1 #include "port_before.h"
2 #include "fd_setsize.h"
7 #include <netinet/in.h>
8 #include <arpa/nameser.h>
21 #include "port_after.h"
24 #include "res_debug.h"
29 res_nsendsigned(res_state statp
, const u_char
*msg
, int msglen
,
30 ns_tsig_key
*key
, u_char
*answer
, int anslen
)
36 int newmsglen
, bufsize
, siglen
;
45 nstatp
= (res_state
) malloc(sizeof(*statp
));
50 memcpy(nstatp
, statp
, sizeof(*statp
));
52 bufsize
= msglen
+ 1024;
53 newmsg
= (u_char
*) malloc(bufsize
);
58 memcpy(newmsg
, msg
, msglen
);
61 if (ns_samename(key
->alg
, NS_TSIG_ALG_HMAC_MD5
) != 1)
64 dstkey
= dst_buffer_to_key(key
->name
, KEY_HMAC_MD5
,
65 NS_KEY_TYPE_AUTH_ONLY
,
77 ret
= ns_sign(newmsg
, &newmsglen
, bufsize
, NOERROR
, dstkey
, NULL
, 0,
83 if (ret
== NS_TSIG_ERROR_NO_SPACE
)
90 if (newmsglen
> PACKETSZ
|| nstatp
->options
& RES_USEVC
)
93 nstatp
->options
|= RES_IGNTC
;
95 nstatp
->options
|= RES_USEVC
;
97 * Stop res_send printing the answer.
99 nstatp
->options
&= ~RES_DEBUG
;
100 nstatp
->pfcode
&= ~RES_PRF_REPLY
;
104 len
= res_nsend(nstatp
, newmsg
, newmsglen
, answer
, anslen
);
108 dst_free_key(dstkey
);
112 ret
= ns_verify(answer
, &len
, dstkey
, sig
, siglen
,
113 NULL
, NULL
, &tsig_time
, nstatp
->options
& RES_KEEPTSIG
);
115 Dprint((statp
->options
& RES_DEBUG
) ||
116 ((statp
->pfcode
& RES_PRF_REPLY
) &&
117 (statp
->pfcode
& RES_PRF_HEAD1
)),
118 (stdout
, ";; got answer:\n"));
120 DprintQ((statp
->options
& RES_DEBUG
) ||
121 (statp
->pfcode
& RES_PRF_REPLY
),
123 answer
, (anslen
> len
) ? len
: anslen
);
125 Dprint(statp
->pfcode
& RES_PRF_REPLY
,
126 (stdout
, ";; TSIG invalid (%s)\n", p_rcode(ret
)));
129 dst_free_key(dstkey
);
137 hp
= (HEADER
*) answer
;
138 if (hp
->tc
&& !usingTCP
&& (statp
->options
& RES_IGNTC
) == 0U) {
139 nstatp
->options
&= ~RES_IGNTC
;
143 Dprint((statp
->options
& RES_DEBUG
) ||
144 ((statp
->pfcode
& RES_PRF_REPLY
) &&
145 (statp
->pfcode
& RES_PRF_HEAD1
)),
146 (stdout
, ";; got answer:\n"));
148 DprintQ((statp
->options
& RES_DEBUG
) ||
149 (statp
->pfcode
& RES_PRF_REPLY
),
151 answer
, (anslen
> len
) ? len
: anslen
);
153 Dprint(statp
->pfcode
& RES_PRF_REPLY
, (stdout
, ";; TSIG ok\n"));
157 dst_free_key(dstkey
);