Commit 0cd94559 authored by Jan Včelák's avatar Jan Včelák 🚀

knsupdate: migrate to new packet signing API

parent 1fa9a756
......@@ -779,12 +779,9 @@ int cmd_send(const char* lp, knsupdate_params_t *params)
return ret;
}
sign_context_t sign_ctx;
memset(&sign_ctx, '\0', sizeof(sign_context_t));
/* Sign if key specified. */
if (params->key_params.name) {
ret = sign_packet(params->query, &sign_ctx, &params->key_params);
if (params->tsig_key.name) {
ret = sign_packet(params->query, &params->tsig_key);
if (ret != KNOT_EOK) {
ERR("failed to sign UPDATE message (%s)\n",
knot_strerror(ret));
......@@ -804,7 +801,6 @@ int cmd_send(const char* lp, knsupdate_params_t *params)
/* Check Send/recv result. */
if (rb <= 0) {
free_sign_context(&sign_ctx);
return KNOT_ECONNREFUSED;
}
......@@ -812,14 +808,12 @@ int cmd_send(const char* lp, knsupdate_params_t *params)
ret = knot_pkt_parse(params->answer, 0);
if (ret != KNOT_EOK) {
ERR("failed to parse response (%s)\n", knot_strerror(ret));
free_sign_context(&sign_ctx);
return ret;
}
/* Check signature if expected. */
if (params->key_params.name) {
ret = verify_packet(params->answer, &sign_ctx, &params->key_params);
free_sign_context(&sign_ctx);
if (params->tsig_key.name) {
ret = verify_packet(params->answer, &params->tsig_key);
if (ret != KNOT_EOK) {
ERR("TSIG error with server (%s)\n", knot_strerror(ret));
return ret;
......@@ -944,10 +938,10 @@ int cmd_key(const char* lp, knsupdate_params_t *params)
ret = KNOT_EINVAL;
} else {
/* Override existing key. */
knot_free_key_params(&params->key_params);
knot_tsig_key_deinit(&params->tsig_key);
kstr[len] = ':'; /* Replace ' ' with ':' sep */
ret = params_parse_tsig(kstr, &params->key_params);
ret = knot_tsig_key_init_str(&params->tsig_key, kstr);
}
free(kstr);
......
......@@ -26,6 +26,7 @@
#include "libknot/libknot.h"
#include "libknot/internal/mempattern.h"
#include "libknot/internal/mempool.h"
#include "libknot/tsig.h"
#define DEFAULT_RETRIES_NSUPDATE 3
#define DEFAULT_TIMEOUT_NSUPDATE 12
......@@ -140,7 +141,7 @@ void knsupdate_clean(knsupdate_params_t *params)
zs_scanner_free(params->parser);
knot_pkt_free(&params->query);
knot_pkt_free(&params->answer);
knot_free_key_params(&params->key_params);
knot_tsig_key_deinit(&params->tsig_key);
/* Clean up the structure. */
mp_delete(params->mm.ctx);
......@@ -233,7 +234,7 @@ int knsupdate_parse(knsupdate_params_t *params, int argc, char *argv[])
if (ret != KNOT_EOK) return ret;
break;
case 'y':
ret = params_parse_tsig(optarg, &params->key_params);
ret = knot_tsig_key_init_str(&params->tsig_key, optarg);
if (ret != KNOT_EOK) return ret;
break;
case 'k':
......
......@@ -73,8 +73,8 @@ typedef struct {
knot_pkt_t *answer;
/*< Lists of RRSets. */
list_t update_list, prereq_list;
/*!< Key parameters. */
knot_key_params_t key_params;
/*!< TSIG key. */
knot_tsig_key_t tsig_key;
/*!< Default output settings. */
style_t style;
/*!< Memory context. */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment