it signs

(no idea wether the sig checks out, but it's a start)

diff --git a/dnssec.c b/dnssec.c
index 79c7ee487ddf51ad147a4d1ff678d6bd0105cf45..8ddfcb40eef9406e99a23bbde4ad447375903214 100644 (file)
--- a/dnssec.c
+++ b/dnssec.c
@@ -22,7 +22,7 @@
 #include <openssl/hmac.h>
 
 uint16_t
-ldns_keytag(ldns_rr *key)
+ldns_calc_keytag(ldns_rr *key)
 {
        unsigned int i;
        uint32_t ac;
@@ -630,7 +630,7 @@ ldns_key_rr2ds(const ldns_rr *key)
         }
 
         /* keytag */
-        keytag = htons(ldns_keytag((ldns_rr*)key));
+        keytag = htons(ldns_calc_keytag((ldns_rr*)key));
         tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT16, sizeof(uint16_t), &keytag);
         ldns_rr_push_rdf(ds, tmp);
 
@@ -709,9 +709,7 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys)
 
                current_key = ldns_key_list_key(keys, key_count);
                current_sig = ldns_rr_new_frm_type(LDNS_RR_TYPE_RRSIG);
-               printf("printing it\n");
-               ldns_rr_print(stdout, current_sig);
-               printf("\n");
+               
                /* set the type on the new signature */
                orig_ttl = ldns_key_ttl(current_key);
 
@@ -721,37 +719,40 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys)
                                        ldns_rr_list_rr(rrset_clone, i), orig_ttl);
                }
 
+               ldns_rr_set_owner(current_sig, 
+                               ldns_rr_owner(ldns_rr_list_rr(rrset_clone, 0)));
+
                /* fill in what we now of the signature */
                /* set the orig_ttl */
-               ldns_rr_rrsig_set_origttl(current_sig, ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, orig_ttl));
+               (void)ldns_rr_rrsig_set_origttl(current_sig, ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, orig_ttl));
                /* the signers name */
-               ldns_rr_rrsig_set_signame(current_sig, 
+               (void)ldns_rr_rrsig_set_signame(current_sig, 
                                ldns_key_pubkey_owner(current_key));
                /* label count - get it from the first rr in the rr_list */
-               ldns_rr_rrsig_set_labels(current_sig, 
+               (void)ldns_rr_rrsig_set_labels(current_sig, 
                                ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, ldns_rr_label_count(
                                                ldns_rr_list_rr(rrset_clone, 0))));
                /* inception, expiration */
-               ldns_rr_rrsig_set_inception(current_sig,
+               (void)ldns_rr_rrsig_set_inception(current_sig,
                                ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, ldns_key_inception(current_key)));
-               ldns_rr_rrsig_set_expiration(current_sig,
+               (void)ldns_rr_rrsig_set_expiration(current_sig,
                                ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, ldns_key_expiration(current_key)));
                /* key-tag */
-               ldns_rr_rrsig_set_keytag(current_sig,
+               (void)ldns_rr_rrsig_set_keytag(current_sig,
                                ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16, ldns_key_keytag(current_key)));
 
                /* algorithm - check the key and substitute that */
-               ldns_rr_rrsig_set_algorithm(current_sig,
+               (void)ldns_rr_rrsig_set_algorithm(current_sig,
                                ldns_native2rdf_int8(LDNS_RDF_TYPE_ALG, ldns_key_algorithm(current_key)));
-               
                /* type-covered */
-               ldns_rr_rrsig_set_typecovered(current_sig,
+               (void)ldns_rr_rrsig_set_typecovered(current_sig,
                                ldns_native2rdf_int16(LDNS_RDF_TYPE_TYPE,
                                        ldns_rr_get_type(ldns_rr_list_rr(rrset_clone, 0))));
 
                /* right now, we have: a key, a semi-sig and an rrset. For
                 * which we can create the sig and base64 encode that and
                 * add that to the signature */
+               
                if (ldns_rrsig2buffer_wire(sign_buf, current_sig) != LDNS_STATUS_OK) {
                        ldns_buffer_free(sign_buf);
                        printf("couldn't convert to buffer 1\n");
@@ -764,8 +765,6 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys)
                        ldns_buffer_free(sign_buf);
                        return NULL;
                }
-               ldns_rr_print(stdout, current_sig);
-               printf("\n");
                
                switch(ldns_key_algorithm(current_key)) {
                        case LDNS_SIGN_DSA:
@@ -786,20 +785,12 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys)
                        printf("couldn't sign!\n");
                        return NULL;
                }
-               ldns_rr_print(stdout, current_sig);
-               printf("\n");
                ldns_rr_rrsig_set_sig(current_sig, b64rdf);
 
                /* push the signature to the signatures list */
                ldns_rr_list_push_rr(signatures, current_sig);
 
