smbns_dyndns.c revision 7b59d02d2a384be9a08087b14defadd214b3c1dd
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * CDDL HEADER START
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * The contents of this file are subject to the terms of the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Common Development and Distribution License (the "License").
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * You may not use this file except in compliance with the License.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * See the License for the specific language governing permissions
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * and limitations under the License.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * When distributing Covered Code, include this CDDL HEADER in each
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * If applicable, add the following below this CDDL HEADER, with the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * fields enclosed by brackets "[]" replaced with your own identifying
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * information: Portions Copyright [yyyy] [name of copyright owner]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * CDDL HEADER END
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Use is subject to license terms.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw#pragma ident "%Z%%M% %I% %E% SMI"
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw/* internal use, in dyndns_add_entry */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw/* Maximum retires if not authoritative */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as/* Number of times to retry a DNS query */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as/* Timeout value, in seconds, for DNS query responses */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (-1);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (0);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (id);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * XXX The following should be removed once head/arpa/nameser_compat.h
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * defines BADSIG, BADKEY, BADTIME macros
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw#endif /* BADSIG */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw#endif /* BADKEY */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw#endif /* BADTIME */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_msg_err
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Display error message for DNS error code found in the DNS header in
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * reply message.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * err: DNS errer code
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw switch (err) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw syslog(LOG_ERR, "DNS entry should exist but does not exist\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw syslog(LOG_ERR, "DNS entry shouldn't exist but does exist\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw syslog(LOG_ERR, "DNS RRSet shouldn't exist but does exist\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw syslog(LOG_ERR, "DNS RRSet should exist but does not exist\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw "for specified zone\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw "within specified zone\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * display_stat
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Display GSS error message from error code. This routine is used to display
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * the mechanism independent and mechanism specific error messages for GSS
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * routines. The major status error code is the mechanism independent error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * code and the minor status error code is the mechanism specific error code.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * maj: GSS major status
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * min: GSS minor status
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwstatic void
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (void) gss_display_status(&min2, maj, GSS_C_GSS_CODE, GSS_C_NULL_OID,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (void) gss_display_status(&min2, min, GSS_C_MECH_CODE, GSS_C_NULL_OID,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwstatic char *
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwstatic char *
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwstatic char *
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwstatic char *
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw buf += sizeof (int);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw buf += sizeof (int);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_stuff_str
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Converts a domain string by removing periods and replacing with a byte value
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * of how many characters following period. A byte value is placed in front
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * to indicate how many characters before first period. A NULL character is
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * placed at the end. i.e. host.procom.com -> 4host5procom3com0
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Buffer space checking is done by caller.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ptr : address of pointer to buffer to store converted string
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * zone: domain name string
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ptr: address of pointer to next available buffer space
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1 : error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0 : success
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_build_header
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Build the header for DNS query and DNS update request message.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ptr : address of pointer to buffer to store header
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * buf_len : buffer length
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * msg_id : message id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * query_req : use REQ_QUERY for query message or REQ_UPDATE for
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * quest_zone_cnt : number of question record for query message or
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * number of zone record for update message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ans_prereq_cnt : number of answer record for query message or
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * number of prerequisite record for update message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * nameser_update_cnt: number of name server for query message or
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * number of update record for update message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * addit_cnt : number of additional record
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * flags : query flags word
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ptr: address of pointer to next available buffer space
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1 : error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0 : success
