OpenDNSSEC-signer 1.2.1
|
00001 /* 00002 * $Id: signconfparser.c 4294 2011-01-13 19:58:29Z jakob $ 00003 * 00004 * Copyright (c) 2009 NLNet Labs. All rights reserved. 00005 * 00006 * Redistribution and use in source and binary forms, with or without 00007 * modification, are permitted provided that the following conditions 00008 * are met: 00009 * 1. Redistributions of source code must retain the above copyright 00010 * notice, this list of conditions and the following disclaimer. 00011 * 2. Redistributions in binary form must reproduce the above copyright 00012 * notice, this list of conditions and the following disclaimer in the 00013 * documentation and/or other materials provided with the distribution. 00014 * 00015 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 00016 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 00017 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 00018 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 00019 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 00020 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE 00021 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 00022 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 00023 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 00024 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN 00025 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 00026 * 00027 */ 00028 00034 #include "parser/confparser.h" 00035 #include "parser/signconfparser.h" 00036 #include "util/duration.h" 00037 #include "util/log.h" 00038 #include "util/se_malloc.h" 00039 00040 #include <libxml/parser.h> /* xmlParseFile() */ 00041 #include <libxml/xpath.h> /* xmlXPath*() */ 00042 #include <libxml/xpathInternals.h> /* xmlXPath*() */ 00043 #include <libxml/xmlreader.h> /* xmlFreeDoc(), xmlStrEqual() */ 00044 #include <stdlib.h> /* atoi() */ 00045 00046 00051 keylist_type* 00052 parse_sc_keys(const char* cfgfile) 00053 { 00054 xmlDocPtr doc = NULL; 00055 xmlXPathContextPtr xpathCtx = NULL; 00056 xmlXPathObjectPtr xpathObj = NULL; 00057 xmlNode* curNode = NULL; 00058 xmlChar* xexpr = NULL; 00059 key_type* new_key = NULL; 00060 keylist_type* kl = keylist_create(); 00061 char* locator = NULL; 00062 char* flags = NULL; 00063 char* algorithm = NULL; 00064 int ksk, zsk, publish, i; 00065 00066 se_log_assert(cfgfile); 00067 00068 /* Load XML document */ 00069 doc = xmlParseFile(cfgfile); 00070 if (doc == NULL) { 00071 se_log_error("could not parse <Keys>, xmlParseFile failed"); 00072 return kl; 00073 } 00074 /* Create xpath evaluation context */ 00075 xpathCtx = xmlXPathNewContext(doc); 00076 if(xpathCtx == NULL) { 00077 xmlFreeDoc(doc); 00078 se_log_error("could not parse <Keys>, xmlXPathNewContext failed"); 00079 return kl; 00080 } 00081 /* Evaluate xpath expression */ 00082 xexpr = (xmlChar*) "//SignerConfiguration/Zone/Keys/Key"; 00083 xpathObj = xmlXPathEvalExpression(xexpr, xpathCtx); 00084 if(xpathObj == NULL) { 00085 xmlXPathFreeContext(xpathCtx); 00086 xmlFreeDoc(doc); 00087 se_log_error("could not parse <Keys>, xmlXPathEvalExpression failed"); 00088 return kl; 00089 } 00090 00091 if (xpathObj->nodesetval && xpathObj->nodesetval->nodeNr > 0) { 00092 for (i = 0; i < xpathObj->nodesetval->nodeNr; i++) { 00093 locator = NULL; 00094 flags = NULL; 00095 algorithm = NULL; 00096 ksk = 0; 00097 zsk = 0; 00098 publish = 0; 00099 00100 curNode = xpathObj->nodesetval->nodeTab[i]->xmlChildrenNode; 00101 while (curNode) { 00102 if (xmlStrEqual(curNode->name, (const xmlChar *)"Locator")) { 00103 locator = (char *) xmlNodeGetContent(curNode); /* VALGRIND does not like */ 00104 } else if (xmlStrEqual(curNode->name, (const xmlChar *)"Algorithm")) { 00105 algorithm = (char *) xmlNodeGetContent(curNode); /* VALGRIND does not like */ 00106 } else if (xmlStrEqual(curNode->name, (const xmlChar *)"Flags")) { 00107 flags = (char *) xmlNodeGetContent(curNode); /* VALGRIND does not like */ 00108 } else if (xmlStrEqual(curNode->name, (const xmlChar *)"KSK")) { 00109 ksk = 1; 00110 } else if (xmlStrEqual(curNode->name, (const xmlChar *)"ZSK")) { 00111 zsk = 1; 00112 } else if (xmlStrEqual(curNode->name, (const xmlChar *)"Publish")) { 00113 publish = 1; 00114 } 00115 curNode = curNode->next; 00116 } 00117 if (locator && algorithm && flags) { 00118 new_key = key_create(locator, (uint8_t) atoi(algorithm), 00119 (uint32_t) atoi(flags), publish, ksk, zsk); 00120 if (keylist_add(kl, new_key) != 0) { 00121 se_log_error("failed to add key %s to key list", locator); 00122 } 00123 } else { 00124 se_log_error("Key missing required elements"); 00125 } 00126 if (locator) { 00127 se_free((void*)locator); 00128 } 00129 if (algorithm) { 00130 se_free((void*)algorithm); 00131 } 00132 if (flags) { 00133 se_free((void*)flags); 00134 } 00135 } 00136 } 00137 00138 xmlXPathFreeObject(xpathObj); 00139 xmlXPathFreeContext(xpathCtx); 00140 if (doc) { 00141 xmlFreeDoc(doc); 00142 } 00143 return kl; 00144 } 00145 00146 00151 duration_type* 00152 parse_sc_sig_resign_interval(const char* cfgfile) 00153 { 00154 duration_type* duration = NULL; 00155 const char* str = parse_conf_string(cfgfile, 00156 "//SignerConfiguration/Zone/Signatures/Resign", 00157 1); 00158 if (!str) { 00159 return NULL; 00160 } 00161 duration = duration_create_from_string(str); 00162 se_free((void*)str); 00163 return duration; 00164 } 00165 00166 00167 duration_type* 00168 parse_sc_sig_refresh_interval(const char* cfgfile) 00169 { 00170 duration_type* duration = NULL; 00171 const char* str = parse_conf_string(cfgfile, 00172 "//SignerConfiguration/Zone/Signatures/Refresh", 00173 1); 00174 if (!str) { 00175 return NULL; 00176 } 00177 duration = duration_create_from_string(str); 00178 se_free((void*)str); 00179 return duration; 00180 } 00181 00182 00183 duration_type* 00184 parse_sc_sig_validity_default(const char* cfgfile) 00185 { 00186 duration_type* duration = NULL; 00187 const char* str = parse_conf_string(cfgfile, 00188 "//SignerConfiguration/Zone/Signatures/Validity/Default", 00189 1); 00190 if (!str) { 00191 return NULL; 00192 } 00193 duration = duration_create_from_string(str); 00194 se_free((void*)str); 00195 return duration; 00196 } 00197 00198 00199 duration_type* 00200 parse_sc_sig_validity_denial(const char* cfgfile) 00201 { 00202 duration_type* duration = NULL; 00203 const char* str = parse_conf_string(cfgfile, 00204 "//SignerConfiguration/Zone/Signatures/Validity/Denial", 00205 1); 00206 if (!str) { 00207 return NULL; 00208 } 00209 duration = duration_create_from_string(str); 00210 se_free((void*)str); 00211 return duration; 00212 } 00213 00214 00215 duration_type* 00216 parse_sc_sig_jitter(const char* cfgfile) 00217 { 00218 duration_type* duration = NULL; 00219 const char* str = parse_conf_string(cfgfile, 00220 "//SignerConfiguration/Zone/Signatures/Jitter", 00221 1); 00222 if (!str) { 00223 return NULL; 00224 } 00225 duration = duration_create_from_string(str); 00226 se_free((void*)str); 00227 return duration; 00228 } 00229 00230 00231 duration_type* 00232 parse_sc_sig_inception_offset(const char* cfgfile) 00233 { 00234 duration_type* duration = NULL; 00235 const char* str = parse_conf_string(cfgfile, 00236 "//SignerConfiguration/Zone/Signatures/InceptionOffset", 00237 1); 00238 if (!str) { 00239 return NULL; 00240 } 00241 duration = duration_create_from_string(str); 00242 se_free((void*)str); 00243 return duration; 00244 } 00245 00246 00247 duration_type* 00248 parse_sc_dnskey_ttl(const char* cfgfile) 00249 { 00250 duration_type* duration = NULL; 00251 const char* str = parse_conf_string(cfgfile, 00252 "//SignerConfiguration/Zone/Keys/TTL", 00253 1); 00254 if (!str) { 00255 return NULL; 00256 } 00257 duration = duration_create_from_string(str); 00258 se_free((void*)str); 00259 return duration; 00260 } 00261 00262 00263 duration_type* 00264 parse_sc_soa_ttl(const char* cfgfile) 00265 { 00266 duration_type* duration = NULL; 00267 const char* str = parse_conf_string(cfgfile, 00268 "//SignerConfiguration/Zone/SOA/TTL", 00269 1); 00270 if (!str) { 00271 return NULL; 00272 } 00273 duration = duration_create_from_string(str); 00274 se_free((void*)str); 00275 return duration; 00276 } 00277 00278 00279 duration_type* 00280 parse_sc_soa_min(const char* cfgfile) 00281 { 00282 duration_type* duration = NULL; 00283 const char* str = parse_conf_string(cfgfile, 00284 "//SignerConfiguration/Zone/SOA/Minimum", 00285 1); 00286 if (!str) { 00287 return NULL; 00288 } 00289 duration = duration_create_from_string(str); 00290 se_free((void*)str); 00291 return duration; 00292 } 00293 00294 00299 ldns_rr_type 00300 parse_sc_nsec_type(const char* cfgfile) 00301 { 00302 const char* str = parse_conf_string(cfgfile, 00303 "//SignerConfiguration/Zone/Denial/NSEC3", 00304 0); 00305 if (str) { 00306 se_free((void*)str); 00307 return LDNS_RR_TYPE_NSEC3; 00308 } 00309 00310 str = parse_conf_string(cfgfile, 00311 "//SignerConfiguration/Zone/Denial/NSEC", 00312 0); 00313 if (str) { 00314 se_free((void*)str); 00315 return LDNS_RR_TYPE_NSEC; 00316 } 00317 00318 return LDNS_RR_TYPE_FIRST; 00319 } 00320 00321 00326 uint32_t 00327 parse_sc_nsec3_algorithm(const char* cfgfile) 00328 { 00329 int ret = 0; 00330 const char* str = parse_conf_string(cfgfile, 00331 "//SignerConfiguration/Zone/Denial/NSEC3/Hash/Algorithm", 00332 1); 00333 if (str) { 00334 if (strlen(str) > 0) { 00335 ret = atoi(str); 00336 } 00337 se_free((void*)str); 00338 } 00339 return ret; 00340 } 00341 00342 00343 uint32_t 00344 parse_sc_nsec3_iterations(const char* cfgfile) 00345 { 00346 int ret = 0; 00347 const char* str = parse_conf_string(cfgfile, 00348 "//SignerConfiguration/Zone/Denial/NSEC3/Hash/Iterations", 00349 1); 00350 if (str) { 00351 if (strlen(str) > 0) { 00352 ret = atoi(str); 00353 } 00354 se_free((void*)str); 00355 } 00356 return ret; 00357 } 00358 00359 00364 int 00365 parse_sc_dnskey_ttl_use(const char* cfgfile) 00366 { 00367 int ret = 0; 00368 const char* str = parse_conf_string(cfgfile, 00369 "//SignerConfiguration/Zone/Keys/TTL", 00370 0); 00371 if (str) { 00372 if (strlen(str) > 0) { 00373 ret = 1; 00374 } 00375 se_free((void*)str); 00376 } 00377 return ret; 00378 } 00379 00380 00381 int 00382 parse_sc_soa_ttl_use(const char* cfgfile) 00383 { 00384 int ret = 0; 00385 const char* str = parse_conf_string(cfgfile, 00386 "//SignerConfiguration/Zone/SOA/TTL", 00387 0); 00388 if (str) { 00389 if (strlen(str) > 0) { 00390 ret = 1; 00391 } 00392 se_free((void*)str); 00393 } 00394 return ret; 00395 } 00396 00397 00398 int 00399 parse_sc_soa_min_use(const char* cfgfile) 00400 { 00401 int ret = 0; 00402 const char* str = parse_conf_string(cfgfile, 00403 "//SignerConfiguration/Zone/SOA/Minimum", 00404 0); 00405 if (str) { 00406 if (strlen(str) > 0) { 00407 ret = 1; 00408 } 00409 se_free((void*)str); 00410 } 00411 return ret; 00412 } 00413 00414 00415 int 00416 parse_sc_nsec3_optout(const char* cfgfile) 00417 { 00418 int ret = 0; 00419 const char* str = parse_conf_string(cfgfile, 00420 "//SignerConfiguration/Zone/Denial/NSEC3/OptOut", 00421 0); 00422 if (str) { 00423 ret = 1; 00424 se_free((void*)str); 00425 } 00426 return ret; 00427 } 00428 00429 00430 int 00431 parse_sc_audit(const char* cfgfile) 00432 { 00433 int ret = 0; 00434 const char* str = parse_conf_string(cfgfile, 00435 "//SignerConfiguration/Zone/Audit", 00436 0); 00437 if (str) { 00438 ret = 1; 00439 se_free((void*)str); 00440 } 00441 return ret; 00442 } 00443 00444 00449 const char* 00450 parse_sc_soa_serial(const char* cfgfile) 00451 { 00452 return parse_conf_string(cfgfile, 00453 "//SignerConfiguration/Zone/SOA/Serial", 00454 1); 00455 } 00456 00457 00458 const char* 00459 parse_sc_nsec3_salt(const char* cfgfile) 00460 { 00461 return parse_conf_string(cfgfile, 00462 "//SignerConfiguration/Zone/Denial/NSEC3/Hash/Salt", 00463 1); 00464 }