diff options
Diffstat (limited to 'lib/dns/include/dns/tsig.h')
| -rw-r--r-- | lib/dns/include/dns/tsig.h | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/lib/dns/include/dns/tsig.h b/lib/dns/include/dns/tsig.h index e8c0e2c..5161fb3 100644 --- a/lib/dns/include/dns/tsig.h +++ b/lib/dns/include/dns/tsig.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: tsig.h,v 1.51 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: tsig.h,v 1.51.332.4 2010-12-09 01:12:55 marka Exp $ */ #ifndef DNS_TSIG_H #define DNS_TSIG_H 1 @@ -62,6 +62,13 @@ struct dns_tsig_keyring { unsigned int writecount; isc_rwlock_t lock; isc_mem_t *mctx; + /* + * LRU list of generated key along with a count of the keys on the + * list and a maximum size. + */ + unsigned int generated; + unsigned int maxgenerated; + ISC_LIST(dns_tsigkey_t) lru; }; struct dns_tsigkey { @@ -77,12 +84,13 @@ struct dns_tsigkey { isc_stdtime_t expire; /*%< end of validity period */ dns_tsig_keyring_t *ring; /*%< the enclosing keyring */ isc_refcount_t refs; /*%< reference counter */ + ISC_LINK(dns_tsigkey_t) link; }; #define dns_tsigkey_identity(tsigkey) \ ((tsigkey) == NULL ? NULL : \ - (tsigkey)->generated ? ((tsigkey)->creator) : \ - (&((tsigkey)->name))) + (tsigkey)->generated ? ((tsigkey)->creator) : \ + (&((tsigkey)->name))) ISC_LANG_BEGINDECLS @@ -109,12 +117,15 @@ dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm, * allows a transient key with an invalid algorithm to exist long enough * to generate a BADKEY response. * + * If dns_tsigkey_createfromkey is successful a new reference to 'dstkey' + * will have been made. + * * Requires: *\li 'name' is a valid dns_name_t *\li 'algorithm' is a valid dns_name_t *\li 'secret' is a valid pointer *\li 'length' is an integer >= 0 - *\li 'key' is a valid dst key or NULL + *\li 'dstkey' is a valid dst key or NULL *\li 'creator' points to a valid dns_name_t or is NULL *\li 'mctx' is a valid memory context *\li 'ring' is a valid TSIG keyring or NULL |
