Edit File by line
/home/barbar84/www/wp-conte.../plugins/sujqvwi/ExeBy/exe_root.../usr/include/bind9/dns
File: tsig.h
/*
[0] Fix | Delete
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
[1] Fix | Delete
*
[2] Fix | Delete
* This Source Code Form is subject to the terms of the Mozilla Public
[3] Fix | Delete
* License, v. 2.0. If a copy of the MPL was not distributed with this
[4] Fix | Delete
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
[5] Fix | Delete
*
[6] Fix | Delete
* See the COPYRIGHT file distributed with this work for additional
[7] Fix | Delete
* information regarding copyright ownership.
[8] Fix | Delete
*/
[9] Fix | Delete
[10] Fix | Delete
[11] Fix | Delete
#ifndef DNS_TSIG_H
[12] Fix | Delete
#define DNS_TSIG_H 1
[13] Fix | Delete
[14] Fix | Delete
/*! \file dns/tsig.h */
[15] Fix | Delete
[16] Fix | Delete
#include <stdbool.h>
[17] Fix | Delete
[18] Fix | Delete
#include <isc/lang.h>
[19] Fix | Delete
#include <isc/refcount.h>
[20] Fix | Delete
#include <isc/rwlock.h>
[21] Fix | Delete
#include <isc/stdio.h>
[22] Fix | Delete
#include <isc/stdtime.h>
[23] Fix | Delete
[24] Fix | Delete
#include <pk11/site.h>
[25] Fix | Delete
[26] Fix | Delete
#include <dns/types.h>
[27] Fix | Delete
#include <dns/name.h>
[28] Fix | Delete
[29] Fix | Delete
#include <dst/dst.h>
[30] Fix | Delete
[31] Fix | Delete
/*
[32] Fix | Delete
* Algorithms.
[33] Fix | Delete
*/
[34] Fix | Delete
#ifndef PK11_MD5_DISABLE
[35] Fix | Delete
LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_hmacmd5_name;
[36] Fix | Delete
#define DNS_TSIG_HMACMD5_NAME dns_tsig_hmacmd5_name
[37] Fix | Delete
#endif
[38] Fix | Delete
LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_gssapi_name;
[39] Fix | Delete
#define DNS_TSIG_GSSAPI_NAME dns_tsig_gssapi_name
[40] Fix | Delete
LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_gssapims_name;
[41] Fix | Delete
#define DNS_TSIG_GSSAPIMS_NAME dns_tsig_gssapims_name
[42] Fix | Delete
LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_hmacsha1_name;
[43] Fix | Delete
#define DNS_TSIG_HMACSHA1_NAME dns_tsig_hmacsha1_name
[44] Fix | Delete
LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_hmacsha224_name;
[45] Fix | Delete
#define DNS_TSIG_HMACSHA224_NAME dns_tsig_hmacsha224_name
[46] Fix | Delete
LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_hmacsha256_name;
[47] Fix | Delete
#define DNS_TSIG_HMACSHA256_NAME dns_tsig_hmacsha256_name
[48] Fix | Delete
LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_hmacsha384_name;
[49] Fix | Delete
#define DNS_TSIG_HMACSHA384_NAME dns_tsig_hmacsha384_name
[50] Fix | Delete
LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_hmacsha512_name;
[51] Fix | Delete
#define DNS_TSIG_HMACSHA512_NAME dns_tsig_hmacsha512_name
[52] Fix | Delete
[53] Fix | Delete
/*%
[54] Fix | Delete
* Default fudge value.
[55] Fix | Delete
*/
[56] Fix | Delete
#define DNS_TSIG_FUDGE 300
[57] Fix | Delete
[58] Fix | Delete
struct dns_tsig_keyring {
[59] Fix | Delete
dns_rbt_t *keys;
[60] Fix | Delete
unsigned int writecount;
[61] Fix | Delete
isc_rwlock_t lock;
[62] Fix | Delete
isc_mem_t *mctx;
[63] Fix | Delete
/*
[64] Fix | Delete
* LRU list of generated key along with a count of the keys on the
[65] Fix | Delete
* list and a maximum size.