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_build_header(char **ptr, int buf_len, uint16_t msg_id, int query_req,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw uint16_t nameser_update_cnt, uint16_t addit_cnt, int flags)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw syslog(LOG_ERR, "dyndns: no more buf for header section\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* mesg opcode */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* zone record count */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* prerequiste record count */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* update record count */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* additional record count */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_build_quest_zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Build the question section for query message or zone section for
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update message.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ptr : address of pointer to buffer to store question or zone section
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * buf_len: buffer length
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * name : question or zone name
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * type : type of question or zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * class : class of question or zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ptr: address of pointer to next available buffer space
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1 : error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0 : success
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_build_quest_zone(char **ptr, int buf_len, char *name, int type,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw "for question/zone section\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_build_update
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Build update section of update message for adding and removing a record.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * If the ttl value is 0 then this message is for record deletion.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ptr : address of pointer to buffer to store update section
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * buf_len : buffer length
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * name : resource name of this record
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * type : type of this record
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * class : class of this record
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ttl : time-to-live, cached time of this entry by others and not
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * within DNS database, a zero value for record(s) deletion
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * data : data of this resource record
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * forw_rev: UPDATE_FORW for forward zone, UPDATE_REV for reverse zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * add_del : UPDATE_ADD for adding entry, UPDATE_DEL for removing zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * del_type: DEL_ONE for deleting one entry, DEL_ALL for deleting all
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * entries of the same resource name. Only valid for UPDATE_DEL.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ptr: address of pointer to next available buffer space
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1 : error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0 : success
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_build_update(char **ptr, int buf_len, char *name, int type, int class,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw uint32_t ttl, char *data, int forw_rev, int add_del, int del_type)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw syslog(LOG_ERR, "dyndns: no more buf for update section\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw *ptr = dyndns_put_int(*ptr, inet_addr(data)); /* ip address */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_build_tkey
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Build TKEY section to establish security context for secure dynamic DNS
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update. DNS header and question sections need to be build before this
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * section. The TKEY data are the tokens generated during security context
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * establishment and the TKEY message is used to transmit those tokens, one
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * at a time, to the DNS server.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ptr : address of pointer to buffer to store TKEY
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * buf_len : buffer length
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * name : key name, must be unique and same as for TSIG record
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * key_expire: expiration time of this key in second
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * data : TKEY data
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * data_size : data size
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ptr: address of the pointer to the next available buffer space
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1 : error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0 : success
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_build_tkey(char **ptr, int buf_len, char *name, int key_expire,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw syslog(LOG_ERR, "dyndns: no more buf for TKEY record\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (void) dyndns_stuff_str(&namePtr, name); /* unique global name */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* 19 + 14 + data_size + 2 */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw *ptr = dyndns_put_nlong(*ptr, tp.tv_sec); /* inception */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* expiration, 86400 */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw *ptr = dyndns_put_nshort(*ptr, MODE_GSS_API); /* mode: gss-api */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw *ptr = dyndns_put_nshort(*ptr, data_size); /* key size */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_build_tsig
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Build TSIG section for secure dynamic DNS update. This routine will be
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * called twice. First called with TSIG_UNSIGNED, and second with TSIG_SIGNED.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * The TSIG data is NULL and ignored for TSIG_UNSIGNED and is the update request
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * message encrypted for TSIG_SIGNED. The message id must be the same id as the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * one in the update request before it is encrypted.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ptr : address of pointer to buffer to store TSIG
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * buf_len : buffer length
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * msg_id : message id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * name : key name, must be the same as in TKEY record
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * fudge_time : amount of error time allow in seconds
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * data : TSIG data if TSIG_SIGNED, otherwise NULL
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * data_size : size of data, otherwise 0 if data is NULL
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * data_signed: TSIG_SIGNED to indicate data is signed and encrypted,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * otherwise TSIG_UNSIGNED
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ptr: address of pointer to next available buffer space
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1 : error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0 : success
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_build_tsig(char **ptr, int buf_len, int msg_id, char *name,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw int fudge_time, char *data, int data_size, int data_signed)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw syslog(LOG_ERR, "dyndns: no more buf for TSIG record\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (void) dyndns_stuff_str(&namePtr, name); /* unique global name */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* 19 + 10 + data_size + 6 */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw *ptr = dyndns_put_nlong(*ptr, signtime); /* sign time */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* signed data size */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw *ptr = dyndns_put_nshort(*ptr, msg_id); /* original id */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_open_init_socket
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This routine creates a SOCK_STREAM or SOCK_DGRAM socket and initializes it
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * by doing bind() and setting linger option to off.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * sock_type: SOCK_STREAM for TCP or SOCK_DGRAM for UDP
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dest_addr: destination address in network byte order
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * port : destination port number
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * descriptor: descriptor referencing the created socket
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1 : error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_open_init_socket(int sock_type, unsigned long dest_addr, int port)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (char *)&l, sizeof (l)) == -1) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (void) close(s);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (bind(s, (struct sockaddr *)&my_addr, sizeof (my_addr)) < 0) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (void) close(s);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw sizeof (struct sockaddr_in)) < 0) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (void) close(s);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (s);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_build_tkey_msg
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This routine is used to build the TKEY message to transmit GSS tokens
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * during GSS security context establishment for secure DNS update. The
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * TKEY message format uses the DNS query message format. The TKEY section
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * is the answer section of the query message format.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Microsoft uses a value of 86400 seconds (24 hours) for key expiration time.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * buf : buffer to build and store TKEY message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * key_name: a unique key name, this same key name must be also be used in
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * the TSIG message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * out_tok : TKEY message data (GSS tokens)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * id : message id of this TKEY message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * message size: the size of the TKEY message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1 : error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_build_tkey_msg(char *buf, char *key_name, uint16_t *id,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw int queryReq, zoneCount, preqCount, updateCount, additionalCount;
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* query section of query request */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* answer section of query request */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* add TCP length info that follows this field */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (dyndns_build_header(&bufptr, BUFLEN_TCP(bufptr, buf), *id, queryReq,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw zoneCount, preqCount, updateCount, additionalCount, 0) == -1) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (dyndns_build_quest_zone(&bufptr, BUFLEN_TCP(bufptr, buf), key_name,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (dyndns_build_tkey(&bufptr, BUFLEN_TCP(bufptr, buf), key_name,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_establish_sec_ctx
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This routine is used to establish a security context with the DNS server
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * by building TKEY messages and sending them to the DNS server. TKEY messages
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * are also received from the DNS server for processing. The security context
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * establishment is done with the GSS client on the system producing a token
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * and sending the token within the TKEY message to the GSS server on the DNS
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * server. The GSS server then processes the token and then send a TKEY reply
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * message with a new token to be processed by the GSS client. The GSS client
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * processes the new token and then generates a new token to be sent to the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * GSS server. This cycle is continued until the security establishment is
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * done. TCP is used to send and receive TKEY messages.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
55bf511df53aad0fdb7eb3fa349f0308cc05234cas * cred_handle : handle to credential
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * s : socket descriptor to DNS server
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * key_name : TKEY key name
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dns_hostname: fully qualified DNS hostname
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * oid : contains Kerberos 5 object identifier
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * gss_context : handle to security context
55bf511df53aad0fdb7eb3fa349f0308cc05234casdyndns_establish_sec_ctx(gss_ctx_id_t *gss_context, gss_cred_id_t cred_handle,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw service_name = (char *)malloc(sizeof (char) * service_sz);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw syslog(LOG_ERR, "Malloc failed for %d bytes ", service_sz);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (void) snprintf(service_name, service_sz, "DNS@%s", dns_hostname);
55bf511df53aad0fdb7eb3fa349f0308cc05234cas GSS_C_NT_HOSTBASED_SERVICE, &target_name)) != GSS_S_COMPLETE) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw gss_flags = GSS_C_MUTUAL_FLAG | GSS_C_DELEG_FLAG | GSS_C_REPLAY_FLAG |
