dh

package

v1.2.2 Latest Latest Go to latest Published: Feb 13, 2023 License: BSD-3-Clause Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bodgit/tsig

Links

Open Source Insights

Documentation ¶

Overview ¶

Package dh implements RFC 2930 Diffie-Hellman key exchange functions.

Example client:

import (
        "fmt"
        "time"

        "github.com/bodgit/tsig/dh"
        "github.com/miekg/dns"
)

func main() {
        dnsClient := new(dns.Client)
        dnsClient.Net = "tcp"
        dnsClient.TsigSecret = map[string]string{"tsig.example.com.": "k9uK5qsPfbBxvVuldwzYww=="}

        dhClient, err := dh.NewClient(dnsClient)
        if err != nil {
                panic(err)
        }
        defer dhClient.Close()

        host := "ns.example.com:53"

        // Negotiate a key with the chosen server
        keyname, mac, _, err := dhClient.NegotiateKey(host, "tsig.example.com.", dns.HmacMD5, "k9uK5qsPfbBxvVuldwzYww==")
        if err != nil {
                panic(err)
        }

        dnsClient.TsigSecret[keyname] = mac

        // Use the DNS client as normal

        msg := new(dns.Msg)
        msg.SetUpdate(dns.Fqdn("example.com"))

        insert, err := dns.NewRR("test.example.com. 300 A 192.0.2.1")
        if err != nil {
                panic(err)
        }
        msg.Insert([]dns.RR{insert})

        msg.SetTsig(keyname, dns.HmacMD5, 300, time.Now().Unix())

        rr, _, err := dnsClient.Exchange(msg, host)
        if err != nil {
                panic(err)
        }

        if rr.Rcode != dns.RcodeSuccess {
                fmt.Printf("DNS error: %s (%d)\n", dns.RcodeToString[rr.Rcode], rr.Rcode)
        }

        // Revoke the key
        err = dhClient.DeleteKey(keyname)
        if err != nil {
                panic(err)
        }
}

Index ¶

type Client
- func NewClient(dnsClient *dns.Client) (*Client, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Client ¶ added in v1.1.0

type Client struct {
	// contains filtered or unexported fields
}

Client maps the TKEY name to the target host that negotiated it as well as any other internal state.

func NewClient ¶ added in v1.1.0

func NewClient(dnsClient *dns.Client) (*Client, error)

NewClient performs any library initialization necessary. It returns a context handle for any further functions along with any error that occurred.

func (*Client) Close ¶ added in v1.1.0

func (c *Client) Close() error

Close revokes any active keys and unloads any underlying libraries as necessary. It returns any error that occurred.

func (*Client) DeleteKey ¶ added in v1.1.0

func (c *Client) DeleteKey(keyname string) error

DeleteKey revokes the active key associated with the given TKEY name. It returns any error that occurred.

func (*Client) NegotiateKey ¶ added in v1.1.0

func (c *Client) NegotiateKey(host, name, algorithm, mac string) (string, string, time.Time, error)

NegotiateKey exchanges RFC 2930 TKEY records with the indicated DNS server to establish a TSIG key for further using an existing TSIG key name, algorithm and MAC. It returns the negotiated TKEY name, MAC, expiry time, and any error that occurred.

Source Files ¶

View all Source files

dh.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL