From: Michał Kępień <michal@isc.org>
Date: Tue, 13 Mar 2018 13:06:10 +0000 (+0100)
Subject: Move find_zone_keys() to lib/dns/zone_p.h
X-Git-Tag: v9.9.13rc1~28^2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=781105c046d75f029c64c3d9d0426b5619c8f8a4;p=thirdparty%2Fbind9.git

Move find_zone_keys() to lib/dns/zone_p.h

Rename find_zone_keys() to dns__zone_findkeys() and move it to
lib/dns/zone_p.h, so that it can be used in unit tests.  Add a comment
describing the purpose of this function.

(cherry picked from commit d7143986b1c43884d89383ef7a2e1127e8324d33)
(cherry picked from commit fc0e99c7d7c20b1e270ab868da1a00198f39835b)
(cherry picked from commit a6be59ce082597b138fe782462a9d010bc7dd232)
(cherry picked from commit b8720b8f505e823c5495ab3ff43eaf5116ca03bf)
---

diff --git a/lib/dns/win32/libdns.def.in b/lib/dns/win32/libdns.def.in
index eed2594ae31..936a18cde5c 100644
--- a/lib/dns/win32/libdns.def.in
+++ b/lib/dns/win32/libdns.def.in
@@ -3,6 +3,7 @@ LIBRARY libdns
 ; Exported Functions
 EXPORTS
 
+dns__zone_findkeys
 dns__zone_loadpending
 dns__zone_updatesigs
 dns_acache_attach
diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index b069944608d..24b8f27e577 100644
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -5473,10 +5473,16 @@ was_dumping(dns_zone_t *zone) {
 	return (dumping);
 }
 
-static isc_result_t
-find_zone_keys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,
-	       isc_mem_t *mctx, unsigned int maxkeys,
-	       dst_key_t **keys, unsigned int *nkeys)
+/*%
+ * Find up to 'maxkeys' DNSSEC keys used for signing version 'ver' of database
+ * 'db' for zone 'zone' in its key directory, then load these keys into 'keys'.
+ * Only load the public part of a given key if it is not active at timestamp
+ * 'now'.  Store the number of keys found in 'nkeys'.
+ */
+isc_result_t
+dns__zone_findkeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,
+		   isc_mem_t *mctx, unsigned int maxkeys,
+		   dst_key_t **keys, unsigned int *nkeys)
 {
 	isc_result_t result;
 	dns_dbnode_t *node = NULL;
@@ -5934,11 +5940,11 @@ zone_resigninc(dns_zone_t *zone) {
 		goto failure;
 	}
 
-	result = find_zone_keys(zone, db, version, zone->mctx, DNS_MAXZONEKEYS,
-				zone_keys, &nkeys);
+	result = dns__zone_findkeys(zone, db, version, zone->mctx,
+				    DNS_MAXZONEKEYS, zone_keys, &nkeys);
 	if (result != ISC_R_SUCCESS) {
 		dns_zone_log(zone, ISC_LOG_ERROR,
-			     "zone_resigninc:find_zone_keys -> %s",
+			     "zone_resigninc:dns__zone_findkeys -> %s",
 			     dns_result_totext(result));
 		goto failure;
 	}
@@ -6907,11 +6913,11 @@ zone_nsec3chain(dns_zone_t *zone) {
 		goto failure;
 	}
 
-	result = find_zone_keys(zone, db, version, zone->mctx,
-				DNS_MAXZONEKEYS, zone_keys, &nkeys);
+	result = dns__zone_findkeys(zone, db, version, zone->mctx,
+				    DNS_MAXZONEKEYS, zone_keys, &nkeys);
 	if (result != ISC_R_SUCCESS) {
 		dns_zone_log(zone, ISC_LOG_ERROR,
-			     "zone_nsec3chain:find_zone_keys -> %s",
+			     "zone_nsec3chain:dns__zone_findkeys -> %s",
 			     dns_result_totext(result));
 		goto failure;
 	}
@@ -7794,11 +7800,11 @@ zone_sign(dns_zone_t *zone) {
 		goto failure;
 	}
 
-	result = find_zone_keys(zone, db, version, zone->mctx,
-				DNS_MAXZONEKEYS, zone_keys, &nkeys);
+	result = dns__zone_findkeys(zone, db, version, zone->mctx,
+				    DNS_MAXZONEKEYS, zone_keys, &nkeys);
 	if (result != ISC_R_SUCCESS) {
 		dns_zone_log(zone, ISC_LOG_ERROR,
-			     "zone_sign:find_zone_keys -> %s",
+			     "zone_sign:dns__zone_findkeys -> %s",
 			     dns_result_totext(result));
 		goto failure;
 	}
@@ -16790,11 +16796,11 @@ sign_apex(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,
 	unsigned int nkeys = 0, i;
 	dns_difftuple_t *tuple;
 
-	result = find_zone_keys(zone, db, ver, zone->mctx, DNS_MAXZONEKEYS,
-				zone_keys, &nkeys);
+	result = dns__zone_findkeys(zone, db, ver, zone->mctx,
+				    DNS_MAXZONEKEYS, zone_keys, &nkeys);
 	if (result != ISC_R_SUCCESS) {
 		dns_zone_log(zone, ISC_LOG_ERROR,
-			     "sign_apex:find_zone_keys -> %s",
+			     "sign_apex:dns__zone_findkeys -> %s",
 			     dns_result_totext(result));
 		return (result);
 	}
diff --git a/lib/dns/zone_p.h b/lib/dns/zone_p.h
index b9b0c79c6aa..e1bb7acc3d9 100644
--- a/lib/dns/zone_p.h
+++ b/lib/dns/zone_p.h
@@ -26,6 +26,11 @@ typedef struct {
 	isc_boolean_t	offline;
 } dns__zonediff_t;
 
+isc_result_t
+dns__zone_findkeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,
+		   isc_mem_t *mctx, unsigned int maxkeys,
+		   dst_key_t **keys, unsigned int *nkeys);
+
 isc_result_t
 dns__zone_updatesigs(dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *version,
 		     dst_key_t *zone_keys[], unsigned int nkeys,