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw GSS_C_SEQUENCE_FLAG | GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG;
55bf511df53aad0fdb7eb3fa349f0308cc05234cas maj = gss_init_sec_context(&min, cred_handle, gss_context,
55bf511df53aad0fdb7eb3fa349f0308cc05234cas if (maj != GSS_S_COMPLETE && maj != GSS_S_CONTINUE_NEEDED) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw "reply recv error\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* bsd38 -> 2*7=14 */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_get_sec_context
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Get security context for secure dynamic DNS update. This routine opens
55bf511df53aad0fdb7eb3fa349f0308cc05234cas * a TCP socket to the DNS server and establishes a security context with
55bf511df53aad0fdb7eb3fa349f0308cc05234cas * the DNS server using host principal to perform secure dynamic DNS update.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * hostname: fully qualified hostname
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dns_ip : ip address of hostname in network byte order
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * gss_handle: gss credential handle
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * gss_context: gss security context
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1: error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0: success
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw "hostname from DNS ip.\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if ((s = dyndns_open_init_socket(SOCK_STREAM, dns_ip, 53)) < 0) {
55bf511df53aad0fdb7eb3fa349f0308cc05234cas if (dyndns_establish_sec_ctx(&gss_context, cred_handle, s, key_name,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (void) close(s);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_build_add_remove_msg
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This routine builds the update request message for adding and removing DNS
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * entries which is used for non-secure and secure DNS update.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This routine builds an UDP message.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * buf : buffer to build message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update_zone: the type of zone to update, use UPDATE_FORW for forward
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * lookup zone, use UPDATE_REV for reverse lookup zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * hostname : fully qualified hostname to update DNS with
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ip_addr : IP address of hostname
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * life_time : cached time of this entry by others and not within DNS
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * database
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update_type: UPDATE_ADD to add entry, UPDATE_DEL to remove entry
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * del_type : DEL_ONE for deleting one entry, DEL_ALL for deleting all
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * entries of the same resource name. Only valid for UPDATE_DEL.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * addit_cnt : Indicate how many record is in the additional section of
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * the DNS message. A value of zero is always used with
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * non-secure update message. For secure update message,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * the value will be one because the signed TSIG message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * is added as the additional record of the DNS update message.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * id : DNS message ID. If a positive value then this ID value is
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * used, otherwise the next incremented value is used
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * level : This is the domain level which we send the request to, level
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * zero is the default level, it can go upto 2 in reverse zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * and virtually to any level in forward zone.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * buf : buffer containing update message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * id : DNS message ID
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * int : size of update message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1 : error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This function is changed to handle dynamic DNS update retires to higher
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * authoritative domains.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_build_add_remove_msg(char *buf, int update_zone, const char *hostname,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw const char *ip_addr, int life_time, int update_type, int del_type,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw int a, b, c, d;
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw int queryReq, zoneCount, preqCount, updateCount, additionalCount;
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw char *zone, *resource, *data, zone_buf[100], resrc_buf[100];
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (*id == 0)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (dyndns_build_header(&bufptr, BUFLEN_UDP(bufptr, buf), *id, queryReq,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw zoneCount, preqCount, updateCount, additionalCount, 0) == -1) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw p = (char *)hostname;
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* Try higher domains according to the level requested */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* domain */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw } while (--level >= 0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (void) sprintf(zone_buf, "%d.%d.%d.in-addr.arpa", c, b, a);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* Try higher domains according to the level requested */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw while (--level >= 0) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* domain */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw d, c, b, a);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (dyndns_build_quest_zone(&bufptr, BUFLEN_UDP(bufptr, buf), zone,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (dyndns_build_update(&bufptr, BUFLEN_UDP(bufptr, buf),
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_build_unsigned_tsig_msg
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This routine is used to build the unsigned TSIG message for signing. The
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * unsigned TSIG message contains the update request message with certain TSIG
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * fields included. An error time of 300 seconds is used for fudge time. This
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * is the number used by Microsoft clients.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This routine builds a UDP message.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * buf : buffer to build message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update_zone: the type of zone to update, use UPDATE_FORW for forward
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * lookup zone, use UPDATE_REV for reverse lookup zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * hostname : fully qualified hostname to update DNS with