[66] Fix | Delete
*/
[67] Fix | Delete
unsigned int generated;
[68] Fix | Delete
unsigned int maxgenerated;
[69] Fix | Delete
ISC_LIST(dns_tsigkey_t) lru;
[70] Fix | Delete
isc_refcount_t references;
[71] Fix | Delete
};
[72] Fix | Delete
[73] Fix | Delete
struct dns_tsigkey {
[74] Fix | Delete
/* Unlocked */
[75] Fix | Delete
unsigned int magic; /*%< Magic number. */
[76] Fix | Delete
isc_mem_t *mctx;
[77] Fix | Delete
dst_key_t *key; /*%< Key */
[78] Fix | Delete
dns_name_t name; /*%< Key name */
[79] Fix | Delete
dns_name_t *algorithm; /*%< Algorithm name */
[80] Fix | Delete
dns_name_t *creator; /*%< name that created secret */
[81] Fix | Delete
bool generated; /*%< was this generated? */
[82] Fix | Delete
isc_stdtime_t inception; /*%< start of validity period */
[83] Fix | Delete
isc_stdtime_t expire; /*%< end of validity period */
[84] Fix | Delete
dns_tsig_keyring_t *ring; /*%< the enclosing keyring */
[85] Fix | Delete
isc_refcount_t refs; /*%< reference counter */
[86] Fix | Delete
ISC_LINK(dns_tsigkey_t) link;
[87] Fix | Delete
};
[88] Fix | Delete
[89] Fix | Delete
ISC_LANG_BEGINDECLS
[90] Fix | Delete
[91] Fix | Delete
const dns_name_t *
[92] Fix | Delete
dns_tsigkey_identity(const dns_tsigkey_t *tsigkey);
[93] Fix | Delete
/*%<
[94] Fix | Delete
* Returns the identity of the provided TSIG key.
[95] Fix | Delete
*
[96] Fix | Delete
* Requires:
[97] Fix | Delete
*\li 'tsigkey' is a valid TSIG key or NULL
[98] Fix | Delete
*
[99] Fix | Delete
* Returns:
[100] Fix | Delete
*\li NULL if 'tsigkey' was NULL
[101] Fix | Delete
*\li identity of the provided TSIG key
[102] Fix | Delete
*/
[103] Fix | Delete
[104] Fix | Delete
isc_result_t
[105] Fix | Delete
dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm,
[106] Fix | Delete
unsigned char *secret, int length, bool generated,
[107] Fix | Delete
dns_name_t *creator, isc_stdtime_t inception,
[108] Fix | Delete
isc_stdtime_t expire, isc_mem_t *mctx,
[109] Fix | Delete
dns_tsig_keyring_t *ring, dns_tsigkey_t **key);
[110] Fix | Delete
[111] Fix | Delete
isc_result_t
[112] Fix | Delete
dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm,
[113] Fix | Delete
dst_key_t *dstkey, bool generated,
[114] Fix | Delete
dns_name_t *creator, isc_stdtime_t inception,
[115] Fix | Delete
isc_stdtime_t expire, isc_mem_t *mctx,
[116] Fix | Delete
dns_tsig_keyring_t *ring, dns_tsigkey_t **key);
[117] Fix | Delete
/*%<
[118] Fix | Delete
* Creates a tsig key structure and saves it in the keyring. If key is
[119] Fix | Delete
* not NULL, *key will contain a copy of the key. The keys validity
[120] Fix | Delete
* period is specified by (inception, expire), and will not expire if
[121] Fix | Delete
* inception == expire. If the key was generated, the creating identity,
[122] Fix | Delete
* if there is one, should be in the creator parameter. Specifying an
[123] Fix | Delete
* unimplemented algorithm will cause failure only if dstkey != NULL; this
[124] Fix | Delete
* allows a transient key with an invalid algorithm to exist long enough
[125] Fix | Delete
* to generate a BADKEY response.
[126] Fix | Delete
*
[127] Fix | Delete
* If dns_tsigkey_createfromkey is successful a new reference to 'dstkey'
[128] Fix | Delete
* will have been made.
[129] Fix | Delete
*
[130] Fix | Delete
* Requires:
[131] Fix | Delete
*\li 'name' is a valid dns_name_t
[132] Fix | Delete
*\li 'algorithm' is a valid dns_name_t
[133] Fix | Delete
*\li 'secret' is a valid pointer
[134] Fix | Delete
*\li 'length' is an integer >= 0
[135] Fix | Delete
*\li 'dstkey' is a valid dst key or NULL
[136] Fix | Delete
*\li 'creator' points to a valid dns_name_t or is NULL
[137] Fix | Delete
*\li 'mctx' is a valid memory context
[138] Fix | Delete
*\li 'ring' is a valid TSIG keyring or NULL
[139] Fix | Delete
*\li 'key' or '*key' must be NULL
[140] Fix | Delete
*
[141] Fix | Delete
* Returns:
[142] Fix | Delete
*\li #ISC_R_SUCCESS
[143] Fix | Delete
*\li #ISC_R_EXISTS - a key with this name already exists
[144] Fix | Delete
*\li #ISC_R_NOTIMPLEMENTED - algorithm is not implemented
[145] Fix | Delete
*\li #ISC_R_NOMEMORY
[146] Fix | Delete
*/
[147] Fix | Delete
[148] Fix | Delete
void
[149] Fix | Delete
dns_tsigkey_attach(dns_tsigkey_t *source, dns_tsigkey_t **targetp);
[150] Fix | Delete
/*%<
[151] Fix | Delete
* Attach '*targetp' to 'source'.
