key_fromconfig(const cfg_obj_t *key, dns_client_t *client) {
dns_rdata_dnskey_t dnskey;
dns_rdata_ds_t ds;
- uint32_t n1, n2, n3;
+ uint32_t rdata1, rdata2, rdata3;
const char *datastr = NULL, *keynamestr = NULL, *atstr = NULL;
unsigned char data[4096];
isc_buffer_t databuf;
delv_log(ISC_LOG_DEBUG(3), "adding trust anchor %s", trust_anchor);
/* if DNSKEY, flags; if DS, key tag */
- n1 = cfg_obj_asuint32(cfg_tuple_get(key, "n1"));
+ rdata1 = cfg_obj_asuint32(cfg_tuple_get(key, "rdata1"));
/* if DNSKEY, protocol; if DS, algorithm */
- n2 = cfg_obj_asuint32(cfg_tuple_get(key, "n2"));
+ rdata2 = cfg_obj_asuint32(cfg_tuple_get(key, "rdata2"));
/* if DNSKEY, algorithm; if DS, digest type */
- n3 = cfg_obj_asuint32(cfg_tuple_get(key, "n3"));
+ rdata3 = cfg_obj_asuint32(cfg_tuple_get(key, "rdata3"));
/* What type of trust anchor is this? */
atstr = cfg_obj_asstring(cfg_tuple_get(key, "anchortype"));
isc_buffer_init(&databuf, data, sizeof(data));
isc_buffer_init(&rrdatabuf, rrdata, sizeof(rrdata));
- if (n1 > 0xffff) {
+ if (rdata1 > 0xffff) {
CHECK(ISC_R_RANGE);
}
- if (n2 > 0xff) {
+ if (rdata2 > 0xff) {
CHECK(ISC_R_RANGE);
}
- if (n3 > 0xff) {
+ if (rdata3 > 0xff) {
CHECK(ISC_R_RANGE);
}
ISC_LINK_INIT(&dnskey.common, link);
- dnskey.flags = (uint16_t)n1;
- dnskey.protocol = (uint8_t)n2;
- dnskey.algorithm = (uint8_t)n3;
+ dnskey.flags = (uint16_t)rdata1;
+ dnskey.protocol = (uint8_t)rdata2;
+ dnskey.algorithm = (uint8_t)rdata3;
datastr = cfg_obj_asstring(cfg_tuple_get(key, "data"));
CHECK(isc_base64_decodestring(datastr, &databuf));
ISC_LINK_INIT(&ds.common, link);
- ds.key_tag = (uint16_t)n1;
- ds.algorithm = (uint8_t)n2;
- ds.digest_type = (uint8_t)n3;
+ ds.key_tag = (uint16_t)rdata1;
+ ds.algorithm = (uint8_t)rdata2;
+ ds.digest_type = (uint8_t)rdata3;
datastr = cfg_obj_asstring(cfg_tuple_get(key, "data"));
CHECK(isc_hex_decodestring(datastr, &databuf));
{
dns_rdata_dnskey_t keystruct;
dns_rdata_ds_t *ds = NULL;
- uint32_t n1, n2, n3;
+ uint32_t rdata1, rdata2, rdata3;
const char *datastr = NULL, *namestr = NULL;
unsigned char data[4096];
isc_buffer_t databuf;
REQUIRE(namestrp != NULL && *namestrp == NULL);
/* if DNSKEY, flags; if DS, key tag */
- n1 = cfg_obj_asuint32(cfg_tuple_get(key, "n1"));
+ rdata1 = cfg_obj_asuint32(cfg_tuple_get(key, "rdata1"));
/* if DNSKEY, protocol; if DS, algorithm */
- n2 = cfg_obj_asuint32(cfg_tuple_get(key, "n2"));
+ rdata2 = cfg_obj_asuint32(cfg_tuple_get(key, "rdata2"));
/* if DNSKEY, algorithm; if DS, digest type */
- n3 = cfg_obj_asuint32(cfg_tuple_get(key, "n3"));
+ rdata3 = cfg_obj_asuint32(cfg_tuple_get(key, "rdata3"));
namestr = cfg_obj_asstring(cfg_tuple_get(key, "name"));
*namestrp = namestr;
ISC_LINK_INIT(&keystruct.common, link);
