*/
/*
- * $Id: tkey.c,v 1.92.104.2 2010/07/09 23:46:27 tbox Exp $
+ * $Id: tkey.c,v 1.96 2010/12/09 00:54:34 marka Exp $
*/
/*! \file */
#include <config.h>
}
static isc_result_t
-process_gsstkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name,
- dns_rdata_tkey_t *tkeyin, dns_tkeyctx_t *tctx,
- dns_rdata_tkey_t *tkeyout,
- dns_tsig_keyring_t *ring, dns_namelist_t *namelist)
+process_gsstkey(dns_name_t *name, dns_rdata_tkey_t *tkeyin,
+ dns_tkeyctx_t *tctx, dns_rdata_tkey_t *tkeyout,
+ dns_tsig_keyring_t *ring)
{
isc_result_t result = ISC_R_SUCCESS;
dst_key_t *dstkey = NULL;
isc_buffer_t *outtoken = NULL;
gss_ctx_id_t gss_ctx = NULL;
- UNUSED(namelist);
- UNUSED(signer);
-
if (tctx->gsscred == NULL)
return (ISC_R_NOPERM);
#endif
isc_uint32_t expire;
- RETERR(dst_key_fromgssapi(name, gss_ctx, msg->mctx, &dstkey));
+ RETERR(dst_key_fromgssapi(name, gss_ctx, ring->mctx, &dstkey));
/*
* Limit keys to 1 hour or the context's lifetime whichever
* is smaller.
dns_fixedname_name(&principal),
now, expire, ring->mctx, ring,
NULL));
+ dst_key_free(&dstkey);
tkeyout->inception = now;
tkeyout->expire = expire;
} else {
}
static isc_result_t
-process_deletetkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name,
- dns_rdata_tkey_t *tkeyin,
- dns_rdata_tkey_t *tkeyout,
- dns_tsig_keyring_t *ring,
- dns_namelist_t *namelist)
+process_deletetkey(dns_name_t *signer, dns_name_t *name,
+ dns_rdata_tkey_t *tkeyin, dns_rdata_tkey_t *tkeyout,
+ dns_tsig_keyring_t *ring)
{
isc_result_t result;
dns_tsigkey_t *tsigkey = NULL;
dns_name_t *identity;
- UNUSED(msg);
- UNUSED(namelist);
-
result = dns_tsigkey_find(&tsigkey, name, &tkeyin->algorithm, ring);
if (result != ISC_R_SUCCESS) {
tkeyout->error = dns_tsigerror_badname;
break;
case DNS_TKEYMODE_GSSAPI:
tkeyout.error = dns_rcode_noerror;
- RETERR(process_gsstkey(msg, signer, keyname, &tkeyin,
- tctx, &tkeyout, ring,
- &namelist));
-
+ RETERR(process_gsstkey(keyname, &tkeyin, tctx,
+ &tkeyout, ring));
break;
case DNS_TKEYMODE_DELETE:
tkeyout.error = dns_rcode_noerror;
- RETERR(process_deletetkey(msg, signer, keyname,
- &tkeyin, &tkeyout,
- ring, &namelist));
+ RETERR(process_deletetkey(signer, keyname, &tkeyin,
+ &tkeyout, ring));
break;
case DNS_TKEYMODE_SERVERASSIGNED:
case DNS_TKEYMODE_RESOLVERASSIGNED:
isc_buffer_init(&intoken, rtkey.key, rtkey.keylen);
RETERR(dst_gssapi_initctx(gname, &intoken, outtoken, context));
- dstkey = NULL;
RETERR(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx,
&dstkey));
dstkey, ISC_FALSE, NULL,
rtkey.inception, rtkey.expire,
ring->mctx, ring, outkey));
-
+ dst_key_free(&dstkey);
dns_rdata_freestruct(&rtkey);
return (result);
/*
* XXXSRA This probably leaks memory from rtkey and qtkey.
*/
+ if (dstkey != NULL)
+ dst_key_free(&dstkey);
return (result);
}
if (result != DNS_R_CONTINUE && result != ISC_R_SUCCESS)
return (result);
- dstkey = NULL;
RETERR(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx,
&dstkey));
dstkey, ISC_TRUE, NULL,
rtkey.inception, rtkey.expire,
ring->mctx, ring, outkey));
-
+ dst_key_free(&dstkey);
dns_rdata_freestruct(&rtkey);
return (result);
* XXXSRA This probably leaks memory from qtkey.
*/
dns_rdata_freestruct(&rtkey);
+ if (dstkey != NULL)
+ dst_key_free(&dstkey);
return (result);
}