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ip_addr : IP address of hostname
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * life_time : cached time of this entry by others and not within DNS
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * database
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update_type: UPDATE_ADD to add entry, UPDATE_DEL to remove entry
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * del_type : DEL_ONE for deleting one entry, DEL_ALL for deleting all
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * entries of the same resource name. Only valid for UPDATE_DEL.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * key_name : same key name used in TKEY message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * id : DNS message ID. If a positive value then this ID value is
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * used, otherwise the next incremented value is used
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * level : This is the domain level which we send the request to, level
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * zero is the default level, it can go upto 2 in reverse zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * and virtually to any level in forward zone.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * buf : buffer containing update message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * id : DNS message ID
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * int : size of update message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1 : error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_build_unsigned_tsig_msg(char *buf, int update_zone, const char *hostname,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw const char *ip_addr, int life_time, int update_type, int del_type,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if ((buf_sz = dyndns_build_add_remove_msg(buf, update_zone, hostname,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ip_addr, life_time, update_type, del_type, 0, id, level)) <= 0) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (dyndns_build_tsig(&bufptr, BUFLEN_UDP(bufptr, buf), 0,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_build_signed_tsig_msg
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This routine build the signed TSIG message which contains the update
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * request message encrypted. An error time of 300 seconds is used for fudge
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * time. This is the number used by Microsoft clients.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This routine builds a UDP message.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * buf : buffer to build message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update_zone: the type of zone to update, use UPDATE_FORW for forward
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * lookup zone, use UPDATE_REV for reverse lookup zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * hostname : fully qualified hostname to update DNS with
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ip_addr : IP address of hostname
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * life_time : cached time of this entry by others and not within DNS
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * database
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update_type: UPDATE_ADD to add entry, UPDATE_DEL to remove entry
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * del_type : DEL_ONE for deleting one entry, DEL_ALL for deleting all
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * entries of the same resource name. Only valid for UPDATE_DEL.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * key_name : same key name used in TKEY message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * id : DNS message ID. If a positive value then this ID value is
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * used, otherwise the next incremented value is used
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * in_mic : the update request message encrypted
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * level : This is the domain level which we send the request to, level
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * zero is the default level, it can go upto 2 in reverse zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * and virtually to any level in forward zone.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * buf : buffer containing update message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * id : DNS message ID
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * int : size of update message
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1 : error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_build_signed_tsig_msg(char *buf, int update_zone, const char *hostname,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw const char *ip_addr, int life_time, int update_type, int del_type,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw char *key_name, uint16_t *id, gss_buffer_desc *in_mic, int level)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if ((buf_sz = dyndns_build_add_remove_msg(buf, update_zone, hostname,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ip_addr, life_time, update_type, del_type, 1, id, level)) <= 0) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_udp_send_recv
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * This routine sends and receives UDP DNS request and reply messages.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Pre-condition: Caller must call dyndns_open_init_socket() before calling
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * this function.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * s : socket descriptor
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * buf : buffer containing data to send
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * buf_sz : size of data to send
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1 : error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * rec_buf: reply dat
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0 : success
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_udp_send_recv(int s, char *buf, int buf_sz, char *rec_buf)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as for (i = 0; i <= DYNDNS_MAX_QUERY_RETRIES; i++) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw } else if (retval > 0) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* required by recvfrom */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as /* did not receive anything */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw syslog(LOG_ERR, "dyndns: max retries for UDP recv reached\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_sec_add_remove_entry
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Perform secure dynamic DNS update after getting security context.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This routine opens a UDP socket to the DNS sever, gets the security context,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * builds the unsigned TSIG message and signed TSIG message. The signed TSIG
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * message containing the encrypted update request message is sent to the DNS
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * server. The response is received and check for error. If there is no
