From: Wouter Wijngaards <wouter@NLnetLabs.nl>
Date: Wed, 30 Jun 2010 07:32:44 +0000 (+0000)
Subject:        * ldns-signzone checks if public key file is for the right zone.
X-Git-Tag: release-1.6.6~29
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=63af7cbaebc8a646cb54cd94ac7985f8e35ab23f;p=thirdparty%2Fldns.git

   * ldns-signzone checks if public key file is for the right zone.
---

diff --git a/Changelog b/Changelog
index 8179e3d2..bceb008f 100644
--- a/Changelog
+++ b/Changelog
@@ -6,6 +6,7 @@
 	* Fix crash using GOST for particular platform configurations.
 	* extern C declarations used in the header file.
 	* Removed debug fprintf from resolver.c.
+	* ldns-signzone checks if public key file is for the right zone.
 
 1.6.5
 	* Catch \X where X is a digit as an error.
diff --git a/examples/ldns-signzone.c b/examples/ldns-signzone.c
index 86584d37..39b63603 100644
--- a/examples/ldns-signzone.c
+++ b/examples/ldns-signzone.c
@@ -266,6 +266,11 @@ find_or_create_pubkey(const char *keyfile_name_base, ldns_key *key, ldns_zone *o
 				ldns_key_set_keytag(key, ldns_key_keytag(key) - 1);
 			}
 		}
+		if(pubkey && ldns_dname_compare(ldns_rr_owner(pubkey), ldns_rr_owner(ldns_zone_soa(orig_zone))) != 0) {
+			fprintf(stderr, "Error %s.key has wrong name: %s\n",
+				keyfile_name_base, ldns_rdf2str(ldns_rr_owner(pubkey)));
+			exit(EXIT_FAILURE); /* leak rdf2str, but we exit */
+		}
 	}
 	
 	if (!pubkey) {