dh

package

v0.0.0-...-513c08a Latest Latest Go to latest Published: Aug 25, 2019 License: BSD-3-Clause Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/tidalf/tsig

Links

Open Source Insights

Documentation ¶

Overview ¶

Package dh implements RFC 2930 Diffie-Hellman key exchange functions.

Example client:

import (
        "fmt"
        "net"
        "time"

        "github.com/tidalf/tsig/dh"
        "github.com/miekg/dns"
)

func main() {
        host := "ns.example.com"

        d, err := dh.New()
        if err != nil {
                panic(err)
        }
        defer d.Close()

        // Negotiate a key with the chosen server
        keyname, mac, _, err := d.NegotiateKey(host, "tsig.example.com.", dns.HmacMD5, "k9uK5qsPfbBxvVuldwzYww==")
        if err != nil {
                panic(err)
        }

        client := &dns.Client{
                Net:        "tcp",
                TsigSecret: map[string]string{*keyname: *mac},
        }

        // Use the DNS client as normal

        msg := new(dns.Msg)
        msg.SetUpdate(dns.Fqdn("example.com"))

        insert, err := dns.NewRR("test.example.com. 300 A 192.0.2.1")
        if err != nil {
                panic(err)
        }
        msg.Insert([]dns.RR{insert})

        msg.SetTsig(*keyname, dns.HmacMD5, 300, time.Now().Unix())

        rr, _, err := client.Exchange(msg, net.JoinHostPort(host, "53"))
        if err != nil {
                panic(err)
        }

        if rr.Rcode != dns.RcodeSuccess {
                fmt.Printf("DNS error: %s (%d)\n", dns.RcodeToString[rr.Rcode], rr.Rcode)
        }

        // Revoke the key
        err = d.DeleteKey(keyname)
        if err != nil {
                panic(err)
        }
}

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type DH ¶

type DH struct {
	// contains filtered or unexported fields
}

DH maps the TKEY name to the target host that negotiated it as well as any other internal state.

func New ¶

func New() (*DH, error)

New performs any library initialization necessary. It returns a context handle for any further functions along with any error that occurred.

func (*DH) Close ¶

func (c *DH) Close() error

Close revokes any active keys and unloads any underlying libraries as necessary. It returns any error that occurred.

func (*DH) DeleteKey ¶

func (c *DH) DeleteKey(keyname *string) error

DeleteKey revokes the active key associated with the given TKEY name. It returns any error that occurred.

func (*DH) NegotiateKey ¶

func (c *DH) NegotiateKey(host, name, algorithm, mac string) (*string, *string, *time.Time, error)

NegotiateKey exchanges RFC 2930 TKEY records with the indicated DNS server to establish a TSIG key for further using an existing TSIG key name, algorithm and MAC. It returns the negotiated TKEY name, MAC, expiry time, and any error that occurred.

Source Files ¶

View all Source files

dh.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL