Lines Matching refs:transport
1 /* $NetBSD: transport.c,v 1.3 2025/01/26 16:25:25 christos Exp $ */
30 #include <dns/transport.h>
75 dns_transport_t *transport = node;
77 return dns_name_equal(transport->name, key);
82 const dns_transport_type_t type, dns_transport_t *transport) {
90 transport->name = dns_fixedname_initname(&transport->fn);
91 dns_name_copy(name, transport->name);
93 transport, NULL);
100 dns_transport_get_type(const dns_transport_t *transport) {
101 REQUIRE(VALID_TRANSPORT(transport));
103 return transport->type;
107 dns_transport_get_certfile(const dns_transport_t *transport) {
108 REQUIRE(VALID_TRANSPORT(transport));
110 return transport->tls.certfile;
114 dns_transport_get_keyfile(const dns_transport_t *transport) {
115 REQUIRE(VALID_TRANSPORT(transport));
117 return transport->tls.keyfile;
121 dns_transport_get_cafile(const dns_transport_t *transport) {
122 REQUIRE(VALID_TRANSPORT(transport));
124 return transport->tls.cafile;
128 dns_transport_get_remote_hostname(const dns_transport_t *transport) {
129 REQUIRE(VALID_TRANSPORT(transport));
131 return transport->tls.remote_hostname;
135 dns_transport_get_endpoint(const dns_transport_t *transport) {
136 REQUIRE(VALID_TRANSPORT(transport));
138 return transport->doh.endpoint;
142 dns_transport_get_mode(const dns_transport_t *transport) {
143 REQUIRE(VALID_TRANSPORT(transport));
145 return transport->doh.mode;
151 dns_transport_t *transport = isc_mem_get(list->mctx,
152 sizeof(*transport));
153 *transport = (dns_transport_t){ .type = type };
154 isc_refcount_init(&transport->references, 1);
155 isc_mem_attach(list->mctx, &transport->mctx);
156 transport->magic = TRANSPORT_MAGIC;
158 list_add(list, name, type, transport);
160 return transport;
164 dns_transport_set_certfile(dns_transport_t *transport, const char *certfile) {
165 REQUIRE(VALID_TRANSPORT(transport));
166 REQUIRE(transport->type == DNS_TRANSPORT_TLS ||
167 transport->type == DNS_TRANSPORT_HTTP);
169 if (transport->tls.certfile != NULL) {
170 isc_mem_free(transport->mctx, transport->tls.certfile);
174 transport->tls.certfile = isc_mem_strdup(transport->mctx,
180 dns_transport_set_keyfile(dns_transport_t *transport, const char *keyfile) {
181 REQUIRE(VALID_TRANSPORT(transport));
182 REQUIRE(transport->type == DNS_TRANSPORT_TLS ||
183 transport->type == DNS_TRANSPORT_HTTP);
185 if (transport->tls.keyfile != NULL) {
186 isc_mem_free(transport->mctx, transport->tls.keyfile);
190 transport->tls.keyfile = isc_mem_strdup(transport->mctx,
196 dns_transport_set_cafile(dns_transport_t *transport, const char *cafile) {
197 REQUIRE(VALID_TRANSPORT(transport));
198 REQUIRE(transport->type == DNS_TRANSPORT_TLS ||
199 transport->type == DNS_TRANSPORT_HTTP);
201 if (transport->tls.cafile != NULL) {
202 isc_mem_free(transport->mctx, transport->tls.cafile);
206 transport->tls.cafile = isc_mem_strdup(transport->mctx, cafile);
211 dns_transport_set_remote_hostname(dns_transport_t *transport,
213 REQUIRE(VALID_TRANSPORT(transport));
214 REQUIRE(transport->type == DNS_TRANSPORT_TLS ||
215 transport->type == DNS_TRANSPORT_HTTP);
217 if (transport->tls.remote_hostname != NULL) {
218 isc_mem_free(transport->mctx, transport->tls.remote_hostname);
222 transport->tls.remote_hostname = isc_mem_strdup(transport->mctx,
228 dns_transport_set_endpoint(dns_transport_t *transport, const char *endpoint) {
229 REQUIRE(VALID_TRANSPORT(transport));
230 REQUIRE(transport->type == DNS_TRANSPORT_HTTP);
232 if (transport->doh.endpoint != NULL) {
233 isc_mem_free(transport->mctx, transport->doh.endpoint);
237 transport->doh.endpoint = isc_mem_strdup(transport->mctx,
243 dns_transport_set_mode(dns_transport_t *transport, dns_http_mode_t mode) {
244 REQUIRE(VALID_TRANSPORT(transport));
245 REQUIRE(transport->type == DNS_TRANSPORT_HTTP);
247 transport->doh.mode = mode;
251 dns_transport_set_tls_versions(dns_transport_t *transport,
253 REQUIRE(VALID_TRANSPORT(transport));
254 REQUIRE(transport->type == DNS_TRANSPORT_HTTP ||
255 transport->type == DNS_TRANSPORT_TLS);
257 transport->tls.protocol_versions = tls_versions;
261 dns_transport_get_tls_versions(const dns_transport_t *transport) {
262 REQUIRE(VALID_TRANSPORT(transport));
264 return transport->tls.protocol_versions;
268 dns_transport_set_ciphers(dns_transport_t *transport, const char *ciphers) {
269 REQUIRE(VALID_TRANSPORT(transport));
270 REQUIRE(transport->type == DNS_TRANSPORT_TLS ||
271 transport->type == DNS_TRANSPORT_HTTP);
273 if (transport->tls.ciphers != NULL) {
274 isc_mem_free(transport->mctx, transport->tls.ciphers);
278 transport->tls.ciphers = isc_mem_strdup(transport->mctx,
284 dns_transport_set_tlsname(dns_transport_t *transport, const char *tlsname) {