-               ldns_rr_print(stdout, current_sig);
-               printf("\n");
-
-               printf("mag ik dit niet free-en?!\n");
-#if 0
                ldns_buffer_free(sign_buf); /* restart for the next key */
-#endif
         }
        return signatures;
 }
@@ -830,8 +821,7 @@ ldns_sign_public_dsa(ldns_buffer *to_sign, DSA *key)
        
        sigdata_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, siglen, 
                        ldns_buffer_begin(b64sig));
-       /* FREE(sha1_hash); - don't free -> invalid pointer, huh? Memleak?
-        */
+       /* FREE(sha1_hash); - don't free -> invalid pointer */
        ldns_buffer_free(b64sig);
        return sigdata_rdf;
 }
@@ -862,8 +852,6 @@ ldns_sign_public_rsasha1(ldns_buffer *to_sign, RSA *key)
        sigdata_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, siglen, 
                        ldns_buffer_begin(b64sig));
        ldns_buffer_free(b64sig);
-       ldns_rdf_print(stdout, sigdata_rdf);
-       printf("dat was een rdf\n");
        return sigdata_rdf;
 }
 

diff --git a/keys.c b/keys.c
index ae5cedf046f8ee45a75644a02198bcd3b91ac94d..f03d8e8741afb23bfd697fc14254196f155ac9d8 100644 (file)
--- a/keys.c
+++ b/keys.c
@@ -394,3 +394,8 @@ ldns_key2rr(ldns_key *k)
        return pubkey;
 }
 
+uint16_t
+ldns_key_calc_keytag(ldns_key *k)
+{
+       return 0;
+}

diff --git a/ldns/dnssec.h b/ldns/dnssec.h
index 0dbac790fd5e9ad00249b0740f00e66e52f91316..e582f1a188916b208064be721dc315babad6cdf7 100644 (file)
--- a/ldns/dnssec.h
+++ b/ldns/dnssec.h
@@ -41,7 +41,7 @@ typedef enum ldns_enum_algorithm ldns_algorithm;
  * \param[in] key the key to use for the calc.
  * \return the keytag
  */
-uint16_t ldns_keytag(ldns_rr *key);
+uint16_t ldns_calc_keytag(ldns_rr *key);
 
 /**
  * verify an rrsig rrset

diff --git a/ldns/keys.h b/ldns/keys.h
index 957874b6e0caf1f98e7f1e04639245cbb91f6b70..f6b49c89371697acc11f8d7464244c651872ea96 100644 (file)
--- a/ldns/keys.h
+++ b/ldns/keys.h
@@ -97,5 +97,6 @@ ldns_key * ldns_key_list_pop_key(ldns_key_list *key_list);
 ldns_key * ldns_key_new_frm_algorithm(ldns_signing_algorithm a, uint16_t size);
 
 ldns_rr * ldns_key2rr(ldns_key *k);
+uint16_t ldns_key_calc_keytag(ldns_key *k);
 
 #endif /* _LDNS_KEYS_H */

diff --git a/rr.c b/rr.c
index 64dfb18640f23c27d74bd0802ecc179aeee2fceb..6bf9924f9578c47da53056cb3226812479a01db2 100644 (file)
--- a/rr.c
+++ b/rr.c
@@ -60,16 +60,15 @@ ldns_rr_new_frm_type(ldns_rr_type t)
        
        desc = ldns_rr_descript(t);
 
-       printf("min %d\n",
-                       (int) ldns_rr_descriptor_minimum(desc));
-       
        rr->_rdata_fields = XMALLOC(ldns_rdf *, 
                        ldns_rr_descriptor_minimum(desc) - 1);
        for (i = 0; i < ldns_rr_descriptor_minimum(desc); i++) {
                rr->_rdata_fields[i] = NULL;
        }
        
-       ldns_rr_set_rd_count(rr, 0);
+       /* set the count to minimum */
+       ldns_rr_set_rd_count(rr, 
+                       ldns_rr_descriptor_minimum(desc));
        ldns_rr_set_class(rr, LDNS_RR_CLASS_IN);
        ldns_rr_set_ttl(rr, LDNS_DEFTTL);
        ldns_rr_set_type(rr, t);

diff --git a/rr_functions.c b/rr_functions.c
index 78bc317099a23e1eee99e7f1b6929e8309f931a7..89ad412269d4bd8881425ac27857f5f8fcf9c8f9 100644 (file)
--- a/rr_functions.c
+++ b/rr_functions.c
@@ -44,7 +44,7 @@ ldns_rr_set_function(ldns_rr_type type, ldns_rr *rr, ldns_rdf *rdf, size_t pos)
                FREE(pop);
                 return true;
         } else {
-                return false;
+                return true;
         }
 }
 

diff --git a/run-test18.c b/run-test18.c
index 17afc63e813a5d17e644a9cbabf812799aab335c..184a3d5f356e97415e84bf62a37746e8fffe26e5 100644 (file)
--- a/run-test18.c
+++ b/run-test18.c
@@ -53,8 +53,6 @@ main(int argc, char *argv[])
        signatures = ldns_sign_public(rrs, keys);
 
        ldns_rr_list_print(stdout, signatures);
-       printf("\n");
 
-       
         return 0;
 }