OpenDNSSEC-enforcer  1.4.8.2
kaspaccess.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2008-2009 Nominet UK. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  * notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  * notice, this list of conditions and the following disclaimer in the
11  * documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
15  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
17  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
19  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
21  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
22  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
23  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  *
25  */
26 
27 /*
28  * kaspaccess.c kasp acccess functions needed by keygend
29  */
30 
31 
32 #include <syslog.h>
33 #include <stdlib.h>
34 
35 #include "daemon.h"
36 #include "daemon_util.h"
37 #include "kaspaccess.h"
38 #include "ksm/string_util.h"
39 #include "ksm/string_util2.h"
40 
41 /*
42 * Set defaults for policies
43 * Make sure that we set everything, any new policy items need to be added here.
44 */
45 void
46 kaspSetPolicyDefaults(KSM_POLICY *policy, char *name)
47 {
48  if (policy == NULL) {
49  log_msg(NULL, LOG_ERR, "Error in kaspSetPolicyDefaults, no policy provided");
50  return;
51  }
52 
53  if (name) {
54  snprintf(policy->name, KSM_NAME_LENGTH, "%s", name);
55  }
56 
57  policy->signer->refresh = 0;
58  policy->signer->jitter = 0;
59  policy->signer->propdelay = 0;
60  policy->signer->soamin = 0;
61  policy->signer->soattl = 0;
62  policy->signer->serial = 0;
63 
64  policy->signature->clockskew = 0;
65  policy->signature->resign = 0;
66  policy->signature->valdefault = 0;
67  policy->signature->valdenial = 0;
68 
69  policy->denial->version = 0;
70  policy->denial->resalt = 0;
71  policy->denial->algorithm = 0;
72  policy->denial->iteration = 0;
73  policy->denial->optout = 0;
74  policy->denial->ttl = 0;
75  policy->denial->saltlength = 0;
76 
77  policy->keys->ttl = 0;
78  policy->keys->retire_safety = 0;
79  policy->keys->publish_safety = 0;
80  policy->keys->share_keys = 0;
81  policy->keys->purge = -1;
82 
83  policy->ksk->algorithm = 0;
84  policy->ksk->bits = 0;
85  policy->ksk->lifetime = 0;
86  policy->ksk->sm = 0;
87  policy->ksk->overlap = 0;
88  policy->ksk->ttl = 0;
89  policy->ksk->rfc5011 = 0;
90  policy->ksk->type = KSM_TYPE_KSK;
91  policy->ksk->standby_keys = 0;
92  policy->ksk->manual_rollover = 0;
94 
95  policy->zsk->algorithm = 0;
96  policy->zsk->bits = 0;
97  policy->zsk->lifetime = 0;
98  policy->zsk->sm = 0;
99  policy->zsk->overlap = 0;
100  policy->zsk->ttl = 0;
101  policy->zsk->rfc5011 = 0;
102  policy->zsk->type = KSM_TYPE_ZSK;
103  policy->zsk->standby_keys = 0;
104  policy->zsk->manual_rollover = 0;
105  policy->zsk->rollover_scheme = 0;
106 
107  policy->enforcer->keycreate = 0;
108  policy->enforcer->backup_interval = 0;
109  policy->enforcer->keygeninterval = 0;
110 
111  policy->zone->propdelay = 0;
112  policy->zone->soa_ttl = 0;
113  policy->zone->soa_min = 0;
114  policy->zone->serial = 0;
115 
116  policy->parent->propdelay = 0;
117  policy->parent->ds_ttl = 0;
118  policy->parent->soa_ttl = 0;
119  policy->parent->soa_min = 0;
120 
121 }
122 
123 /*
124 * Connect to the DB
125 */
126 void
128 {
