From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sat, 12 Apr 2025 14:30:57 +0000 (+0900)
Subject: resolved-dns-trust-anchor: use hash_ops with destructor for managing DnsAnswer
X-Git-Tag: v258-rc1~814^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d6c8db650d54a8095e82e8cbb9889161e1cf8493;p=thirdparty%2Fsystemd.git

resolved-dns-trust-anchor: use hash_ops with destructor for managing DnsAnswer
---

diff --git a/src/resolve/resolved-dns-rr.c b/src/resolve/resolved-dns-rr.c
index 6837c9ece40..a78085d0d43 100644
--- a/src/resolve/resolved-dns-rr.c
+++ b/src/resolve/resolved-dns-rr.c
@@ -308,7 +308,7 @@ int dns_resource_key_match_soa(const DnsResourceKey *key, const DnsResourceKey *
         return dns_name_endswith(dns_resource_key_name(key), dns_resource_key_name(soa));
 }
 
-static void dns_resource_key_hash_func(const DnsResourceKey *k, struct siphash *state) {
+void dns_resource_key_hash_func(const DnsResourceKey *k, struct siphash *state) {
         assert(k);
 
         dns_name_hash_func(dns_resource_key_name(k), state);
@@ -316,7 +316,7 @@ static void dns_resource_key_hash_func(const DnsResourceKey *k, struct siphash *
         siphash24_compress_typesafe(k->type, state);
 }
 
-static int dns_resource_key_compare_func(const DnsResourceKey *x, const DnsResourceKey *y) {
+int dns_resource_key_compare_func(const DnsResourceKey *x, const DnsResourceKey *y) {
         int r;
 
         r = dns_name_compare_func(dns_resource_key_name(x), dns_resource_key_name(y));
diff --git a/src/resolve/resolved-dns-rr.h b/src/resolve/resolved-dns-rr.h
index e039e43cec7..3ad98ee571a 100644
--- a/src/resolve/resolved-dns-rr.h
+++ b/src/resolve/resolved-dns-rr.h
@@ -409,6 +409,8 @@ int dns_resource_key_to_json(DnsResourceKey *key, sd_json_variant **ret);
 int dns_resource_key_from_json(sd_json_variant *v, DnsResourceKey **ret);
 int dns_resource_record_to_json(DnsResourceRecord *rr, sd_json_variant **ret);
 
+void dns_resource_key_hash_func(const DnsResourceKey *k, struct siphash *state);
+int dns_resource_key_compare_func(const DnsResourceKey *x, const DnsResourceKey *y);
 void dns_resource_record_hash_func(const DnsResourceRecord *i, struct siphash *state);
 int dns_resource_record_compare_func(const DnsResourceRecord *x, const DnsResourceRecord *y);
 
diff --git a/src/resolve/resolved-dns-trust-anchor.c b/src/resolve/resolved-dns-trust-anchor.c
index ae20f712cbb..962e159a12b 100644
--- a/src/resolve/resolved-dns-trust-anchor.c
+++ b/src/resolve/resolved-dns-trust-anchor.c
@@ -18,6 +18,14 @@
 #include "string-util.h"
 #include "strv.h"
 
+DEFINE_PRIVATE_HASH_OPS_WITH_VALUE_DESTRUCTOR(
+                dns_answer_hash_ops_by_key,
+                DnsResourceKey,
+                dns_resource_key_hash_func,
+                dns_resource_key_compare_func,
+                DnsAnswer,
+                dns_answer_unref);
+
 static const char trust_anchor_dirs[] = CONF_PATHS_NULSTR("dnssec-trust-anchors.d");
 
 /* The second DS RR from https://data.iana.org/root-anchors/root-anchors.xml, retrieved February 2017 */
@@ -78,10 +86,6 @@ static int dns_trust_anchor_add_builtin_positive(DnsTrustAnchor *d) {
 
         assert(d);
 
-        r = hashmap_ensure_allocated(&d->positive_by_key, &dns_resource_key_hash_ops);
-        if (r < 0)
-                return r;
-
         /* Only add the built-in trust anchor if there's neither a DS nor a DNSKEY defined for the root domain. That
          * way users have an easy way to override the root domain DS/DNSKEY data. */
         if (dns_trust_anchor_knows_domain_positive(d, "."))
@@ -103,11 +107,11 @@ static int dns_trust_anchor_add_builtin_positive(DnsTrustAnchor *d) {
         if (r < 0)
                 return r;
 
-        r = hashmap_put(d->positive_by_key, key, answer);
+        r = hashmap_ensure_put(&d->positive_by_key, &dns_answer_hash_ops_by_key, key, answer);
         if (r < 0)
                 return r;
 
-        answer = NULL;
+        TAKE_PTR(answer);
         return 0;
 }
 
@@ -365,7 +369,7 @@ static int dns_trust_anchor_load_positive(DnsTrustAnchor *d, const char *path, u
                 return -EINVAL;
         }
 
-        r = hashmap_ensure_allocated(&d->positive_by_key, &dns_resource_key_hash_ops);
+        r = hashmap_ensure_allocated(&d->positive_by_key, &dns_answer_hash_ops_by_key);
         if (r < 0)
                 return log_oom();
 
@@ -381,7 +385,7 @@ static int dns_trust_anchor_load_positive(DnsTrustAnchor *d, const char *path, u
                 return log_error_errno(r, "Failed to add answer to trust anchor: %m");
 
         old_answer = dns_answer_unref(old_answer);
-        answer = NULL;
+        TAKE_PTR(answer);
 
         return 0;
 }
@@ -541,7 +545,7 @@ int dns_trust_anchor_load(DnsTrustAnchor *d) {
 void dns_trust_anchor_flush(DnsTrustAnchor *d) {
         assert(d);
 
-        d->positive_by_key = hashmap_free_with_destructor(d->positive_by_key, dns_answer_unref);
+        d->positive_by_key = hashmap_free(d->positive_by_key);
         d->revoked_by_rr = set_free(d->revoked_by_rr);
         d->negative_by_name = set_free(d->negative_by_name);
 }