ff2d95be3d5e0350c5b457582cdb08869fc17789Tinderbox User * Copyright (C) 1999-2001, 2004-2007, 2009, 2011, 2012, 2016, 2017 Internet Systems Consortium, Inc. ("ISC")
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * This Source Code Form is subject to the terms of the Mozilla Public
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * License, v. 2.0. If a copy of the MPL was not distributed with this
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * file, You can obtain one at http://mozilla.org/MPL/2.0/.
135bcc2e42a94543f11af2a4196b13552ab46d89Automatic Updater/* $Id: tsigconf.c,v 1.35 2011/01/11 23:47:12 tbox Exp $ */
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrewsadd_initial_keys(const cfg_obj_t *list, dns_tsig_keyring_t *ring,
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington keyid = cfg_obj_asstring(cfg_map_getname(key));
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington (void)cfg_map_get(key, "algorithm", &algobj);
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington (void)cfg_map_get(key, "secret", &secretobj);
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington INSIST(algobj != NULL && secretobj != NULL);
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence * Create the key name.
6f7abb89ec22aef5eda40ed60fcf605a42b78d4dMark Andrews isc_buffer_constinit(&keynamesrc, keyid, strlen(keyid));
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington isc_buffer_add(&keynamesrc, strlen(keyid));
6e49e91bd08778d7eae45a2229dcf41ed97cc636David Lawrence isc_buffer_init(&keynamebuf, keynamedata, sizeof(keynamedata));
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson ret = dns_name_fromtext(&keyname, &keynamesrc, dns_rootname,
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence * Create the algorithm.
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews if (ns_config_getkeyalgorithm(algstr, &alg, &bits)
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington cfg_obj_log(algobj, ns_g_lctx, ISC_LOG_ERROR,
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews "key '%s': has a unsupported algorithm '%s'",
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington secretalloc = secretlen = strlen(secretstr) * 3 / 4;
6e49e91bd08778d7eae45a2229dcf41ed97cc636David Lawrence isc_buffer_init(&secretbuf, secret, secretlen);
734ae1f7c6abafe1f1ca164aad7a3dd01ee82cbdBrian Wellington ret = isc_base64_decodestring(secretstr, &secretbuf);
6e49e91bd08778d7eae45a2229dcf41ed97cc636David Lawrence secretlen = isc_buffer_usedlength(&secretbuf);
7a184cd4e5a54a4e530f9bff8a4e46be392d0b52Brian Wellington ret = dns_tsigkey_create(&keyname, alg, secret, secretlen,
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews * Set digest bits.
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrewsns_tsigkeyring_fromconfig(const cfg_obj_t *config, const cfg_obj_t *vconfig,
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington isc_mem_t *mctx, dns_tsig_keyring_t **ringp)
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington maps[i++] = cfg_tuple_get(vconfig, "options");
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson result = dns_tsigkeyring_create(mctx, &ring);
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington for (i = 0; ; i++) {
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington result = cfg_map_get(maps[i], "key", &keylist);