cmouse/tkey.cc

## tkey.cc
#include "config.h"
#include "namespaces.hh"
#include "dns.hh"
#include "dnsparser.hh"
#include "dnspacket.hh"
#include "dnsrecords.hh"
#include "tkey.hh"
#include <boost/foreach.hpp>
#include <boost/shared_ptr.hpp>

using namespace std;

void pdns_tkey_handler(DNSPacket *p, DNSPacket *r) {
  DNSResourceRecord* tkey_rr = NULL;
  boost::shared_ptr<TKEYRecordContent> tkey_in,tkey_out;

  BOOST_FOREACH(DNSResourceRecord& drc, p->getRRS()) {
    if (drc.qtype == QType::TKEY) {
      if (tkey_rr != NULL)
        throw PDNSException("Found more than 1 TKEY RR's in question");
      tkey_rr = &drc;
    }
  }

  if (tkey_rr == NULL)
    throw PDNSException("TKEY request but no TKEY RR found");

  tkey_in = boost::shared_ptr<TKEYRecordContent>(dynamic_cast<TKEYRecordContent*>(DNSRecordContent::mastermake(tkey_rr->qtype.getCode(), tkey_rr->qclass, tkey_rr->content)));

  tkey_out->d_error = 0;
  tkey_out->d_mode = tkey_in->d_mode;
  tkey_out->d_name = tkey_in->d_name;

  if (tkey_in->d_mode == 3) {
#ifdef ENABLE_GSS_TSIG
    tkey_out->d_error = 19; // BADMODE
#else
    tkey_out->d_error = 19; // BADMODE
#endif
  } else if (tkey_in->d_mode == 5) {
    if (p->d_havetsig == false) { // unauthenticated
      if (p->d.opcode == Opcode::Update)
        r->setRcode(RCode::Refused);
      else
        r->setRcode(RCode::NotAuth);
      return;
    }
    // remove context
#ifdef ENABLE_GSS_TSIG
    // pdns_gss_delete_ctx(tkey->d_key);
    tkey_out->d_error = 0;
#else
    // sorry, return failure
    tkey_out->d_error = 20; // BADNAME (because we have no support for anything here)
#endif
  } else {
    if (p->d_havetsig == false && tkey_in->d_mode != 2) { // unauthenticated
      if (p->d.opcode == Opcode::Update)
        r->setRcode(RCode::Refused);
      else
        r->setRcode(RCode::NotAuth);
      return;
    }
    tkey_out->d_error = 19; // BADMODE
  }

  DNSRecord rec;
  rec.d_label = tkey_rr->qname;
  rec.d_ttl = 0;
  rec.d_type = QType::TKEY;
  rec.d_class = QClass::IN;
  rec.d_content = tkey_out;
  DNSResourceRecord rr(rec);
  r->addRecord(rr);
}
	#include "config.h"
	#include "namespaces.hh"
	#include "dns.hh"
	#include "dnsparser.hh"
	#include "dnspacket.hh"
	#include "dnsrecords.hh"
	#include "tkey.hh"
	#include <boost/foreach.hpp>
	#include <boost/shared_ptr.hpp>

	using namespace std;

	void pdns_tkey_handler(DNSPacket p, DNSPacket r) {
	DNSResourceRecord* tkey_rr = NULL;
	boost::shared_ptr<TKEYRecordContent> tkey_in,tkey_out;

	BOOST_FOREACH(DNSResourceRecord& drc, p->getRRS()) {
	if (drc.qtype == QType::TKEY) {
	if (tkey_rr != NULL)
	throw PDNSException("Found more than 1 TKEY RR's in question");
	tkey_rr = &drc;
	}
	}

	if (tkey_rr == NULL)
	throw PDNSException("TKEY request but no TKEY RR found");

	tkey_in = boost::shared_ptr<TKEYRecordContent>(dynamic_cast<TKEYRecordContent*>(DNSRecordContent::mastermake(tkey_rr->qtype.getCode(), tkey_rr->qclass, tkey_rr->content)));

	tkey_out->d_error = 0;
	tkey_out->d_mode = tkey_in->d_mode;
	tkey_out->d_name = tkey_in->d_name;

	if (tkey_in->d_mode == 3) {
	#ifdef ENABLE_GSS_TSIG
	tkey_out->d_error = 19; // BADMODE
	#else
	tkey_out->d_error = 19; // BADMODE
	#endif
	} else if (tkey_in->d_mode == 5) {
	if (p->d_havetsig == false) { // unauthenticated
	if (p->d.opcode == Opcode::Update)
	r->setRcode(RCode::Refused);
	else
	r->setRcode(RCode::NotAuth);
	return;
	}
	// remove context
	#ifdef ENABLE_GSS_TSIG
	// pdns_gss_delete_ctx(tkey->d_key);
	tkey_out->d_error = 0;
	#else
	// sorry, return failure
	tkey_out->d_error = 20; // BADNAME (because we have no support for anything here)
	#endif
	} else {
	if (p->d_havetsig == false && tkey_in->d_mode != 2) { // unauthenticated
	if (p->d.opcode == Opcode::Update)
	r->setRcode(RCode::Refused);
	else
	r->setRcode(RCode::NotAuth);
	return;
	}
	tkey_out->d_error = 19; // BADMODE
	}

	DNSRecord rec;
	rec.d_label = tkey_rr->qname;
	rec.d_ttl = 0;
	rec.d_type = QType::TKEY;
	rec.d_class = QClass::IN;
	rec.d_content = tkey_out;
	DNSResourceRecord rr(rec);
	r->addRecord(rr);
	}