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * error then credential handle and security context are released and the local
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * NSS cached is purged.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update_zone : UPDATE_FORW for forward zone, UPDATE_REV for reverse zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * hostname : fully qualified hostname
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ip_addr : ip address of hostname in string format
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * life_time : cached time of this entry by others and not within DNS
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * database
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * max_retries : maximum retries for sending DNS update request
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * recv_timeout: receive timeout
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update_type : UPDATE_ADD for adding entry, UPDATE_DEL for removing entry
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * del_type : DEL_ONE for deleting one entry, DEL_ALL for deleting all
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * entries of the same resource name. Only valid for UPDATE_DEL
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dns_str : DNS IP address in string format
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1: error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0: success
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This function is enhanced to handle the case of NOTAUTH error when DNS server
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * is not authoritative for specified zone. In this case we need to resend the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * same request to the higher authoritative domains.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This is true for both secure and unsecure dynamic DNS updates.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_sec_add_remove_entry(int update_zone, const char *hostname,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw const char *ip_addr, int life_time, int update_type, int del_type,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if ((s2 = dyndns_open_init_socket(SOCK_DGRAM, dns_ip, 53)) < 0) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if ((buf_sz = dyndns_build_unsigned_tsig_msg(buf, update_zone, hostname,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* sign update message */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if ((maj = gss_get_mic(&min, gss_context, 0, &in_mic, &out_mic)) !=
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if ((buf_sz = dyndns_build_signed_tsig_msg(buf, update_zone, hostname,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ip_addr, life_time, update_type, del_type, key_name, &id,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * If it is a NOTAUTH error we should retry with higher domains
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * until we get a successful reply or the maximum retries is met.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* check here for update request is successful */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw syslog(LOG_ERR, "dyndns: Error in TSIG reply: %d: ", ret);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_seach_entry
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Query DNS server for entry. This routine can indicate if an entry exist
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * or not during forward or reverse lookup. Also can indicate if the data
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * of the entry matched. For example, for forward lookup, the entry is
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * searched using the hostname and the data is the IP address. For reverse
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * lookup, the entry is searched using the IP address and the data is the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * hostname.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update_zone: UPDATE_FORW for forward zone, UPDATE_REV for reverse zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * hostname : fully qualified hostname
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ip_addr : ip address of hostname in string format
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update_type: UPDATE_ADD for adding entry, UPDATE_DEL for removing entry
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * time_out: no use
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * is_match: is 1 for found matching entry, otherwise 0
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 1 : an entry exist but not necessarily match
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0 : an entry does not exist
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw/*ARGSUSED*/
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_search_entry(int update_zone, const char *hostname, const char *ip_addr,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw int update_type, struct timeval *time_out, int *is_match)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* entry does not exist */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_add_remove_entry
55bf511df53aad0fdb7eb3fa349f0308cc05234cas * Perform non-secure dynamic DNS update. If it fails and the system is in
55bf511df53aad0fdb7eb3fa349f0308cc05234cas * domain mode, secure update will be performed.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This routine opens a UDP socket to the DNS sever, build the update request
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * message, and sends the message to the DNS server. The response is received
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * and check for error. If there is no error then the local NSS cached is
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * purged. DNS may be used to check to see if an entry already exist before
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * adding or to see if an entry does exist before removing it. Adding
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * duplicate entries or removing non-existing entries does not cause any
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * problems. DNS is not check when doing a delete all.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update_zone: UPDATE_FORW for forward zone, UPDATE_REV for reverse zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * hostname : fully qualified hostname
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ip_addr : ip address of hostname in string format
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * life_time : cached time of this entry by others and not within DNS
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * database
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update_type: UPDATE_ADD to add entry, UPDATE_DEL to remove entry
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * do_check : DNS_CHECK to check first in DNS, DNS_NOCHECK for no DNS
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * checking before update
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * del_type : DEL_ONE for deleting one entry, DEL_ALL for deleting all
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * entries of the same resource name. Only valid for UPDATE_DEL.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dns_str : DNS IP address in string format
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1: error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0: success