[152] Fix | Delete
*
[153] Fix | Delete
* Requires:
[154] Fix | Delete
*\li 'key' is a valid TSIG key
[155] Fix | Delete
*
[156] Fix | Delete
* Ensures:
[157] Fix | Delete
*\li *targetp is attached to source.
[158] Fix | Delete
*/
[159] Fix | Delete
[160] Fix | Delete
void
[161] Fix | Delete
dns_tsigkey_detach(dns_tsigkey_t **keyp);
[162] Fix | Delete
/*%<
[163] Fix | Delete
* Detaches from the tsig key structure pointed to by '*key'.
[164] Fix | Delete
*
[165] Fix | Delete
* Requires:
[166] Fix | Delete
*\li 'keyp' is not NULL and '*keyp' is a valid TSIG key
[167] Fix | Delete
*
[168] Fix | Delete
* Ensures:
[169] Fix | Delete
*\li 'keyp' points to NULL
[170] Fix | Delete
*/
[171] Fix | Delete
[172] Fix | Delete
void
[173] Fix | Delete
dns_tsigkey_setdeleted(dns_tsigkey_t *key);
[174] Fix | Delete
/*%<
[175] Fix | Delete
* Prevents this key from being used again. It will be deleted when
[176] Fix | Delete
* no references exist.
[177] Fix | Delete
*
[178] Fix | Delete
* Requires:
[179] Fix | Delete
*\li 'key' is a valid TSIG key on a keyring
[180] Fix | Delete
*/
[181] Fix | Delete
[182] Fix | Delete
isc_result_t
[183] Fix | Delete
dns_tsig_sign(dns_message_t *msg);
[184] Fix | Delete
/*%<
[185] Fix | Delete
* Generates a TSIG record for this message
[186] Fix | Delete
*
[187] Fix | Delete
* Requires:
[188] Fix | Delete
*\li 'msg' is a valid message
[189] Fix | Delete
*\li 'msg->tsigkey' is a valid TSIG key
[190] Fix | Delete
*\li 'msg->tsig' is NULL
[191] Fix | Delete
*
[192] Fix | Delete
* Returns:
[193] Fix | Delete
*\li #ISC_R_SUCCESS
[194] Fix | Delete
*\li #ISC_R_NOMEMORY
[195] Fix | Delete
*\li #ISC_R_NOSPACE
[196] Fix | Delete
*\li #DNS_R_EXPECTEDTSIG
[197] Fix | Delete
* - this is a response & msg->querytsig is NULL
[198] Fix | Delete
*/
[199] Fix | Delete
[200] Fix | Delete
isc_result_t
[201] Fix | Delete
dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg,
[202] Fix | Delete
dns_tsig_keyring_t *ring1, dns_tsig_keyring_t *ring2);
[203] Fix | Delete
/*%<
[204] Fix | Delete
* Verifies the TSIG record in this message
[205] Fix | Delete
*
[206] Fix | Delete
* Requires:
[207] Fix | Delete
*\li 'source' is a valid buffer containing the unparsed message
[208] Fix | Delete
*\li 'msg' is a valid message
[209] Fix | Delete
*\li 'msg->tsigkey' is a valid TSIG key if this is a response
[210] Fix | Delete
*\li 'msg->tsig' is NULL
[211] Fix | Delete
*\li 'msg->querytsig' is not NULL if this is a response
[212] Fix | Delete
*\li 'ring1' and 'ring2' are each either a valid keyring or NULL
[213] Fix | Delete
*
[214] Fix | Delete
* Returns:
[215] Fix | Delete
*\li #ISC_R_SUCCESS
[216] Fix | Delete
*\li #ISC_R_NOMEMORY
[217] Fix | Delete
*\li #DNS_R_EXPECTEDTSIG - A TSIG was expected but not seen
[218] Fix | Delete
*\li #DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected
[219] Fix | Delete
*\li #DNS_R_TSIGERRORSET - the TSIG verified but ->error was set
[220] Fix | Delete
* and this is a query
[221] Fix | Delete
*\li #DNS_R_CLOCKSKEW - the TSIG failed to verify because of
[222] Fix | Delete
* the time was out of the allowed range.