- if (n1 > 0xffff) {
+ if (rdata1 > 0xffff) {
CHECKM(ISC_R_RANGE, "key flags");
}
- if (n1 & DNS_KEYFLAG_REVOKE) {
+ if (rdata1 & DNS_KEYFLAG_REVOKE) {
CHECKM(DST_R_BADKEYTYPE, "key flags revoke bit set");
}
- if (n2 > 0xff) {
+ if (rdata2 > 0xff) {
CHECKM(ISC_R_RANGE, "key protocol");
}
- if (n3> 0xff) {
+ if (rdata3> 0xff) {
CHECKM(ISC_R_RANGE, "key algorithm");
}
- keystruct.flags = (uint16_t)n1;
- keystruct.protocol = (uint8_t)n2;
- keystruct.algorithm = (uint8_t)n3;
+ keystruct.flags = (uint16_t)rdata1;
+ keystruct.protocol = (uint8_t)rdata2;
+ keystruct.algorithm = (uint8_t)rdata3;
datastr = cfg_obj_asstring(cfg_tuple_get(key, "data"));
CHECK(isc_base64_decodestring(datastr, &databuf));
ISC_LINK_INIT(&ds->common, link);
- if (n1 > 0xffff) {
+ if (rdata1 > 0xffff) {
CHECKM(ISC_R_RANGE, "key tag");
}
- if (n2 > 0xff) {
+ if (rdata2 > 0xff) {
CHECKM(ISC_R_RANGE, "key algorithm");
}
- if (n3 > 0xff) {
+ if (rdata3 > 0xff) {
CHECKM(ISC_R_RANGE, "digest type");
}
- ds->key_tag = (uint16_t)n1;
- ds->algorithm = (uint8_t)n2;
- ds->digest_type = (uint8_t)n3;
+ ds->key_tag = (uint16_t)rdata1;
+ ds->algorithm = (uint8_t)rdata2;
+ ds->digest_type = (uint8_t)rdata3;
datastr = cfg_obj_asstring(cfg_tuple_get(key, "data"));
CHECK(isc_hex_decodestring(datastr, &databuf));
CHECK(ISC_R_UNEXPECTEDEND);
}
break;
+ default:
+ cfg_obj_log(key, named_g_lctx, ISC_LOG_ERROR,
+ "key '%s': "
+ "unknown ds digest type %u",
+ namestr, ds->digest_type);
+ result = ISC_R_FAILURE;
+ goto cleanup;
+ break;
}
ds->mctx = mctx;
isc_region_t r;
isc_result_t result = ISC_R_SUCCESS;
isc_result_t tresult;
- uint32_t n1, n2, n3;
+ uint32_t rdata1, rdata2, rdata3;
unsigned char data[4096];
const char *atstr = NULL;
enum {
};
/* if DNSKEY, flags; if DS, key tag */
- n1 = cfg_obj_asuint32(cfg_tuple_get(key, "n1"));
+ rdata1 = cfg_obj_asuint32(cfg_tuple_get(key, "rdata1"));
/* if DNSKEY, protocol; if DS, algorithm */
- n2 = cfg_obj_asuint32(cfg_tuple_get(key, "n2"));
+ rdata2 = cfg_obj_asuint32(cfg_tuple_get(key, "rdata2"));
/* if DNSKEY, algorithm; if DS, digest type */
- n3 = cfg_obj_asuint32(cfg_tuple_get(key, "n3"));
+ rdata3 = cfg_obj_asuint32(cfg_tuple_get(key, "rdata3"));
namestr = cfg_obj_asstring(cfg_tuple_get(key, "name"));
case INIT_DNSKEY:
case STATIC_DNSKEY:
case TRUSTED:
- if (n1 > 0xffff) {
+ if (rdata1 > 0xffff) {
cfg_obj_log(key, logctx, ISC_LOG_ERROR,
- "flags too big: %u", n1);
+ "flags too big: %u", rdata1);
result = ISC_R_RANGE;
}
- if (n1 & DNS_KEYFLAG_REVOKE) {
+ if (rdata1 & DNS_KEYFLAG_REVOKE) {
cfg_obj_log(key, logctx, ISC_LOG_WARNING,
"key flags revoke bit set");
}
- if (n2 > 0xff) {
+ if (rdata2 > 0xff) {
cfg_obj_log(key, logctx, ISC_LOG_ERROR,
- "protocol too big: %u", n2);
