diff options
| author | Federico Lucifredi <flucifredi@acm.org> | 2007-12-27 00:52:39 +0000 |
|---|---|---|
| committer | Federico Lucifredi <flucifredi@acm.org> | 2007-12-27 00:52:39 +0000 |
| commit | 73bdbdcec09d29e6dc3f55938c6b0abf09da8517 (patch) | |
| tree | 04f4ee6b8fc4cbf633bb0e221de056a52dabae33 | |
| parent | f5a32ef3ce72ebfeecc9463f1508fc56fd190dad (diff) | |
tying in draft HMAC coding.
git-svn-id: file:///home/lennart/svn/public/avahi/branches/federico@1634 941a03a8-eaeb-0310-b9a0-b1bbd8fe43fe
| -rw-r--r-- | avahi-core/wide-area.c | 41 | ||||
| -rw-r--r-- | avahi-core/wide-area.h | 2 |
2 files changed, 39 insertions, 4 deletions
diff --git a/avahi-core/wide-area.c b/avahi-core/wide-area.c index fbe4330..89a187b 100644 --- a/avahi-core/wide-area.c +++ b/avahi-core/wide-area.c @@ -34,6 +34,8 @@ #include <avahi-common/error.h> #include <avahi-common/timeval.h> +#include <openssl/hmac.h> + #include "internal.h" #include "browse.h" #include "socket.h" @@ -724,9 +726,9 @@ int avahi_wide_area_has_servers(AvahiWideAreaLookupEngine *e) { /* TODO: should this be located in this file? */ /* fill key with HEX format key */ -/* r = tsig_sign_packet("dynamic.endorfine.org", key, p, AVAHI_TSIG_HMAC_MD5) */ +/* r = tsig_sign_packet("dynamic.endorfine.org", key, 16, p, AVAHI_TSIG_HMAC_MD5) */ /* check for NULL on return */ -AvahiRecord* tsig_sign_packet(const char* keyname, const char* key, AvahiDnsPacket *p, unsigned algorithm) { +AvahiRecord* tsig_sign_packet(const char* keyname, const char* key, unsigned keylength, AvahiDnsPacket *p, unsigned algorithm) { AvahiRecord *r; r = avahi_record_new_full(keyname, AVAHI_DNS_CLASS_ANY, AVAHI_DNS_TYPE_TSIG, 0); @@ -770,10 +772,41 @@ AvahiRecord* tsig_sign_packet(const char* keyname, const char* key, AvahiDnsPack case AVAHI_TSIG_HMAC_SHA256: /*TODO: flesh specific. Test with latest Bind that now implements RFC 4635 */ break; - default: avahi_log_error("avahi_record_new_full() failed."); + + default: avahi_log_error("Invalid algorithm requested from tsig_sign_packet()"); + return NULL; + } + + /*generate MAC */ + + unsigned char keyed_hash[EVP_MAX_MD_SIZE]; + HMAC_CTX ctx; + unsigned hash_length; + + switch (algorithm){ + + case AVAHI_TSIG_HMAC_MD5 : HMAC_Init(&ctx, key, keylength, EVP_md5()); + break; + + case AVAHI_TSIG_HMAC_SHA1 : /*TODO: flesh specific. Test with latest Bind that now implements RFC 4635*/ + HMAC_Init(&ctx, key, keylength, EVP_sha1()); + break; + + case AVAHI_TSIG_HMAC_SHA256: /*TODO: flesh specific. Test with latest Bind that now implements RFC 4635*/ + HMAC_Init(&ctx, key, keylength, EVP_sha256()); + break; + + default: avahi_log_error("Invalid algorithm requested from tsig_sign_packet()"); return NULL; } + /*HMAC_Update(&ctx, <data/>, <length/>);*/ /*feed all the data to be hashed in */ + + HMAC_Final((&ctx, keyed_hash, &hash_length); + HMAC_cleanup(&ctx); + + r->data.tsig.mac = avahi_strndup(keyed_hash, hash_length); + return r; } @@ -819,4 +852,6 @@ void wide_area_publish(AvahiRecord *r, char *zone, uint16_t id) { assert(p); } + + } diff --git a/avahi-core/wide-area.h b/avahi-core/wide-area.h index c380aa8..327091f 100644 --- a/avahi-core/wide-area.h +++ b/avahi-core/wide-area.h @@ -45,7 +45,7 @@ void avahi_wide_area_clear_cache(AvahiWideAreaLookupEngine *e); void avahi_wide_area_cleanup(AvahiWideAreaLookupEngine *e); int avahi_wide_area_has_servers(AvahiWideAreaLookupEngine *e); -AvahiRecord* tsig_sign_packet(const char* keyname, const char* key, AvahiDnsPacket *p, unsigned algorithm); +AvahiRecord* tsig_sign_packet(const char* keyname, const char* key, unsigned keylength, AvahiDnsPacket *p, unsigned algorithm); void wide_area_publish(AvahiRecord *r, char *zone, uint16_t id); AvahiWideAreaLookup *avahi_wide_area_lookup_new(AvahiWideAreaLookupEngine *e, AvahiKey *key, AvahiWideAreaLookupCallback callback, void *userdata); |