2000-05-24 23:54:43 +00:00
|
|
|
/*
|
2000-06-09 21:31:08 +00:00
|
|
|
* Copyright (C) 2000 Internet Software Consortium.
|
2000-08-01 01:33:37 +00:00
|
|
|
*
|
2000-05-24 23:54:43 +00:00
|
|
|
* Permission to use, copy, modify, and distribute this software for any
|
|
|
|
|
* purpose with or without fee is hereby granted, provided that the above
|
|
|
|
|
* copyright notice and this permission notice appear in all copies.
|
2000-08-01 01:33:37 +00:00
|
|
|
*
|
2000-07-27 09:55:03 +00:00
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
|
|
|
|
|
* DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
|
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
|
|
|
|
|
* INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
|
|
|
|
|
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
|
|
|
|
|
* FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
|
|
|
|
|
* NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
|
|
|
|
|
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
2000-05-24 23:54:43 +00:00
|
|
|
*/
|
|
|
|
|
|
2000-08-17 19:17:57 +00:00
|
|
|
/* $Id: dnssectool.c,v 1.20 2000/08/17 19:17:57 bwelling Exp $ */
|
2000-06-22 22:00:42 +00:00
|
|
|
|
2000-05-24 23:54:43 +00:00
|
|
|
#include <config.h>
|
|
|
|
|
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
|
|
|
|
|
#include <isc/buffer.h>
|
2000-06-09 22:34:40 +00:00
|
|
|
#include <isc/entropy.h>
|
2000-06-22 02:47:33 +00:00
|
|
|
#include <isc/keyboard.h>
|
2000-05-24 23:54:43 +00:00
|
|
|
#include <isc/string.h>
|
2000-06-22 02:47:33 +00:00
|
|
|
#include <isc/time.h>
|
2000-05-24 23:54:43 +00:00
|
|
|
#include <isc/util.h>
|
2000-08-17 01:22:10 +00:00
|
|
|
#include <isc/print.h>
|
2000-05-24 23:54:43 +00:00
|
|
|
|
|
|
|
|
#include <dns/log.h>
|
|
|
|
|
#include <dns/name.h>
|
2000-08-11 23:07:53 +00:00
|
|
|
#include <dns/rdatastruct.h>
|
2000-05-24 23:54:43 +00:00
|
|
|
#include <dns/rdatatype.h>
|
|
|
|
|
#include <dns/result.h>
|
|
|
|
|
#include <dns/secalg.h>
|
|
|
|
|
|
|
|
|
|
#include "dnssectool.h"
|
|
|
|
|
|
|
|
|
|
extern int verbose;
|
2000-06-01 18:49:22 +00:00
|
|
|
extern const char *program;
|
2000-05-24 23:54:43 +00:00
|
|
|
|
2000-06-22 02:47:33 +00:00
|
|
|
static isc_entropysource_t *source = NULL;
|
2000-06-22 19:16:33 +00:00
|
|
|
static isc_keyboard_t kbd;
|
|
|
|
|
static isc_boolean_t wantkeyboard = ISC_FALSE;
|
2000-06-22 02:47:33 +00:00
|
|
|
|
2000-05-24 23:54:43 +00:00
|
|
|
void
|
2000-06-01 18:49:22 +00:00
|
|
|
fatal(const char *format, ...) {
|
2000-05-24 23:54:43 +00:00
|
|
|
va_list args;
|
|
|
|
|
|
|
|
|
|
fprintf(stderr, "%s: ", program);
|
|
|
|
|
va_start(args, format);
|
|
|
|
|
vfprintf(stderr, format, args);
|
|
|
|
|
va_end(args);
|
|
|
|
|
fprintf(stderr, "\n");
|
|
|
|
|
exit(1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
2000-06-01 18:49:22 +00:00
|
|
|
check_result(isc_result_t result, const char *message) {
|
2000-05-24 23:54:43 +00:00
|
|
|
if (result != ISC_R_SUCCESS) {
|
|
|
|
|
