1 #include "port_before.h"
2 #include "fd_setsize.h"
7 #include <netinet/in.h>
8 #include <arpa/nameser.h>
21 #include "port_after.h"
24 #include "res_debug.h"
27 /*% res_nsendsigned */
29 res_nsendsigned(res_state statp, const u_char *msg, int msglen,
30 ns_tsig_key *key, u_char *answer, int anslen)
36 int newmsglen, bufsize, siglen;
45 nstatp = (res_state) malloc(sizeof(*statp));
50 memcpy(nstatp, statp, sizeof(*statp));
52 bufsize = msglen + 1024;
53 newmsg = (u_char *) malloc(bufsize);
59 memcpy(newmsg, msg, msglen);
62 if (ns_samename(key->alg, NS_TSIG_ALG_HMAC_MD5) != 1)
65 dstkey = dst_buffer_to_key(key->name, KEY_HMAC_MD5,
66 NS_KEY_TYPE_AUTH_ONLY,
78 ret = ns_sign(newmsg, &newmsglen, bufsize, NOERROR, dstkey, NULL, 0,
84 if (ret == NS_TSIG_ERROR_NO_SPACE)
91 if (newmsglen > PACKETSZ || nstatp->options & RES_USEVC)
94 nstatp->options |= RES_IGNTC;
96 nstatp->options |= RES_USEVC;
98 * Stop res_send printing the answer.
100 nstatp->options &= ~RES_DEBUG;
101 nstatp->pfcode &= ~RES_PRF_REPLY;
105 len = res_nsend(nstatp, newmsg, newmsglen, answer, anslen);
109 dst_free_key(dstkey);
113 ret = ns_verify(answer, &len, dstkey, sig, siglen,
114 NULL, NULL, &tsig_time, nstatp->options & RES_KEEPTSIG);
116 Dprint((statp->options & RES_DEBUG) ||
117 ((statp->pfcode & RES_PRF_REPLY) &&
118 (statp->pfcode & RES_PRF_HEAD1)),
119 (stdout, ";; got answer:\n"));
121 DprintQ((statp->options & RES_DEBUG) ||
122 (statp->pfcode & RES_PRF_REPLY),
124 answer, (anslen > len) ? len : anslen);
127 Dprint(statp->pfcode & RES_PRF_REPLY,
128 (stdout, ";; server rejected TSIG (%s)\n",
131 Dprint(statp->pfcode & RES_PRF_REPLY,
132 (stdout, ";; TSIG invalid (%s)\n",
138 dst_free_key(dstkey);
146 hp = (HEADER *) answer;
147 if (hp->tc && !usingTCP && (statp->options & RES_IGNTC) == 0U) {
148 nstatp->options &= ~RES_IGNTC;
152 Dprint((statp->options & RES_DEBUG) ||
153 ((statp->pfcode & RES_PRF_REPLY) &&
154 (statp->pfcode & RES_PRF_HEAD1)),
155 (stdout, ";; got answer:\n"));
157 DprintQ((statp->options & RES_DEBUG) ||
158 (statp->pfcode & RES_PRF_REPLY),
160 answer, (anslen > len) ? len : anslen);
162 Dprint(statp->pfcode & RES_PRF_REPLY, (stdout, ";; TSIG ok\n"));
166 dst_free_key(dstkey);