1654. [bug] isc_result_totext() contained array bounds read

                        error.

1653.   [func]          Add key type checking to dst_key_fromfilename(),
                        DST_TYPE_KEY should be used to read TSIG, TKEY and
                        SIG(0) keys.

1652.   [bug]           TKEY still uses KEY.

diff --git a/CHANGES b/CHANGES
index 9c8446a74dd8aed37df7ccbce789443323113d9f..e96d2f209d887007a2e74cf09fdd0df3c1d45b98 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -5,11 +5,14 @@
 
 1655.  [placeholder]   rt11446
 
-1654.  [placeholder]   rt11541
+1654.  [bug]           isc_result_totext() contained array bounds read
+                       error.
 
-1653.  [placeholder]   rt11541
+1653.  [func]          Add key type checking to dst_key_fromfilename(),
+                       DST_TYPE_KEY should be used to read TSIG, TKEY and
+                       SIG(0) keys.
 
-1652.  [placeholder]   rt11541
+1652.  [bug]           TKEY still uses KEY.
 
 1651.  [bug]           dig: process multiple dash options.
 

diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c
index cecde0c26e27b9d32c046ff75ffe4f5d3f021efc..8a6a136bc863a42502222af280f112a2b584f8cb 100644 (file)
--- a/bin/dig/dighost.c
+++ b/bin/dig/dighost.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: dighost.c,v 1.261 2004/04/13 02:39:35 marka Exp $ */
+/* $Id: dighost.c,v 1.262 2004/06/11 00:27:02 marka Exp $ */
 
 /*
  * Notice to programmers:  Do not use this code as an example of how to
@@ -864,7 +864,7 @@ setup_file_key(void) {
        dst_key_t *dstkey = NULL;
 
        debug("setup_file_key()");
-       result = dst_key_fromnamedfile(keyfile, DST_TYPE_PRIVATE,
+       result = dst_key_fromnamedfile(keyfile, DST_TYPE_PRIVATE | DST_TYPE_KEY,
                                       mctx, &dstkey);
        if (result != ISC_R_SUCCESS) {
                fprintf(stderr, "Couldn't read key from %s: %s\n",
@@ -3552,8 +3552,8 @@ get_trusted_key(isc_mem_t *mctx)
                        return ISC_R_FAILURE;
                }
                fclose(fptemp);
-               result = dst_key_fromnamedfile(filetemp, DST_TYPE_PUBLIC,
-                                              mctx, &key);
+               result = dst_key_fromnamedfile(filetemp, DST_TYPE_PUBLIC |
+                                              DST_TYPE_KEY, mctx, &key);
                removetmpkey(mctx, filetemp);
                isc_mem_free(mctx, filetemp);
                if (result !=  ISC_R_SUCCESS ) {

diff --git a/bin/named/tkeyconf.c b/bin/named/tkeyconf.c
index 0d698370cf1aac9dd9ba5b3e324b5e1165e2b819..114e3eddf3248f4221c7ecd9fca2b495f3214a22 100644 (file)
--- a/bin/named/tkeyconf.c
+++ b/bin/named/tkeyconf.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: tkeyconf.c,v 1.20 2004/03/05 04:57:49 marka Exp $ */
+/* $Id: tkeyconf.c,v 1.21 2004/06/11 00:27:03 marka Exp $ */
 
 #include <config.h>
 
@@ -53,6 +53,7 @@ ns_tkeyctx_fromconfig(cfg_obj_t *options, isc_mem_t *mctx, isc_entropy_t *ectx,
        dns_name_t *name;
        isc_buffer_t b;
        cfg_obj_t *obj;
+       int type;
 
        result = dns_tkeyctx_create(mctx, ectx, &tctx);
        if (result != ISC_R_SUCCESS)
@@ -69,9 +70,9 @@ ns_tkeyctx_fromconfig(cfg_obj_t *options, isc_mem_t *mctx, isc_entropy_t *ectx,
                name = dns_fixedname_name(&fname);
                RETERR(dns_name_fromtext(name, &b, dns_rootname,
                                         ISC_FALSE, NULL));
+               type = DST_TYPE_PUBLIC|DST_TYPE_PRIVATE|DST_TYPE_KEY;
                RETERR(dst_key_fromfile(name, (dns_keytag_t) n, DNS_KEYALG_DH,
-                                       DST_TYPE_PUBLIC|DST_TYPE_PRIVATE,
-                                       NULL, mctx, &tctx->dhkey));
+                                       type, NULL, mctx, &tctx->dhkey));
        }
 
