omapip/auth.c

Go to the documentation of this file.
00001 /* auth.c
00002 
00003    Subroutines having to do with authentication. */
00004 
00005 /*
00006  * Copyright (c) 2004,2007,2009,2014 by Internet Systems Consortium, Inc. ("ISC")
00007  * Copyright (c) 1998-2003 by Internet Software Consortium
00008  *
00009  * Permission to use, copy, modify, and distribute this software for any
00010  * purpose with or without fee is hereby granted, provided that the above
00011  * copyright notice and this permission notice appear in all copies.
00012  *
00013  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES
00014  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
00015  * MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR
00016  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
00017  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
00018  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
00019  * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
00020  *
00021  *   Internet Systems Consortium, Inc.
00022  *   950 Charter Street
00023  *   Redwood City, CA 94063
00024  *   <info@isc.org>
00025  *   https://www.isc.org/
00026  *
00027  */
00028 
00029 #include "dhcpd.h"
00030 
00031 #include <omapip/omapip_p.h>
00032 
00033 OMAPI_OBJECT_ALLOC (omapi_auth_key, omapi_auth_key_t, omapi_type_auth_key)
00034 typedef struct hash omapi_auth_hash_t;
00035 HASH_FUNCTIONS_DECL (omapi_auth_key, const char *,
00036                      omapi_auth_key_t, omapi_auth_hash_t)
00037 omapi_auth_hash_t *auth_key_hash;
00038 HASH_FUNCTIONS (omapi_auth_key, const char *, omapi_auth_key_t,
00039                 omapi_auth_hash_t,
00040                 omapi_auth_key_reference, omapi_auth_key_dereference,
00041                 do_case_hash)
00042 
00043 isc_result_t omapi_auth_key_new (omapi_auth_key_t **o, const char *file,
00044                                  int line)
00045 {
00046         return omapi_auth_key_allocate (o, file, line);
00047 }
00048 
00049 isc_result_t omapi_auth_key_destroy (omapi_object_t *h,
00050                                      const char *file, int line)
00051 {
00052         omapi_auth_key_t *a;
00053 
00054         if (h->type != omapi_type_auth_key)
00055                 return DHCP_R_INVALIDARG;
00056         a = (omapi_auth_key_t *)h;
00057 
00058         if (auth_key_hash != NULL)
00059                 omapi_auth_key_hash_delete(auth_key_hash, a->name, 0, MDL);
00060 
00061         if (a->name != NULL)
00062                 dfree(a->name, MDL);
00063         if (a->algorithm != NULL)
00064                 dfree(a->algorithm, MDL);
00065         if (a->key != NULL)
00066                 omapi_data_string_dereference(&a->key, MDL);
00067         if (a->tsec_key != NULL)
00068                 dns_tsec_destroy(&a->tsec_key);
00069         
00070         return ISC_R_SUCCESS;
00071 }
00072 
00073 isc_result_t omapi_auth_key_enter (omapi_auth_key_t *a)
00074 {
00075         omapi_auth_key_t *tk;
00076         isc_result_t      status;
00077         dst_key_t        *dstkey;
00078 
00079         if (a -> type != omapi_type_auth_key)
00080                 return DHCP_R_INVALIDARG;
00081 
00082         tk = (omapi_auth_key_t *)0;
00083         if (auth_key_hash) {
00084                 omapi_auth_key_hash_lookup (&tk, auth_key_hash,
00085                                             a -> name, 0, MDL);
00086                 if (tk == a) {
00087                         omapi_auth_key_dereference (&tk, MDL);
00088                         return ISC_R_SUCCESS;
00089                 }
00090                 if (tk) {
00091                         omapi_auth_key_hash_delete (auth_key_hash,
00092                                                     tk -> name, 0, MDL);
00093                         omapi_auth_key_dereference (&tk, MDL);
00094                 }
00095         } else {
00096                 if (!omapi_auth_key_new_hash(&auth_key_hash,
00097                                              KEY_HASH_SIZE, MDL))
00098                         return ISC_R_NOMEMORY;
00099         }
00100 
00101         /*
00102          * If possible create a tsec structure for this key,
00103          * if we can't create the structure we put out a warning 
00104          * and continue.