fprintf(stderr, "%s: %s: %s\n", program, message,
|
|
|
|
|
isc_result_totext(result));
|
|
|
|
|
exit(1);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
vbprintf(int level, const char *fmt, ...) {
|
|
|
|
|
va_list ap;
|
|
|
|
|
if (level > verbose)
|
|
|
|
|
return;
|
|
|
|
|
va_start(ap, fmt);
|
|
|
|
|
fprintf(stderr, "%s: ", program);
|
|
|
|
|
vfprintf(stderr, fmt, ap);
|
|
|
|
|
va_end(ap);
|
|
|
|
|
}
|
|
|
|
|
|
2000-08-14 04:43:17 +00:00
|
|
|
void
|
|
|
|
|
type_format(const dns_rdatatype_t type, char *cp, unsigned int size) {
|
2000-05-24 23:54:43 +00:00
|
|
|
isc_buffer_t b;
|
|
|
|
|
isc_region_t r;
|
|
|
|
|
isc_result_t result;
|
|
|
|
|
|
2000-08-14 04:43:17 +00:00
|
|
|
isc_buffer_init(&b, cp, size - 1);
|
2000-05-24 23:54:43 +00:00
|
|
|
result = dns_rdatatype_totext(type, &b);
|
|
|
|
|
check_result(result, "dns_rdatatype_totext()");
|
|
|
|
|
isc_buffer_usedregion(&b, &r);
|
|
|
|
|
r.base[r.length] = 0;
|
|
|
|
|
}
|
|
|
|
|
|
2000-08-14 04:43:17 +00:00
|
|
|
void
|
|
|
|
|
alg_format(const dns_secalg_t alg, char *cp, unsigned int size) {
|
2000-05-24 23:54:43 +00:00
|
|
|
isc_buffer_t b;
|
|
|
|
|
isc_region_t r;
|
|
|
|
|
isc_result_t result;
|
|
|
|
|
|
2000-08-14 04:43:17 +00:00
|
|
|
isc_buffer_init(&b, cp, size - 1);
|
2000-05-24 23:54:43 +00:00
|
|
|
result = dns_secalg_totext(alg, &b);
|
|
|
|
|
check_result(result, "dns_secalg_totext()");
|
|
|
|
|
isc_buffer_usedregion(&b, &r);
|
|
|
|
|
r.base[r.length] = 0;
|
|
|
|
|
}
|
|
|
|
|
|
2000-08-14 04:43:17 +00:00
|
|
|
void
|
|
|
|
|
sig_format(dns_rdata_sig_t *sig, char *cp, unsigned int size) {
|
|
|
|
|
char namestr[DNS_NAME_FORMATSIZE];
|
|
|
|
|
char algstr[DNS_NAME_FORMATSIZE];
|
2000-08-11 23:07:53 +00:00
|
|
|
|
2000-08-14 04:43:17 +00:00
|
|
|
dns_name_format(&sig->signer, namestr, sizeof namestr);
|
|
|
|
|
alg_format(sig->algorithm, algstr, sizeof algstr);
|
|
|
|
|
snprintf(cp, size, "%s/%s/%d", namestr, algstr, sig->keyid);
|
|
|
|
|
}
|
2000-08-11 23:07:53 +00:00
|
|
|
|
2000-08-14 04:43:17 +00:00
|
|
|
void
|
|
|
|
|
key_format(const dst_key_t *key, char *cp, unsigned int size) {
|
|
|
|
|
char namestr[DNS_NAME_FORMATSIZE];
|
|
|
|
|
char algstr[DNS_NAME_FORMATSIZE];
|
2000-08-11 23:07:53 +00:00
|
|
|
|
2000-08-14 04:43:17 +00:00
|
|
|
dns_name_format(dst_key_name(key), namestr, sizeof namestr);
|
|
|
|
|
alg_format(dst_key_alg(key), algstr, sizeof algstr);
|
|
|
|
|
snprintf(cp, size, "%s/%s/%d", namestr, algstr, dst_key_id(key));
|
2000-08-11 23:07:53 +00:00
|
|
|
}
|
|
|
|
|
|
2000-05-24 23:54:43 +00:00
|
|
|
void
|
|
|
|
|
setup_logging(int verbose, isc_mem_t *mctx, isc_log_t **logp) {
|
|
|
|
|
isc_result_t result;
|
|
|
|
|
isc_logdestination_t destination;
|
|
|
|
|
isc_logconfig_t *logconfig;
|
|
|
|
|
isc_log_t *log = 0;
|
|
|
|
|
int level;
|
|
|
|
|
|
|
|
|
|
switch (verbose) {
|
|
|
|
|
case 0:
|
|
|
|
|
/*
|
|
|
|
|
* We want to see warnings about things like out-of-zone
|
|
|
|
|
* data in the master file even when not verbose.
|
|
|
|
|
*/
|
|
|
|
|
level = ISC_LOG_WARNING;
|
|
|
|
|
break;
|
|
|
|
|
case 1:
|
|
|
|
|
level = ISC_LOG_INFO;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
level = ISC_LOG_DEBUG(verbose - 2 + 1);
|
|
|
|
|
break;
|
|
|
|
|
}
|
2000-08-01 01:33:37 +00:00
|
|
|
|
2000-05-24 23:54:43 +00:00
|
|
|
RUNTIME_CHECK(isc_log_create(mctx, &log, &logconfig) == ISC_R_SUCCESS);
|
|
|
|
|
isc_log_setcontext(log);
|
|
|
|
|
dns_log_init(log);
|
|
|
|
|
dns_log_setcontext(log);
|
|
|
|
|
|
2000-06-01 18:49:22 +00:00
|
|
|
RUNTIME_CHECK(isc_log_settag(logconfig, program) == ISC_R_SUCCESS);
|
|
|
|
|
|
2000-05-24 23:54:43 +00:00
|
|
|
/*
|
|
|
|
|
* Set up a channel similar to default_stderr except:
|
|
|
|
|
* - the logging level is passed in
|
|
|
|
|
* - the program name and logging level are printed
|
|
|
|
|
* - no time stamp is printed
|
|
|
|
|
*/
|
|
|
|
|
destination.file.stream = stderr;
|
|
|
|
|
destination.file.name = NULL;
|
|
|
|
|
destination.file.versions = ISC_LOG_ROLLNEVER;
|
|
|
|
|
destination.file.maximum_size = 0;
|
|
|
|
|
result = isc_log_createchannel(logconfig, "stderr",
|
|
|
|
|
ISC_LOG_TOFILEDESC,
|
|
|
|
|
level,
|
|
|
|
|
&destination,
|
|
|
|
|
ISC_LOG_PRINTTAG|ISC_LOG_PRINTLEVEL);
|
|
|
|
|
check_result(result, "isc_log_createchannel()");
|
2000-08-01 01:33:37 +00:00
|
|
|
|
2000-05-24 23:54:43 +00:00
|
|
|
RUNTIME_CHECK(isc_log_usechannel(logconfig, "stderr",
|
|
|
|
|
NULL, NULL) == ISC_R_SUCCESS);
|
|
|
|
|
|
|
|
|
|
*logp = log;
|
|
|
|
|
}
|
|
|
|
|
|
2000-06-22 02:47:33 +00:00
|
|
|
static isc_result_t
|
|
|
|
|
kbdstart(isc_entropysource_t *source, void *arg, isc_boolean_t blocking) {
|
|
|
|
|
isc_keyboard_t *kbd = (isc_keyboard_t *)arg;
|
2000-06-22 19:09:30 +00:00
|
|
|
static isc_boolean_t first = ISC_TRUE;
|
2000-06-22 02:47:33 +00:00
|
|
|
|
|
|
|
|
UNUSED(source);
|
|
|
|
|
|
2000-06-22 18:42:05 +00:00
|
|
|
if (!blocking)
|
2000-06-22 02:47:33 +00:00
|
|
|
return (ISC_R_NOENTROPY);
|
2000-06-22 19:09:30 +00:00
|
|
|
if (first) {
|
2000-06-22 19:16:33 +00:00
|
|
|
if (!wantkeyboard) {
|
|
|
|
|
fprintf(stderr, "You must use the keyboard to create "
|
|
|
|
|
"entropy, since your system is lacking\n");
|
2000-08-17 18:56:49 +00:00
|
|
|
fprintf(stderr, "/dev/random (or equivalent)\n\n");
|
2000-06-22 19:16:33 +00:00
|
|
|
}
|
2000-06-22 19:09:30 +00:00
|
|
|
first = ISC_FALSE;
|
|
|
|
|
}
|
|
|
|
|
fprintf(stderr, "start typing:\n");
|
2000-06-22 02:47:33 +00:00
|
|
|
return (isc_keyboard_open(kbd));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
kbdstop(isc_entropysource_t *source, void *arg) {
|
|
|
|
|
isc_keyboard_t *kbd = (isc_keyboard_t *)arg;
|
|
|
|
|
|
|
|
|
|
UNUSED(source);
|
|
|
|
|
|
2000-07-31 20:38:27 +00:00
|
|
|
if (!isc_keyboard_canceled(kbd))
|
|
|
|
|
fprintf(stderr, "stop typing.\r\n");
|
2000-06-22 02:47:33 +00:00
|
|
|
(void)isc_keyboard_close(kbd, 3);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static isc_result_t
|
