that works with output that works with dig and NSD.
tsig_delete(tsig);
}
+/* Read next line from file, skip empty and comment lines. It returns the
+ * key_keyword of the line. Returns false on failure. */
+static char*
+read_next_keyword(char* line, size_t len, FILE* in)
+{
+ char* s = NULL;
+ while(1) {
+ if(!fgets(line, len, in)) {
+ if(vtest) printf("fgets: %s\n", strerror(errno));
+ return NULL;
+ }
+ line[len-1]=0;
+ s = get_keyword(line);
+ if(s[0] == 0 || s[0] == '#')
+ continue;
+ break;
+ }
+ return s;
+}
+
/** Handle the tsig-sign-reply-xfr */
static void
handle_tsig_sign_reply_xfr(char* line, FILE* in, const char* fname,
sldns_buffer_init_frm_data(&check_pkt, buf2, sizeof(buf2));
s = arg;
- timestr = get_next_arg_on_line(&s);
numstr = get_next_arg_on_line(&s);
+ timestr = get_next_arg_on_line(&s);
expected_rcode_str = get_next_arg_on_line(&s);
num = atoi(numstr);
printf("xfr packet %d/%d\n", i+1, num);
/* read packet keyword */
- if(!fgets(callline, sizeof(callline), in))
- fatal_exit("could not read line %d of "
- "tsig-sign-reply-xfr", i);
- callline[sizeof(callline)-1]=0;
- if(strcmp(get_keyword(callline), "packet")!=0)
+ if(!(s=read_next_keyword(callline, sizeof(callline), in)))
+ fatal_exit("could not read next line for "
+ "tsig-sign-reply-xfr %d", i+1);
+ if(strcmp(s, "packet")!=0)
fatal_exit("expected 'packet', but read '%s'",
callline);
if(!read_packet_hex("", &reply_pkt, in, fname))
fatal_exit("Could not read reply packet");
/* read call arguments */
- if(!fgets(callline, sizeof(callline), in))
- fatal_exit("could not read line %d of "
- "tsig-sign-reply-xfr", i);
- callline[sizeof(callline)-1]=0;
- s = get_keyword(callline);
+ if(!(s=read_next_keyword(callline, sizeof(callline), in)))
+ fatal_exit("could not read next line for "
+ "tsig-sign-reply-xfr %d", i+1);
if(strncmp(s, "call", 4) == 0) {
s = get_arg_on_line(s, "call");
timestr = get_next_arg_on_line(&s);
fatal_exit("expected int argument for %s", expectedstr2);
} else {
fatal_exit("unknown line '%s' is not 'call' for %d in "
- "tsig-sign-reply-xfr", s, i);
+ "tsig-sign-reply-xfr", s, i+1);
}
/* read check-packet keyword */
- if(!fgets(callline, sizeof(callline), in))
- fatal_exit("could not read line %d of "
- "tsig-sign-reply-xfr", i);
- callline[sizeof(callline)-1]=0;
- if(strcmp(get_keyword(callline), "check-packet")!=0)
+ if(!(s=read_next_keyword(callline, sizeof(callline), in)))
+ fatal_exit("could not read next line for "
+ "tsig-sign-reply-xfr %d", i+1);
+ if(strcmp(s, "check-packet")!=0)
fatal_exit("expected 'check-packet', but read '%s'",
callline);
if(!read_packet_hex("", &check_pkt, in, fname))
sldns_buffer_begin(&check_pkt),
sldns_buffer_limit(&reply_pkt)) == 0);
if(vtest)
- printf("check-packet is equal\n");
+ printf("check-packet is equal, for %d/%d\n",
+ i+1, num);
}
tsig_delete(tsig);
tsig-verify-reply test.key 1756302015 1 1
74c484000001000200000002076578616d706c6503636f6d0000fc0001c00c0006000100000e100023c00c0a686f73746d6173746572c00c5cd7fffe00000e10000003840012750000000708c00c0001000100000e1000043ed26e0700002904d00000000000000474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068af0abf012c0020df2b53f8f88720570cd0cb8f31e315037d68e95c380674f5439793a576ef615e74c400000000
endpacket
+
+# tsig-sign-reply-xfr test.
+# The output was captured from NSD, with dig as querier. NSD and dig verified.
+# It signs an AXFR for example.com, every two RRs.
