From: Matthijs Mekking Date: Thu, 6 Feb 2020 14:56:58 +0000 (+0100) Subject: Make key-directory optional X-Git-Tag: v9.16.0~18^2~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ae6bf1979d03570878d77f7b93a4d57d510c172e;p=thirdparty%2Fbind9.git Make key-directory optional The key-directory keyword actually does nothing right now but may be useful in the future if we want to differentiate between key directories or HSM keys, or if we want to speficy different directories for different keys or policies. Make it optional for the time being. --- diff --git a/bin/tests/system/checkconf/good-kasp.conf b/bin/tests/system/checkconf/good-kasp.conf index 19420f2dfdd..e6be1484665 100644 --- a/bin/tests/system/checkconf/good-kasp.conf +++ b/bin/tests/system/checkconf/good-kasp.conf @@ -18,7 +18,7 @@ dnssec-policy "test" { dnskey-ttl 3600; keys { ksk key-directory lifetime P1Y algorithm 13 256; - zsk key-directory lifetime P30D algorithm 13; + zsk lifetime P30D algorithm 13; csk key-directory lifetime unlimited algorithm 8 2048; }; max-zone-ttl 86400; diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 0bfb11a25c8..0753819090c 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -475,6 +475,25 @@ static cfg_type_t cfg_type_dnsseckey = { &cfg_rep_tuple, dnsseckey_fields }; +/*% + * Optional enums. + * + */ +static isc_result_t +parse_optional_enum(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) +{ + return (cfg_parse_enum_or_other(pctx, type, &cfg_type_void, ret)); +} + +static void +doc_optional_enum(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "[ "); + cfg_doc_enum(pctx, type); + cfg_print_cstr(pctx, " ]"); +} + /*% * A key initialization specifier, as used in the * "trust-anchors" (or synonymous "managed-keys") statement. @@ -514,8 +533,8 @@ static cfg_type_t cfg_type_dnsseckeyrole = { */ static const char *dnsseckeystore_enums[] = { "key-directory", NULL }; static cfg_type_t cfg_type_dnsseckeystore = { - "dnssec-key-storage", cfg_parse_enum, cfg_print_ustring, cfg_doc_enum, - &cfg_rep_string, &dnsseckeystore_enums + "dnssec-key-storage", parse_optional_enum, cfg_print_ustring, + doc_optional_enum, &cfg_rep_string, dnsseckeystore_enums }; /*% @@ -1015,21 +1034,6 @@ static cfg_type_t cfg_type_fetchquota = { static const char *response_enums[] = { "drop", "fail", NULL }; -static isc_result_t -parse_optional_enum(cfg_parser_t *pctx, const cfg_type_t *type, - cfg_obj_t **ret) -{ - return (cfg_parse_enum_or_other(pctx, type, &cfg_type_void, ret)); -} - -static void -doc_optional_enum(cfg_printer_t *pctx, const cfg_type_t *type) { - UNUSED(type); - cfg_print_cstr(pctx, "[ "); - cfg_doc_enum(pctx, type); - cfg_print_cstr(pctx, " ]"); -} - static cfg_type_t cfg_type_responsetype = { "responsetype", parse_optional_enum, cfg_print_ustring, doc_optional_enum, &cfg_rep_string, response_enums