diff options
author | Federico Lucifredi <flucifredi@acm.org> | 2007-12-23 01:59:02 +0000 |
---|---|---|
committer | Federico Lucifredi <flucifredi@acm.org> | 2007-12-23 01:59:02 +0000 |
commit | 8fd16b790ff5be4f8c9dabe6a208550aae06ae53 (patch) | |
tree | 0cfe44f8cbd78d2d0da2051c5998c1212bad99e7 /avahi-core | |
parent | 6449e7ff218d8891feecf4472a5f93a7bf3a0ca9 (diff) |
fleshing out the TSIG record as well as the tsig_sign_packet() call.
git-svn-id: file:///home/lennart/svn/public/avahi/branches/federico@1606 941a03a8-eaeb-0310-b9a0-b1bbd8fe43fe
Diffstat (limited to 'avahi-core')
-rw-r--r-- | avahi-core/rr.h | 11 | ||||
-rw-r--r-- | avahi-core/wide-area.c | 38 | ||||
-rw-r--r-- | avahi-core/wide-area.h | 2 |
3 files changed, 47 insertions, 4 deletions
diff --git a/avahi-core/rr.h b/avahi-core/rr.h index 6c15c01..b44d5ce 100644 --- a/avahi-core/rr.h +++ b/avahi-core/rr.h @@ -43,6 +43,14 @@ enum { AVAHI_DNS_TYPE_AXFR = 252 }; +/** TSIG signature algorithms, defined in RFCs 2845 and 4635 */ + +enum { + AVAHI_TSIG_HMAC_MD5 = 0x1; + AVAHI_TSIG_HMAC_SHA1 = 0x2; + AVAHI_TSIG_HMAC_SHA256 = 0x3; +}; + /** DNS record classes, see RFC 1035, in addition to those defined in defs.h */ enum { AVAHI_DNS_CLASS_ANY = 0xFF, /**< Special query type for requesting all records */ @@ -106,8 +114,9 @@ typedef struct AvahiRecord { } aaaa; /**< Data for AAAA records */ struct { + char *name; char *algorithm_name; - char *time_signed; /*uint48_t */ + time_t time_signed; /*uint48_t */ uint16_t fudge; uint16_t mac_size; char *mac; diff --git a/avahi-core/wide-area.c b/avahi-core/wide-area.c index 2811408..6a21db7 100644 --- a/avahi-core/wide-area.c +++ b/avahi-core/wide-area.c @@ -722,16 +722,50 @@ int avahi_wide_area_has_servers(AvahiWideAreaLookupEngine *e) { } /* TODO: should this be located in this file? */ -AvahiRecord* tsig_sign_packet(AvahiDnsPacket *p, unsigned a) { +/* r = tsig_sign_packet("dynamic.endorfine.org", p, AVAHI_TSIG_HMAC_MD5) */ +/* check for NULL on return */ +AvahiRecord* tsig_sign_packet(const char* name, AvahiDnsPacket *p, unsigned algorithm) { AvahiRecord *r; - r = avahi_record_new_full("TSIG", AVAHI_DNS_CLASS_IN, AVAHI_DNS_TYPE_TSIG, 0); + r = avahi_record_new_full(name, AVAHI_DNS_CLASS_ANY, AVAHI_DNS_TYPE_TSIG, 0); if (!r) { avahi_log_error("avahi_record_new_full() failed."); return NULL; } + r->ttl = 0; + + r->data.name = avahi_strdup(name); + if(!(r->data.name) /* OOM check */ + return NULL; + + r->data.time_signed = time(null); + + r->data.fudge = 300; + + r->data.error = 0; /* no error, we are always transmitting */ + + switch (algorithm){ + + case 'AVAHI_TSIG_HMAC_MD5': + r->data.tsig.algorithm_name = avahi_strdup("hmac-md5.sig-alg.reg.int"); + if(!(r->data.name) /* OOM check */ + return NULL; + + r->data.mac_size = 16; + + break; + + case 'AVAHI_TSIG_HMAC_SHA1': /*TODO: flesh specific. Test with latest Bind that now implements RFC 4635*/ + break; + + case 'AVAHI_TSIG_HMAC_SHA256': /*TODO: flesh specific. Test with latest Bind that now implements RFC 4635 */ + break; + default: avahi_log_error("avahi_record_new_full() failed."); + return NULL; + } + return r; } diff --git a/avahi-core/wide-area.h b/avahi-core/wide-area.h index 9b1f9da..f33f5d9 100644 --- a/avahi-core/wide-area.h +++ b/avahi-core/wide-area.h @@ -44,7 +44,7 @@ void avahi_wide_area_set_servers(AvahiWideAreaLookupEngine *e, const AvahiAddres void avahi_wide_area_clear_cache(AvahiWideAreaLookupEngine *e); void avahi_wide_area_cleanup(AvahiWideAreaLookupEngine *e); int avahi_wide_area_has_servers(AvahiWideAreaLookupEngine *e); -AvahiRecord* tsig_sign_packet(AvahiDnsPacket *p, unsigned a); +AvahiRecord* tsig_sign_packet(AvahiDnsPacket *p, unsigned algorithm); AvahiWideAreaLookup *avahi_wide_area_lookup_new(AvahiWideAreaLookupEngine *e, AvahiKey *key, AvahiWideAreaLookupCallback callback, void *userdata); void avahi_wide_area_lookup_free(AvahiWideAreaLookup *q); |