/*
* Copyright (C) 2011-2013, 2016, 2017 Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id$ */
/*
* This implements external update-policy rules. This allows permission
* to update a zone to be checked by consulting an external daemon (e.g.,
* kerberos).
*/
#include <config.h>
#include <errno.h>
#include <unistd.h>
#ifdef ISC_PLATFORM_HAVESYSUNH
#endif
#include <isc/strerror.h>
#include <dns/fixedname.h>
#include <dns/rdatatype.h>
static void
}
/*
* Connect to a UNIX domain socket.
*/
static int
#ifdef ISC_PLATFORM_HAVESYSUNH
"longer than system maximum %u",
return (-1);
}
if (fd == -1) {
strbuf);
return (-1);
}
"socket '%s' - %s",
return (-1);
}
#endif
return (fd);
}
/* Change this version if you update the format of the request */
/*
* Perform an update-policy rule check against an external application
* over a socket.
*
* This currently only supports local: for unix domain datagram sockets.
*
* Note that by using a datagram socket and creating a new socket each
* time we avoid the need for locking and allow for parallel access to
* the authorization server.
*/
{
int fd;
const char *sock_path;
unsigned int req_len;
unsigned char *data;
/* For now only local: is supported */
return (ISC_FALSE);
}
if (fd == -1)
return (ISC_FALSE);
} else
b_key[0] = 0;
if (tkey_token != NULL) {
}
/* Format the request elements */
else
b_signer[0] = 0;
else
b_addr[0] = 0;
/* Work out how big the request will be */
sizeof(isc_uint32_t) + /* Length */
sizeof(isc_uint32_t) + /* tkey_token length */
token_len; /* tkey_token */
/* format the buffer */
return (ISC_FALSE);
}
/* Strings must be null-terminated */
isc_buffer_putuint8(&buf, 0);
isc_buffer_putuint8(&buf, 0);
isc_buffer_putuint8(&buf, 0);
isc_buffer_putuint8(&buf, 0);
isc_buffer_putuint8(&buf, 0);
if (tkey_token && token_len != 0)
/* Send the request */
strbuf);
return (ISC_FALSE);
}
/* Receive the reply */
strbuf);
return (ISC_FALSE);
}
if (reply == 0) {
b_name);
return (ISC_FALSE);
} else if (reply == 1) {
b_name);
return (ISC_TRUE);
}
return (ISC_FALSE);
}