|
|
|
|
kbdget(isc_entropysource_t *source, void *arg, isc_boolean_t blocking) {
|
|
|
|
|
isc_keyboard_t *kbd = (isc_keyboard_t *)arg;
|
|
|
|
|
isc_result_t result;
|
|
|
|
|
isc_time_t t;
|
|
|
|
|
isc_uint32_t sample;
|
|
|
|
|
isc_uint32_t extra;
|
|
|
|
|
unsigned char c;
|
|
|
|
|
|
|
|
|
|
if (!blocking)
|
|
|
|
|
return (ISC_R_NOENTROPY);
|
|
|
|
|
|
|
|
|
|
result = isc_keyboard_getchar(kbd, &c);
|
|
|
|
|
if (result != ISC_R_SUCCESS)
|
|
|
|
|
return (result);
|
|
|
|
|
|
|
|
|
|
result = isc_time_now(&t);
|
|
|
|
|
if (result != ISC_R_SUCCESS)
|
|
|
|
|
return (result);
|
|
|
|
|
|
|
|
|
|
sample = isc_time_nanoseconds(&t);
|
|
|
|
|
extra = c;
|
|
|
|
|
|
|
|
|
|
result = isc_entropy_addcallbacksample(source, sample, extra);
|
|
|
|
|
if (result != ISC_R_SUCCESS) {
|
2000-06-22 19:09:30 +00:00
|
|
|
fprintf(stderr, "\r\n");
|
2000-06-22 02:47:33 +00:00
|
|
|
return (result);
|
|
|
|
|
}
|
|
|
|
|
|
2000-06-22 19:09:30 +00:00
|
|
|
fprintf(stderr, ".");
|
|
|
|
|
fflush(stderr);
|
2000-06-22 02:47:33 +00:00
|
|
|
|
|
|
|
|
return (result);
|
|
|
|
|
}
|
|
|
|
|
|
2000-06-09 22:34:40 +00:00
|
|
|
void
|
2000-06-10 01:28:11 +00:00
|
|
|
setup_entropy(isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx) {
|
2000-06-09 22:34:40 +00:00
|
|
|
isc_result_t result;
|
2000-06-15 18:15:26 +00:00
|
|
|
|
2000-06-09 22:34:40 +00:00
|
|
|
result = isc_entropy_create(mctx, ectx);
|
|
|
|
|
if (result != ISC_R_SUCCESS)
|
|
|
|
|
fatal("could not create entropy object");
|
2000-06-22 02:47:33 +00:00
|
|
|
if (randomfile != NULL && strcasecmp(randomfile, "keyboard") != 0) {
|
2000-06-17 01:42:21 +00:00
|
|
|
result = isc_entropy_createfilesource(*ectx, randomfile);
|
2000-06-22 02:47:33 +00:00
|
|
|
if (result != ISC_R_SUCCESS)
|
|
|
|
|
fatal("could not open randomdev %s: %s", randomfile,
|
|
|
|
|
isc_result_totext(result));
|
|
|
|
|
}
|
|
|
|
|
else {
|
2000-08-17 19:17:57 +00:00
|
|
|
#ifdef PATH_RANDOMDEV
|
2000-06-22 02:47:33 +00:00
|
|
|
if (randomfile == NULL) {
|
|
|
|
|
result = isc_entropy_createfilesource(*ectx,
|
2000-08-17 19:17:57 +00:00
|
|
|
PATH_RANDOMDEV);
|
2000-06-22 02:47:33 +00:00
|
|
|
if (result == ISC_R_SUCCESS)
|
|
|
|
|
return;
|
|
|
|
|
}
|
2000-06-22 19:16:33 +00:00
|
|
|
else
|
2000-08-17 18:56:49 +00:00
|
|
|
#endif
|
2000-06-22 19:16:33 +00:00
|
|
|
wantkeyboard = ISC_TRUE;
|
2000-06-22 02:47:33 +00:00
|
|
|
result = isc_entropy_createcallbacksource(*ectx, kbdstart,
|
|
|
|
|
kbdget, kbdstop,
|
|
|
|
|
&kbd, &source);
|
|
|
|
|
if (result != ISC_R_SUCCESS)
|
|
|
|
|
fatal("failed to open keyboard: %s\n",
|
|
|
|
|
isc_result_totext(result));
|
2000-06-10 01:28:11 +00:00
|
|
|
}
|
2000-06-09 22:34:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
cleanup_entropy(isc_entropy_t **ectx) {
|
2000-06-22 02:47:33 +00:00
|
|
|
if (source != NULL)
|
|
|
|
|
isc_entropy_destroysource(&source);
|
2000-06-09 22:34:40 +00:00
|
|
|
isc_entropy_detach(ectx);
|
|
|
|
|
}
|
