static void setup_tsec(char *keyfile, isc_mem_t *mctx) { dst_key_t *dstkey = NULL; isc_result_t result; dns_tsectype_t tsectype; result = dst_key_fromnamedfile(keyfile, NULL, DST_TYPE_PRIVATE | DST_TYPE_KEY, mctx, &dstkey); if (result != ISC_R_SUCCESS) { fprintf(stderr, "could not read key from %s: %s\n", keyfile, isc_result_totext(result)); exit(1); } if (dst_key_alg(dstkey) == DST_ALG_HMACMD5) tsectype = dns_tsectype_tsig; else tsectype = dns_tsectype_sig0; result = dns_tsec_create(mctx, tsectype, dstkey, &tsec); dst_key_free(&dstkey); if (result != ISC_R_SUCCESS) { fprintf(stderr, "could not create tsec: %s\n", isc_result_totext(result)); exit(1); } }
isc_result_t omapi_auth_key_enter (omapi_auth_key_t *a) { omapi_auth_key_t *tk; isc_result_t status; dst_key_t *dstkey; if (a -> type != omapi_type_auth_key) return DHCP_R_INVALIDARG; tk = (omapi_auth_key_t *)0; if (auth_key_hash) { omapi_auth_key_hash_lookup (&tk, auth_key_hash, a -> name, 0, MDL); if (tk == a) { omapi_auth_key_dereference (&tk, MDL); return ISC_R_SUCCESS; } if (tk) { omapi_auth_key_hash_delete (auth_key_hash, tk -> name, 0, MDL); omapi_auth_key_dereference (&tk, MDL); } } else { if (!omapi_auth_key_new_hash(&auth_key_hash, KEY_HASH_SIZE, MDL)) return ISC_R_NOMEMORY; } /* * If possible create a tsec structure for this key, * if we can't create the structure we put out a warning * and continue. */ status = isclib_make_dst_key(a->name, a->algorithm, a->key->value, a->key->len, &dstkey); if (status == ISC_R_SUCCESS) { status = dns_tsec_create(dhcp_gbl_ctx.mctx, dns_tsectype_tsig, dstkey, &a->tsec_key); dst_key_free(&dstkey); } if (status != ISC_R_SUCCESS) log_error("Unable to create tsec structure for %s", a->name); omapi_auth_key_hash_add (auth_key_hash, a -> name, 0, a, MDL); return ISC_R_SUCCESS; }