Move generate_salt function to lib/dns/nsec3

author Matthijs Mekking <matthijs@isc.org>

Fri, 23 Oct 2020 12:56:04 +0000 (14:56 +0200)

committer Matthijs Mekking <matthijs@isc.org>

Thu, 26 Nov 2020 09:43:27 +0000 (10:43 +0100)
author Matthijs Mekking <matthijs@isc.org>
Fri, 23 Oct 2020 12:56:04 +0000 (14:56 +0200)
committer Matthijs Mekking <matthijs@isc.org>
Thu, 26 Nov 2020 09:43:27 +0000 (10:43 +0100)
diff --git a/bin/named/server.c b/bin/named/server.c

index 7964cd20fa5ae977bbf5bbc644a44e1a82a4e01f..e580bc8a21fd019090e7fbb429e32d0c5a45a6cb 100644 (file)
--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -14408,34 +14408,6 @@ newzone_cfgctx_destroy(void **cfgp) {
         *cfgp = NULL;
  }
  
-static isc_result_t
-generate_salt(unsigned char *salt, size_t saltlen) {
-       unsigned char text[512 + 1];
-       isc_region_t r;
-       isc_buffer_t buf;
-       isc_result_t result;
-
-       if (saltlen > 256U) {
-               return (ISC_R_RANGE);
-       }
-
-       isc_nonce_buf(salt, saltlen);
-
-       r.base = salt;
-       r.length = (unsigned int)saltlen;
-
-       isc_buffer_init(&buf, text, sizeof(text));
-       result = isc_hex_totext(&r, 2, "", &buf);
-       RUNTIME_CHECK(result == ISC_R_SUCCESS);
-       text[saltlen * 2] = 0;
-
-       isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL,
-                     NAMED_LOGMODULE_SERVER, ISC_LOG_INFO,
-                     "generated salt: %s", text);
-
-       return (ISC_R_SUCCESS);
-}
-
  isc_result_t
  named_server_signing(named_server_t *server, isc_lex_t *lex,
                      isc_buffer_t **text) {
@@ -14508,7 +14480,6 @@ named_server_signing(named_server_t *server, isc_lex_t *lex,
                                 return (ISC_R_UNEXPECTEDEND);
                         }
                         strlcpy(iterbuf, ptr, sizeof(iterbuf));
-
                         n = snprintf(nbuf, sizeof(nbuf), "%s %s %s", hashbuf,
                                      flagbuf, iterbuf);
                         if (n == sizeof(nbuf)) {
@@ -14534,7 +14505,7 @@ named_server_signing(named_server_t *server, isc_lex_t *lex,
                                  * configurable.
                                  */
                                 saltlen = 8;
-                               CHECK(generate_salt(salt, saltlen));
+                               CHECK(dns_nsec3_generate_salt(salt, saltlen));
                         } else if (strcmp(ptr, "-") != 0) {
                                 isc_buffer_t buf;
  
diff --git a/lib/dns/include/dns/nsec3.h b/lib/dns/include/dns/nsec3.h

index 70aacb15bfb1a1e5798f911fe59e41e605b34ffb..a2f22e0fc8836e9e0c1e9649f223baf84cf6cfcb 100644 (file)
--- a/lib/dns/include/dns/nsec3.h
+++ b/lib/dns/include/dns/nsec3.h
@@ -72,6 +72,12 @@ dns_nsec3_typepresent(dns_rdata_t *nsec, dns_rdatatype_t type);
   *     'nsec' points to a valid rdataset of type NSEC3
   */
  
+isc_result_t
+dns_nsec3_generate_salt(unsigned char *salt, size_t saltlen);
+/*%
+ * Generate a salt with the given salt length.
+ */
+
  isc_result_t
  dns_nsec3_hashname(dns_fixedname_t *result,
                    unsigned char    rethash[NSEC3_MAX_HASH_LENGTH],
diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c

index 9ab770b240eb5825a36f5c0a8e3f177dc2d5d3d6..3feda0ec4e4a5845a39eae45fed0f38ec36e0495 100644 (file)
--- a/lib/dns/nsec3.c
+++ b/lib/dns/nsec3.c
@@ -16,8 +16,8 @@
  #include <isc/buffer.h>
  #include <isc/hex.h>
  #include <isc/iterated_hash.h>
-#include <isc/log.h>
  #include <isc/md.h>
+#include <isc/nonce.h>
  #include <isc/safe.h>
  #include <isc/string.h>
  #include <isc/util.h>
@@ -27,6 +27,7 @@
  #include <dns/dbiterator.h>
  #include <dns/diff.h>
  #include <dns/fixedname.h>
+#include <dns/log.h>
  #include <dns/nsec.h>
  #include <dns/nsec3.h>
  #include <dns/rdata.h>
@@ -226,6 +227,33 @@ dns_nsec3_typepresent(dns_rdata_t *rdata, dns_rdatatype_t type) {
         return (present);
  }
  
+isc_result_t
+dns_nsec3_generate_salt(unsigned char *salt, size_t saltlen) {
+       unsigned char text[255 * 2 + 1];
+       isc_region_t r;
+       isc_buffer_t buf;
+       isc_result_t result;
+
+       if (saltlen > 255U) {
+               return (ISC_R_RANGE);
+       }
+
+       isc_nonce_buf(salt, saltlen);
+
+       r.base = salt;
+       r.length = (unsigned int)saltlen;
+
+       isc_buffer_init(&buf, text, sizeof(text));
+       result = isc_hex_totext(&r, 2, "", &buf);
+       RUNTIME_CHECK(result == ISC_R_SUCCESS);
+       text[saltlen * 2] = 0;
+
+       isc_log_write(dns_lctx, DNS_LOGCATEGORY_DNSSEC, DNS_LOGMODULE_DNSSEC,
+                     ISC_LOG_INFO, "generated salt: %s", text);
+
+       return (ISC_R_SUCCESS);
+}
+
  isc_result_t
  dns_nsec3_hashname(dns_fixedname_t *result,
                    unsigned char rethash[NSEC3_MAX_HASH_LENGTH],
diff --git a/lib/dns/win32/libdns.def.in b/lib/dns/win32/libdns.def.in

index b9de1fee66f7564d9ef2e38ed307afb6c4f3a4b3..dbd2a020d934320c8a0bffa8783bbc052fb2101e 100644 (file)
--- a/lib/dns/win32/libdns.def.in
+++ b/lib/dns/win32/libdns.def.in
@@ -645,6 +645,7 @@ dns_nsec3_buildrdata
  dns_nsec3_delnsec3
  dns_nsec3_delnsec3s
  dns_nsec3_delnsec3sx
+dns_nsec3_generate_salt
  dns_nsec3_hashlength
  dns_nsec3_hashname
  dns_nsec3_maxiterations
author	Matthijs Mekking <matthijs@isc.org>
	Fri, 23 Oct 2020 12:56:04 +0000 (14:56 +0200)
committer	Matthijs Mekking <matthijs@isc.org>
	Thu, 26 Nov 2020 09:43:27 +0000 (10:43 +0100)
bin/named/server.c		patch \| blob \| blame \| history
lib/dns/include/dns/nsec3.h		patch \| blob \| blame \| history
lib/dns/nsec3.c		patch \| blob \| blame \| history
lib/dns/win32/libdns.def.in		patch \| blob \| blame \| history