static void sendquery(isc_task_t *task, isc_event_t *event) { struct in_addr inaddr; isc_sockaddr_t address; isc_result_t result; dns_message_t *query; dns_request_t *request; isc_event_free(&event); result = ISC_R_FAILURE; if (inet_pton(AF_INET, "10.53.0.1", &inaddr) != 1) CHECK("inet_pton", result); isc_sockaddr_fromin(&address, &inaddr, PORT); query = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &query); CHECK("dns_message_create", result); result = dns_tkey_builddeletequery(query, tsigkey); CHECK("dns_tkey_builddeletequery", result); request = NULL; result = dns_request_create(requestmgr, query, &address, 0, tsigkey, TIMEOUT, task, recvquery, query, &request); CHECK("dns_request_create", result); }
static isc_result_t sendquery(isc_task_t *task) { dns_request_t *request; dns_message_t *message; dns_name_t *qname; dns_rdataset_t *qrdataset; isc_result_t result; dns_fixedname_t queryname; isc_buffer_t buf; static char host[256]; int c; c = scanf("%255s", host); if (c == EOF) return ISC_R_NOMORE; onfly++; dns_fixedname_init(&queryname); isc_buffer_init(&buf, host, strlen(host)); isc_buffer_add(&buf, strlen(host)); result = dns_name_fromtext(dns_fixedname_name(&queryname), &buf, dns_rootname, 0, NULL); CHECK("dns_name_fromtext", result); message = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &message); CHECK("dns_message_create", result); message->opcode = dns_opcode_query; message->flags |= DNS_MESSAGEFLAG_RD; message->rdclass = dns_rdataclass_in; message->id = (unsigned short)(random() & 0xFFFF); qname = NULL; result = dns_message_gettempname(message, &qname); CHECK("dns_message_gettempname", result); qrdataset = NULL; result = dns_message_gettemprdataset(message, &qrdataset); CHECK("dns_message_gettemprdataset", result); dns_name_init(qname, NULL); dns_name_clone(dns_fixedname_name(&queryname), qname); dns_rdataset_init(qrdataset); dns_rdataset_makequestion(qrdataset, dns_rdataclass_in, dns_rdatatype_a); ISC_LIST_APPEND(qname->list, qrdataset, link); dns_message_addname(message, qname, DNS_SECTION_QUESTION); request = NULL; result = dns_request_createvia(requestmgr, message, have_src ? &srcaddr : NULL, &dstaddr, DNS_REQUESTOPT_TCP|DNS_REQUESTOPT_SHARE, NULL, TIMEOUT, task, recvresponse, message, &request); CHECK("dns_request_create", result); return ISC_R_SUCCESS; }
static void recvquery(isc_task_t *task, isc_event_t *event) { dns_requestevent_t *reqev = (dns_requestevent_t *)event; isc_result_t result; dns_message_t *query, *response; char keyname[256]; isc_buffer_t keynamebuf; int type; UNUSED(task); REQUIRE(reqev != NULL); if (reqev->result != ISC_R_SUCCESS) { fprintf(stderr, "I:request event result: %s\n", isc_result_totext(reqev->result)); exit(-1); } query = reqev->ev_arg; response = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &response); CHECK("dns_message_create", result); result = dns_request_getresponse(reqev->request, response, DNS_MESSAGEPARSE_PRESERVEORDER); CHECK("dns_request_getresponse", result); if (response->rcode != dns_rcode_noerror) { result = ISC_RESULTCLASS_DNSRCODE + response->rcode; fprintf(stderr, "I:response rcode: %s\n", isc_result_totext(result)); exit(-1); } result = dns_tkey_processdhresponse(query, response, ourkey, &nonce, &tsigkey, ring); CHECK("dns_tkey_processdhresponse", result); /* * Yes, this is a hack. */ isc_buffer_init(&keynamebuf, keyname, sizeof(keyname)); result = dst_key_buildfilename(tsigkey->key, 0, "", &keynamebuf); CHECK("dst_key_buildfilename", result); printf("%.*s\n", (int)isc_buffer_usedlength(&keynamebuf), (char *)isc_buffer_base(&keynamebuf)); type = DST_TYPE_PRIVATE | DST_TYPE_PUBLIC | DST_TYPE_KEY; result = dst_key_tofile(tsigkey->key, type, ""); CHECK("dst_key_tofile", result); dns_message_destroy(&query); dns_message_destroy(&response); dns_request_destroy(&reqev->request); isc_event_free(&event); isc_app_shutdown(); return; }
static void recvresponse(isc_task_t *task, isc_event_t *event) { dns_requestevent_t *reqev = (dns_requestevent_t *)event; isc_result_t result; dns_message_t *query, *response; isc_buffer_t outbuf; char output[1024]; UNUSED(task); REQUIRE(reqev != NULL); if (reqev->result != ISC_R_SUCCESS) { fprintf(stderr, "I:request event result: %s\n", isc_result_totext(reqev->result)); exit(-1); } query = reqev->ev_arg; response = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &response); CHECK("dns_message_create", result); result = dns_request_getresponse(reqev->request, response, DNS_MESSAGEPARSE_PRESERVEORDER); CHECK("dns_request_getresponse", result); if (response->rcode != dns_rcode_noerror) { result = ISC_RESULTCLASS_DNSRCODE + response->rcode; fprintf(stderr, "I:response rcode: %s\n", isc_result_totext(result)); exit(-1); } if (response->counts[DNS_SECTION_ANSWER] != 1U) { fprintf(stderr, "I:response answer count (%u!=1)\n", response->counts[DNS_SECTION_ANSWER]); } isc_buffer_init(&outbuf, output, sizeof(output)); result = dns_message_sectiontotext(response, DNS_SECTION_ANSWER, &dns_master_style_simple, DNS_MESSAGETEXTFLAG_NOCOMMENTS, &outbuf); CHECK("dns_message_sectiontotext", result); printf("%.*s", (int)isc_buffer_usedlength(&outbuf), (char *)isc_buffer_base(&outbuf)); fflush(stdout); dns_message_destroy(&query); dns_message_destroy(&response); dns_request_destroy(&reqev->request); isc_event_free(&event); if (--onfly == 0) isc_app_shutdown(); return; }