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This function is enhanced to handle the case of NOTAUTH error when DNS server
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * is not authoritative for specified zone. In this case we need to resend the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * same request to the higher authoritative domains.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This is true for both secure and unsecure dynamic DNS updates.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_add_remove_entry(int update_zone, const char *hostname,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw is_exist = dyndns_search_entry(update_zone, hostname, ip_addr,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (update_type == UPDATE_ADD && is_exist && is_match) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if ((s = dyndns_open_init_socket(SOCK_DGRAM, dns_ip, 53)) < 0) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if ((buf_sz = dyndns_build_add_remove_msg(buf, update_zone, hostname,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ip_addr, life_time, update_type, del_type, 0, &id, level)) <= 0) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (void) close(s);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (void) close(s);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (void) close(s);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * If it is a NOTAUTH error we should retry with higher domains
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * until we get a successful reply
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* check here for update request is successful */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw "support dynamic update\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw "zone name in zone section\n");
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_add_entry
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Main routine to add an entry into DNS. The attempt will be made on the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * the servers returned by smb_get_nameserver(). Upon a successful
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * attempt on any one of the server, the function will exit with 0.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Otherwise, -1 is retuned to indicate the update attempt on all the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * nameservers has failed.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update_zone: the type of zone to update, use UPDATE_FORW for forward
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * lookup zone, use UPDATE_REV for reverse lookup zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * hostname : fully qualified hostname
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ip_addr : ip address of hostname in string format
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * life_time : cached time of this entry by others and not within DNS
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * database
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1: error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0: success
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_add_entry(int update_zone, const char *hostname, const char *ip_addr,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw for (i = 0; i < cnt; i++) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_remove_entry
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Main routine to remove an entry or all entries of the same resource name
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * from DNS. The update attempt will be made on the primary DNS server. If
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * there is a failure then another attempt will be made on the secondary DNS
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * update_zone: the type of zone to update, use UPDATE_FORW for forward
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * lookup zone, use UPDATE_REV for reverse lookup zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * hostname : fully qualified hostname
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * ip_addr : ip address of hostname in string format
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * del_type : DEL_ONE for deleting one entry, DEL_ALL for deleting all
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * entries of the same resource name. Only valid for UPDATE_DEL
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1: error
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0: success
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdyndns_remove_entry(int update_zone, const char *hostname, const char *ip_addr,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw for (i = 0; i < cnt; i++) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw "on forward lookup "
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw "entries of %s "
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw "on reverse lookup "
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw "entries of %s "
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (dyndns_add_remove_entry(update_zone, hostname, ip_addr, 0,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_update
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Perform dynamic update on both forward and reverse lookup zone using
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * current hostname and IP addresses. Before updating DNS, existing host
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * entries with the same hostname in the forward lookup zone are removed
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * and existing pointer entries with the same IP addresses in the reverse
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * lookup zone are removed. After DNS update, host entries for current
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * hostname will show current IP addresses and pointer entries for current
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * IP addresses will show current hostname.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1: some dynamic DNS updates errors
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0: successful
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Dummy IP is okay since we are removing all using the hostname.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (dyndns_remove_entry(UPDATE_FORW, fqdn, "1.1.1.1", DEL_ALL) == 0) {
7b59d02d2a384be9a08087b14defadd214b3c1ddjb return (-1);
7b59d02d2a384be9a08087b14defadd214b3c1ddjb if (ni.ni_nic.nic_sysflags & (IFF_STANDBY | IFF_PRIVATE))
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw rc = dyndns_remove_entry(UPDATE_REV, fqdn, my_ip, DEL_ALL);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (rc == 0) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * dyndns_clear_rev_zone
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Clear the rev zone records. Must be called to clear the OLD if list
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * of down records prior to updating the list with new information.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Parameters:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Returns:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * -1: some dynamic DNS updates errors
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 0: successful
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (-1);
7b59d02d2a384be9a08087b14defadd214b3c1ddjb return (-1);
7b59d02d2a384be9a08087b14defadd214b3c1ddjb if (ni.ni_nic.nic_sysflags & (IFF_STANDBY | IFF_PRIVATE))