1 /* $NetBSD: auth.c,v 1.1.1.2 2014/07/12 11:57:58 spz Exp $ */
4 Subroutines having to do with authentication. */
7 * Copyright (c) 2004,2007,2009,2014 by Internet Systems Consortium, Inc. ("ISC")
8 * Copyright (c) 1998-2003 by Internet Software Consortium
10 * Permission to use, copy, modify, and distribute this software for any
11 * purpose with or without fee is hereby granted, provided that the above
12 * copyright notice and this permission notice appear in all copies.
14 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES
15 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
16 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR
17 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
18 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
20 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22 * Internet Systems Consortium, Inc.
24 * Redwood City, CA 94063
26 * https://www.isc.org/
30 #include <sys/cdefs.h>
31 __RCSID("$NetBSD: auth.c,v 1.1.1.2 2014/07/12 11:57:58 spz Exp $");
35 #include <omapip/omapip_p.h>
37 OMAPI_OBJECT_ALLOC (omapi_auth_key
, omapi_auth_key_t
, omapi_type_auth_key
)
38 typedef struct hash omapi_auth_hash_t
;
39 HASH_FUNCTIONS_DECL (omapi_auth_key
, const char *,
40 omapi_auth_key_t
, omapi_auth_hash_t
)
41 omapi_auth_hash_t
*auth_key_hash
;
42 HASH_FUNCTIONS (omapi_auth_key
, const char *, omapi_auth_key_t
,
44 omapi_auth_key_reference
, omapi_auth_key_dereference
,
47 isc_result_t
omapi_auth_key_new (omapi_auth_key_t
**o
, const char *file
,
50 return omapi_auth_key_allocate (o
, file
, line
);
53 isc_result_t
omapi_auth_key_destroy (omapi_object_t
*h
,
54 const char *file
, int line
)
58 if (h
->type
!= omapi_type_auth_key
)
59 return DHCP_R_INVALIDARG
;
60 a
= (omapi_auth_key_t
*)h
;
62 if (auth_key_hash
!= NULL
)
63 omapi_auth_key_hash_delete(auth_key_hash
, a
->name
, 0, MDL
);
67 if (a
->algorithm
!= NULL
)
68 dfree(a
->algorithm
, MDL
);
70 omapi_data_string_dereference(&a
->key
, MDL
);
71 if (a
->tsec_key
!= NULL
)
72 dns_tsec_destroy(&a
->tsec_key
);
77 isc_result_t
omapi_auth_key_enter (omapi_auth_key_t
*a
)
83 if (a
-> type
!= omapi_type_auth_key
)
84 return DHCP_R_INVALIDARG
;
86 tk
= (omapi_auth_key_t
*)0;
88 omapi_auth_key_hash_lookup (&tk
, auth_key_hash
,
91 omapi_auth_key_dereference (&tk
, MDL
);
95 omapi_auth_key_hash_delete (auth_key_hash
,
97 omapi_auth_key_dereference (&tk
, MDL
);
100 if (!omapi_auth_key_new_hash(&auth_key_hash
,
102 return ISC_R_NOMEMORY
;
106 * If possible create a tsec structure for this key,
107 * if we can't create the structure we put out a warning
110 status
= isclib_make_dst_key(a
->name
, a
->algorithm
,
111 a
->key
->value
, a
->key
->len
,
113 if (status
== ISC_R_SUCCESS
) {
114 status
= dns_tsec_create(dhcp_gbl_ctx
.mctx
, dns_tsectype_tsig
,
115 dstkey
, &a
->tsec_key
);
116 dst_key_free(&dstkey
);
118 if (status
!= ISC_R_SUCCESS
)
119 log_error("Unable to create tsec structure for %s", a
->name
);
121 omapi_auth_key_hash_add (auth_key_hash
, a
-> name
, 0, a
, MDL
);
122 return ISC_R_SUCCESS
;
125 isc_result_t
omapi_auth_key_lookup_name (omapi_auth_key_t
**a
,
129 return ISC_R_NOTFOUND
;
130 if (!omapi_auth_key_hash_lookup (a
, auth_key_hash
, name
, 0, MDL
))
131 return ISC_R_NOTFOUND
;
132 return ISC_R_SUCCESS
;
135 isc_result_t
omapi_auth_key_lookup (omapi_object_t