static void recvresponse(isc_task_t *task, isc_event_t *event) { dns_requestevent_t *reqev = (dns_requestevent_t *)event; isc_result_t result, result2; dns_message_t *query = NULL, *response = NULL; isc_buffer_t outtoken; isc_buffer_t outbuf; char output[10 * 1024]; unsigned char array[DNS_NAME_MAXTEXT + 1]; isc_buffer_init(&outtoken, array, sizeof(array)); UNUSED(task); REQUIRE(reqev != NULL); query = reqev->ev_arg; if (reqev->result != ISC_R_SUCCESS) { fprintf(stderr, "I:request event result: %s\n", isc_result_totext(reqev->result)); goto end; } response = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &response); CHECK("dns_message_create", result); printf("\nReceived Response:\n"); result2 = dns_request_getresponse(reqev->request, response, DNS_MESSAGEPARSE_PRESERVEORDER); isc_buffer_init(&outbuf, output, sizeof(output)); result = dns_message_totext(response, &dns_master_style_debug, 0, &outbuf); CHECK("dns_message_totext", result); printf("%.*s\n", (int)isc_buffer_usedlength(&outbuf), (char *)isc_buffer_base(&outbuf)); CHECK("dns_request_getresponse", result2); if (response != NULL) dns_message_destroy(&response); end: if (query != NULL) dns_message_destroy(&query); if (reqev->request != NULL) dns_request_destroy(&reqev->request); isc_event_free(&event); event = isc_event_allocate(mctx, (void *)1, 1, console, NULL, sizeof(*event)); isc_task_send(task, &event); return; }
static void recvquery(isc_task_t *task, isc_event_t *event) { dns_requestevent_t *reqev = (dns_requestevent_t *)event; isc_result_t result; dns_message_t *query, *response; UNUSED(task); REQUIRE(reqev != NULL); if (reqev->result != ISC_R_SUCCESS) { fprintf(stderr, "I:request event result: %s\n", isc_result_totext(reqev->result)); exit(-1); } query = reqev->ev_arg; response = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &response); CHECK("dns_message_create", result); result = dns_request_getresponse(reqev->request, response, DNS_MESSAGEPARSE_PRESERVEORDER); CHECK("dns_request_getresponse", result); if (response->rcode != dns_rcode_noerror) { result = ISC_RESULTCLASS_DNSRCODE + response->rcode; fprintf(stderr, "I:response rcode: %s\n", isc_result_totext(result)); exit(-1); } result = dns_tkey_processdeleteresponse(query, response, ring); CHECK("dns_tkey_processdhresponse", result); dns_message_destroy(&query); dns_message_destroy(&response); dns_request_destroy(&reqev->request); isc_event_free(&event); isc_app_shutdown(); return; }
static void recvdone(isc_task_t *task, isc_event_t *event) { isc_socketevent_t *sevent = (isc_socketevent_t *)event; isc_buffer_t source; isc_result_t result; dns_message_t *response; REQUIRE(sevent != NULL); REQUIRE(sevent->ev_type == ISC_SOCKEVENT_RECVDONE); REQUIRE(task == task1); printf("recvdone\n"); if (sevent->result != ISC_R_SUCCESS) { printf("failed\n"); exit(-1); } isc_buffer_init(&source, sevent->region.base, sevent->region.length); isc_buffer_add(&source, sevent->n); response = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &response); CHECK("dns_message_create", result); result = dns_message_parse(response, &source, 0); CHECK("dns_message_parse", result); isc_buffer_init(&outbuf, output, sizeof(output)); result = dns_message_totext(response, style, 0, &outbuf); CHECK("dns_message_totext", result); printf("%.*s\n", (int)isc_buffer_usedlength(&outbuf), (char *)isc_buffer_base(&outbuf)); dns_message_destroy(&response); isc_event_free(&event); isc_app_shutdown(); }
int main(int argc, char *argv[]) { int ch, i, gai_error; struct addrinfo hints, *res; isc_textregion_t tr; dns_client_t *client = NULL; isc_result_t result; isc_sockaddr_t sa; dns_message_t *qmessage, *rmessage; dns_rdatatype_t type = dns_rdatatype_a; isc_buffer_t *outputbuf; while ((ch = getopt(argc, argv, "t:")) != -1) { switch (ch) { case 't': tr.base = optarg; tr.length = strlen(optarg); result = dns_rdatatype_fromtext(&type, &tr); if (result != ISC_R_SUCCESS) { fprintf(stderr, "invalid RRtype: %s\n", optarg); exit(1); } break; default: usage(); } } argc -= optind; argv += optind; if (argc < 2) usage(); isc_lib_register(); result = dns_lib_init(); if (result != ISC_R_SUCCESS) { fprintf(stderr, "dns_lib_init failed: %d\n", result); exit(1); } result = dns_client_create(&client, 0); if (result != ISC_R_SUCCESS) { fprintf(stderr, "dns_client_create failed: %d\n", result); exit(1); } /* Prepare message structures */ mctx = NULL; qmessage = NULL; rmessage = NULL; result = isc_mem_create(0, 0, &mctx); if (result != ISC_R_SUCCESS) { fprintf(stderr, "failed to create a memory context\n"); exit(1); } result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &qmessage); if (result == ISC_R_SUCCESS) { result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &rmessage); } if (result != ISC_R_SUCCESS) { fprintf(stderr, "failed to create messages\n"); exit(1); } /* Initialize the nameserver address */ memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_DGRAM; hints.ai_protocol = IPPROTO_UDP; hints.ai_flags = AI_NUMERICHOST; gai_error = getaddrinfo(argv[0], "53", &hints, &res); if (gai_error != 0) { fprintf(stderr, "getaddrinfo failed: %s\n", gai_strerror(gai_error)); exit(1); } INSIST(res->ai_addrlen <= sizeof(sa.type)); memcpy(&sa.type, res->ai_addr, res->ai_addrlen); freeaddrinfo(res); sa.length = res->ai_addrlen; ISC_LINK_INIT(&sa, link); /* Construct qname */ result = make_querymessage(qmessage, argv[1], type); if (result != ISC_R_SUCCESS) { fprintf(stderr, "failed to create a query\n"); exit(1); } /* Send request and wait for a response */ result = dns_client_request(client, qmessage, rmessage, &sa, 0, 0, NULL, 60, 0, 3); if (result != ISC_R_SUCCESS) { fprintf(stderr, "failed to get a response: %s\n", dns_result_totext(result)); } /* Dump the response */ outputbuf = NULL; result = isc_buffer_allocate(mctx, &outputbuf, 65535); if (result != ISC_R_SUCCESS) { fprintf(stderr, "failed to allocate a result buffer\n"); exit(1); } for (i = 0; i < DNS_SECTION_MAX; i++) { print_section(rmessage, i, outputbuf); isc_buffer_clear(outputbuf); } isc_buffer_free(&outputbuf); /* Cleanup */ dns_message_destroy(&qmessage); dns_message_destroy(&rmessage); isc_mem_destroy(&mctx); dns_client_destroy(&client); dns_lib_shutdown(); exit(0); }
