mirror of
https://github.com/isc-projects/bind9.git
synced 2026-06-05 03:42:05 -04:00
Merge branch 'u/fanf2/sectypes' into 'master'
cleanup: use dns_secalg_t and dns_dsdigest_t where appropriate See merge request isc-projects/bind9!1498
This commit is contained in:
Mark Andrews
commit
99138abe38
9 changed files with 40 additions and 33 deletions
4
CHANGES
4
CHANGES
|
|
@ -1,3 +1,7 @@
|
|||
5179. [cleanup] Replace some vague type declarations with the more
|
||||
specific dns_secalg_t and dns_dsdigest_t.
|
||||
Thanks to Tony Finch. [GL !1498]
|
||||
|
||||
5178. [bug] Handle EDQUOT (disk quota) and ENOSPC (disk full)
|
||||
errors when writing files. [GL #902]
|
||||
|
||||
|
|
|
|||
|
|
@ -86,7 +86,7 @@ static dns_rdataclass_t rdclass = dns_rdataclass_in;
|
|||
* List of digest types used by ds_from_cdnskey(), filled in by add_dtype()
|
||||
* from -a arguments. The size of the array is an arbitrary limit.
|
||||
*/
|
||||
static uint8_t dtype[8];
|
||||
static dns_dsdigest_t dtype[8];
|
||||
|
||||
static const char *startstr = NULL; /* from which we derive notbefore */
|
||||
static isc_stdtime_t notbefore = 0; /* restrict sig inception times */
|
||||
|
|
@ -129,7 +129,7 @@ static int nkey; /* number of child zone DNSKEY records */
|
|||
typedef struct keyinfo {
|
||||
dns_rdata_t rdata;
|
||||
dst_key_t *dst;
|
||||
uint8_t algo;
|
||||
dns_secalg_t algo;
|
||||
dns_keytag_t tag;
|
||||
} keyinfo_t;
|
||||
|
||||
|
|
@ -614,12 +614,12 @@ free_keytable(keyinfo_t **keytable_p) {
|
|||
* otherwise the key algorithm. This is used by the signature coverage
|
||||
* check functions below.
|
||||
*/
|
||||
static uint8_t *
|
||||
static dns_secalg_t *
|
||||
matching_sigs(keyinfo_t *keytbl, dns_rdataset_t *rdataset,
|
||||
dns_rdataset_t *sigset)
|
||||
{
|
||||
isc_result_t result;
|
||||
uint8_t *algo;
|
||||
dns_secalg_t *algo;
|
||||
int i;
|
||||
|
||||
algo = isc_mem_get(mctx, nkey);
|
||||
|
|
@ -702,7 +702,7 @@ matching_sigs(keyinfo_t *keytbl, dns_rdataset_t *rdataset,
|
|||
* fetched from the child zone, any working signature is enough.
|
||||
*/
|
||||
static bool
|
||||
signed_loose(uint8_t *algo) {
|
||||
signed_loose(dns_secalg_t *algo) {
|
||||
bool ok = false;
|
||||
int i;
|
||||
for (i = 0; i < nkey; i++) {
|
||||
|
|
@ -721,7 +721,7 @@ signed_loose(uint8_t *algo) {
|
|||
* RRset.
|
||||
*/
|
||||
static bool
|
||||
signed_strict(dns_rdataset_t *dsset, uint8_t *algo) {
|
||||
signed_strict(dns_rdataset_t *dsset, dns_secalg_t *algo) {
|
||||
isc_result_t result;
|
||||
bool all_ok = true;
|
||||
|
||||
|
|
@ -844,14 +844,14 @@ ds_from_cdnskey(dns_rdatalist_t *dslist, isc_buffer_t *buf,
|
|||
*/
|
||||
static int
|
||||
cmp_dtype(const void *ap, const void *bp) {
|
||||
int a = *(const uint8_t *)ap;
|
||||
int b = *(const uint8_t *)bp;
|
||||
int a = *(const dns_dsdigest_t *)ap;
|
||||
int b = *(const dns_dsdigest_t *)bp;
|
||||
return (a - b);
|
||||
}
|
||||
|
||||
static void
|
||||
add_dtype(const char *dn) {
|
||||
uint8_t dt;
|
||||
dns_dsdigest_t dt;
|
||||
unsigned i, n;
|
||||
|
||||
dt = strtodsdigest(dn);
|
||||
|
|
@ -936,7 +936,7 @@ consistent_digests(dns_rdataset_t *dsset) {
|
|||
dns_rdata_t *arrdata;
|
||||
dns_rdata_ds_t *ds;
|
||||
dns_keytag_t key_tag;
|
||||
uint8_t algorithm;
|
||||
dns_secalg_t algorithm;
|
||||
bool match;
|
||||
int i, j, n, d;
|
||||
|
||||
|
|
|
|||
|
|
@ -235,7 +235,7 @@ logkey(dns_rdata_t *rdata)
|
|||
}
|
||||
|
||||
static void
|
||||
emit(unsigned int dtype, bool showall, char *lookaside,
|
||||
emit(dns_dsdigest_t dtype, bool showall, char *lookaside,
|
||||
bool cds, dns_rdata_t *rdata)
|
||||
{
|
||||
isc_result_t result;
|
||||
|
|
@ -350,7 +350,7 @@ main(int argc, char **argv) {