285 REQUIRE(VALID_TRANSPORT(transport));
286 REQUIRE(transport->type == DNS_TRANSPORT_TLS ||
287 transport->type == DNS_TRANSPORT_HTTP);
289 if (transport->tls.tlsname != NULL) {
290 isc_mem_free(transport->mctx, transport->tls.tlsname);
294 transport->tls.tlsname = isc_mem_strdup(transport->mctx,
300 dns_transport_get_ciphers(const dns_transport_t *transport) {
301 REQUIRE(VALID_TRANSPORT(transport));
303 return transport->tls.ciphers;
307 dns_transport_set_cipher_suites(dns_transport_t *transport,
309 REQUIRE(VALID_TRANSPORT(transport));
310 REQUIRE(transport->type == DNS_TRANSPORT_TLS ||
311 transport->type == DNS_TRANSPORT_HTTP);
313 if (transport->tls.cipher_suites != NULL) {
314 isc_mem_free(transport->mctx, transport->tls.cipher_suites);
318 transport->tls.cipher_suites = isc_mem_strdup(transport->mctx,
324 dns_transport_get_cipher_suites(const dns_transport_t *transport) {
325 REQUIRE(VALID_TRANSPORT(transport));
327 return transport->tls.cipher_suites;
331 dns_transport_get_tlsname(const dns_transport_t *transport) {
332 REQUIRE(VALID_TRANSPORT(transport));
334 return transport->tls.tlsname;
338 dns_transport_set_prefer_server_ciphers(dns_transport_t *transport,
340 REQUIRE(VALID_TRANSPORT(transport));
341 REQUIRE(transport->type == DNS_TRANSPORT_TLS ||
342 transport->type == DNS_TRANSPORT_HTTP);
344 transport->tls.prefer_server_ciphers = prefer ? ter_true : ter_false;
348 dns_transport_get_prefer_server_ciphers(const dns_transport_t *transport,
350 REQUIRE(VALID_TRANSPORT(transport));
352 if (transport->tls.prefer_server_ciphers == ter_none) {
354 } else if (transport->tls.prefer_server_ciphers == ter_true) {
357 } else if (transport->tls.prefer_server_ciphers == ter_false) {
367 dns_transport_set_always_verify_remote(dns_transport_t *transport,
369 REQUIRE(VALID_TRANSPORT(transport));
370 REQUIRE(transport->type == DNS_TRANSPORT_TLS ||
371 transport->type == DNS_TRANSPORT_HTTP);
373 transport->tls.always_verify_remote = always_verify_remote;
377 dns_transport_get_always_verify_remote(dns_transport_t *transport) {
378 REQUIRE(VALID_TRANSPORT(transport));
379 REQUIRE(transport->type == DNS_TRANSPORT_TLS ||
380 transport->type == DNS_TRANSPORT_HTTP);
382 return transport->tls.always_verify_remote;
386 dns_transport_get_tlsctx(dns_transport_t *transport, const isc_sockaddr_t *peer,
402 REQUIRE(VALID_TRANSPORT(transport));
403 REQUIRE(transport->type == DNS_TRANSPORT_TLS);
412 tlsname = dns_transport_get_tlsname(transport);
426 dns_transport_get_remote_hostname(transport);
427 const char *ca_file = dns_transport_get_cafile(transport);
428 const char *cert_file = dns_transport_get_certfile(transport);
429 const char *key_file = dns_transport_get_keyfile(transport);
431 dns_transport_get_always_verify_remote(transport);
445 tls_versions = dns_transport_get_tls_versions(transport);
449 ciphers = dns_transport_get_ciphers(transport);
453 cipher_suites = dns_transport_get_cipher_suites(transport);
459 transport, &prefer_server_ciphers))
470 * relation between cert stores and per-transport TLS
566 * per-transport TLS contexts. In that case, the call to
622 transport_destroy(dns_transport_t *transport) {
623 isc_refcount_destroy(&transport->references);
624 transport->magic = 0;
626 if (transport->doh.endpoint != NULL) {
627 isc_mem_free(transport->mctx, transport->doh.endpoint);
629 if (transport->tls.remote_hostname != NULL) {
630 isc_mem_free(transport->mctx, transport->tls.remote_hostname);
632 if (transport->tls.cafile != NULL) {
633 isc_mem_free(transport->mctx, transport->tls.cafile);
635 if (transport->tls.keyfile != NULL) {
636 isc_mem_free(transport->mctx, transport->tls.keyfile);
638 if (transport->tls.certfile != NULL) {
639 isc_mem_free(transport->mctx, transport->tls.certfile);
641 if (transport->tls.ciphers != NULL) {
642 isc_mem_free(transport->mctx, transport->tls.ciphers);
644 if (transport->tls.cipher_suites != NULL) {
645 isc_mem_free(transport->mctx, transport->tls.cipher_suites);
648 if (transport->tls.tlsname != NULL) {
649 isc_mem_free(transport->mctx, transport->tls.tlsname);
652 isc_mem_putanddetach(&transport->mctx, transport, sizeof(*transport));
667 dns_transport_t *transport = NULL;
672 transport = *transportp;
675 if (isc_refcount_decrement(&transport->references) == 1) {
676 transport_destroy(transport);
684 dns_transport_t *transport = NULL;
694 name, (void **)&transport);
696 isc_refcount_increment(&transport->references);
700 return transport;
752 dns_transport_t *transport = NULL;
753 isc_hashmap_iter_current(it, (void **)&transport);
754 dns_transport_detach(&transport);
Indexes created Sat Feb 28 05:31:39 UTC 2026