version 1.15, 2005/10/17 14:01:28 |
version 1.16, 2005/10/17 14:13:35 |
|
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
*/ |
*/ |
|
|
|
|
#include "includes.h" |
#include "includes.h" |
|
RCSID("$OpenBSD$"); |
|
|
#include <openssl/bn.h> |
|
#include <netdb.h> |
#include <netdb.h> |
|
|
#include "xmalloc.h" |
#include "xmalloc.h" |
|
|
#include "dns.h" |
#include "dns.h" |
#include "log.h" |
#include "log.h" |
|
|
RCSID("$OpenBSD$"); |
|
|
|
static const char *errset_text[] = { |
static const char *errset_text[] = { |
"success", /* 0 ERRSET_SUCCESS */ |
"success", /* 0 ERRSET_SUCCESS */ |
"out of memory", /* 1 ERRSET_NOMEMORY */ |
"out of memory", /* 1 ERRSET_NOMEMORY */ |
|
|
|
|
*flags = 0; |
*flags = 0; |
|
|
debug3("verify_hostkey_dns"); |
debug3("verify_host_key_dns"); |
if (hostkey == NULL) |
if (hostkey == NULL) |
fatal("No key to look up!"); |
fatal("No key to look up!"); |
|
|
|
|
return 0; |
return 0; |
} |
} |
|
|
|
|
/* |
/* |
* Export the fingerprint of a key as a DNS resource record |
* Export the fingerprint of a key as a DNS resource record |
*/ |
*/ |
|
|
int success = 0; |
int success = 0; |
|
|
if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type, |
if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type, |
&rdata_digest, &rdata_digest_len, key)) { |
&rdata_digest, &rdata_digest_len, key)) { |
|
|
if (generic) |
if (generic) |
fprintf(f, "%s IN TYPE%d \\# %d %02x %02x ", hostname, |
fprintf(f, "%s IN TYPE%d \\# %d %02x %02x ", hostname, |
|
|
xfree(rdata_digest); /* from key_fingerprint_raw() */ |
xfree(rdata_digest); /* from key_fingerprint_raw() */ |
success = 1; |
success = 1; |
} else { |
} else { |
error("dns_export_rr: unsupported algorithm"); |
error("export_dns_rr: unsupported algorithm"); |
} |
} |
|
|
return success; |
return success; |