3 Subroutines having to do with authentication. */
6 * Copyright (c) 2004,2007,2009 by Internet Systems Consortium, Inc. ("ISC")
7 * Copyright (c) 1998-2003 by Internet Software Consortium
9 * Permission to use, copy, modify, and distribute this software for any
10 * purpose with or without fee is hereby granted, provided that the above
11 * copyright notice and this permission notice appear in all copies.
13 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES
14 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR
16 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
19 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
21 * Internet Systems Consortium, Inc.
23 * Redwood City, CA 94063
25 * https://www.isc.org/
27 * This software has been written for Internet Systems Consortium
28 * by Ted Lemon in cooperation with Vixie Enterprises and Nominum, Inc.
29 * To learn more about Internet Systems Consortium, see
30 * ``https://www.isc.org/''. To learn more about Vixie Enterprises,
31 * see ``http://www.vix.com''. To learn more about Nominum, Inc., see
32 * ``http://www.nominum.com''.
37 #include <omapip/omapip_p.h>
39 OMAPI_OBJECT_ALLOC (omapi_auth_key
, omapi_auth_key_t
, omapi_type_auth_key
)
40 typedef struct hash omapi_auth_hash_t
;
41 HASH_FUNCTIONS_DECL (omapi_auth_key
, const char *,
42 omapi_auth_key_t
, omapi_auth_hash_t
)
43 omapi_auth_hash_t
*auth_key_hash
;
44 HASH_FUNCTIONS (omapi_auth_key
, const char *, omapi_auth_key_t
,
46 omapi_auth_key_reference
, omapi_auth_key_dereference
,
49 isc_result_t
omapi_auth_key_new (omapi_auth_key_t
**o
, const char *file
,
52 return omapi_auth_key_allocate (o
, file
, line
);
55 isc_result_t
omapi_auth_key_destroy (omapi_object_t
*h
,
56 const char *file
, int line
)
60 if (h
->type
!= omapi_type_auth_key
)
61 return DHCP_R_INVALIDARG
;
62 a
= (omapi_auth_key_t
*)h
;
64 if (auth_key_hash
!= NULL
)
65 omapi_auth_key_hash_delete(auth_key_hash
, a
->name
, 0, MDL
);
69 if (a
->algorithm
!= NULL
)
70 dfree(a
->algorithm
, MDL
);
72 omapi_data_string_dereference(&a
->key
, MDL
);
73 if (a
->tsec_key
!= NULL
)
74 dns_tsec_destroy(&a
->tsec_key
);
79 isc_result_t
omapi_auth_key_enter (omapi_auth_key_t
*a
)
85 if (a
-> type
!= omapi_type_auth_key
)
86 return DHCP_R_INVALIDARG
;
88 tk
= (omapi_auth_key_t
*)0;
90 omapi_auth_key_hash_lookup (&tk
, auth_key_hash
,
93 omapi_auth_key_dereference (&tk
, MDL
);
97 omapi_auth_key_hash_delete (auth_key_hash
,
99 omapi_auth_key_dereference (&tk
, MDL
);
102 if (!omapi_auth_key_new_hash(&auth_key_hash
,
104 return ISC_R_NOMEMORY
;
108 * If possible create a tsec structure for this key,
109 * if we can't create the structure we put out a warning
112 status
= isclib_make_dst_key(a
->name
, a
->algorithm
,
113 a
->key
->value
, a
->key
->len
,
115 if (status
== ISC_R_SUCCESS
) {
116 status
= dns_tsec_create(dhcp_gbl_ctx
.mctx
, dns_tsectype_tsig
,
117 dstkey
, &a
->tsec_key
);
118 dst_key_free(&dstkey
);
120 if (status
!= ISC_R_SUCCESS
)
121 log_error("Unable to create tsec structure for %s", a
->name
);
123 omapi_auth_key_hash_add (auth_key_hash
, a
-> name
, 0, a
, MDL
);
124 return ISC_R_SUCCESS
;
127 isc_result_t
omapi_auth_key_lookup_name (omapi_auth_key_t
**a
,
131 return ISC_R_NOTFOUND
;
132 if (!omapi_auth_key_hash_lookup (a
, auth_key_hash
, name
, 0, MDL
))
133 return ISC_R_NOTFOUND
;
134 return ISC_R_SUCCESS
;
137 isc_result_t