[223] Fix | Delete
*\li #DNS_R_TSIGVERIFYFAILURE - the TSIG failed to verify
[224] Fix | Delete
*\li #DNS_R_EXPECTEDRESPONSE - the message was set over TCP and
[225] Fix | Delete
* should have been a response,
[226] Fix | Delete
* but was not.
[227] Fix | Delete
*/
[228] Fix | Delete
[229] Fix | Delete
isc_result_t
[230] Fix | Delete
dns_tsigkey_find(dns_tsigkey_t **tsigkey, dns_name_t *name,
[231] Fix | Delete
dns_name_t *algorithm, dns_tsig_keyring_t *ring);
[232] Fix | Delete
/*%<
[233] Fix | Delete
* Returns the TSIG key corresponding to this name and (possibly)
[234] Fix | Delete
* algorithm. Also increments the key's reference counter.
[235] Fix | Delete
*
[236] Fix | Delete
* Requires:
[237] Fix | Delete
*\li 'tsigkey' is not NULL
[238] Fix | Delete
*\li '*tsigkey' is NULL
[239] Fix | Delete
*\li 'name' is a valid dns_name_t
[240] Fix | Delete
*\li 'algorithm' is a valid dns_name_t or NULL
[241] Fix | Delete
*\li 'ring' is a valid keyring
[242] Fix | Delete
*
[243] Fix | Delete
* Returns:
[244] Fix | Delete
*\li #ISC_R_SUCCESS
[245] Fix | Delete
*\li #ISC_R_NOTFOUND
[246] Fix | Delete
*/
[247] Fix | Delete
[248] Fix | Delete
[249] Fix | Delete
isc_result_t
[250] Fix | Delete
dns_tsigkeyring_create(isc_mem_t *mctx, dns_tsig_keyring_t **ringp);
[251] Fix | Delete
/*%<
[252] Fix | Delete
* Create an empty TSIG key ring.
[253] Fix | Delete
*
[254] Fix | Delete
* Requires:
[255] Fix | Delete
*\li 'mctx' is not NULL
[256] Fix | Delete
*\li 'ringp' is not NULL, and '*ringp' is NULL
[257] Fix | Delete
*
[258] Fix | Delete
* Returns:
[259] Fix | Delete
*\li #ISC_R_SUCCESS
[260] Fix | Delete
*\li #ISC_R_NOMEMORY
[261] Fix | Delete
*/
[262] Fix | Delete
[263] Fix | Delete
isc_result_t
[264] Fix | Delete
dns_tsigkeyring_add(dns_tsig_keyring_t *ring, dns_name_t *name,
[265] Fix | Delete
dns_tsigkey_t *tkey);
[266] Fix | Delete
/*%<
[267] Fix | Delete
* Place a TSIG key onto a key ring.
[268] Fix | Delete
*
[269] Fix | Delete
* Requires:
[270] Fix | Delete
*\li 'ring', 'name' and 'tkey' are not NULL
[271] Fix | Delete
*
[272] Fix | Delete
* Returns:
[273] Fix | Delete
*\li #ISC_R_SUCCESS
[274] Fix | Delete
*\li Any other value indicates failure.
[275] Fix | Delete
*/
[276] Fix | Delete
[277] Fix | Delete
[278] Fix | Delete
void
[279] Fix | Delete
dns_tsigkeyring_attach(dns_tsig_keyring_t *source, dns_tsig_keyring_t **target);
[280] Fix | Delete
[281] Fix | Delete
void
[282] Fix | Delete
dns_tsigkeyring_detach(dns_tsig_keyring_t **ringp);
[283] Fix | Delete
[284] Fix | Delete
isc_result_t
[285] Fix | Delete
dns_tsigkeyring_dumpanddetach(dns_tsig_keyring_t **ringp, FILE *fp);
[286] Fix | Delete
[287] Fix | Delete
/*%<
[288] Fix | Delete
* Destroy a TSIG key ring.
[289] Fix | Delete
*
[290] Fix | Delete
* Requires:
[291] Fix | Delete
*\li 'ringp' is not NULL
[292] Fix | Delete
*/
[293] Fix | Delete
[294] Fix | Delete
void
[295] Fix | Delete
dns_keyring_restore(dns_tsig_keyring_t *ring, FILE *fp);
[296] Fix | Delete
[297] Fix | Delete
ISC_LANG_ENDDECLS
[298] Fix | Delete
[299] Fix | Delete
#endif /* DNS_TSIG_H */
[300] Fix | Delete
[301] Fix | Delete
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function