**h
,
140 omapi_value_t
*name
= (omapi_value_t
*)0;
141 omapi_value_t
*algorithm
= (omapi_value_t
*)0;
144 return ISC_R_NOTFOUND
;
147 return DHCP_R_NOKEYS
;
149 status
= omapi_get_value_str (ref
, id
, "name", &name
);
150 if (status
!= ISC_R_SUCCESS
)
153 if ((name
-> value
-> type
!= omapi_datatype_string
) &&
154 (name
-> value
-> type
!= omapi_datatype_data
)) {
155 omapi_value_dereference (&name
, MDL
);
156 return ISC_R_NOTFOUND
;
159 status
= omapi_get_value_str (ref
, id
, "algorithm", &algorithm
);
160 if (status
!= ISC_R_SUCCESS
) {
161 omapi_value_dereference (&name
, MDL
);
165 if ((algorithm
-> value
-> type
!= omapi_datatype_string
) &&
166 (algorithm
-> value
-> type
!= omapi_datatype_data
)) {
167 omapi_value_dereference (&name
, MDL
);
168 omapi_value_dereference (&algorithm
, MDL
);
169 return ISC_R_NOTFOUND
;
173 if (!omapi_auth_key_hash_lookup ((omapi_auth_key_t
**)h
, auth_key_hash
,
175 name
-> value
-> u
.buffer
.value
,
176 name
-> value
-> u
.buffer
.len
, MDL
)) {
177 omapi_value_dereference (&name
, MDL
);
178 omapi_value_dereference (&algorithm
, MDL
);
179 return ISC_R_NOTFOUND
;
182 if (omapi_td_strcasecmp (algorithm
-> value
,
183 ((omapi_auth_key_t
*)*h
) -> algorithm
) != 0) {
184 omapi_value_dereference (&name
, MDL
);
185 omapi_value_dereference (&algorithm
, MDL
);
186 omapi_object_dereference (h
, MDL
);
187 return ISC_R_NOTFOUND
;
190 omapi_value_dereference (&name
, MDL
);
191 omapi_value_dereference (&algorithm
, MDL
);
193 return ISC_R_SUCCESS
;
196 isc_result_t
omapi_auth_key_stuff_values (omapi_object_t
*c
,
203 if (h
-> type
!= omapi_type_auth_key
)
204 return DHCP_R_INVALIDARG
;
205 a
= (omapi_auth_key_t
*)h
;
207 /* Write only the name and algorithm -- not the secret! */
209 status
= omapi_connection_put_name (c
, "name");
210 if (status
!= ISC_R_SUCCESS
)
212 status
= omapi_connection_put_string (c
, a
-> name
);
213 if (status
!= ISC_R_SUCCESS
)
216 if (a
-> algorithm
) {
217 status
= omapi_connection_put_name (c
, "algorithm");
218 if (status
!= ISC_R_SUCCESS
)
220 status
= omapi_connection_put_string (c
, a
-> algorithm
);
221 if (status
!= ISC_R_SUCCESS
)
225 return ISC_R_SUCCESS
;
228 isc_result_t
omapi_auth_key_get_value (omapi_object_t
*h
,
230 omapi_data_string_t
*name
,
231 omapi_value_t
**value
)
236 if (h
-> type
!= omapi_type_auth_key
)
237 return ISC_R_UNEXPECTED
;
238 a
= (omapi_auth_key_t
*)h
;
240 if (omapi_ds_strcmp (name
, "name") == 0) {
242 return omapi_make_string_value
243 (value
, name
, a
-> name
, MDL
);
245 return ISC_R_NOTFOUND
;
246 } else if (omapi_ds_strcmp (name
, "key") == 0) {
248 status
= omapi_value_new (value
, MDL
);
249 if (status
!= ISC_R_SUCCESS
)
252 status
= omapi_data_string_reference
253 (&(*value
) -> name
, name
, MDL
);
254 if (status
!= ISC_R_SUCCESS
) {
255 omapi_value_dereference (value
, MDL
);
259 status
= omapi_typed_data_new (MDL
, &(*value
) -> value
,
262 if (status
!= ISC_R_SUCCESS
) {
263 omapi_value_dereference (value
, MDL
);
267 memcpy ((*value
) -> value
-> u
.buffer
.value
,
268 a
-> key
-> value
, a
-> key
-> len
);
269 return ISC_R_SUCCESS
;
271 return ISC_R_NOTFOUND
;
272 } else if (omapi_ds_strcmp (name
, "algorithm") == 0) {
274 return omapi_make_string_value
275 (value
, name
, a
-> algorithm
, MDL
);
277 return ISC_R_NOTFOUND
;
280 return ISC_R_SUCCESS
;