        obj = NULL;

diff --git a/bin/tests/dst/Ktest.+001+00002.key b/bin/tests/dst/Ktest.+001+00002.key
index 7a5ec2fabe5d73d32eeb01e4a16080f58f457eff..a8b4b4d6a4df28d8b09042cb964408fd2c33f7f5 100644 (file)
--- a/bin/tests/dst/Ktest.+001+00002.key
+++ b/bin/tests/dst/Ktest.+001+00002.key
@@ -1 +1 @@
-test. IN KEY 49152 2 1
+test. IN DNSKEY 49152 2 1

diff --git a/bin/tests/dst/Ktest.+001+54622.key b/bin/tests/dst/Ktest.+001+54622.key
index 2d000cfc104a384004f31bb381b840e385b99957..b0277e3381cbc5acbf7a487c94324b5dcda8a0fa 100644 (file)
--- a/bin/tests/dst/Ktest.+001+54622.key
+++ b/bin/tests/dst/Ktest.+001+54622.key
@@ -1 +1 @@
-test. IN KEY 257 3 1 AQPQjwSpaVzxIgRCpiUoozUQKGh2oX8NIFKDOvtxK+tn536OZg2cROKTlgGEHXJK9YHfW/6nzQULTVpb63P+SQMmjCCidb8IYyhItixRztVeJQ==
+test. IN DNSKEY 257 3 1 AQPQjwSpaVzxIgRCpiUoozUQKGh2oX8NIFKDOvtxK+tn536OZg2cROKTlgGEHXJK9YHfW/6nzQULTVpb63P+SQMmjCCidb8IYyhItixRztVeJQ==

diff --git a/bin/tests/dst/Ktest.+003+23616.key b/bin/tests/dst/Ktest.+003+23616.key
index 44ad296d10b51198bb3a7d6368b68cd7aea32d5d..958d5857fe38808669d6d647958c57266d92d76f 100644 (file)
--- a/bin/tests/dst/Ktest.+003+23616.key
+++ b/bin/tests/dst/Ktest.+003+23616.key
@@ -1 +1 @@
-test. IN KEY 16641 3 3 ANp1//lqDlEfTavcFI+cyudNfgEz73V/K7fSDvkA0eDYcGg/kSvEjAEO/oLWCERltkuC55ZcM/mSv17WF1d/wR6kww/pLI9eXwkjftAYqs5sNxk+mbEGl6zwve9wq5z7IoTY5/J4l7XLCKftg/wGvrzXQhggIkRvEh3myhxd+ouILcpfvTIthWlTKiH59tSJpmgmiSMTE7nDYaf10iVRWN6DMSprgejiH05/fpmyZAt44tyAh4m1wXS5u4tam1PXDJYJozn7EfQ8e2weIv1yC+t6PHSx
+test. IN DNSKEY 16641 3 3 ANp1//lqDlEfTavcFI+cyudNfgEz73V/K7fSDvkA0eDYcGg/kSvEjAEO/oLWCERltkuC55ZcM/mSv17WF1d/wR6kww/pLI9eXwkjftAYqs5sNxk+mbEGl6zwve9wq5z7IoTY5/J4l7XLCKftg/wGvrzXQhggIkRvEh3myhxd+ouILcpfvTIthWlTKiH59tSJpmgmiSMTE7nDYaf10iVRWN6DMSprgejiH05/fpmyZAt44tyAh4m1wXS5u4tam1PXDJYJozn7EfQ8e2weIv1yC+t6PHSx

diff --git a/bin/tests/dst/Ktest.+003+49667.key b/bin/tests/dst/Ktest.+003+49667.key
index 18ab1475eb8011effdb96bff2712064a18c67adc..fb73f570d51bb11711a6ec1f2eb11666ab467af7 100644 (file)
--- a/bin/tests/dst/Ktest.+003+49667.key
+++ b/bin/tests/dst/Ktest.+003+49667.key
@@ -1 +1 @@
-test. IN KEY 49152 2 3
+test. IN DNSKEY 49152 2 3

diff --git a/bin/tests/dst/dst_test.c b/bin/tests/dst/dst_test.c
index 9f871e2c31eb4bc5e236cb72389e8bb9b298b981..4ea7687cb564e8346c6c7927a3b8f4bb0103420b 100644 (file)
--- a/bin/tests/dst/dst_test.c
+++ b/bin/tests/dst/dst_test.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: dst_test.c,v 1.38 2004/03/05 04:58:46 marka Exp $ */
+/* $Id: dst_test.c,v 1.39 2004/06/11 00:27:05 marka Exp $ */
 