+# it was: dig @127.0.0.1 -p <port> +nocookie +noadflag -y hmac-sha256:test.key:K2tf3TRjvQkVCmJF3/Z9vA== example.com AXFR
+
+# the incoming query, example.com AXFR
+packet
+1c9600000001000000000002076578616d706c6503636f6d0000fc000100002910000000000000000474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c00202f017432ef8f8ef3dab9be9f9c4765eda7939f0485dfe384206e97e13acbd8f91c9600000000
+endpacket
+# <number of packets> <time> <rcode for query process>
+tsig-sign-reply-xfr 24 1757420114 NOERROR
+# packet 1
+# unsigned input before the TSIG is added
+# (without TSIG so, ARcount 02->01, RR TSIG 0474657374036b657900.. deleted.)
+packet
+1c9684000001000200000001076578616d706c6503636f6d0000fc0001c00c0006000100000e100023c00c0a686f73746d6173746572c00c5cd7fffe00000e10000003840012750000000708c00c0001000100000e1000043ed26e0700002904d0000000000000
+endpacket
+# call information of the TSIG routine.
+# <timepoint> <expected function return value>
+call 1757420114 1
+# check for output packet that is the result of TSIG signature.
+check-packet
+1c9684000001000200000002076578616d706c6503636f6d0000fc0001c00c0006000100000e100023c00c0a686f73746d6173746572c00c5cd7fffe00000e10000003840012750000000708c00c0001000100000e1000043ed26e0700002904d00000000000000474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c00200fe349e19b5b3e952c097db0dfef9430734da92125ab1d4542d450774f352b4d1c9600000000
+endpacket
+
+# packet 2
+packet
+1c9684000000000200000000076578616d706c6503636f6d000002000100000e100005026e73c00cc00c000f000100000e1000070005026d78c00c
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000200000001076578616d706c6503636f6d000002000100000e100005026e73c00cc00c000f000100000e1000070005026d78c00c0474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c0020d03727ee94d091b5ae91ffb0b7aec23ad6f753571c66b958c0e5fca8ad49f9931c9600000000
+endpacket
+
+# packet 3
+packet
+1c96840000000002000000000131026161076578616d706c6503636f6d000001000100000e1000047f000001023130c00e0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c96840000000002000000010131026161076578616d706c6503636f6d000001000100000e1000047f000001023130c00e0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c0020e32db0e11c2084fbe37f0a7603ba35eca8ad24efeeea0a6ad0a9c5fac2d82fef1c9600000000
+endpacket
+
+# packet 4
+packet
+1c9684000000000200000000023131026161076578616d706c6503636f6d000001000100000e1000047f000001023132c00f0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000200000001023131026161076578616d706c6503636f6d000001000100000e1000047f000001023132c00f0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c0020e38f1b5ff94189c0f1e43d12002f72fedd04842b9562036a890e434b28b01a361c9600000000
+endpacket
+
+# packet 5
+packet
+1c9684000000000200000000023133026161076578616d706c6503636f6d000001000100000e1000047f000001023134c00f0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000200000001023133026161076578616d706c6503636f6d000001000100000e1000047f000001023134c00f0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c00209ec339cdb4ff11f704920aebc81decded09ddb6ff3e5181f3ef410fbc7074b201c9600000000
+endpacket
+
+# packet 6
+packet
+1c9684000000000200000000023135026161076578616d706c6503636f6d000001000100000e1000047f000001023136c00f0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000200000001023135026161076578616d706c6503636f6d000001000100000e1000047f000001023136c00f0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c00209d4fc84ad670d95791fd281d8465213ff95432d18d920d3bba819ef8ef39307a1c9600000000
+endpacket
+
+# packet 7
+packet
+1c9684000000000200000000023137026161076578616d706c6503636f6d000001000100000e1000047f000001023138c00f0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000200000001023137026161076578616d706c6503636f6d000001000100000e1000047f000001023138c00f0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c002085b43b7552da236e9e786a764797936dd35bf5b66240eda86b55b1401b7c89001c9600000000
+endpacket
+
+# packet 8
+packet
+1c9684000000000200000000023139026161076578616d706c6503636f6d000001000100000e1000047f0000010132c00f0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000200000001023139026161076578616d706c6503636f6d000001000100000e1000047f0000010132c00f0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c0020c509d9d88403cd38de55041c25df3918094d2ba58d7aef3421894375145c9b481c9600000000
+endpacket
+
+# packet 9
+packet
