Make key-directory optional

The key-directory keyword actually does nothing right now but may
be useful in the future if we want to differentiate between key
directories or HSM keys, or if we want to speficy different
directories for different keys or policies.  Make it optional for
the time being.

diff --git a/bin/tests/system/checkconf/good-kasp.conf b/bin/tests/system/checkconf/good-kasp.conf
index 19420f2dfddc7ad7659ac71e279cfc74f182083a..e6be14846658da75cbcdc7ffec4ee0f633e45a49 100644 (file)
--- a/bin/tests/system/checkconf/good-kasp.conf
+++ b/bin/tests/system/checkconf/good-kasp.conf
@@ -18,7 +18,7 @@ dnssec-policy "test" {
        dnskey-ttl 3600;
        keys {
                ksk key-directory lifetime P1Y algorithm 13 256;
-               zsk key-directory lifetime P30D algorithm 13;
+               zsk lifetime P30D algorithm 13;
                csk key-directory lifetime unlimited algorithm 8 2048;
        };
        max-zone-ttl 86400;

diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c
index 0bfb11a25c8dd38f786ab266d9e86c8d3a8150e4..0753819090c1664815c500f34442ae970db0f8d6 100644 (file)
--- a/lib/isccfg/namedconf.c
+++ b/lib/isccfg/namedconf.c
@@ -475,6 +475,25 @@ static cfg_type_t cfg_type_dnsseckey = {
        &cfg_rep_tuple, dnsseckey_fields
 };
 
+/*%
+ * Optional enums.
+ *
+ */
+static isc_result_t
+parse_optional_enum(cfg_parser_t *pctx, const cfg_type_t *type,
+                   cfg_obj_t **ret)
+{
+       return (cfg_parse_enum_or_other(pctx, type, &cfg_type_void, ret));
+}
+
+static void
+doc_optional_enum(cfg_printer_t *pctx, const cfg_type_t *type) {
+       UNUSED(type);
+       cfg_print_cstr(pctx, "[ ");
+       cfg_doc_enum(pctx, type);
+       cfg_print_cstr(pctx, " ]");
+}
+
 /*%
  * A key initialization specifier, as used in the
  * "trust-anchors" (or synonymous "managed-keys") statement.
@@ -514,8 +533,8 @@ static cfg_type_t cfg_type_dnsseckeyrole = {
  */
 static const char *dnsseckeystore_enums[] = { "key-directory", NULL };
 static cfg_type_t cfg_type_dnsseckeystore = {
-       "dnssec-key-storage", cfg_parse_enum, cfg_print_ustring, cfg_doc_enum,
-       &cfg_rep_string, &dnsseckeystore_enums
+       "dnssec-key-storage", parse_optional_enum, cfg_print_ustring,
+       doc_optional_enum, &cfg_rep_string, dnsseckeystore_enums
 };
 
 /*%
@@ -1015,21 +1034,6 @@ static cfg_type_t cfg_type_fetchquota = {
 
 static const char *response_enums[] = { "drop", "fail", NULL };
 
-static isc_result_t
-parse_optional_enum(cfg_parser_t *pctx, const cfg_type_t *type,
-                   cfg_obj_t **ret)
-{
-       return (cfg_parse_enum_or_other(pctx, type, &cfg_type_void, ret));
-}
-
-static void
-doc_optional_enum(cfg_printer_t *pctx, const cfg_type_t *type) {
-       UNUSED(type);
-       cfg_print_cstr(pctx, "[ ");
-       cfg_doc_enum(pctx, type);
-       cfg_print_cstr(pctx, " ]");
-}
-
 static cfg_type_t cfg_type_responsetype = {
        "responsetype", parse_optional_enum, cfg_print_ustring,
        doc_optional_enum, &cfg_rep_string, response_enums