 #include <config.h>
 
@@ -160,7 +160,7 @@ dh(dns_name_t *name1, int id1, dns_name_t *name2, int id2, isc_mem_t *mctx) {
        isc_region_t r1, r2;
        unsigned char array1[1024], array2[1024];
        int alg = DST_ALG_DH;
-       int type = DST_TYPE_PUBLIC|DST_TYPE_PRIVATE;
+       int type = DST_TYPE_PUBLIC|DST_TYPE_PRIVATE|DST_TYPE_KEY;
 
        ret = dst_key_fromfile(name1, id1, alg, type, current, mctx, &key1);
        printf("read(%d) returned: %s\n", alg, isc_result_totext(ret));

diff --git a/bin/tests/dst/t_dst.c b/bin/tests/dst/t_dst.c
index 8db3861fa444500841b28a05ce01ae8b8ed56f7f..920a2d1addd80af278accf5c6016bfdb2706d569 100644 (file)
--- a/bin/tests/dst/t_dst.c
+++ b/bin/tests/dst/t_dst.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: t_dst.c,v 1.48 2004/03/05 04:58:46 marka Exp $ */
+/* $Id: t_dst.c,v 1.49 2004/06/11 00:27:05 marka Exp $ */
 
 #include <config.h>
 
@@ -168,7 +168,7 @@ dh(dns_name_t *name1, int id1, dns_name_t *name2, int id2, isc_mem_t *mctx,
        char            tmp[PATH_MAX + 1];
        char            *p;
        int             alg = DST_ALG_DH;
-       int             type = DST_TYPE_PUBLIC|DST_TYPE_PRIVATE;
+       int             type = DST_TYPE_PUBLIC|DST_TYPE_PRIVATE|DST_TYPE_KEY;
        unsigned char   array1[1024], array2[1024];
        isc_buffer_t    b1, b2;
        isc_region_t    r1, r2;

diff --git a/bin/tests/system/tkey/keycreate.c b/bin/tests/system/tkey/keycreate.c
index ce2e0fea5f6f38acb1213cf5f9319a234045e8a0..8029c86655be1944a10f6e737cf78a873877ea77 100644 (file)
--- a/bin/tests/system/tkey/keycreate.c
+++ b/bin/tests/system/tkey/keycreate.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: keycreate.c,v 1.10 2004/03/05 05:03:12 marka Exp $ */
+/* $Id: keycreate.c,v 1.11 2004/06/11 00:27:05 marka Exp $ */
 
 #include <config.h>
 
@@ -75,6 +75,7 @@ recvquery(isc_task_t *task, isc_event_t *event) {
        dns_message_t *query, *response;
        char keyname[256];
        isc_buffer_t keynamebuf;
+       int type;
 
        UNUSED(task);
 
@@ -115,8 +116,8 @@ recvquery(isc_task_t *task, isc_event_t *event) {
        CHECK("dst_key_buildfilename", result);
        printf("%.*s\n", (int)isc_buffer_usedlength(&keynamebuf),
               (char *)isc_buffer_base(&keynamebuf));
-       result = dst_key_tofile(tsigkey->key,
-                               DST_TYPE_PRIVATE | DST_TYPE_PUBLIC, "");
+       type = DST_TYPE_PRIVATE | DST_TYPE_PUBLIC | DST_TYPE_KEY;
+       result = dst_key_tofile(tsigkey->key, type, "");
        CHECK("dst_key_tofile", result);
 
        dns_message_destroy(&query);
@@ -209,6 +210,7 @@ main(int argc, char *argv[]) {
        isc_logconfig_t *logconfig;
        isc_task_t *task;
        isc_result_t result;
+       int type;
 
        RUNCHECK(isc_app_start());
 