omapi_auth_key_lookup (omapi_object_t
**h
,
142 omapi_value_t
*name
= (omapi_value_t
*)0;
143 omapi_value_t
*algorithm
= (omapi_value_t
*)0;
146 return ISC_R_NOTFOUND
;
149 return DHCP_R_NOKEYS
;
151 status
= omapi_get_value_str (ref
, id
, "name", &name
);
152 if (status
!= ISC_R_SUCCESS
)
155 if ((name
-> value
-> type
!= omapi_datatype_string
) &&
156 (name
-> value
-> type
!= omapi_datatype_data
)) {
157 omapi_value_dereference (&name
, MDL
);
158 return ISC_R_NOTFOUND
;
161 status
= omapi_get_value_str (ref
, id
, "algorithm", &algorithm
);
162 if (status
!= ISC_R_SUCCESS
) {
163 omapi_value_dereference (&name
, MDL
);
167 if ((algorithm
-> value
-> type
!= omapi_datatype_string
) &&
168 (algorithm
-> value
-> type
!= omapi_datatype_data
)) {
169 omapi_value_dereference (&name
, MDL
);
170 omapi_value_dereference (&algorithm
, MDL
);
171 return ISC_R_NOTFOUND
;
175 if (!omapi_auth_key_hash_lookup ((omapi_auth_key_t
**)h
, auth_key_hash
,
177 name
-> value
-> u
.buffer
.value
,
178 name
-> value
-> u
.buffer
.len
, MDL
)) {
179 omapi_value_dereference (&name
, MDL
);
180 omapi_value_dereference (&algorithm
, MDL
);
181 return ISC_R_NOTFOUND
;
184 if (omapi_td_strcasecmp (algorithm
-> value
,
185 ((omapi_auth_key_t
*)*h
) -> algorithm
) != 0) {
186 omapi_value_dereference (&name
, MDL
);
187 omapi_value_dereference (&algorithm
, MDL
);
188 omapi_object_dereference (h
, MDL
);
189 return ISC_R_NOTFOUND
;
192 omapi_value_dereference (&name
, MDL
);
193 omapi_value_dereference (&algorithm
, MDL
);
195 return ISC_R_SUCCESS
;
198 isc_result_t
omapi_auth_key_stuff_values (omapi_object_t
*c
,
205 if (h
-> type
!= omapi_type_auth_key
)
206 return DHCP_R_INVALIDARG
;
207 a
= (omapi_auth_key_t
*)h
;
209 /* Write only the name and algorithm -- not the secret! */
211 status
= omapi_connection_put_name (c
, "name");
212 if (status
!= ISC_R_SUCCESS
)
214 status
= omapi_connection_put_string (c
, a
-> name
);
215 if (status
!= ISC_R_SUCCESS
)
218 if (a
-> algorithm
) {
219 status
= omapi_connection_put_name (c
, "algorithm");
220 if (status
!= ISC_R_SUCCESS
)
222 status
= omapi_connection_put_string (c
, a
-> algorithm
);
223 if (status
!= ISC_R_SUCCESS
)
227 return ISC_R_SUCCESS
;
230 isc_result_t
omapi_auth_key_get_value (omapi_object_t
*h
,
232 omapi_data_string_t
*name
,
233 omapi_value_t
**value
)
238 if (h
-> type
!= omapi_type_auth_key
)
239 return ISC_R_UNEXPECTED
;
240 a
= (omapi_auth_key_t
*)h
;
242 if (omapi_ds_strcmp (name
, "name") == 0) {
244 return omapi_make_string_value
245 (value
, name
, a
-> name
, MDL
);
247 return ISC_R_NOTFOUND
;
248 } else if (omapi_ds_strcmp (name
, "key") == 0) {
250 status
= omapi_value_new (value
, MDL
);
251 if (status
!= ISC_R_SUCCESS
)
254 status
= omapi_data_string_reference
255 (&(*value
) -> name
, name
, MDL
);
256 if (status
!= ISC_R_SUCCESS
) {
257 omapi_value_dereference (value
, MDL
);
261 status
= omapi_typed_data_new (MDL
, &(*value
) -> value
,
264 if (status
!= ISC_R_SUCCESS
) {
265 omapi_value_dereference (value
, MDL
);
269 memcpy ((*value
) -> value
-> u
.buffer
.value
,
270 a
-> key
-> value
, a
-> key
-> len
);
271 return ISC_R_SUCCESS
;
273 return ISC_R_NOTFOUND
;
274 } else if (omapi_ds_strcmp (name
, "algorithm") == 0) {
276 return omapi_make_string_value
277 (value
, name
, a
-> algorithm
, MDL
);
279 return ISC_R_NOTFOUND
;
282 return ISC_R_SUCCESS
;