00105          */
00106         status = isclib_make_dst_key(a->name, a->algorithm,
00107                                      a->key->value, a->key->len,
00108                                      &dstkey);
00109         if (status == ISC_R_SUCCESS) {
00110                 status = dns_tsec_create(dhcp_gbl_ctx.mctx, dns_tsectype_tsig,
00111                                          dstkey, &a->tsec_key);
00112                 dst_key_free(&dstkey);
00113         }
00114         if (status != ISC_R_SUCCESS)
00115                 log_error("Unable to create tsec structure for %s", a->name);
00116 
00117         omapi_auth_key_hash_add (auth_key_hash, a -> name, 0, a, MDL);
00118         return ISC_R_SUCCESS;
00119 }
00120 
00121 isc_result_t omapi_auth_key_lookup_name (omapi_auth_key_t **a,
00122                                          const char *name)
00123 {
00124         if (!auth_key_hash)
00125                 return ISC_R_NOTFOUND;
00126         if (!omapi_auth_key_hash_lookup (a, auth_key_hash, name, 0, MDL))
00127                 return ISC_R_NOTFOUND;
00128         return ISC_R_SUCCESS;
00129 }
00130 
00131 isc_result_t omapi_auth_key_lookup (omapi_object_t **h,
00132                                     omapi_object_t *id,
00133                                     omapi_object_t *ref)
00134 {
00135         isc_result_t status;
00136         omapi_value_t *name = (omapi_value_t *)0;
00137         omapi_value_t *algorithm = (omapi_value_t *)0;
00138 
00139         if (!auth_key_hash)
00140                 return ISC_R_NOTFOUND;
00141 
00142         if (!ref)
00143                 return DHCP_R_NOKEYS;
00144 
00145         status = omapi_get_value_str (ref, id, "name", &name);
00146         if (status != ISC_R_SUCCESS)
00147                 return status;
00148 
00149         if ((name -> value -> type != omapi_datatype_string) &&
00150             (name -> value -> type != omapi_datatype_data)) {
00151                 omapi_value_dereference (&name, MDL);
00152                 return ISC_R_NOTFOUND;
00153         }
00154 
00155         status = omapi_get_value_str (ref, id, "algorithm", &algorithm);
00156         if (status != ISC_R_SUCCESS) {
00157                 omapi_value_dereference (&name, MDL);
00158                 return status;
00159         }
00160 
00161         if ((algorithm -> value -> type != omapi_datatype_string) &&
00162             (algorithm -> value -> type != omapi_datatype_data)) {
00163                 omapi_value_dereference (&name, MDL);
00164                 omapi_value_dereference (&algorithm, MDL);
00165                 return ISC_R_NOTFOUND;
00166         }
00167 
00168 
00169         if (!omapi_auth_key_hash_lookup ((omapi_auth_key_t **)h, auth_key_hash,
00170                                          (const char *)
00171                                          name -> value -> u.buffer.value,
00172                                          name -> value -> u.buffer.len, MDL)) {
00173                 omapi_value_dereference (&name, MDL);
00174                 omapi_value_dereference (&algorithm, MDL);
00175                 return ISC_R_NOTFOUND;
00176         }
00177 
00178         if (omapi_td_strcasecmp (algorithm -> value,
00179                                  ((omapi_auth_key_t *)*h) -> algorithm) != 0) {
00180                 omapi_value_dereference (&name, MDL);
00181                 omapi_value_dereference (&algorithm, MDL);
00182                 omapi_object_dereference (h, MDL);
00183                 return ISC_R_NOTFOUND;
00184         }
00185 
00186         omapi_value_dereference (&name, MDL);
00187         omapi_value_dereference (&algorithm, MDL);
00188 
00189         return ISC_R_SUCCESS;
00190 }
00191 
00192 isc_result_t omapi_auth_key_stuff_values (omapi_object_t *c,
00193                                           omapi_object_t *id,
00194                                           omapi_object_t *h)
00195 {
00196         omapi_auth_key_t *a;
00197         isc_result_t status;
00198 
00199         if (h -> type != omapi_type_auth_key)
00200                 return DHCP_R_INVALIDARG;
00201         a = (omapi_auth_key_t *)h;
00202 
00203         /* Write only the name and algorithm -- not the secret! */
00204         if (a -> name) {
00205                 status = omapi_connection_put_name (c, "name");
00206                 if (status != ISC_R_SUCCESS)
00207                         return status;
00208                 status = omapi_connection_put_string (c, a -> name);
00209                 if (status != ISC_R_SUCCESS)
00210                         return status;
00211         }
00212         if (a -> algorithm) {
00213                 status = omapi_connection_put_name (c, "algorithm");
00214                 if (status != ISC_R_SUCCESS)
00215                         return status;
00216                 status = omapi_connection_put_string (c, a -> algorithm);
00217                 if (status != ISC_R_SUCCESS)
00218                         return status;
00219         }
00220 
00221         return ISC_R_SUCCESS;
00222 }
00223 
00224 isc_result_t omapi_auth_key_get_value (omapi_object_t *h,
00225                                        omapi_object_t *id,
00226                                        omapi_data_string_t *name,
00227                                        omapi_value_t **value)
00228 {
00229         omapi_auth_key_t *a;
00230         isc_result_t status;
00231 
00232         if (h -> type != omapi_type_auth_key)
00233                 return ISC_R_UNEXPECTED;
00234         a = (omapi_auth_key_t *)h;
00235 
00236         if (omapi_ds_strcmp (name, "name") == 0) {
00237                 if (a -> name)
00238                         return omapi_make_string_value
00239                                 (value, name, a -> name, MDL);
00240                 else
00241                         return ISC_R_NOTFOUND;
00242         } else if (omapi_ds_strcmp (name, "key") == 0) {
00243                 if (a -> key) {
00244                         status = omapi_value_new (value, MDL);
00245                         if (status != ISC_R_SUCCESS)
00246                                 return status;
00247 
00248                         status = omapi_data_string_reference
00249                                 (&(*value) -> name, name, MDL);
00250                         if (status != ISC_R_SUCCESS) {
00251                                 omapi_value_dereference (value, MDL);
00252                                 return status;
00253                         }
00254 
00255                         status = omapi_typed_data_new (MDL, &(*value) -> value,
00256                                                        omapi_datatype_data,
00257                                                        a -> key -> len);
00258                         if (status != ISC_R_SUCCESS) {
00259                                 omapi_value_dereference (value, MDL);
00260                                 return status;
00261                         }
00262 
00263                         memcpy ((*value) -> value -> u.buffer.value,
00264                                 a -> key -> value, a -> key -> len);
00265                         return ISC_R_SUCCESS;
00266                 } else
00267                         return ISC_R_NOTFOUND;
00268         } else if (omapi_ds_strcmp (name, "algorithm") == 0) {
00269                 if (a -> algorithm)
00270                         return omapi_make_string_value
00271                                 (value, name, a -> algorithm, MDL);
00272                 else
00273                         return ISC_R_NOTFOUND;
00274         }
00275 
00276         return ISC_R_SUCCESS;
00277 }

Generated on 5 Apr 2014 for ISC DHCP by  doxygen 1.6.1