@@ -280,9 +282,8 @@ main(int argc, char *argv[]) {
        RUNCHECK(isc_app_onrun(mctx, task, sendquery, NULL));
 
        ourkey = NULL;
-       result = dst_key_fromnamedfile(ourkeyname, 
-                                      DST_TYPE_PUBLIC | DST_TYPE_PRIVATE,
-                                      mctx, &ourkey);
+       type = DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_KEY;
+       result = dst_key_fromnamedfile(ourkeyname, type, mctx, &ourkey);
        CHECK("dst_key_fromnamedfile", result);
 
        isc_buffer_init(&nonce, noncedata, sizeof(noncedata));

diff --git a/bin/tests/system/tkey/keydelete.c b/bin/tests/system/tkey/keydelete.c
index 5a1a07bf5fe358f85823d8e470c22ade2187234e..131c244f1c4279541478f05b01bdbb264e09be27 100644 (file)
--- a/bin/tests/system/tkey/keydelete.c
+++ b/bin/tests/system/tkey/keydelete.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: keydelete.c,v 1.6 2004/03/05 05:03:12 marka Exp $ */
+/* $Id: keydelete.c,v 1.7 2004/06/11 00:27:06 marka Exp $ */
 
 #include <config.h>
 
@@ -154,6 +154,7 @@ main(int argc, char **argv) {
        isc_logconfig_t *logconfig;
        isc_task_t *task;
        isc_result_t result;
+       int type;
 
        RUNCHECK(isc_app_start());
 
@@ -222,9 +223,8 @@ main(int argc, char **argv) {
        RUNCHECK(isc_app_onrun(mctx, task, sendquery, NULL));
 
        dstkey = NULL;
-       result = dst_key_fromnamedfile(keyname,
-                                      DST_TYPE_PUBLIC | DST_TYPE_PRIVATE,
-                                      mctx, &dstkey);
+       type = DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_KEY;
+       result = dst_key_fromnamedfile(keyname, type, mctx, &dstkey);
        CHECK("dst_key_fromnamedfile", result);
        result = dns_tsigkey_createfromkey(dst_key_name(dstkey),
                                           DNS_TSIG_HMACMD5_NAME,

diff --git a/bin/tests/system/tkey/ns1/setup.sh b/bin/tests/system/tkey/ns1/setup.sh
index 96dca87517905e86a47cbaa0b56713ba418694f5..e629c7fb187bb93005352a9c750548db153dca6d 100644 (file)
--- a/bin/tests/system/tkey/ns1/setup.sh
+++ b/bin/tests/system/tkey/ns1/setup.sh
@@ -15,11 +15,11 @@
 # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 # PERFORMANCE OF THIS SOFTWARE.
 
-# $Id: setup.sh,v 1.5 2004/03/05 05:03:17 marka Exp $
+# $Id: setup.sh,v 1.6 2004/06/11 00:27:06 marka Exp $
 
 RANDFILE=../random.data
 
-keyname=`$KEYGEN -a DH -b 768 -n host -r $RANDFILE server`
+keyname=`$KEYGEN -k -a DH -b 768 -n host -r $RANDFILE server`
 keyid=`echo $keyname | $PERL -p -e 's/^.*\+0*//;'`
 rm -f named.conf
 perl -p -e "s/KEYID/$keyid/;" < named.conf.in > named.conf

diff --git a/bin/tests/system/tkey/tests.sh b/bin/tests/system/tkey/tests.sh
index d5743a49463cc7ffe300742a53c5f7cb01b04bfb..fadceabe3096c62ffc620cdd242557c3ef2638a6 100644 (file)
--- a/bin/tests/system/tkey/tests.sh
+++ b/bin/tests/system/tkey/tests.sh
@@ -15,7 +15,7 @@
 # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 # PERFORMANCE OF THIS SOFTWARE.
 
-# $Id: tests.sh,v 1.4 2004/03/05 05:03:13 marka Exp $
+# $Id: tests.sh,v 1.5 2004/06/11 00:27:06 marka Exp $
 
 SYSTEMTESTTOP=..
 . $SYSTEMTESTTOP/conf.sh
@@ -28,7 +28,7 @@ RANDFILE=random.data
 
 echo "I:generating new DH key"
 ret=0
-dhkeyname=`$KEYGEN -a DH -b 768 -n host -r $RANDFILE client` || ret=1
+dhkeyname=`$KEYGEN -k -a DH -b 768 -n host -r $RANDFILE client` || ret=1
 if [ $ret != 0 ]; then
        echo "I:failed"
        echo "I:exit status: $status"

diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c
index 68b463973bd3da7b3b8af4027493956a2e00325a..2efe8311b37fc1bb2f15413d8ce138dca4873d5e 100644 (file)
--- a/lib/dns/dnssec.c
+++ b/lib/dns/dnssec.c
@@ -16,7 +16,7 @@
  */
 