|
|||
char *lookaside = NULL;
|
||||
char *endp;
|
||||
int ch;
|
||||
unsigned int dtype = DNS_DSDIGEST_SHA1;
|
||||
dns_dsdigest_t dtype = DNS_DSDIGEST_SHA1;
|
||||
bool cds = false;
|
||||
bool both = true;
|
||||
bool usekeyset = false;
|
||||
|
|
|
|||
29
lib/dns/ds.c
29
lib/dns/ds.c
|
|
@ -32,7 +32,7 @@
|
|||
|
||||
isc_result_t
|
||||
dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
|
||||
unsigned int digest_type, unsigned char *buffer,
|
||||
dns_dsdigest_t digest_type, unsigned char *buffer,
|
||||
dns_rdata_t *rdata)
|
||||
{
|
||||
dns_fixedname_t fname;
|
||||
|
|
@ -54,17 +54,6 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
|
|||
return (ISC_R_NOTIMPLEMENTED);
|
||||
}
|
||||
|
||||
name = dns_fixedname_initname(&fname);
|
||||
(void)dns_name_downcase(owner, name, NULL);
|
||||
|
||||
memset(buffer, 0, DNS_DS_BUFFERSIZE);
|
||||
isc_buffer_init(&b, buffer, DNS_DS_BUFFERSIZE);
|
||||
|
||||
md = isc_md_new();
|
||||
if (md == NULL) {
|
||||
return (ISC_R_NOMEMORY);
|
||||
}
|
||||
|
||||
switch (digest_type) {
|
||||
case DNS_DSDIGEST_SHA1:
|
||||
md_type = ISC_MD_SHA1;
|
||||
|
|
@ -75,9 +64,23 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
|
|||
break;
|
||||
|
||||
case DNS_DSDIGEST_SHA256:
|
||||
default:
|
||||
md_type = ISC_MD_SHA256;
|
||||
break;
|
||||
|
||||
default:
|
||||
INSIST(0);
|
||||
ISC_UNREACHABLE();
|
||||
}
|
||||
|
||||
name = dns_fixedname_initname(&fname);
|
||||
(void)dns_name_downcase(owner, name, NULL);
|
||||
|
||||
memset(buffer, 0, DNS_DS_BUFFERSIZE);
|
||||
isc_buffer_init(&b, buffer, DNS_DS_BUFFERSIZE);
|
||||
|
||||
md = isc_md_new();
|
||||
if (md == NULL) {
|
||||
return (ISC_R_NOMEMORY);
|
||||
}
|
||||
|
||||
ret = isc_md_init(md, md_type);
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ ISC_LANG_BEGINDECLS
|
|||
|
||||
isc_result_t
|
||||
dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
|
||||
unsigned int digest_type, unsigned char *buffer,
|
||||
dns_dsdigest_t digest_type, unsigned char *buffer,
|
||||
dns_rdata_t *rdata);
|
||||
/*%<
|
||||
* Build the rdata of a DS record.
|
||||
|
|
|
|||
|
|
@ -19,8 +19,8 @@ typedef struct dns_rdata_ds {
|
|||
dns_rdatacommon_t common;
|
||||
isc_mem_t *mctx;
|
||||
uint16_t key_tag;
|
||||
uint8_t algorithm;
|
||||
uint8_t digest_type;
|
||||
dns_secalg_t algorithm;
|
||||
dns_dsdigest_t digest_type;
|
||||
uint16_t length;
|
||||
unsigned char *digest;
|
||||
} dns_rdata_ds_t;
|
||||
|
|
|
|||
|
|
@ -20,8 +20,8 @@ typedef struct dns_rdata_key {
|
|||
dns_rdatacommon_t common;
|
||||
isc_mem_t * mctx;
|
||||
uint16_t flags;
|
||||
uint8_t protocol;
|
||||
uint8_t algorithm;
|
||||
dns_secproto_t protocol;
|
||||
dns_secalg_t algorithm;
|
||||
uint16_t datalen;
|
||||
unsigned char * data;
|
||||
} dns_rdata_key_t;
|
||||
|
|
|
|||
|
|
@ -20,8 +20,8 @@ typedef struct dns_rdata_keydata {
|
|||
uint32_t addhd; /* Hold-down timer for adding */
|
||||
uint32_t removehd; /* Hold-down timer for removing */
|
||||
uint16_t flags; /* Copy of DNSKEY_48 */
|
||||
uint8_t protocol;
|
||||
uint8_t algorithm;
|
||||
dns_secproto_t protocol;
|
||||
dns_secalg_t algorithm;
|
||||
uint16_t datalen;
|
||||
unsigned char * data;
|
||||
} dns_rdata_keydata_t;
|
||||
|
|
|
|||
|
|
@ -1758,7 +1758,7 @@ checkkey(dns_validator_t *val, dns_rdata_t *keyrdata, uint16_t keyid,
|
|||
*/
|
||||
static isc_result_t
|
||||
keyfromds(dns_validator_t *val, dns_rdataset_t *rdataset, dns_rdata_t *dsrdata,
|
||||
uint8_t digest, uint16_t keyid, dns_secalg_t algorithm,
|
||||
dns_dsdigest_t digest, uint16_t keyid, dns_secalg_t algorithm,
|
||||
dns_rdata_t *keyrdata)
|
||||
{
|
||||
dns_keytag_t keytag;
|
||||
|
|
|
|||
Loading…
Reference in a new issue