+ "protocol too big: %u", rdata2);
result = ISC_R_RANGE;
}
- if (n3 > 0xff) {
+ if (rdata3 > 0xff) {
cfg_obj_log(key, logctx, ISC_LOG_ERROR,
- "algorithm too big: %u\n", n3);
+ "algorithm too big: %u\n", rdata3);
result = ISC_R_RANGE;
}
} else {
isc_buffer_usedregion(&b, &r);
- if ((n3 == DST_ALG_RSASHA1) &&
+ if ((rdata3 == DST_ALG_RSASHA1) &&
r.length > 1 && r.base[0] == 1 && r.base[1] == 3)
{
cfg_obj_log(key, logctx, ISC_LOG_WARNING,
(managed ? ROOT_KSK_MANAGED : ROOT_KSK_STATIC);
- if (n1 == 257 && n2 == 3 && n3 == 8 &&
+ if (rdata1 == 257 && rdata2 == 3 && rdata3 == 8 &&
(isc_buffer_usedlength(&b) ==
sizeof(root_ksk_2010)) &&
memcmp(data, root_ksk_2010,
*flagsp |= ROOT_KSK_2010;
}
- if (n1 == 257 && n2 == 3 && n3 == 8 &&
+ if (rdata1 == 257 && rdata2 == 3 && rdata3 == 8 &&
(isc_buffer_usedlength(&b) ==
sizeof(root_ksk_2017)) &&
memcmp(data, root_ksk_2017,
case INIT_DS:
case STATIC_DS:
- if (n1 > 0xffff) {
+ if (rdata1 > 0xffff) {
cfg_obj_log(key, logctx, ISC_LOG_ERROR,
- "key tag too big: %u", n1);
+ "key tag too big: %u", rdata1);
result = ISC_R_RANGE;
}
- if (n2 > 0xff) {
+ if (rdata2 > 0xff) {
cfg_obj_log(key, logctx, ISC_LOG_ERROR,
- "algorithm too big: %u\n", n2);
+ "algorithm too big: %u\n", rdata2);
result = ISC_R_RANGE;
}
- if (n3 > 0xff) {
+ if (rdata3 > 0xff) {
cfg_obj_log(key, logctx, ISC_LOG_ERROR,
- "digest type too big: %u", 32);
+ "digest type too big: %u", rdata3);
result = ISC_R_RANGE;
}
*flagsp |=
(managed ? ROOT_KSK_MANAGED : ROOT_KSK_STATIC);
- if (n1 == 20326 && n2 == 8 && n3 == 1 &&
+ if (rdata1 == 20326 && rdata2 == 8 && rdata3 == 1 &&
(isc_buffer_usedlength(&b) ==
sizeof(root_ds_1_2017)) &&
memcmp(data, root_ds_1_2017,
*flagsp |= ROOT_KSK_2017;
}
- if (n1 == 20326 && n2 == 8 && n3 == 2 &&
+ if (rdata1 == 20326 && rdata2 == 8 && rdata3 == 2 &&
(isc_buffer_usedlength(&b) ==
sizeof(root_ds_2_2017)) &&
memcmp(data, root_ds_2_2017,
static cfg_tuplefielddef_t dnsseckey_fields[] = {
{ "name", &cfg_type_astring, 0 },
{ "anchortype", &cfg_type_void, 0 },
- { "n1", &cfg_type_uint32, 0 },
- { "n2", &cfg_type_uint32, 0 },
- { "n3", &cfg_type_uint32, 0 },
+ { "rdata1", &cfg_type_uint32, 0 },
+ { "rdata2", &cfg_type_uint32, 0 },
+ { "rdata3", &cfg_type_uint32, 0 },
{ "data", &cfg_type_qstring, 0 },
{ NULL, NULL, 0 }
};
static cfg_tuplefielddef_t managedkey_fields[] = {
{ "name", &cfg_type_astring, 0 },
{ "anchortype", &cfg_type_anchortype, 0 },
- { "n1", &cfg_type_uint32, 0 },
- { "n2", &cfg_type_uint32, 0 },
- { "n3", &cfg_type_uint32, 0 },
+ { "rdata1", &cfg_type_uint32, 0 },
+ { "rdata2", &cfg_type_uint32, 0 },
+ { "rdata3", &cfg_type_uint32, 0 },
{ "data", &cfg_type_qstring, 0 },
{ NULL, NULL, 0 }
};
projects / thirdparty / bind9.git / commitdiff
