Lines Matching defs:tsig
44 #include <dns/tsig.h>
82 static unsigned char gsstsig_ndata[] = "\010gss-tsig";
217 level, "tsig key '%s' (%s): %s",
222 level, "tsig key '%s': %s", namestr, message);
515 tsig_log(tkey, 2, "tsig expire: deleting");
877 dns_rdata_any_tsig_t tsig, querytsig;
898 * If this is a response, there should be a query tsig.
908 tsig.mctx = mctx;
909 tsig.common.rdclass = dns_rdataclass_any;
910 tsig.common.rdtype = dns_rdatatype_tsig;
911 ISC_LINK_INIT(&tsig.common, link);
912 dns_name_init(&tsig.algorithm, NULL);
913 dns_name_clone(key->algorithm, &tsig.algorithm);
916 tsig.timesigned = now + msg->timeadjust;
917 tsig.fudge = DNS_TSIG_FUDGE;
919 tsig.originalid = msg->id;
924 tsig.error = msg->querytsigstatus;
926 tsig.error = dns_rcode_noerror;
928 if (tsig.error != dns_tsigerror_badtime) {
929 tsig.otherlen = 0;
930 tsig.other = NULL;
934 tsig.otherlen = BADTIMELEN;
935 tsig.other = badtimedata;
936 isc_buffer_init(&otherbuf, tsig.other, tsig.otherlen);
937 isc_buffer_putuint48(&otherbuf, tsig.timesigned);
940 if (key->key != NULL && tsig.error != dns_tsigerror_badsig) {
1013 dns_name_toregion(&tsig.algorithm, &r);
1021 if (tsig.error == dns_tsigerror_badtime) {
1023 tsig.timesigned = querytsig.timesigned;
1025 isc_buffer_putuint48(&databuf, tsig.timesigned);
1026 isc_buffer_putuint16(&databuf, tsig.fudge);
1037 isc_buffer_putuint16(&databuf, tsig.error);
1038 isc_buffer_putuint16(&databuf, tsig.otherlen);
1048 if (tsig.otherlen > 0) {
1049 r.length = tsig.otherlen;
1050 r.base = tsig.other;
1060 tsig.signature = (unsigned char *) isc_mem_get(mctx, sigsize);
1061 if (tsig.signature == NULL) {
1066 isc_buffer_init(&sigbuf, tsig.signature, sigsize);
1078 tsig.siglen = bytes;
1080 tsig.siglen = isc_buffer_usedlength(&sigbuf);
1082 tsig.siglen = 0;
1083 tsig.signature = NULL;
1093 dns_rdatatype_tsig, &tsig, dynbuf);
1099 if (tsig.signature != NULL) {
1100 isc_mem_put(mctx, tsig.signature, sigsize);
1101 tsig.signature = NULL;
1130 msg->tsig = dataset;
1133 /* Windows does not like the tsig name being compressed. */
1148 if (tsig.signature != NULL)
1149 isc_mem_put(mctx, tsig.signature, sigsize);
1160 dns_rdata_any_tsig_t tsig, querytsig;
1196 if (msg->tsig == NULL)
1214 ret = dns_rdataset_first(msg->tsig);
1217 dns_rdataset_current(msg->tsig, &rdata);
1218 ret = dns_rdata_tostruct(&rdata, &tsig, NULL);
1237 !dns_name_equal(&tsig.algorithm, &querytsig.algorithm))) {
1256 &tsig.algorithm, ring1);
1259 &tsig.algorithm, ring2);
1262 ret = dns_tsigkey_create(keyname, &tsig.algorithm,
1279 if (now + msg->timeadjust > tsig.timesigned + tsig.fudge) {
1283 } else if (now + msg->timeadjust < tsig.timesigned - tsig.fudge) {
1300 if (tsig.siglen > siglen) {
1304 if (tsig.siglen > 0 &&
1305 (tsig.siglen < 10 || tsig.siglen < ((siglen + 1) / 2))) {
1310 if (tsig.siglen > 0 && digestbits != 0 &&
1311 tsig.siglen < ((digestbits + 1) / 8)) {
1317 if (tsig.siglen > 0 && digestbits == 0 &&
1318 tsig.siglen < siglen) {
1325 if (tsig.siglen > 0) {
1326 sig_r.base = tsig.signature;
1327 sig_r.length = tsig.siglen;
1366 id = htons(tsig.originalid);
1397 isc_buffer_putuint16(&databuf, tsig.common.rdclass);
1398 isc_buffer_putuint32(&databuf, msg->tsig->ttl);
1413 isc_buffer_putuint48(&databuf, tsig.timesigned);
1414 isc_buffer_putuint16(&databuf, tsig.fudge);
1415 isc_buffer_putuint16(&databuf, tsig.error);
1416 isc_buffer_putuint16(&databuf, tsig.otherlen);
1422 if (tsig.otherlen > 0) {
1423 r.base = tsig.other;
1424 r.length = tsig.otherlen;
1441 } else if (tsig.error != dns_tsigerror_badsig &&
1442 tsig.error != dns_tsigerror_badkey) {
1450 if (tsig.error != dns_rcode_noerror) {
1451 if (tsig.error == dns_tsigerror_badtime)
1470 dns_rdata_any_tsig_t tsig, querytsig;
1513 if (msg->tsig != NULL) {
1517 ret = dns_rdataset_first(msg->tsig);
1520 dns_rdataset_current(msg->tsig, &rdata);
1521 ret = dns_rdata_tostruct(&rdata, &tsig, NULL);
1529 !dns_name_equal(&tsig.algorithm, &querytsig.algorithm)) {
1542 if (now + msg->timeadjust > tsig.timesigned + tsig.fudge) {
1548 tsig.timesigned - tsig.fudge) {
1607 id = htons(tsig.originalid);
1638 isc_buffer_putuint48(&databuf, tsig.timesigned);
1639 isc_buffer_putuint16(&databuf, tsig.fudge);
1645 sig_r.base = tsig.signature;
1646 sig_r.length = tsig.siglen;
1647 if (tsig.siglen == 0) {
1648 if (tsig.error != dns_rcode_noerror) {
1649 if (tsig.error == dns_tsigerror_badtime)