static void buildquery(void) { isc_result_t result; dns_rdataset_t *question = NULL; dns_name_t *qname = NULL; isc_region_t r, inr; dns_message_t *query; char nametext[] = "host.example"; isc_buffer_t namesrc, namedst; unsigned char namedata[256]; isc_sockaddr_t sa; dns_compress_t cctx; query = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &query); CHECK("dns_message_create", result); result = dns_message_setsig0key(query, key); CHECK("dns_message_setsig0key", result); result = dns_message_gettemprdataset(query, &question); CHECK("dns_message_gettemprdataset", result); dns_rdataset_init(question); dns_rdataset_makequestion(question, dns_rdataclass_in, dns_rdatatype_a); result = dns_message_gettempname(query, &qname); CHECK("dns_message_gettempname", result); isc_buffer_init(&namesrc, nametext, strlen(nametext)); isc_buffer_add(&namesrc, strlen(nametext)); isc_buffer_init(&namedst, namedata, sizeof(namedata)); dns_name_init(qname, NULL); result = dns_name_fromtext(qname, &namesrc, dns_rootname, ISC_FALSE, &namedst); CHECK("dns_name_fromtext", result); ISC_LIST_APPEND(qname->list, question, link); dns_message_addname(query, qname, DNS_SECTION_QUESTION); isc_buffer_init(&qbuffer, qdata, sizeof(qdata)); result = dns_compress_init(&cctx, -1, mctx); CHECK("dns_compress_init", result); result = dns_message_renderbegin(query, &cctx, &qbuffer); CHECK("dns_message_renderbegin", result); result = dns_message_rendersection(query, DNS_SECTION_QUESTION, 0); CHECK("dns_message_rendersection(question)", result); result = dns_message_rendersection(query, DNS_SECTION_ANSWER, 0); CHECK("dns_message_rendersection(answer)", result); result = dns_message_rendersection(query, DNS_SECTION_AUTHORITY, 0); CHECK("dns_message_rendersection(auth)", result); result = dns_message_rendersection(query, DNS_SECTION_ADDITIONAL, 0); CHECK("dns_message_rendersection(add)", result); result = dns_message_renderend(query); CHECK("dns_message_renderend", result); dns_compress_invalidate(&cctx); isc_buffer_init(&outbuf, output, sizeof(output)); result = dns_message_totext(query, style, 0, &outbuf); CHECK("dns_message_totext", result); printf("%.*s\n", (int)isc_buffer_usedlength(&outbuf), (char *)isc_buffer_base(&outbuf)); isc_buffer_usedregion(&qbuffer, &r); isc_sockaddr_any(&sa); result = isc_socket_bind(s, &sa); CHECK("isc_socket_bind", result); result = isc_socket_sendto(s, &r, task1, senddone, NULL, &address, NULL); CHECK("isc_socket_sendto", result); inr.base = rdata; inr.length = sizeof(rdata); result = isc_socket_recv(s, &inr, 1, task1, recvdone, NULL); CHECK("isc_socket_recv", result); dns_message_destroy(&query); }
static void sendquery(isc_task_t *task, isc_event_t *event) { struct in_addr inaddr; isc_sockaddr_t address; isc_region_t r; isc_result_t result; dns_fixedname_t keyname; dns_fixedname_t ownername; isc_buffer_t namestr, keybuf; unsigned char keydata[9]; dns_message_t *query; dns_request_t *request; static char keystr[] = "0123456789ab"; isc_event_free(&event); result = ISC_R_FAILURE; if (inet_pton(AF_INET, "10.53.0.1", &inaddr) != 1) CHECK("inet_pton", result); isc_sockaddr_fromin(&address, &inaddr, PORT); dns_fixedname_init(&keyname); isc_buffer_init(&namestr, "tkeytest.", 9); isc_buffer_add(&namestr, 9); result = dns_name_fromtext(dns_fixedname_name(&keyname), &namestr, NULL, 0, NULL); CHECK("dns_name_fromtext", result); dns_fixedname_init(&ownername); isc_buffer_init(&namestr, ownername_str, strlen(ownername_str)); isc_buffer_add(&namestr, strlen(ownername_str)); result = dns_name_fromtext(dns_fixedname_name(&ownername), &namestr, NULL, 0, NULL); CHECK("dns_name_fromtext", result); isc_buffer_init(&keybuf, keydata, 9); result = isc_base64_decodestring(keystr, &keybuf); CHECK("isc_base64_decodestring", result); isc_buffer_usedregion(&keybuf, &r); initialkey = NULL; result = dns_tsigkey_create(dns_fixedname_name(&keyname), DNS_TSIG_HMACMD5_NAME, isc_buffer_base(&keybuf), isc_buffer_usedlength(&keybuf), ISC_FALSE, NULL, 0, 0, mctx, ring, &initialkey); CHECK("dns_tsigkey_create", result); query = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &query); CHECK("dns_message_create", result); result = dns_tkey_builddhquery(query, ourkey, dns_fixedname_name(&ownername), DNS_TSIG_HMACMD5_NAME, &nonce, 3600); CHECK("dns_tkey_builddhquery", result); request = NULL; result = dns_request_create(requestmgr, query, &address, 0, initialkey, TIMEOUT, task, recvquery, query, &request); CHECK("dns_request_create", result); }
