From: Evan Hunt <each@isc.org>
Date: Wed, 10 Dec 2025 00:52:44 +0000 (-0800)
Subject: use the zone file's basename as origin in dnssec tools
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b8cb65db93a3daeb01f55d157580f492ded066fa;p=thirdparty%2Fbind9.git

use the zone file's basename as origin in dnssec tools

In dnssec-signzone and dnssec-verify, if the zone origin is not
specified using the `-o` parameter, the default behavior is to try
to use the zone's file name as the origin. So, for example,
`dnssec-signzone -S example.com` or 'dnssec-verify example.com'
will work, so long as the file name matches the zone name.

This now also works if the zone is in a different directory.
For example, `dnssec-signzone -S zones/example.com` or
'dnssec-verify zones/example.com' will set the origin value
to `example.com`.
---

diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c
index bd54700c0ef..f16fcbf636b 100644
--- a/bin/dnssec/dnssec-signzone.c
+++ b/bin/dnssec/dnssec-signzone.c
@@ -2451,7 +2451,8 @@ nsec3ify(unsigned int hashalg, dns_iterations_t iterations,
  * Load the zone file from disk
  */
 static void
-loadzone(char *file, char *origin, dns_rdataclass_t rdclass, dns_db_t **db) {
+loadzone(char *file, const char *origin, dns_rdataclass_t rdclass,
+	 dns_db_t **db) {
 	isc_buffer_t b;
 	int len;
 	dns_fixedname_t fname;
@@ -2459,7 +2460,7 @@ loadzone(char *file, char *origin, dns_rdataclass_t rdclass, dns_db_t **db) {
 	isc_result_t result;
 
 	len = strlen(origin);
-	isc_buffer_init(&b, origin, len);
+	isc_buffer_constinit(&b, origin, len);
 	isc_buffer_add(&b, len);
 
 	name = dns_fixedname_initname(&fname);
@@ -3212,7 +3213,8 @@ main(int argc, char *argv[]) {
 	int ch;
 	char *startstr = NULL, *endstr = NULL, *classname = NULL;
 	char *dnskey_endstr = NULL;
-	char *origin = NULL, *file = NULL, *output = NULL;
+	const char *origin = NULL;
+	char *file = NULL, *output = NULL;
 	char *inputformatstr = NULL, *outputformatstr = NULL;
 	char *serialformatstr = NULL;
 	char *dskeyfile[MAXDSKEYS];
@@ -3612,7 +3614,7 @@ main(int argc, char *argv[]) {
 	argv += 1;
 
 	if (origin == NULL) {
-		origin = file;
+		origin = isc_file_basename(file);
 	}
 
 	if (output == NULL) {
diff --git a/bin/dnssec/dnssec-verify.c b/bin/dnssec/dnssec-verify.c
index c4950da3891..0aea7802b25 100644
--- a/bin/dnssec/dnssec-verify.c
+++ b/bin/dnssec/dnssec-verify.c
@@ -20,6 +20,7 @@
 #include <isc/attributes.h>
 #include <isc/base32.h>
 #include <isc/commandline.h>
+#include <isc/file.h>
 #include <isc/hash.h>
 #include <isc/hex.h>
 #include <isc/lib.h>
@@ -89,7 +90,8 @@ report(const char *format, ...) {
  * Load the zone file from disk
  */
 static void
-loadzone(char *file, char *origin, dns_rdataclass_t rdclass, dns_db_t **db) {
+loadzone(char *file, const char *origin, bool origin_is_file,
+	 dns_rdataclass_t rdclass, dns_db_t **db) {
 	isc_buffer_t b;
 	int len;
 	dns_fixedname_t fname;
@@ -97,7 +99,7 @@ loadzone(char *file, char *origin, dns_rdataclass_t rdclass, dns_db_t **db) {
 	isc_result_t result;
 
 	len = strlen(origin);
-	isc_buffer_init(&b, origin, len);
+	isc_buffer_constinit(&b, origin, len);
 	isc_buffer_add(&b, len);
 
 	name = dns_fixedname_initname(&fname);
@@ -117,12 +119,7 @@ loadzone(char *file, char *origin, dns_rdataclass_t rdclass, dns_db_t **db) {
 	case ISC_R_SUCCESS:
 		break;
 	case DNS_R_NOTZONETOP:
-		/*
-		 * Comparing pointers (vs. using strcmp()) is intentional: we
-		 * want to check whether -o was supplied on the command line,
-		 * not whether origin and file contain the same string.
-		 */
-		if (origin == file) {
+		if (origin_is_file) {
 			fatal("failed loading zone '%s' from file '%s': "
 			      "use -o to specify a different zone origin",
 			      origin, file);
@@ -164,13 +161,15 @@ usage(int ret) {
 
 int
 main(int argc, char *argv[]) {
-	char *origin = NULL, *file = NULL;
+	const char *origin = NULL;
+	char *file = NULL;
 	char *inputformatstr = NULL;
 	isc_result_t result;
 	char *classname = NULL;
 	dns_rdataclass_t rdclass;
 	char *endp;
 	int ch;
+	bool origin_is_file = false;
 
 	isc_commandline_init(argc, argv);
 
@@ -295,7 +294,8 @@ main(int argc, char *argv[]) {
 	POST(argv);
 
 	if (origin == NULL) {
-		origin = file;
+		origin = isc_file_basename(file);
+		origin_is_file = true;
 	}
 
 	if (inputformatstr != NULL) {
@@ -310,7 +310,7 @@ main(int argc, char *argv[]) {
 
 	gdb = NULL;
 	report("Loading zone '%s' from file '%s'\n", origin, file);
-	loadzone(file, origin, rdclass, &gdb);
+	loadzone(file, origin, origin_is_file, rdclass, &gdb);
 	if (journal != NULL) {
 		loadjournal(isc_g_mctx, gdb, journal);
 	}