2 * Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC")
3 * Copyright (c) 1995-2003 by Internet Software Consortium
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
15 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 * Internet Systems Consortium, Inc.
19 * Redwood City, CA 94063
24 #include <sys/types.h>
25 #include <sys/param.h>
27 #include <netinet/in.h>
28 #include <arpa/inet.h>
29 #include <sys/socket.h>
38 #include "minires/minires.h"
39 #include "arpa/nameser.h"
41 #include <isc-dhcp/dst.h>
45 res_nsendsigned(res_state statp
,
46 double *msg
, unsigned msglen
, ns_tsig_key
*key
,
47 double *answer
, unsigned anslen
, unsigned *anssize
)
54 unsigned bufsize
, siglen
;
63 nstatp
= (res_state
) malloc(sizeof(*statp
));
65 return ISC_R_NOMEMORY
;
66 memcpy(nstatp
, statp
, sizeof(*statp
));
68 bufsize
= msglen
+ 1024;
69 newmsg
= (double *) malloc(bufsize
);
71 return ISC_R_NOMEMORY
;
72 memcpy(newmsg
, msg
, msglen
);
75 if (ns_samename(key
->alg
, NS_TSIG_ALG_HMAC_MD5
) != 1)
78 dstkey
= dst_buffer_to_key(key
->name
, KEY_HMAC_MD5
,
79 NS_KEY_TYPE_AUTH_ONLY
,
90 rcode
= ns_sign((u_char
*)newmsg
, &newmsglen
, bufsize
,
91 NOERROR
, dstkey
, NULL
, 0,
93 if (rcode
!= ISC_R_SUCCESS
) {
99 if (newmsglen
> PACKETSZ
|| (nstatp
->options
& RES_IGNTC
))
102 nstatp
->options
|= RES_IGNTC
;
104 nstatp
->options
|= RES_USEVC
;
108 rcode
= res_nsend(nstatp
, newmsg
, newmsglen
, answer
, anslen
, &ret
);
109 if (rcode
!= ISC_R_SUCCESS
) {
116 rcode
= ns_verify((u_char
*)answer
, &anslen
, dstkey
, sig
, siglen
,
117 NULL
, NULL
, &tsig_time
,
118 (nstatp
->options
& RES_KEEPTSIG
) ? 1 : 0);
119 if (rcode
!= ISC_R_SUCCESS
) {
120 Dprint(nstatp
->pfcode
& RES_PRF_REPLY
,
121 (stdout
, ";; TSIG invalid (%s)\n", p_rcode(ret
)));
126 Dprint(nstatp
->pfcode
& RES_PRF_REPLY
, (stdout
, ";; TSIG ok\n"));
128 hp
= (HEADER
*) answer
;
129 if (hp
->tc
&& usingTCP
== 0) {
130 nstatp
->options
&= ~RES_IGNTC
;
138 return ISC_R_SUCCESS
;