static void process_message(isc_buffer_t *source) { dns_message_t *message; isc_result_t result; int i; message = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &message); CHECKRESULT(result, "dns_message_create failed"); result = dns_message_parse(message, source, parseflags); if (result == DNS_R_RECOVERABLE) result = ISC_R_SUCCESS; CHECKRESULT(result, "dns_message_parse failed"); result = printmessage(message); CHECKRESULT(result, "printmessage() failed"); if (printmemstats) isc_mem_stats(mctx, stdout); if (dorender) { unsigned char b2[64 * 1024]; isc_buffer_t buffer; dns_compress_t cctx; isc_buffer_init(&buffer, b2, sizeof(b2)); /* * XXXMLG * Changing this here is a hack, and should not be done in * reasonable application code, ever. */ message->from_to_wire = DNS_MESSAGE_INTENTRENDER; for (i = 0; i < DNS_SECTION_MAX; i++) message->counts[i] = 0; /* Another hack XXX */ result = dns_compress_init(&cctx, -1, mctx); CHECKRESULT(result, "dns_compress_init() failed"); result = dns_message_renderbegin(message, &cctx, &buffer); CHECKRESULT(result, "dns_message_renderbegin() failed"); result = dns_message_rendersection(message, DNS_SECTION_QUESTION, 0); CHECKRESULT(result, "dns_message_rendersection(QUESTION) failed"); result = dns_message_rendersection(message, DNS_SECTION_ANSWER, 0); CHECKRESULT(result, "dns_message_rendersection(ANSWER) failed"); result = dns_message_rendersection(message, DNS_SECTION_AUTHORITY, 0); CHECKRESULT(result, "dns_message_rendersection(AUTHORITY) failed"); result = dns_message_rendersection(message, DNS_SECTION_ADDITIONAL, 0); CHECKRESULT(result, "dns_message_rendersection(ADDITIONAL) failed"); dns_message_renderend(message); dns_compress_invalidate(&cctx); message->from_to_wire = DNS_MESSAGE_INTENTPARSE; dns_message_destroy(&message); printf("Message rendered.\n"); if (printmemstats) isc_mem_stats(mctx, stdout); result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &message); CHECKRESULT(result, "dns_message_create failed"); result = dns_message_parse(message, &buffer, parseflags); CHECKRESULT(result, "dns_message_parse failed"); result = printmessage(message); CHECKRESULT(result, "printmessage() failed"); } dns_message_destroy(&message); }
static void render(isc_buffer_t *buf, unsigned flags, dns_tsigkey_t *key, isc_buffer_t **tsigin, isc_buffer_t **tsigout, dst_context_t *tsigctx) { dns_message_t *msg = NULL; dns_compress_t cctx; isc_result_t result; result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &msg); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_create: %s", dns_result_totext(result)); msg->id = 50; msg->rcode = dns_rcode_noerror; msg->flags = flags; if (tsigin == tsigout) msg->tcp_continuation = 1; if (tsigctx == NULL) { result = dns_message_settsigkey(msg, key); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_settsigkey: %s", dns_result_totext(result)); result = dns_message_setquerytsig(msg, *tsigin); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_setquerytsig: %s", dns_result_totext(result)); } result = dns_compress_init(&cctx, -1, mctx); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_compress_init: %s", dns_result_totext(result)); result = dns_message_renderbegin(msg, &cctx, buf); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_renderbegin: %s", dns_result_totext(result)); result = dns_message_renderend(msg); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_renderend: %s", dns_result_totext(result)); if (tsigctx != NULL) { isc_region_t r; isc_buffer_usedregion(buf, &r); result = dst_context_adddata(tsigctx, &r); } else { if (tsigin == tsigout && *tsigin != NULL) isc_buffer_free(tsigin); result = dns_message_getquerytsig(msg, mctx, tsigout); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_getquerytsig: %s", dns_result_totext(result)); } dns_compress_invalidate(&cctx); dns_message_destroy(&msg); }
static void initctx1(isc_task_t *task, isc_event_t *event) { char gssid[512]; char contextname[512]; isc_result_t result; isc_buffer_t buf; dns_message_t *query; dns_request_t *request; int c; isc_event_free(&event); printf("Initctx - GSS name => "); c = scanf("%511s", gssid); if (c == EOF) return; snprintf(contextname, sizeof(contextname), "gsstest.context.%d.", (int)time(NULL)); printf("Initctx - context name we're using: %s\n", contextname); printf("Negotiating GSSAPI context: "); printf("%s", gssid); printf("\n"); /* * Setup a GSSAPI context with the server */ dns_fixedname_init(&servername); isc_buffer_init(&buf, contextname, strlen(contextname)); isc_buffer_add(&buf, strlen(contextname)); result = dns_name_fromtext(dns_fixedname_name(&servername), &buf, dns_rootname, 0, NULL); CHECK("dns_name_fromtext", result); /* Make name happen */ dns_fixedname_init(&gssname); isc_buffer_init(&buf, gssid, strlen(gssid)); isc_buffer_add(&buf, strlen(gssid)); result = dns_name_fromtext(dns_fixedname_name(&gssname), &buf, dns_rootname, 0, NULL); CHECK("dns_name_fromtext", result); query = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &query); CHECK("dns_message_create", result); printf("Calling gss_init_sec_context()\n"); gssctx = GSS_C_NO_CONTEXT; result = dns_tkey_buildgssquery(query, dns_fixedname_name(&servername), dns_fixedname_name(&gssname), NULL, 36000, &gssctx, ISC_TRUE, mctx, NULL); CHECK("dns_tkey_buildgssquery", result); printf("Sending context token to server\n"); request = NULL; result = dns_request_create(requestmgr, query, &address, 0, NULL, TIMEOUT, task, initctx2, query, &request); CHECK("dns_request_create", result); return; end: event = isc_event_allocate(mctx, (void *)1, 1, console, NULL, sizeof(*event)); isc_task_send(task, &event);return; }