+1c9684000000000200000000023230026161076578616d706c6503636f6d000001000100000e1000047f000001023231c00f0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000200000001023230026161076578616d706c6503636f6d000001000100000e1000047f000001023231c00f0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c002035bb99b902597883326e520924197823afe67c16bc1277b76c0fe6a5c8df71481c9600000000
+endpacket
+
+# packet 10
+packet
+1c9684000000000200000000023232026161076578616d706c6503636f6d000001000100000e1000047f000001023233c00f0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000200000001023232026161076578616d706c6503636f6d000001000100000e1000047f000001023233c00f0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c002076cabe0adbfd33dc0de403b12eb4ab6760a01e309590b2fcbf1feb58d2b9d2d21c9600000000
+endpacket
+
+# packet 11
+packet
+1c9684000000000200000000023234026161076578616d706c6503636f6d000001000100000e1000047f000001023235c00f0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000200000001023234026161076578616d706c6503636f6d000001000100000e1000047f000001023235c00f0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c0020239b0438becc231a906e1b58871d708f8f2f6b4fa3d13d4c416e6a405261f7c11c9600000000
+endpacket
+
+# packet 12
+packet
+1c9684000000000200000000023236026161076578616d706c6503636f6d000001000100000e1000047f000001023237c00f0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000200000001023236026161076578616d706c6503636f6d000001000100000e1000047f000001023237c00f0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c0020f7f700322f917f820711b19d0737ea883ef1f84df10fe43768ddeb208436a2c71c9600000000
+endpacket
+
+# packet 13
+packet
+1c9684000000000200000000023238026161076578616d706c6503636f6d000001000100000e1000047f000001023239c00f0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000200000001023238026161076578616d706c6503636f6d000001000100000e1000047f000001023239c00f0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c0020734aeda53e0b3bba7adbc6f3107be3a1ca15c0519ef9bc4c358266b279e4a84c1c9600000000
+endpacket
+
+# packet 14
+packet
+1c96840000000002000000000133026161076578616d706c6503636f6d000001000100000e1000047f000001023330c00e0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c96840000000002000000010133026161076578616d706c6503636f6d000001000100000e1000047f000001023330c00e0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c00208bba7720eb76db59ca223e72e75161a51905ad7da75bfe87ea7e3f858e95a5e31c9600000000
+endpacket
+
+# packet 15
+packet
+1c96840000000002000000000134026161076578616d706c6503636f6d000001000100000e1000047f0000010135c00e0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c96840000000002000000010134026161076578616d706c6503636f6d000001000100000e1000047f0000010135c00e0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c0020bd18bd75f9b6073af2f0c2e3321530f18b48768881fc246e5485b7adf744e18f1c9600000000
+endpacket
+
+# packet 16
+packet
+1c96840000000002000000000136026161076578616d706c6503636f6d000001000100000e1000047f0000010137c00e0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c96840000000002000000010136026161076578616d706c6503636f6d000001000100000e1000047f0000010137c00e0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c00209bde6bd3ff63bcadc4987cb97056fefa57b6f2b62f0715d7f569ff2526c1cd7a1c9600000000
+endpacket
+
+# packet 17
+packet
+1c96840000000002000000000138026161076578616d706c6503636f6d000001000100000e1000047f0000010139c00e0001000100000e1000047f000001
+endpacket
+call 1757420114 1
+check-packet
+1c96840000000002000000010138026161076578616d706c6503636f6d000001000100000e1000047f0000010139c00e0001000100000e1000047f0000010474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c0020eb67e8b02e2e2464a688c420e5705e137ada69a9e56d65e1fb94fe4061a1bb091c9600000000
+endpacket
+
+# packet 18
+packet
+1c9684000000000200000000012a01630164076578616d706c6503636f6d000010000100000e1000222174657874207265636f72642077697468206d61696c207065726d697373696f6e73c00c000f000100000e1000070005026d78c012
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000200000001012a01630164076578616d706c6503636f6d000010000100000e1000222174657874207265636f72642077697468206d61696c207065726d697373696f6e73c00c000f000100000e1000070005026d78c0120474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c0020b529a10450c8fbf8582b18e1de1cd23470f09c77ec0b7d8fff783067dac7eca91c9600000000
+endpacket
+
+# packet 19
+packet
