3089. [func] dnssec-dsfromkey now supports reading keys from

                        standard input "dnssec-dsfromkey -f -". [RT# 20662]

diff --git a/CHANGES b/CHANGES
index 9e0b6ac455eae374752ec63eaf9add107d73b0d0..dede53300964ca3c7da0ccf537e7d537ed857698 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+3089.  [func]          dnssec-dsfromkey now supports reading keys from
+                       standard input "dnssec-dsfromkey -f -". [RT# 20662]
+
 3088.  [bug]           Remove bin/tests/system/logfileconfig/ns1/named.conf
                        and add setup.sh in order to resolve changing
                        named.conf issue.  [RT #23687]

diff --git a/bin/dnssec/dnssec-dsfromkey.c b/bin/dnssec/dnssec-dsfromkey.c
index d21052a340d5793ff4b8566c1bebcada10dc6f5f..5ff00b525664e31979bee1f6bd4f25cb1d670651 100644 (file)
--- a/bin/dnssec/dnssec-dsfromkey.c
+++ b/bin/dnssec/dnssec-dsfromkey.c
@@ -14,7 +14,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: dnssec-dsfromkey.c,v 1.19 2010/12/23 04:07:59 marka Exp $ */
+/* $Id: dnssec-dsfromkey.c,v 1.20 2011/03/24 02:10:23 marka Exp $ */
 
 /*! \file */
 
@@ -31,12 +31,13 @@
 #include <isc/string.h>
 #include <isc/util.h>
 
+#include <dns/callbacks.h>
 #include <dns/db.h>
 #include <dns/dbiterator.h>
 #include <dns/ds.h>
 #include <dns/fixedname.h>
-#include <dns/log.h>
 #include <dns/keyvalues.h>
+#include <dns/log.h>
 #include <dns/master.h>
 #include <dns/name.h>
 #include <dns/rdata.h>
@@ -76,8 +77,28 @@ initname(char *setname) {
        return (result);
 }
 
+static void
+db_load_from_stream(dns_db_t *db, FILE *fp) {
+       isc_result_t result;
+       dns_rdatacallbacks_t callbacks;
+
+       dns_rdatacallbacks_init(&callbacks);
+       result = dns_db_beginload(db, &callbacks.add, &callbacks.add_private);
+       if (result != ISC_R_SUCCESS)
+               fatal("dns_db_beginload failed: %s", isc_result_totext(result));
+
+       result = dns_master_loadstream(fp, name, name, rdclass, 0,
+                                      &callbacks, mctx);
+       if (result != ISC_R_SUCCESS)
+               fatal("can't load from input: %s", isc_result_totext(result));
+       
+       result = dns_db_endload(db, &callbacks.add_private);
+       if (result != ISC_R_SUCCESS)
+               fatal("dns_db_endload failed: %s", isc_result_totext(result));
+}
+
 static isc_result_t
-loadsetfromfile(char *filename, dns_rdataset_t *rdataset) {
+loadset(const char *filename, dns_rdataset_t *rdataset) {
        isc_result_t     result;
        dns_db_t         *db = NULL;
        dns_dbnode_t     *node = NULL;
@@ -90,9 +111,15 @@ loadsetfromfile(char *filename, dns_rdataset_t *rdataset) {
        if (result != ISC_R_SUCCESS)
                fatal("can't create database");
 
-       result = dns_db_load(db, filename);
-       if (result != ISC_R_SUCCESS && result != DNS_R_SEENINCLUDE)
-               fatal("can't load %s: %s", filename, isc_result_totext(result));
+       if (strcmp(filename, "-") == 0) {
+               db_load_from_stream(db, stdin);
+               filename = "input";
+       } else {
+               result = dns_db_load(db, filename);
+               if (result != ISC_R_SUCCESS && result != DNS_R_SEENINCLUDE)
+                       fatal("can't load %s: %s", filename,
+                             isc_result_totext(result));
+       }
 
        result = dns_db_findnode(db, name, ISC_FALSE, &node);
        if (result != ISC_R_SUCCESS)
@@ -141,7 +168,7 @@ loadkeyset(char *dirname, dns_rdataset_t *rdataset) {
                return (ISC_R_NOSPACE);
        isc_buffer_putuint8(&buf, 0);
 
-       return (loadsetfromfile(filename, rdataset));
+       return (loadset(filename, rdataset));
 }
 
 static void
@@ -466,7 +493,7 @@ main(int argc, char **argv) {
                if (usekeyset)
                        result = loadkeyset(dir, &rdataset);
                else
-                       result = loadsetfromfile(filename, &rdataset);
+                       result = loadset(filename, &rdataset);
 
                if (result != ISC_R_SUCCESS)
                        fatal("could not load DNSKEY set: %s\n",

diff --git a/bin/dnssec/dnssec-dsfromkey.docbook b/bin/dnssec/dnssec-dsfromkey.docbook
index d139ba5ec7c8ec4173a764e51902f7982f9c4967..3a4a050155b53bfb6cd347a21171d8a3e2c0cafb 100644 (file)
--- a/bin/dnssec/dnssec-dsfromkey.docbook
+++ b/bin/dnssec/dnssec-dsfromkey.docbook
@@ -17,7 +17,7 @@
  - PERFORMANCE OF THIS SOFTWARE.
 -->
 
-<!-- $Id: dnssec-dsfromkey.docbook,v 1.12 2010/12/23 23:47:08 tbox Exp $ -->
+<!-- $Id: dnssec-dsfromkey.docbook,v 1.13 2011/03/24 02:10:23 marka Exp $ -->
 <refentry id="man.dnssec-dsfromkey">
   <refentryinfo>
     <date>August 26, 2009</date>
@@ -132,6 +132,15 @@
             from <option>file</option>.  If the zone name is the same as
             <option>file</option>, then it may be omitted.
           </para>
+          </para>
+            If <option>file</option> is set to <literal>"-"</literal>, then
+            the zone data is read from the standard input.  This makes it
+            possible to use the output of the <command>dig</command>
+            command as input, as in:
+          </para>
+          </para>
+            <userinput>dig dnskey example.com | dnssec-dsfromkey -f - example.com</userinput>
+          </para>
         </listitem>
       </varlistentry>
 

diff --git a/bin/tests/system/dnssec/tests.sh b/bin/tests/system/dnssec/tests.sh
index b9b8c10b610dbe3f3986ddc401d3305ffd590a39..4adf74fb379ce63efc9139e422efb942beca8e90 100644 (file)
--- a/bin/tests/system/dnssec/tests.sh
+++ b/bin/tests/system/dnssec/tests.sh
@@ -15,7 +15,7 @@
 # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 # PERFORMANCE OF THIS SOFTWARE.
 
-# $Id: tests.sh,v 1.87 2011/03/22 00:41:53 marka Exp $
+# $Id: tests.sh,v 1.88 2011/03/24 02:10:23 marka Exp $
 
 SYSTEMTESTTOP=..
 . $SYSTEMTESTTOP/conf.sh
@@ -1315,5 +1315,14 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
+echo "I:check dnssec-dsfromkey from stdin($n)"
+ret=0
+$DIG $DIGOPTS dnskey algroll. @10.53.0.2 | \
+        $DSFROMKEY -f - algroll. > dig.out.ns2.test$n || ret=1
+diff -b dig.out.ns2.test$n ns1/dsset-algroll. > /dev/null 2>&1 || ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
 echo "I:exit status: $status"
 exit $status