static void initctx2(isc_task_t *task, isc_event_t *event) { dns_requestevent_t *reqev = (dns_requestevent_t *)event; isc_result_t result; dns_message_t *query = NULL, *response = NULL; isc_buffer_t outtoken; unsigned char array[DNS_NAME_MAXTEXT + 1]; dns_rdataset_t *rdataset; dns_rdatatype_t qtype; dns_name_t *question_name; UNUSED(task); REQUIRE(reqev != NULL); query = reqev->ev_arg; if (reqev->result != ISC_R_SUCCESS) { fprintf(stderr, "I:request event result: %s\n", isc_result_totext(reqev->result)); goto end; } response = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &response); CHECK("dns_message_create", result); result = dns_request_getresponse(reqev->request, response, DNS_MESSAGEPARSE_PRESERVEORDER); CHECK("dns_request_getresponse", result); if (response->rcode != dns_rcode_noerror) { result = ISC_RESULTCLASS_DNSRCODE + response->rcode; fprintf(stderr, "I:response rcode: %s\n", isc_result_totext(result)); goto end; } printf("Received token from server, calling gss_init_sec_context()\n"); isc_buffer_init(&outtoken, array, DNS_NAME_MAXTEXT + 1); result = dns_tkey_processgssresponse(query, response, dns_fixedname_name(&gssname), &gssctx, &outtoken, &tsigkey, ring, NULL); gssctx = *gssctxp; CHECK("dns_tkey_processgssresponse", result); printf("Context accepted\n"); question_name = NULL; dns_message_currentname(response, DNS_SECTION_ANSWER, &question_name); rdataset = ISC_LIST_HEAD(question_name->list); INSIST(rdataset != NULL); qtype = rdataset->type; if (qtype == dns_rdatatype_tkey) { printf("Received TKEY response from server\n"); printf("Context completed\n"); } else { printf("Did not receive TKEY response from server\n"); printf("Context not completed\n"); dns_tsigkey_detach(&tsigkey); tsigkey = NULL; } dns_message_destroy(&response); end: if (query != NULL) dns_message_destroy(&query); if (reqev->request != NULL) dns_request_destroy(&reqev->request); isc_event_free(&event); event = isc_event_allocate(mctx, (void *)1, 1, console, NULL, sizeof(*event)); isc_task_send(task, &event); return; }
static void sendquery(isc_task_t *task, isc_event_t *event) { dns_request_t *request = NULL; dns_message_t *message = NULL; dns_name_t *qname = NULL; dns_rdataset_t *qrdataset = NULL; isc_result_t result; dns_fixedname_t queryname; isc_buffer_t buf; isc_buffer_t outbuf; char output[10 * 1024]; static char host[256]; int c; isc_event_free(&event); printf("Query => "); c = scanf("%255s", host); if (c == EOF) return; dns_fixedname_init(&queryname); isc_buffer_init(&buf, host, strlen(host)); isc_buffer_add(&buf, strlen(host)); result = dns_name_fromtext(dns_fixedname_name(&queryname), &buf, dns_rootname, 0, NULL); CHECK("dns_name_fromtext", result); result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &message); if (result != ISC_R_SUCCESS) goto end; message->opcode = dns_opcode_query; message->rdclass = dns_rdataclass_in; message->id = (unsigned short)(random() & 0xFFFF); result = dns_message_gettempname(message, &qname); if (result != ISC_R_SUCCESS) goto end; result = dns_message_gettemprdataset(message, &qrdataset); if (result != ISC_R_SUCCESS) goto end; dns_name_init(qname, NULL); dns_name_clone(dns_fixedname_name(&queryname), qname); dns_rdataset_init(qrdataset); dns_rdataset_makequestion(qrdataset, dns_rdataclass_in, dns_rdatatype_a); ISC_LIST_APPEND(qname->list, qrdataset, link); dns_message_addname(message, qname, DNS_SECTION_QUESTION); result = dns_request_create(requestmgr, message, &address, 0, tsigkey, TIMEOUT, task, recvresponse, message, &request); CHECK("dns_request_create", result); printf("Submitting query:\n"); isc_buffer_init(&outbuf, output, sizeof(output)); result = dns_message_totext(message, &dns_master_style_debug, 0, &outbuf); CHECK("dns_message_totext", result); printf("%.*s\n", (int)isc_buffer_usedlength(&outbuf), (char *)isc_buffer_base(&outbuf)); return; end: if (qname != NULL) dns_message_puttempname(message, &qname); if (qrdataset != NULL) dns_message_puttemprdataset(message, &qrdataset); if (message != NULL) dns_message_destroy(&message); }
/* * Arrange to send as much as we can of "stream" without blocking. * * Requires: * The stream iterator is initialized and points at an RR, * or possibly at the end of the stream (that is, the * _first method of the iterator has been called). */ static void sendstream(xfrout_ctx_t *xfr) { dns_message_t *tcpmsg = NULL; dns_message_t *msg = NULL; /* Client message if UDP, tcpmsg if TCP */ isc_result_t result; isc_region_t used; isc_region_t region; dns_rdataset_t *qrdataset; dns_name_t *msgname = NULL; dns_rdata_t *msgrdata = NULL; dns_rdatalist_t *msgrdl = NULL; dns_rdataset_t *msgrds = NULL; dns_compress_t cctx; isc_boolean_t cleanup_cctx = ISC_FALSE; isc_boolean_t is_tcp; int n_rrs; isc_buffer_clear(&xfr->buf); isc_buffer_clear(&xfr->txlenbuf); isc_buffer_clear(&xfr->txbuf); is_tcp = ISC_TF((xfr->client->attributes & NS_CLIENTATTR_TCP) != 0); if (!is_tcp) { /* * In the UDP case, we put the response data directly into * the client message. */ msg = xfr->client->message; CHECK(dns_message_reply(msg, ISC_TRUE)); } else { /* * TCP. Build a response dns_message_t, temporarily storing * the raw, uncompressed owner names and RR data contiguously * in xfr->buf. We know that if the uncompressed data fits * in xfr->buf, the compressed data will surely fit in a TCP * message. */ CHECK(dns_message_create(xfr->mctx, DNS_MESSAGE_INTENTRENDER, &tcpmsg)); msg = tcpmsg; msg->id = xfr->id; msg->rcode = dns_rcode_noerror; msg->flags = DNS_MESSAGEFLAG_QR | DNS_MESSAGEFLAG_AA; if ((xfr->client->attributes & NS_CLIENTATTR_RA) != 0) msg->flags |= DNS_MESSAGEFLAG_RA; CHECK(dns_message_settsigkey(msg, xfr->tsigkey)); CHECK(dns_message_setquerytsig(msg, xfr->lasttsig)); if (xfr->lasttsig != NULL) isc_buffer_free(&xfr->lasttsig); /* * Add a EDNS option to the message? */ if ((xfr->client->attributes & NS_CLIENTATTR_WANTOPT) != 0) { dns_rdataset_t *opt = NULL; CHECK(ns_client_addopt(xfr->client, msg, &opt)); CHECK(dns_message_setopt(msg, opt)); /* * Add to first message only. */ xfr->client->attributes &= ~NS_CLIENTATTR_WANTNSID; xfr->client->attributes &= ~NS_CLIENTATTR_HAVEEXPIRE; } /* * Account for reserved space. */ if (xfr->tsigkey != NULL) INSIST(msg->reserved != 0U); isc_buffer_add(&xfr->buf, msg->reserved); /* * Include a question section in the first message only. * BIND 8.2.1 will not recognize an IXFR if it does not * have a question section. */ if (xfr->nmsg == 0) { dns_name_t *qname = NULL; isc_region_t r; /* * Reserve space for the 12-byte message header * and 4 bytes of question. */ isc_buffer_add(&xfr->buf, 12 + 4); qrdataset = NULL; result = dns_message_gettemprdataset(msg, &qrdataset); if (result != ISC_R_SUCCESS) goto failure; dns_rdataset_makequestion(qrdataset, xfr->client->message->rdclass, xfr->qtype); result = dns_message_gettempname(msg, &qname); if (result != ISC_R_SUCCESS) goto failure; dns_name_init(qname, NULL); isc_buffer_availableregion(&xfr->buf, &r); INSIST(r.length >= xfr->qname->length); r.length = xfr->qname->length; isc_buffer_putmem(&xfr->buf, xfr->qname->ndata, xfr->qname->length); dns_name_fromregion(qname, &r); ISC_LIST_INIT(qname->list); ISC_LIST_APPEND(qname->list, qrdataset, link); dns_message_addname(msg, qname, DNS_SECTION_QUESTION); } else { /* * Reserve space for the 12-byte message header */ isc_buffer_add(&xfr->buf, 12); msg->tcp_continuation = 1; } } /* * Try to fit in as many RRs as possible, unless "one-answer" * format has been requested. */ for (n_rrs = 0; ; n_rrs++) { dns_name_t *name = NULL; isc_uint32_t ttl; dns_rdata_t *rdata = NULL; unsigned int size; isc_region_t r; msgname = NULL; msgrdata = NULL; msgrdl = NULL; msgrds = NULL; xfr->stream->methods->current(xfr->stream, &name, &ttl, &rdata); size = name->length + 10 + rdata->length; isc_buffer_availableregion(&xfr->buf, &r); if (size >= r.length) { /* * RR would not fit. If there are other RRs in the * buffer, send them now and leave this RR to the * next message. If this RR overflows the buffer * all by itself, fail. * * In theory some RRs might fit in a TCP message * when compressed even if they do not fit when * uncompressed, but surely we don't want * to send such monstrosities to an unsuspecting * slave. */ if (n_rrs == 0) { xfrout_log(xfr, ISC_LOG_WARNING, "RR too large for zone transfer " "(%d bytes)", size); /* XXX DNS_R_RRTOOLARGE? */ result = ISC_R_NOSPACE; goto failure; } break; } if (isc_log_wouldlog(ns_g_lctx, XFROUT_RR_LOGLEVEL)) log_rr(name, rdata, ttl); /* XXX */ result = dns_message_gettempname(msg, &msgname); if (result != ISC_R_SUCCESS) goto failure; dns_name_init(msgname, NULL); isc_buffer_availableregion(&xfr->buf, &r); INSIST(r.length >= name->length); r.length = name->length; isc_buffer_putmem(&xfr->buf, name->ndata, name->length); dns_name_fromregion(msgname, &r); /* Reserve space for RR header. */ isc_buffer_add(&xfr->buf, 10); result = dns_message_gettemprdata(msg, &msgrdata); if (result != ISC_R_SUCCESS) goto failure; isc_buffer_availableregion(&xfr->buf, &r); r.length = rdata->length; isc_buffer_putmem(&xfr->buf, rdata->data, rdata->length); dns_rdata_init(msgrdata); dns_rdata_fromregion(msgrdata, rdata->rdclass, rdata->type, &r); result = dns_message_gettemprdatalist(msg, &msgrdl); if (result != ISC_R_SUCCESS) goto failure; msgrdl->type = rdata->type; msgrdl->rdclass = rdata->rdclass; msgrdl->ttl = ttl; if (rdata->type == dns_rdatatype_sig || rdata->type == dns_rdatatype_rrsig) msgrdl->covers = dns_rdata_covers(rdata); else msgrdl->covers = dns_rdatatype_none; ISC_LIST_APPEND(msgrdl->rdata, msgrdata, link); result = dns_message_gettemprdataset(msg, &msgrds); if (result != ISC_R_SUCCESS) goto failure; result = dns_rdatalist_tordataset(msgrdl, msgrds); INSIST(result == ISC_R_SUCCESS); ISC_LIST_APPEND(msgname->list, msgrds, link); dns_message_addname(msg, msgname, DNS_SECTION_ANSWER); msgname = NULL; result = xfr->stream->methods->next(xfr->stream); if (result == ISC_R_NOMORE) { xfr->end_of_stream = ISC_TRUE; break; } CHECK(result); if (! xfr->many_answers) break; /* * At this stage, at least 1 RR has been rendered into * the message. Check if we want to clamp this message * here (TCP only). 20480 was set as an upper limit to * improve message compression. */ if ((isc_buffer_usedlength(&xfr->buf) >= 20480) && is_tcp) break; } if (is_tcp) { CHECK(dns_compress_init(&cctx, -1, xfr->mctx)); dns_compress_setsensitive(&cctx, ISC_TRUE); cleanup_cctx = ISC_TRUE; CHECK(dns_message_renderbegin(msg, &cctx, &xfr->txbuf)); CHECK(dns_message_rendersection(msg, DNS_SECTION_QUESTION, 0)); CHECK(dns_message_rendersection(msg, DNS_SECTION_ANSWER, 0)); CHECK(dns_message_renderend(msg)); dns_compress_invalidate(&cctx); cleanup_cctx = ISC_FALSE; isc_buffer_usedregion(&xfr->txbuf, &used); isc_buffer_putuint16(&xfr->txlenbuf, (isc_uint16_t)used.length); region.base = xfr->txlenbuf.base; region.length = 2 + used.length; xfrout_log(xfr, ISC_LOG_DEBUG(8), "sending TCP message of %d bytes", used.length); CHECK(isc_socket_send(xfr->client->tcpsocket, /* XXX */ ®ion, xfr->client->task, xfrout_senddone, xfr)); xfr->sends++; } else { xfrout_log(xfr, ISC_LOG_DEBUG(8), "sending IXFR UDP response"); ns_client_send(xfr->client); xfr->stream->methods->pause(xfr->stream); xfrout_ctx_destroy(&xfr); return; } /* Advance lasttsig to be the last TSIG generated */ CHECK(dns_message_getquerytsig(msg, xfr->mctx, &xfr->lasttsig)); xfr->nmsg++; failure: if (msgname != NULL) { if (msgrds != NULL) { if (dns_rdataset_isassociated(msgrds)) dns_rdataset_disassociate(msgrds); dns_message_puttemprdataset(msg, &msgrds); } if (msgrdl != NULL) { ISC_LIST_UNLINK(msgrdl->rdata, msgrdata, link); dns_message_puttemprdatalist(msg, &msgrdl); } if (msgrdata != NULL) dns_message_puttemprdata(msg, &msgrdata); dns_message_puttempname(msg, &msgname); } if (tcpmsg != NULL) dns_message_destroy(&tcpmsg); if (cleanup_cctx) dns_compress_invalidate(&cctx); /* * Make sure to release any locks held by database * iterators before returning from the event handler. */ xfr->stream->methods->pause(xfr->stream); if (result == ISC_R_SUCCESS) return; xfrout_fail(xfr, result, "sending zone data"); }
