d4/d9c/tsig_8h_source.html

 // Copyright (C) 2011-2020 Internet Systems Consortium, Inc. ("ISC")

 //

 // This Source Code Form is subject to the terms of the Mozilla Public

 // License, v. 2.0. If a copy of the MPL was not distributed with this

 // file, You can obtain one at http://mozilla.org/MPL/2.0/.


 // IMPORTANT: the server side of this code MUST NOT be used until

 // it was fixed, cf RFC 8945. Note that Kea uses only the client side.


 #ifndef TSIG_H

 #define TSIG_H 1


 #include <boost/noncopyable.hpp>

 #include <boost/shared_ptr.hpp>


 #include <exceptions/exceptions.h>


 #include <dns/tsigerror.h>

 #include <dns/tsigkey.h>

 #include <dns/tsigrecord.h>


 namespace isc {

 namespace dns {


 class TSIGContextError : public isc::Exception {

 public:

     TSIGContextError(const char* file, size_t line, const char* what) :

         isc::Exception(file, line, what) {}

 };


 class TSIGContext : boost::noncopyable {

 public:

     enum State {

         INIT,

         SENT_REQUEST,

         RECEIVED_REQUEST,

         SENT_RESPONSE,

         VERIFIED_RESPONSE

     };


     explicit TSIGContext(const TSIGKey& key);


     TSIGContext(const Name& key_name, const Name& algorithm_name,

                 const TSIGKeyRing& keyring);


     ~TSIGContext();


     ConstTSIGRecordPtr sign(const uint16_t qid, const void* const data,

                             const size_t data_len);


     TSIGError verify(const TSIGRecord* const record, const void* const data,

                      const size_t data_len);


     bool lastHadSignature() const;


     size_t getTSIGLength() const;


     State getState() const;


     TSIGError getError() const;


     static const uint16_t DEFAULT_FUDGE = 300;


 protected:

     void update(const void* const data, size_t len);


 private:

     struct TSIGContextImpl;

     TSIGContextImpl* impl_;

 };


 typedef boost::shared_ptr<TSIGContext> TSIGContextPtr;

 typedef boost::shared_ptr<TSIGKey> TSIGKeyPtr;


 }

 }


 #endif  // TSIG_H


 // Local Variables:

 // mode: c++

 // End:

isc::dns::Name
The Name class encapsulates DNS names.
Definition: name.h:223

isc::dns::TSIGContextError::TSIGContextError
TSIGContextError(const char *file, size_t line, const char *what)
Definition: tsig.h:33

isc::dns::TSIGContext
TSIG session context.
Definition: tsig.h:171

isc::dns::TSIGKey
TSIG key.
Definition: tsigkey.h:56

isc::dns::TSIGContext::sign
ConstTSIGRecordPtr sign(const uint16_t qid, const void *const data, const size_t data_len)
Sign a DNS message.
Definition: tsig.cc:344

isc::dns::TSIGContext::getState
State getState() const
Return the current state of the context.
Definition: tsig.cc:334

isc::dns::TSIGContext::getError
TSIGError getError() const
Return the TSIG error as a result of the latest verification.
Definition: tsig.cc:339

isc::dns::TSIGContext::DEFAULT_FUDGE
static const uint16_t DEFAULT_FUDGE
The recommended fudge value (in seconds) by RFC2845.
Definition: tsig.h:414

isc::dns::TSIGContext::SENT_RESPONSE
Server sent a signed response.
Definition: tsig.h:185

isc::dns::TSIGContext::State
State
Internal state of context.
Definition: tsig.h:181

exceptions.h

isc::dns::TSIGRecord
TSIG resource record.
Definition: tsigrecord.h:54

isc::dns::TSIGContext::RECEIVED_REQUEST
Server received a signed request.
Definition: tsig.h:184

isc::dns::TSIGContext::SENT_REQUEST
Client sent a signed request, waiting response.
Definition: tsig.h:183

isc::dns::TSIGContext::~TSIGContext
~TSIGContext()
The destructor.
Definition: tsig.cc:290

isc::dns::TSIGKeyPtr
boost::shared_ptr< TSIGKey > TSIGKeyPtr
Definition: tsig.h:436

isc::Exception::what
virtual const char * what() const
Returns a C-style character string of the cause of the exception.
Definition: exceptions/exceptions.cc:32

isc::dns::TSIGContext::VERIFIED_RESPONSE
Client successfully verified a response.
Definition: tsig.h:186

isc::dns::TSIGContextError
An exception that is thrown for logic errors identified in TSIG sign/verify operations.
Definition: tsig.h:31

isc::dns::ConstTSIGRecordPtr
boost::shared_ptr< const TSIGRecord > ConstTSIGRecordPtr
A pointer-like type pointing to an immutable TSIGRecord object.
Definition: tsigrecord.h:280

isc::Exception
This is a base class for exceptions thrown from the DNS library module.
Definition: exceptions/exceptions.h:23

isc
Defines the logger used by the top-level component of kea-dhcp-ddns.
Definition: agent_parser.cc:143

isc::dns::TSIGContext::getTSIGLength
size_t getTSIGLength() const
Return the expected length of TSIG RR after sign()
Definition: tsig.cc:295

isc::dns::TSIGError
TSIG errors.
Definition: tsigerror.h:22

isc::dns::TSIGContext::update
void update(const void *const data, size_t len)
Update internal HMAC state by more data.
Definition: tsig.cc:576

isc::dns::TSIGKeyRing
A simple repository of a set of TSIGKey objects.
Definition: tsigkey.h:246

tsigrecord.h

isc::dns::TSIGContextPtr
boost::shared_ptr< TSIGContext > TSIGContextPtr
Definition: tsig.h:435

isc::dns::TSIGContext::verify
TSIGError verify(const TSIGRecord *const record, const void *const data, const size_t data_len)
Verify a DNS message.
Definition: tsig.cc:428

tsigkey.h

isc::dns::Exception
Definition: dns/exceptions.h:25

isc::dns::TSIGContext::lastHadSignature
bool lastHadSignature() const
Check whether the last verified message was signed.
Definition: tsig.cc:568

tsigerror.h

isc::dns::TSIGContext::INIT
Initial state.
Definition: tsig.h:182

isc::dns::TSIGContext::TSIGContext
TSIGContext(const TSIGKey &key)
Constructor from a TSIG key.
Definition: tsig.cc:269