129  /* Note that all these XML derived strings are unsigned chars */
130  if (DbConnect(handle, (char *)config->schema, (char *)config->host, (char *)config->password, (char *)config->user, (char *)config->port) != 0) {
131  unlink(config->pidfile);
132  exit(-1);
133  }
134 
135 }
136 
137 /*
138 * Try and connect to the DB
139 */
140 int
142 {
143  /* Note that all these XML derived strings are unsigned chars */
144  if (DbConnect(handle, (char *)config->schema, (char *)config->host, (char *)config->password, (char *)config->user, (char *)config->port) != 0) {
145  return 1;
146  }
147 
148  return 0;
149 }
150 
151 /*
152 * Disconnect from the DB
153 */
154 void
156 {
157  (void) DbDisconnect(*handle);
158 }
159 
160 /*
161 * Read a policy
162 */
163 int
165 {
166  /* This fn checks that the policy exists for us */
167  return KsmPolicyRead(policy);
168 }
unsigned char * password
Definition: daemon.h:106
unsigned char * schema
Definition: daemon.h:107
char name[KSM_NAME_LENGTH]
Definition: ksm.h:247
sqlite3 * DB_HANDLE
Definition: database.h:77
#define KSM_TYPE_ZSK
Definition: ksm.h:362
void kaspConnect(DAEMONCONFIG *config, DB_HANDLE *handle)
Definition: kaspaccess.c:127
int overlap
Definition: ksm.h:216
char * pidfile
Definition: daemon.h:91
int rfc5011
Definition: ksm.h:218
int backup_interval
Definition: ksm.h:227
int serial
Definition: ksm.h:235
int soa_min
Definition: ksm.h:234
KSM_COMMON_KEY_POLICY * keys
Definition: ksm.h:252
int soa_ttl
Definition: ksm.h:233
int kaspTryConnect(DAEMONCONFIG *config, DB_HANDLE *handle)
Definition: kaspaccess.c:141
KSM_KEY_POLICY * zsk
Definition: ksm.h:254
int bits
Definition: ksm.h:210
void kaspDisconnect(DB_HANDLE *handle)
Definition: kaspaccess.c:155
#define KSM_ROLL_DEFAULT
Definition: ksm.h:400
int manual_rollover
Definition: ksm.h:221
int KsmPolicyRead(KSM_POLICY *policy)
Definition: ksm_policy.c:232
int algorithm
Definition: ksm.h:209
#define KSM_NAME_LENGTH
Definition: ksm.h:57
int keygeninterval
Definition: ksm.h:228
int saltlength
Definition: ksm.h:195
KSM_PARENT_POLICY * parent
Definition: ksm.h:257
unsigned char * host
Definition: daemon.h:105
KSM_DENIAL_POLICY * denial
Definition: ksm.h:251
KSM_KEY_POLICY * ksk
Definition: ksm.h:253
KSM_ZONE_POLICY * zone
Definition: ksm.h:256
int propdelay
Definition: ksm.h:232
int type
Definition: ksm.h:219
KSM_SIGNER_POLICY * signer
Definition: ksm.h:249
int DbDisconnect(DB_HANDLE dbhandle)
int standby_keys
Definition: ksm.h:220
void kaspSetPolicyDefaults(KSM_POLICY *policy, char *name)
Definition: kaspaccess.c:46
int propdelay
Definition: ksm.h:239
int propdelay
Definition: ksm.h:175
int sm
Definition: ksm.h:212
DAEMONCONFIG config
Definition: daemon.c:71
int ttl
Definition: ksm.h:217
void log_msg(DAEMONCONFIG *config, int priority, const char *format,...)
Definition: daemon_util.c:294
#define KSM_TYPE_KSK
Definition: ksm.h:360
KSM_ENFORCER_POLICY * enforcer
Definition: ksm.h:255
int algorithm
Definition: ksm.h:191
int rollover_scheme
Definition: ksm.h:222
unsigned char * port
Definition: daemon.h:108
int lifetime
Definition: ksm.h:211
int iteration
Definition: ksm.h:192
unsigned char * user
Definition: daemon.h:104
int kaspReadPolicy(KSM_POLICY *policy)
Definition: kaspaccess.c:164
KSM_SIGNATURE_POLICY * signature
Definition: ksm.h:250
int DbConnect(DB_HANDLE *dbhandle, const char *database,...)