etc/services - sync with NetBSD-8
[minix.git] / external / bsd / bind / dist / bin / named / tkeyconf.c
blob2029f28387f1b93269cc116e97940a91958f7b4a
1 /* $NetBSD: tkeyconf.c,v 1.6 2014/12/10 04:37:52 christos Exp $ */
3 /*
4 * Copyright (C) 2004-2007, 2009, 2010, 2012, 2014 Internet Systems Consortium, Inc. ("ISC")
5 * Copyright (C) 1999-2001 Internet Software Consortium.
7 * Permission to use, copy, modify, and/or distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
11 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
12 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
13 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
14 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
15 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
16 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
17 * PERFORMANCE OF THIS SOFTWARE.
20 /* Id: tkeyconf.c,v 1.33 2010/12/20 23:47:20 tbox Exp */
22 /*! \file */
24 #include <config.h>
26 #include <isc/buffer.h>
27 #include <isc/string.h> /* Required for HP/UX (and others?) */
28 #include <isc/mem.h>
30 #include <isccfg/cfg.h>
32 #include <dns/fixedname.h>
33 #include <dns/keyvalues.h>
34 #include <dns/name.h>
35 #include <dns/tkey.h>
37 #include <dst/gssapi.h>
39 #include <named/tkeyconf.h>
41 #define RETERR(x) do { \
42 result = (x); \
43 if (result != ISC_R_SUCCESS) \
44 goto failure; \
45 } while (/*CONSTCOND*/0)
47 #include<named/log.h>
48 #define LOG(msg) \
49 isc_log_write(ns_g_lctx, \
50 NS_LOGCATEGORY_GENERAL, \
51 NS_LOGMODULE_SERVER, \
52 ISC_LOG_ERROR, \
53 "%s", msg)
55 isc_result_t
56 ns_tkeyctx_fromconfig(const cfg_obj_t *options, isc_mem_t *mctx,
57 isc_entropy_t *ectx, dns_tkeyctx_t **tctxp)
59 isc_result_t result;
60 dns_tkeyctx_t *tctx = NULL;
61 const char *s;
62 isc_uint32_t n;
63 dns_fixedname_t fname;
64 dns_name_t *name;
65 isc_buffer_t b;
66 const cfg_obj_t *obj;
67 int type;
69 result = dns_tkeyctx_create(mctx, ectx, &tctx);
70 if (result != ISC_R_SUCCESS)
71 return (result);
73 obj = NULL;
74 result = cfg_map_get(options, "tkey-dhkey", &obj);
75 if (result == ISC_R_SUCCESS) {
76 s = cfg_obj_asstring(cfg_tuple_get(obj, "name"));
77 n = cfg_obj_asuint32(cfg_tuple_get(obj, "keyid"));
78 isc_buffer_constinit(&b, s, strlen(s));
79 isc_buffer_add(&b, strlen(s));
80 dns_fixedname_init(&fname);
81 name = dns_fixedname_name(&fname);
82 RETERR(dns_name_fromtext(name, &b, dns_rootname, 0, NULL));
83 type = DST_TYPE_PUBLIC|DST_TYPE_PRIVATE|DST_TYPE_KEY;
84 RETERR(dst_key_fromfile(name, (dns_keytag_t) n, DNS_KEYALG_DH,
85 type, NULL, mctx, &tctx->dhkey));
88 obj = NULL;
89 result = cfg_map_get(options, "tkey-domain", &obj);
90 if (result == ISC_R_SUCCESS) {
91 s = cfg_obj_asstring(obj);
92 isc_buffer_constinit(&b, s, strlen(s));
93 isc_buffer_add(&b, strlen(s));
94 dns_fixedname_init(&fname);
95 name = dns_fixedname_name(&fname);
96 RETERR(dns_name_fromtext(name, &b, dns_rootname, 0, NULL));
97 tctx->domain = isc_mem_get(mctx, sizeof(dns_name_t));
98 if (tctx->domain == NULL) {
99 result = ISC_R_NOMEMORY;
100 goto failure;
102 dns_name_init(tctx->domain, NULL);
103 RETERR(dns_name_dup(name, mctx, tctx->domain));
106 obj = NULL;
107 result = cfg_map_get(options, "tkey-gssapi-credential", &obj);
108 if (result == ISC_R_SUCCESS) {
109 s = cfg_obj_asstring(obj);
111 isc_buffer_constinit(&b, s, strlen(s));
112 isc_buffer_add(&b, strlen(s));
113 dns_fixedname_init(&fname);
114 name = dns_fixedname_name(&fname);
115 RETERR(dns_name_fromtext(name, &b, dns_rootname, 0, NULL));
116 RETERR(dst_gssapi_acquirecred(name, ISC_FALSE, &tctx->gsscred));
119 obj = NULL;
120 result = cfg_map_get(options, "tkey-gssapi-keytab", &obj);
121 if (result == ISC_R_SUCCESS) {
122 s = cfg_obj_asstring(obj);
123 tctx->gssapi_keytab = isc_mem_strdup(mctx, s);
124 if (tctx->gssapi_keytab == NULL) {
125 result = ISC_R_NOMEMORY;
126 goto failure;
130 *tctxp = tctx;
131 return (ISC_R_SUCCESS);
133 failure:
134 dns_tkeyctx_destroy(&tctx);
135 return (result);