+1c968400000000020000000004646f6e65076578616d706c6503636f6d000001000100000e100004010101010166c0110027000100000e10001101780166076578616d706c6503636f6d00
+endpacket
+call 1757420114 1
+check-packet
+1c968400000000020000000104646f6e65076578616d706c6503636f6d000001000100000e100004010101010166c0110027000100000e10001101780166076578616d706c6503636f6d000474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c00207742d4b6f182ff0f547a0f192ef85f5e7167739768a83a669816145995bd0be61c9600000000
+endpacket
+
+# packet 20
+packet
+1c9684000000000200000000026d78076578616d706c6503636f6d000001000100000e1000043ed26e07026e73c00f0001000100000e1000043ed26e07
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000200000001026d78076578616d706c6503636f6d000001000100000e1000043ed26e07026e73c00f0001000100000e1000043ed26e070474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c00203139787980ff264c8a9eec8b90abe2456b10177a72d2ebc929e23c90c7af555b1c9600000000
+endpacket
+
+# packet 21
+packet
+1c9684000000000200000000027274076578616d706c6503636f6d000010000100000e1000130261620263640665662267682202696a026b6c03727432c00f0010000100000e10000d06616263646566056768696a6b
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000200000001027274076578616d706c6503636f6d000010000100000e1000130261620263640665662267682202696a026b6c03727432c00f0010000100000e10000d06616263646566056768696a6b0474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c0020bfedd8e7dd2cf2cfa4dd0eb2229c4aefe6e6efc6856aca79b1f2dbbf140f9eee1c9600000000
+endpacket
+
+# packet 22
+packet
+1c968400000000020000000003727433076578616d706c6503636f6d000010000100000e10001202616202636402656602676802696a026b6c03727434c0100010000100000e10000d06616263646566056768696a6b
+endpacket
+call 1757420114 1
+check-packet
+1c968400000000020000000103727433076578616d706c6503636f6d000010000100000e10001202616202636402656602676802696a026b6c03727434c0100010000100000e10000d06616263646566056768696a6b0474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c0020915c444174214b9876cbbfc2d5a3039af0a7a6e5a93eb592fa46436d48c732a81c9600000000
+endpacket
+
+# packet 23
+packet
+1c96840000000002000000000178076578616d706c6503636f6d000027000100000e10000f0179076578616d706c6503636f6d0003666f6f0179c00e0005000100000e10000704646f6e65c00e
+endpacket
+call 1757420114 1
+check-packet
+1c96840000000002000000010178076578616d706c6503636f6d000027000100000e10000f0179076578616d706c6503636f6d0003666f6f0179c00e0005000100000e10000704646f6e65c00e0474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c0020011049e9d4ab4cc0af1717e56077ff8a2be5030cb6b7b4a42aabe212dd7f34701c9600000000
+endpacket
+
+# packet 24
+packet
+1c9684000000000100000000076578616d706c6503636f6d000006000100000e100023c00c0a686f73746d6173746572c00c5cd7fffe00000e10000003840012750000000708
+endpacket
+call 1757420114 1
+check-packet
+1c9684000000000100000001076578616d706c6503636f6d000006000100000e100023c00c0a686f73746d6173746572c00c5cd7fffe00000e100000038400127500000007080474657374036b65790000fa00ff00000000003d0b686d61632d73686132353600000068c01a52012c0020b2559f077753cfb86c254c472dcfeb9010f5c924098bd12101006cd661926f951c9600000000
+endpacket
+# end of tsig-sign-reply-xfr test, example.com AXFR.
uint16_t current_query_id;
uint8_t timers_var_buf[64];
struct sldns_buffer timers_var;
+ struct tsig_key* key;
sldns_buffer_init_frm_data(&timers_var, timers_var_buf,
sizeof(timers_var_buf));
if(tsig->num_updates == 0) {
/* Init the calc state for the new packet, or for the new
* packet sequence. */
- struct tsig_key* key;
if(tsig->calc_state) {
tsig_calc_state_delete(tsig->calc_state);
tsig->calc_state = NULL;
sldns_buffer_write_u16_at(pkt, 0, current_query_id);
sldns_buffer_write(pkt, tsig->key_name, tsig->key_name_len);
aftername_pos = sldns_buffer_position(pkt);
- tsig_append_rr(tsig, pkt, aftername_pos, tsig->algo_name,
- tsig->algo_name_len, tsig->mac, tsig->mac_size);
+
+ /* Get the key for the algorithm name. */
+ lock_rw_rdlock(&key_table->lock);
+ key = tsig_key_table_search(key_table, tsig->key_name,
+ tsig->key_name_len);
+ if(!key) {
+ /* The tsig key has disappeared from the key table. */
+ lock_rw_unlock(&key_table->lock);
+ verbose(VERB_ALGO, "tsig_sign_reply_xfr: key not in table");
+ return 0;
+ }
+ tsig_append_rr(tsig, pkt, aftername_pos, key->algo->wireformat_name,
+ key->algo->wireformat_name_len, tsig->mac, tsig->mac_size);
+ lock_rw_unlock(&key_table->lock);
tsig->num_updates = 0;
return 1;
}
projects / thirdparty / unbound.git / commitdiff
