upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-04-15 22:09:31 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

3193. [cleanup] Changed MAXZONEKEYS to DNS_MAXZONEKEYS, moved to

Browse source 
dnssec.h. [RT #26415]
This commit is contained in:
Evan Hunt 2011-11-03 02:54:47 +00:00
parent 4634ecba29
commit 8281fd83da
4 changed files with 21 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
CHANGES
View file

@ -1,3 +1,6 @@
3193. [cleanup] Changed MAXZONEKEYS to DNS_MAXZONEKEYS, moved to
dnssec.h. [RT #26415]
3192. [bug] A query structure could be used after being freed.
[RT #22208]

5
lib/dns/include/dns/dnssec.h
View file

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dnssec.h,v 1.46 2011/05/06 23:47:29 tbox Exp $ */
/* $Id: dnssec.h,v 1.47 2011/11/03 02:54:47 each Exp $ */
#ifndef DNS_DNSSEC_H
#define DNS_DNSSEC_H 1
@ -32,6 +32,9 @@
ISC_LANG_BEGINDECLS
/*%< Maximum number of keys supported in a zone. */
#define DNS_MAXZONEKEYS 32
/*
* Indicates how the signer found this key: in the key repository, at the
* zone apex, or specified by the user.

8
lib/dns/update.c
View file

@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: update.c,v 1.5 2011/08/30 23:46:52 tbox Exp $ */
/* $Id: update.c,v 1.6 2011/11/03 02:54:47 each Exp $ */
#include <config.h>
@ -713,8 +713,6 @@ delete_if(rr_predicate *predicate, dns_db_t *db, dns_dbversion_t *ver,
* Incremental updating of NSECs and RRSIGs.
*/
#define MAXZONEKEYS 32 /*%< Maximum number of zone keys supported. */
/*%
* We abuse the dns_diff_t type to represent a set of domain names
* affected by the update.
@ -1338,7 +1336,7 @@ dns_update_signatures(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db,
dns_diff_t nsec_diff;
dns_diff_t nsec_mindiff;
isc_boolean_t flag, build_nsec, build_nsec3;
dst_key_t *zone_keys[MAXZONEKEYS];
dst_key_t *zone_keys[DNS_MAXZONEKEYS];
unsigned int nkeys = 0;
unsigned int i;
isc_stdtime_t now, inception, expire;
@ -1361,7 +1359,7 @@ dns_update_signatures(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db,
dns_diff_init(diff->mctx, &nsec_mindiff);
result = find_zone_keys(zone, db, newver, diff->mctx,
MAXZONEKEYS, zone_keys, &nkeys);
DNS_MAXZONEKEYS, zone_keys, &nkeys);
if (result != ISC_R_SUCCESS) {
update_log(log, zone, ISC_LOG_ERROR,
"could not get zone keys for secure dynamic update");

23
lib/dns/zone.c
View file

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: zone.c,v 1.644 2011/11/01 04:00:44 each Exp $ */
/* $Id: zone.c,v 1.645 2011/11/03 02:54:47 each Exp $ */
/*! \file */
@ -4803,8 +4803,6 @@ was_dumping(dns_zone_t *zone) {
return (dumping);
}
#define MAXZONEKEYS 10
static isc_result_t
find_zone_keys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,
isc_mem_t *mctx, unsigned int maxkeys,
@ -5185,7 +5183,7 @@ zone_resigninc(dns_zone_t *zone) {
dns_name_t *name;
dns_rdataset_t rdataset;
dns_rdatatype_t covers;
dst_key_t *zone_keys[MAXZONEKEYS];
dst_key_t *zone_keys[DNS_MAXZONEKEYS];
isc_boolean_t check_ksk, keyset_kskonly = ISC_FALSE;
isc_result_t result;
isc_stdtime_t now, inception, soaexpire, expire, stop;
@ -5223,7 +5221,7 @@ zone_resigninc(dns_zone_t *zone) {
goto failure;
}
result = find_zone_keys(zone, db, version, zone->mctx, MAXZONEKEYS,
result = find_zone_keys(zone, db, version, zone->mctx, DNS_MAXZONEKEYS,
zone_keys, &nkeys);
if (result != ISC_R_SUCCESS) {
dns_zone_log(zone, ISC_LOG_ERROR,
@ -6089,7 +6087,7 @@ zone_nsec3chain(dns_zone_t *zone) {
dns_rdataset_t rdataset;
dns_nsec3chain_t *nsec3chain = NULL, *nextnsec3chain;
dns_nsec3chainlist_t cleanup;
dst_key_t *zone_keys[MAXZONEKEYS];
dst_key_t *zone_keys[DNS_MAXZONEKEYS];
isc_int32_t signatures;
isc_boolean_t check_ksk, keyset_kskonly;
isc_boolean_t delegation;
@ -6141,7 +6139,7 @@ zone_nsec3chain(dns_zone_t *zone) {
}
result = find_zone_keys(zone, db, version, zone->mctx,
MAXZONEKEYS, zone_keys, &nkeys);
DNS_MAXZONEKEYS, zone_keys, &nkeys);
if (result != ISC_R_SUCCESS) {
dns_zone_log(zone, ISC_LOG_ERROR,
"zone_nsec3chain:find_zone_keys -> %s\n",
@ -6922,7 +6920,7 @@ zone_sign(dns_zone_t *zone) {
dns_rdataset_t rdataset;
dns_signing_t *signing, *nextsigning;
dns_signinglist_t cleanup;
dst_key_t *zone_keys[MAXZONEKEYS];
dst_key_t *zone_keys[DNS_MAXZONEKEYS];
isc_int32_t signatures;
isc_boolean_t check_ksk, keyset_kskonly, is_ksk;
isc_boolean_t commit = ISC_FALSE;
@ -6968,7 +6966,7 @@ zone_sign(dns_zone_t *zone) {
}
result = find_zone_keys(zone, db, version, zone->mctx,
MAXZONEKEYS, zone_keys, &nkeys);
DNS_MAXZONEKEYS, zone_keys, &nkeys);
if (result != ISC_R_SUCCESS) {
dns_zone_log(zone, ISC_LOG_ERROR,
"zone_sign:find_zone_keys -> %s\n",
@ -14698,11 +14696,11 @@ sign_apex(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,
isc_result_t result;
isc_stdtime_t now, inception, soaexpire;
isc_boolean_t check_ksk, keyset_kskonly;
dst_key_t *zone_keys[MAXZONEKEYS];
dst_key_t *zone_keys[DNS_MAXZONEKEYS];
unsigned int nkeys = 0, i;
dns_difftuple_t *tuple;
result = find_zone_keys(zone, db, ver, zone->mctx, MAXZONEKEYS,
result = find_zone_keys(zone, db, ver, zone->mctx, DNS_MAXZONEKEYS,
zone_keys, &nkeys);
if (result != ISC_R_SUCCESS) {
dns_zone_log(zone, ISC_LOG_ERROR,
@ -14989,7 +14987,8 @@ zone_rekey(dns_zone_t *zone) {
goto failure;
}
/* See if any pre-existing keys have newly become active;
/*
* See if any pre-existing keys have newly become active;
* also, see if any new key is for a new algorithm, as in that
* event, we need to sign the zone fully. (If there's a new
* key, but it's for an already-existing algorithm, then