]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
projects / thirdparty / bind9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ae03a5c)
Move find_zone_keys() to lib/dns/zone_p.h
authorMichał Kępień <michal@isc.org>
Tue, 13 Mar 2018 13:06:10 +0000 (14:06 +0100)
committerEvan Hunt <each@isc.org>
Thu, 10 May 2018 16:32:21 +0000 (09:32 -0700)
Rename find_zone_keys() to dns__zone_findkeys() and move it to
lib/dns/zone_p.h, so that it can be used in unit tests.  Add a comment
describing the purpose of this function.

(cherry picked from commit d7143986b1c43884d89383ef7a2e1127e8324d33)
(cherry picked from commit fc0e99c7d7c20b1e270ab868da1a00198f39835b)
(cherry picked from commit a6be59ce082597b138fe782462a9d010bc7dd232)

lib/dns/win32/libdns.def.in patch | blob | blame | history
lib/dns/zone.c patch | blob | blame | history
lib/dns/zone_p.h patch | blob | blame | history

diff --git a/lib/dns/win32/libdns.def.in b/lib/dns/win32/libdns.def.in
index c6b8ff4eb3833c0a9761f893a0e0c7bcd643eada..97167d2e05aac0e0aee473f8a0459c837d539222 100644 (file)
--- a/lib/dns/win32/libdns.def.in
+++ b/lib/dns/win32/libdns.def.in
@@ -6,6 +6,7 @@ EXPORTS
 dns__rbt_getheight
 dns__rbt_checkproperties
 dns__rbtnode_getdistance
+dns__zone_findkeys
 dns__zone_loadpending
 dns__zone_updatesigs
 dns_acache_attach
diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index e9e473dcbea09150edf072da13cab167f309688c..9dcba212ca8c77898229819b1d333253b9452ee1 100644 (file)
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -5913,10 +5913,16 @@ was_dumping(dns_zone_t *zone) {
        return (dumping);
 }
 
-static isc_result_t
-find_zone_keys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,
-              isc_mem_t *mctx, unsigned int maxkeys,
-              dst_key_t **keys, unsigned int *nkeys)
+/*%
+ * Find up to 'maxkeys' DNSSEC keys used for signing version 'ver' of database
+ * 'db' for zone 'zone' in its key directory, then load these keys into 'keys'.
+ * Only load the public part of a given key if it is not active at timestamp
+ * 'now'.  Store the number of keys found in 'nkeys'.
+ */
+isc_result_t
+dns__zone_findkeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,
+                  isc_mem_t *mctx, unsigned int maxkeys,
+                  dst_key_t **keys, unsigned int *nkeys)
 {
        isc_result_t result;
        dns_dbnode_t *node = NULL;
@@ -6374,11 +6380,11 @@ zone_resigninc(dns_zone_t *zone) {
                goto failure;
        }
 
-       result = find_zone_keys(zone, db, version, zone->mctx, DNS_MAXZONEKEYS,
-                               zone_keys, &nkeys);
+       result = dns__zone_findkeys(zone, db, version, zone->mctx,
+                                   DNS_MAXZONEKEYS, zone_keys, &nkeys);
        if (result != ISC_R_SUCCESS) {
                dns_zone_log(zone, ISC_LOG_ERROR,
-                            "zone_resigninc:find_zone_keys -> %s",
+                            "zone_resigninc:dns__zone_findkeys -> %s",
                             dns_result_totext(result));
                goto failure;
        }
@@ -7347,11 +7353,11 @@ zone_nsec3chain(dns_zone_t *zone) {
                goto failure;
        }
 
-       result = find_zone_keys(zone, db, version, zone->mctx,
-                               DNS_MAXZONEKEYS, zone_keys, &nkeys);
+       result = dns__zone_findkeys(zone, db, version, zone->mctx,
+                                   DNS_MAXZONEKEYS, zone_keys, &nkeys);
        if (result != ISC_R_SUCCESS) {
                dns_zone_log(zone, ISC_LOG_ERROR,
-                            "zone_nsec3chain:find_zone_keys -> %s",
+                            "zone_nsec3chain:dns__zone_findkeys -> %s",
                             dns_result_totext(result));
                goto failure;
        }
@@ -8234,11 +8240,11 @@ zone_sign(dns_zone_t *zone) {
                goto failure;
        }
 
-       result = find_zone_keys(zone, db, version, zone->mctx,
-                               DNS_MAXZONEKEYS, zone_keys, &nkeys);
+       result = dns__zone_findkeys(zone, db, version, zone->mctx,
+                                   DNS_MAXZONEKEYS, zone_keys, &nkeys);
        if (result != ISC_R_SUCCESS) {
                dns_zone_log(zone, ISC_LOG_ERROR,
-                            "zone_sign:find_zone_keys -> %s",
+                            "zone_sign:dns__zone_findkeys -> %s",
                             dns_result_totext(result));
                goto failure;
        }
@@ -17308,11 +17314,11 @@ sign_apex(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,
        unsigned int nkeys = 0, i;
        dns_difftuple_t *tuple;
 
-       result = find_zone_keys(zone, db, ver, zone->mctx, DNS_MAXZONEKEYS,
-                               zone_keys, &nkeys);
+       result = dns__zone_findkeys(zone, db, ver, zone->mctx,
+                                   DNS_MAXZONEKEYS, zone_keys, &nkeys);
        if (result != ISC_R_SUCCESS) {
                dns_zone_log(zone, ISC_LOG_ERROR,
-                            "sign_apex:find_zone_keys -> %s",
+                            "sign_apex:dns__zone_findkeys -> %s",
                             dns_result_totext(result));
                return (result);
        }
diff --git a/lib/dns/zone_p.h b/lib/dns/zone_p.h
index b9b0c79c6aa557d46e714d1b197b576f79ad3a5e..e1bb7acc3d936bf2296cd243e5cb171bc9563a75 100644 (file)
--- a/lib/dns/zone_p.h
+++ b/lib/dns/zone_p.h
@@ -26,6 +26,11 @@ typedef struct {
        isc_boolean_t   offline;
 } dns__zonediff_t;
 
+isc_result_t
+dns__zone_findkeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,
+                  isc_mem_t *mctx, unsigned int maxkeys,
+                  dst_key_t **keys, unsigned int *nkeys);
+
 isc_result_t
 dns__zone_updatesigs(dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *version,
                     dst_key_t *zone_keys[], unsigned int nkeys,
Mirror of https://gitlab.isc.org/isc-projects/bind9.git