StatBag S;
-bool validateTSIG(const string& message, const TSIGHashEnum& algo, const DNSName& key, const string& secret, const TSIGRecordContent *trc) {
- int64_t now = time(0);
- if(abs(static_cast<int64_t>(trc->d_time) - now) > trc->d_fudge) {
- cerr<<"TSIG (key '"<<key<<"') time delta "<< abs(static_cast<int64_t>(trc->d_time) - now)<<" > 'fudge' "<<trc->d_fudge<<endl;
- return false;
- }
- if (algo == TSIG_GSS) {
- // authorization is done later
- GssContext gssctx(key);
- if (!gssctx.valid()) {
- cerr<<"no context"<<endl;
- return false;
- }
- if (!gssctx.verify(message, trc->d_mac)) {
- cerr<<"invalid mac"<<endl;
- return false;
- }
- return true;
- }
- return constantTimeStringEquals(calculateHMAC(secret, message, algo), trc->d_mac);
-}
-
-
int main(int argc, char** argv)
try
{
}
reportAllTypes();
- dns_random_init("0123456789abcdef");
vector<uint8_t> packet;
uint16_t len;
len = htons(packet.size());
if(sock.write((char *) &len, 2) != 2)
throw PDNSException("tcp write failed");
- sock.writen(string((char*)&*packet.begin(), (char*)&*packet.end()));
+ sock.writen(string((char*)&packet[0], packet.size()));
if(sock.read((char *) &len, 2) != 2)
throw PDNSException("tcp read failed");
trc.d_fudge = 300;
trc.d_origID=ntohs(pw.getHeader()->id);
trc.d_eRcode=0;
- addTSIG(pw, &trc, tsig_key, tsig_secret, "", false);
+ addTSIG(pw, trc, tsig_key, tsig_secret, "", false);
}
len = htons(packet.size());
if(sock.write((char *) &len, 2) != 2)
throw PDNSException("tcp write failed");
- sock.writen(string((char*)&*packet.begin(), (char*)&*packet.end()));
+ sock.writen(string(packet.begin(), packet.end()));
bool isNSEC3 = false;
int soacount=0;
n+=numread;
}
- string packet = string(creply, len);
-
- MOADNSParser mdp(false, packet);
+ MOADNSParser mdp(false, string(creply, len));
if (mdp.d_header.rcode != 0) {
throw PDNSException(string("Remote server refused: ") + std::to_string(mdp.d_header.rcode));
}