int main(int argc, char *argv[]) { int i, ch, error; struct addrinfo hints, *res; isc_result_t result; isc_sockaddr_t sa; isc_sockaddrlist_t servers; isc_taskmgr_t *taskmgr = NULL; isc_socketmgr_t *socketmgr = NULL; isc_timermgr_t *timermgr = NULL; while ((ch = getopt(argc, argv, "c:dhv")) != -1) { switch (ch) { case 'c': cacheserver = optarg; break; case 'd': debug_mode = ISC_TRUE; break; case 'h': usage(); break; case 'v': verbose_level++; break; default: usage(); break; } } argc -= optind; argv += optind; /* Common set up */ isc_lib_register(); result = dns_lib_init(); if (result != ISC_R_SUCCESS) { fprintf(stderr, "dns_lib_init failed: %d\n", result); exit(1); } result = ctxs_init(&mctx, &actx, &taskmgr, &socketmgr, &timermgr); if (result != ISC_R_SUCCESS) { fprintf(stderr, "ctx create failed: %d\n", result); exit(1); } isc_app_ctxstart(actx); result = dns_client_createx(mctx, actx, taskmgr, socketmgr, timermgr, 0, &client); if (result != ISC_R_SUCCESS) { fprintf(stderr, "dns_client_createx failed: %d\n", result); exit(1); } /* Set local cache server */ memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_DGRAM; error = getaddrinfo(cacheserver, "53", &hints, &res); if (error != 0) { fprintf(stderr, "failed to convert server name (%s): %s\n", cacheserver, gai_strerror(error)); exit(1); } if (res->ai_addrlen > sizeof(sa.type)) { fprintf(stderr, "assumption failure: addrlen is too long: %ld\n", (long)res->ai_addrlen); exit(1); } memcpy(&sa.type.sa, res->ai_addr, res->ai_addrlen); sa.length = res->ai_addrlen; freeaddrinfo(res); ISC_LINK_INIT(&sa, link); ISC_LIST_INIT(servers); ISC_LIST_APPEND(servers, &sa, link); result = dns_client_setservers(client, dns_rdataclass_in, NULL, &servers); if (result != ISC_R_SUCCESS) { fprintf(stderr, "failed to set server: %d\n", result); exit(1); } /* Create the main task */ probe_task = NULL; result = isc_task_create(taskmgr, 0, &probe_task); if (result != ISC_R_SUCCESS) { fprintf(stderr, "failed to create task: %d\n", result); exit(1); } /* Open input file */ if (argc == 0) fp = stdin; else { fp = fopen(argv[0], "r"); if (fp == NULL) { fprintf(stderr, "failed to open input file: %s\n", argv[0]); exit(1); } } /* Set up and start probe */ for (i = 0; i < MAX_PROBES; i++) { probes[i].inuse = ISC_FALSE; probes[i].domain = NULL; dns_fixedname_init(&probes[i].fixedname); probes[i].qname = NULL; probes[i].qlabel = qlabels; probes[i].qname_found = ISC_FALSE; probes[i].resid = NULL; ISC_LIST_INIT(probes[i].nslist); probes[i].reqid = NULL; probes[i].qmessage = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &probes[i].qmessage); if (result == ISC_R_SUCCESS) { result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &probes[i].rmessage); } if (result != ISC_R_SUCCESS) { fprintf(stderr, "initialization failure\n"); exit(1); } } for (i = 0; i < MAX_PROBES; i++) { result = probe_domain(&probes[i]); if (result == ISC_R_NOMORE) break; else if (result != ISC_R_SUCCESS) { fprintf(stderr, "failed to issue an initial probe\n"); exit(1); } } /* Start event loop */ isc_app_ctxrun(actx); /* Dump results */ printf("Per domain results (out of %lu domains):\n", number_of_domains); printf(" valid: %lu\n" " ignore: %lu\n" " nxdomain: %lu\n" " othererr: %lu\n" " multiplesoa: %lu\n" " multiplecname: %lu\n" " brokenanswer: %lu\n" " lame: %lu\n" " unknown: %lu\n" " multiple errors: %lu\n", domain_stat.valid, domain_stat.ignore, domain_stat.nxdomain, domain_stat.othererr, domain_stat.multiplesoa, domain_stat.multiplecname, domain_stat.brokenanswer, domain_stat.lame, domain_stat.unknown, multiple_error_domains); printf("Per server results (out of %lu servers):\n", number_of_servers); printf(" valid: %lu\n" " ignore: %lu\n" " nxdomain: %lu\n" " othererr: %lu\n" " multiplesoa: %lu\n" " multiplecname: %lu\n" " brokenanswer: %lu\n" " lame: %lu\n" " unknown: %lu\n", server_stat.valid, server_stat.ignore, server_stat.nxdomain, server_stat.othererr, server_stat.multiplesoa, server_stat.multiplecname, server_stat.brokenanswer, server_stat.lame, server_stat.unknown); /* Cleanup */ for (i = 0; i < MAX_PROBES; i++) { dns_message_destroy(&probes[i].qmessage); dns_message_destroy(&probes[i].rmessage); } isc_task_detach(&probe_task); dns_client_destroy(&client); dns_lib_shutdown(); isc_app_ctxfinish(actx); ctxs_destroy(&mctx, &actx, &taskmgr, &socketmgr, &timermgr); exit(0); }
