fixedname_name(&fnewname), &r);
/*
* Create an envelope for each rdata: <name|type|class|ttl>.
*/
isc_buffer_init(&envbuf, data, sizeof(data));
if (labels - sig.labels > 0) {
isc_buffer_putuint8(&envbuf, 1);
isc_buffer_putuint8(&envbuf, '*');
memcpy(data + 2, r.base, r.length);
}
else
memcpy(data, r.base, r.length);
isc_buffer_add(&envbuf, r.length);
isc_buffer_putuint16(&envbuf, set->type);
isc_buffer_putuint16(&envbuf, set->rdclass);
isc_buffer_putuint32(&envbuf, sig.originalttl);
ret = rdataset_to_sortedarray(set, mctx, &rdatas, &nrdatas);
if (ret != ISC_R_SUCCESS)
goto cleanup_context;
isc_buffer_usedregion(&envbuf, &r);
for (i = 0; i < nrdatas; i++) {
isc_uint16_t len;
//.........这里部分代码省略.........
开发者ID:OPSF,项目名称:uClinux,代码行数:101,代码来源:dnssec.c
示例18: dns_ncache_getsigrdataset
isc_result_t
dns_ncache_getsigrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name,
dns_rdatatype_t covers, dns_rdataset_t *rdataset)
{
dns_name_t tname;
dns_rdata_rrsig_t rrsig;
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_t clone;
dns_rdatatype_t type;
dns_trust_t trust = dns_trust_none;
isc_buffer_t source;
isc_region_t remaining, sigregion;
isc_result_t result;
unsigned char *raw;
unsigned int count;
REQUIRE(ncacherdataset != NULL);
REQUIRE(ncacherdataset->type == 0);
REQUIRE((ncacherdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0);
REQUIRE(name != NULL);
REQUIRE(!dns_rdataset_isassociated(rdataset));
dns_rdataset_init(&clone);
dns_rdataset_clone(ncacherdataset, &clone);
result = dns_rdataset_first(&clone);
while (result == ISC_R_SUCCESS) {
dns_rdataset_current(&clone, &rdata);
isc_buffer_init(&source, rdata.data, rdata.length);
isc_buffer_add(&source, rdata.length);
dns_name_init(&tname, NULL);
isc_buffer_remainingregion(&source, &remaining);
dns_name_fromregion(&tname, &remaining);
INSIST(remaining.length >= tname.length);
isc_buffer_forward(&source, tname.length);
isc_region_consume(&remaining, tname.length);
INSIST(remaining.length >= 2);
type = isc_buffer_getuint16(&source);
isc_region_consume(&remaining, 2);
if (type != dns_rdatatype_rrsig ||
!dns_name_equal(&tname, name)) {
result = dns_rdataset_next(&clone);
dns_rdata_reset(&rdata);
continue;
}
INSIST(remaining.length >= 1);
trust = isc_buffer_getuint8(&source);
INSIST(trust <= dns_trust_ultimate);
isc_region_consume(&remaining, 1);
raw = remaining.base;
count = raw[0] * 256 + raw[1];
INSIST(count > 0);
raw += 2;
sigregion.length = raw[0] * 256 + raw[1];
raw += 2;
sigregion.base = raw;
dns_rdata_reset(&rdata);
dns_rdata_fromregion(&rdata, rdataset->rdclass,
dns_rdatatype_rrsig, &sigregion);
(void)dns_rdata_tostruct(&rdata, &rrsig, NULL);
if (rrsig.covered == covers) {
isc_buffer_remainingregion(&source, &remaining);
break;
}
result = dns_rdataset_next(&clone);
dns_rdata_reset(&rdata);
}
dns_rdataset_disassociate(&clone);
if (result == ISC_R_NOMORE)
return (ISC_R_NOTFOUND);
if (result != ISC_R_SUCCESS)
return (result);
INSIST(remaining.length != 0);
rdataset->methods = &rdataset_methods;
rdataset->rdclass = ncacherdataset->rdclass;
rdataset->type = dns_rdatatype_rrsig;
rdataset->covers = covers;
rdataset->ttl = ncacherdataset->ttl;
rdataset->trust = trust;
rdataset->private1 = NULL;
rdataset->private2 = NULL;
rdataset->private3 = remaining.base;
/*
* Reset iterator state.
*/
rdataset->privateuint4 = 0;
rdataset->private5 = NULL;
rdataset->private6 = NULL;
return (ISC_R_SUCCESS);
}
开发者ID:chris-wood,项目名称:bind-prime,代码行数:98,代码来源:ncache.c
示例19: emit
static void
emit(unsigned int dtype, isc_boolean_t showall, char *lookaside,
dns_rdata_t *rdata)
{
isc_result_t result;
unsigned char buf[DNS_DS_BUFFERSIZE];
char text_buf[DST_KEY_MAXTEXTSIZE];
char name_buf[DNS_NAME_MAXWIRE];
char class_buf[10];
isc_buffer_t textb, nameb, classb;
isc_region_t r;
dns_rdata_t ds;
dns_rdata_dnskey_t dnskey;
isc_buffer_init(&textb, text_buf, sizeof(text_buf));
isc_buffer_init(&nameb, name_buf, sizeof(name_buf));
isc_buffer_init(&classb, class_buf, sizeof(class_buf));
dns_rdata_init(&ds);
result = dns_rdata_tostruct(rdata, &dnskey, NULL);
if (result != ISC_R_SUCCESS)
fatal("can't convert DNSKEY");
if ((dnskey.flags & DNS_KEYFLAG_KSK) == 0 && !showall)
return;
result = dns_ds_buildrdata(name, rdata, dtype, buf, &ds);
if (result != ISC_R_SUCCESS)
fatal("can't build record");
result = dns_name_totext(name, ISC_FALSE, &nameb);
if (result != ISC_R_SUCCESS)
fatal("can't print name");
/* Add lookaside origin, if set */
if (lookaside != NULL) {
if (isc_buffer_availablelength(&nameb) < strlen(lookaside))
fatal("DLV origin '%s' is too long", lookaside);
isc_buffer_putstr(&nameb, lookaside);
if (lookaside[strlen(lookaside) - 1] != '.') {
if (isc_buffer_availablelength(&nameb) < 1)
fatal("DLV origin '%s' is too long", lookaside);
isc_buffer_putstr(&nameb, ".");
}
}
result = dns_rdata_totext(&ds, (dns_name_t *) NULL, &textb);
if (result != ISC_R_SUCCESS)
fatal("can't print rdata");
result = dns_rdataclass_totext(rdclass, &classb);
if (result != ISC_R_SUCCESS)
fatal("can't print class");
isc_buffer_usedregion(&nameb, &r);
printf("%.*s ", (int)r.length, r.base);
isc_buffer_usedregion(&classb, &r);
printf("%.*s", (int)r.length, r.base);
if (lookaside == NULL)
printf(" DS ");
else
printf(" DLV ");
isc_buffer_usedregion(&textb, &r);
printf("%.*s\n", (int)r.length, r.base);
}
开发者ID:AlexZhao,项目名称:freebsd,代码行数:69,代码来源:dnssec-dsfromkey.c
示例20: dns_ncache_current
|
客服电话
APP下载
官方微信
请发表评论