From: Tony Finch <dot@dotat.at>
Date: Wed, 2 Oct 2019 18:43:09 +0000 (+0100)
Subject: cleanup: more consistent abbreviated DS digest type mnemonics
X-Git-Tag: v9.15.6~63^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b770ea976d96fb089d88cc940782e97ffe83e05c;p=thirdparty%2Fbind9.git

cleanup: more consistent abbreviated DS digest type mnemonics

BIND supports the non-standard DNSKEY algorithm mnemonic ECDSA256
everywhere ECDSAP256SHA256 is allowed, and allows algorithm numbers
interchangeably with mnemonics. This is all done in one place by the
dns_secalg_fromtext() function.

DS digest types were less consistent: the rdata parser does not allow
abbreviations like SHA1, but the dnssec-* command line tools do; and
the command line tools do not alow numeric types though that is the
norm in rdata.

The command line tools now use the dns_dsdigest_fromtext() function
instead of rolling their own variant, and dns_dsdigest_fromtext() now
knows about abbreviated digest type mnemonics.
---

diff --git a/bin/dnssec/dnssectool.c b/bin/dnssec/dnssectool.c
index 5ba2cc12663..d409965fed5 100644
--- a/bin/dnssec/dnssectool.c
+++ b/bin/dnssec/dnssectool.c
@@ -314,35 +314,30 @@ dns_rdataclass_t
 strtoclass(const char *str) {
 	isc_textregion_t r;
 	dns_rdataclass_t rdclass;
-	isc_result_t ret;
+	isc_result_t result;
 
 	if (str == NULL)
 		return dns_rdataclass_in;
 	DE_CONST(str, r.base);
 	r.length = strlen(str);
-	ret = dns_rdataclass_fromtext(&rdclass, &r);
-	if (ret != ISC_R_SUCCESS)
+	result = dns_rdataclass_fromtext(&rdclass, &r);
+	if (result != ISC_R_SUCCESS)
 		fatal("unknown class %s", str);
 	return (rdclass);
 }
 
 unsigned int
-strtodsdigest(const char *algname) {
-	if (strcasecmp(algname, "SHA1") == 0 ||
-	    strcasecmp(algname, "SHA-1") == 0)
-	{
-		return (DNS_DSDIGEST_SHA1);
-	} else if (strcasecmp(algname, "SHA256") == 0 ||
-		   strcasecmp(algname, "SHA-256") == 0)
-	{
-		return (DNS_DSDIGEST_SHA256);
-	} else if (strcasecmp(algname, "SHA384") == 0 ||
-		   strcasecmp(algname, "SHA-384") == 0)
-	{
-		return (DNS_DSDIGEST_SHA384);
-	} else {
-		fatal("unknown algorithm %s", algname);
-	}
+strtodsdigest(const char *str) {
+	isc_textregion_t r;
+	dns_dsdigest_t alg;
+	isc_result_t result;
+
+	DE_CONST(str, r.base);
+	r.length = strlen(str);
+	result = dns_dsdigest_fromtext(&alg, &r);
+	if (result != ISC_R_SUCCESS)
+		fatal("unknown DS algorithm %s", str);
+	return (alg);
 }
 
 static int
diff --git a/lib/dns/rcode.c b/lib/dns/rcode.c
index 2853671d2c5..f9fe07cb04b 100644
--- a/lib/dns/rcode.c
+++ b/lib/dns/rcode.c
@@ -141,9 +141,12 @@
 
 #define DSDIGESTNAMES \
 	{ DNS_DSDIGEST_SHA1, "SHA-1", 0 }, \
+	{ DNS_DSDIGEST_SHA1, "SHA1", 0 }, \
 	{ DNS_DSDIGEST_SHA256, "SHA-256", 0 }, \
+	{ DNS_DSDIGEST_SHA256, "SHA256", 0 }, \
 	{ DNS_DSDIGEST_GOST, "GOST", 0 }, \
 	{ DNS_DSDIGEST_SHA384, "SHA-384", 0 }, \
+	{ DNS_DSDIGEST_SHA384, "SHA384", 0 }, \
 	{ 0, NULL, 0}
 
 struct tbl {