ATF_TC_BODY(tsig_tcp, tc) { const dns_name_t *tsigowner = NULL; dns_fixedname_t fkeyname; dns_message_t *msg = NULL; dns_name_t *keyname; dns_tsig_keyring_t *ring = NULL; dns_tsigkey_t *key = NULL; isc_buffer_t *buf = NULL; isc_buffer_t *querytsig = NULL; isc_buffer_t *tsigin = NULL; isc_buffer_t *tsigout = NULL; isc_result_t result; unsigned char secret[16] = { 0 }; dst_context_t *tsigctx = NULL; dst_context_t *outctx = NULL; UNUSED(tc); result = dns_test_begin(stderr, ISC_TRUE); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); /* isc_log_setdebuglevel(lctx, 99); */ dns_fixedname_init(&fkeyname); keyname = dns_fixedname_name(&fkeyname); result = dns_name_fromstring(keyname, "test", 0, NULL); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); result = dns_tsigkeyring_create(mctx, &ring); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); result = dns_tsigkey_create(keyname, dns_tsig_hmacsha256_name, secret, sizeof(secret), ISC_FALSE, NULL, 0, 0, mctx, ring, &key); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); /* * Create request. */ result = isc_buffer_allocate(mctx, &buf, 65535); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); render(buf, 0, key, &tsigout, &querytsig, NULL); isc_buffer_free(&buf); /* * Create response message 1. */ result = isc_buffer_allocate(mctx, &buf, 65535); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); render(buf, DNS_MESSAGEFLAG_QR, key, &querytsig, &tsigout, NULL); /* * Process response message 1. */ result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &msg); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_create: %s", dns_result_totext(result)); result = dns_message_settsigkey(msg, key); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_settsigkey: %s", dns_result_totext(result)); result = dns_message_parse(msg, buf, 0); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_parse: %s", dns_result_totext(result)); printmessage(msg); result = dns_message_setquerytsig(msg, querytsig); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_setquerytsig: %s", dns_result_totext(result)); result = dns_tsig_verify(buf, msg, NULL, NULL); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_tsig_verify: %s", dns_result_totext(result)); ATF_CHECK_EQ(msg->verified_sig, 1); ATF_CHECK_EQ(msg->tsigstatus, dns_rcode_noerror); /* * Check that we have a TSIG in the first message. */ ATF_REQUIRE(dns_message_gettsig(msg, &tsigowner) != NULL); result = dns_message_getquerytsig(msg, mctx, &tsigin); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_getquerytsig: %s", dns_result_totext(result)); tsigctx = msg->tsigctx; msg->tsigctx = NULL; isc_buffer_free(&buf); dns_message_destroy(&msg); result = dst_context_create3(key->key, mctx, DNS_LOGCATEGORY_DNSSEC, ISC_FALSE, &outctx); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); /* * Start digesting. */ result = add_mac(outctx, tsigout); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); /* * Create response message 2. */ result = isc_buffer_allocate(mctx, &buf, 65535); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); render(buf, DNS_MESSAGEFLAG_QR, key, &tsigout, &tsigout, outctx); /* * Process response message 2. */ result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &msg); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_create: %s", dns_result_totext(result)); msg->tcp_continuation = 1; msg->tsigctx = tsigctx; tsigctx = NULL; result = dns_message_settsigkey(msg, key); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_settsigkey: %s", dns_result_totext(result)); result = dns_message_parse(msg, buf, 0); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_parse: %s", dns_result_totext(result)); printmessage(msg); result = dns_message_setquerytsig(msg, tsigin); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_setquerytsig: %s", dns_result_totext(result)); result = dns_tsig_verify(buf, msg, NULL, NULL); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_tsig_verify: %s", dns_result_totext(result)); ATF_CHECK_EQ(msg->verified_sig, 1); ATF_CHECK_EQ(msg->tsigstatus, dns_rcode_noerror); /* * Check that we don't have a TSIG in the second message. */ tsigowner = NULL; ATF_REQUIRE(dns_message_gettsig(msg, &tsigowner) == NULL); tsigctx = msg->tsigctx; msg->tsigctx = NULL; isc_buffer_free(&buf); dns_message_destroy(&msg); /* * Create response message 3. */ result = isc_buffer_allocate(mctx, &buf, 65535); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); render(buf, DNS_MESSAGEFLAG_QR, key, &tsigout, &tsigout, outctx); result = add_tsig(outctx, key, buf); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "add_tsig: %s", dns_result_totext(result)); /* * Process response message 3. */ result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &msg); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_create: %s", dns_result_totext(result)); msg->tcp_continuation = 1; msg->tsigctx = tsigctx; tsigctx = NULL; result = dns_message_settsigkey(msg, key); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_settsigkey: %s", dns_result_totext(result)); result = dns_message_parse(msg, buf, 0); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_parse: %s", dns_result_totext(result)); printmessage(msg); /* * Check that we had a TSIG in the third message. */ ATF_REQUIRE(dns_message_gettsig(msg, &tsigowner) != NULL); result = dns_message_setquerytsig(msg, tsigin); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_setquerytsig: %s", dns_result_totext(result)); result = dns_tsig_verify(buf, msg, NULL, NULL); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_tsig_verify: %s", dns_result_totext(result)); ATF_CHECK_EQ(msg->verified_sig, 1); ATF_CHECK_EQ(msg->tsigstatus, dns_rcode_noerror); if (tsigin != NULL) isc_buffer_free(&tsigin); result = dns_message_getquerytsig(msg, mctx, &tsigin); ATF_CHECK_EQ_MSG(result, ISC_R_SUCCESS, "dns_message_getquerytsig: %s", dns_result_totext(result)); isc_buffer_free(&buf); dns_message_destroy(&msg); if (outctx != NULL) dst_context_destroy(&outctx); if (querytsig != NULL) isc_buffer_free(&querytsig); if (tsigin != NULL) isc_buffer_free(&tsigin); if (tsigout != NULL) isc_buffer_free(&tsigout); if (buf != NULL) isc_buffer_free(&buf); if (msg != NULL) dns_message_destroy(&msg); if (key != NULL) dns_tsigkey_detach(&key); if (ring != NULL) dns_tsigkeyring_detach(&ring); dns_test_end(); }