 /*
- * $Id: dnssec.c,v 1.81 2004/03/05 05:09:19 marka Exp $
+ * $Id: dnssec.c,v 1.82 2004/06/11 00:26:59 marka Exp $
  */
 
 
@@ -134,6 +134,8 @@ dns_dnssec_keyfromrdata(dns_name_t *name, dns_rdata_t *rdata, isc_mem_t *mctx,
        INSIST(mctx != NULL);
        INSIST(key != NULL);
        INSIST(*key == NULL);
+       REQUIRE(rdata->type == dns_rdatatype_key ||
+               rdata->type == dns_rdatatype_dnskey);
 
        dns_rdata_toregion(rdata, &r);
        isc_buffer_init(&b, r.base, r.length);

diff --git a/lib/dns/sec/dst/dst_api.c b/lib/dns/sec/dst/dst_api.c
index 6008832368a359237ca45f435bfe4e3e0a91dad3..1798d04a6a11a3721ccbd15a292c965a0a9e6b80 100644 (file)
--- a/lib/dns/sec/dst/dst_api.c
+++ b/lib/dns/sec/dst/dst_api.c
@@ -18,7 +18,7 @@
 
 /*
  * Principal Author: Brian Wellington
- * $Id: dst_api.c,v 1.115 2004/05/21 08:09:27 marka Exp $
+ * $Id: dst_api.c,v 1.116 2004/06/11 00:27:00 marka Exp $
  */
 
 #include <config.h>
@@ -70,6 +70,7 @@ static dst_key_t *    get_key_struct(dns_name_t *name,
                                       dns_rdataclass_t rdclass,
                                       isc_mem_t *mctx);
 static isc_result_t    read_public_key(const char *filename,
+                                       int type,
                                        isc_mem_t *mctx,
                                        dst_key_t **keyp);
 static isc_result_t    write_public_key(const dst_key_t *key, int type,
@@ -391,7 +392,7 @@ dst_key_fromnamedfile(const char *filename, int type, isc_mem_t *mctx,
        REQUIRE(mctx != NULL);
        REQUIRE(keyp != NULL && *keyp == NULL);
 
-       result = read_public_key(filename, mctx, &pubkey);
+       result = read_public_key(filename, type, mctx, &pubkey);
        if (result != ISC_R_SUCCESS)
                return (result);
 
@@ -825,7 +826,9 @@ get_key_struct(dns_name_t *name, unsigned int alg,
  * Reads a public key from disk
  */
 static isc_result_t
-read_public_key(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) {
+read_public_key(const char *filename, int type,
+               isc_mem_t *mctx, dst_key_t **keyp)
+{
        u_char rdatabuf[DST_KEY_MAXSIZE];
        isc_buffer_t b;
        dns_fixedname_t name;
@@ -840,7 +843,7 @@ read_public_key(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) {
        isc_lexspecials_t specials;
        isc_uint32_t ttl;
        isc_result_t result;
-       dns_rdatatype_t type;
+       dns_rdatatype_t keytype;
 
        newfilenamelen = strlen(filename) + 5;
        newfilename = isc_mem_get(mctx, newfilenamelen);
@@ -913,12 +916,18 @@ read_public_key(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) {
                BADTOKEN();
 
        if (strcasecmp(DST_AS_STR(token), "DNSKEY") == 0)
-               type = dns_rdatatype_dnskey;
+               keytype = dns_rdatatype_dnskey;
        else if (strcasecmp(DST_AS_STR(token), "KEY") == 0)
-               type = dns_rdatatype_key; /* SIG(0) */
+               keytype = dns_rdatatype_key; /* SIG(0), TKEY */
        else
                BADTOKEN();
 
+       if (((type & DST_TYPE_KEY) != 0 && keytype != dns_rdatatype_key) ||
+           ((type & DST_TYPE_KEY) == 0 && keytype != dns_rdatatype_dnskey)) {
+               ret = DST_R_BADKEYTYPE;
+               goto cleanup;
+       }
+
        isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf));
        ret = dns_rdata_fromtext(&rdata, rdclass, type, lex, NULL,
                                 ISC_FALSE, mctx, &b, NULL);

diff --git a/lib/dns/sec/dst/dst_result.c b/lib/dns/sec/dst/dst_result.c
index 9e4c6d4d8d1ae387b5fb317364552552a65f5567..c7aebd323239118531c96348251a9cd0cc271292 100644 (file)
--- a/lib/dns/sec/dst/dst_result.c
+++ b/lib/dns/sec/dst/dst_result.c
@@ -17,7 +17,7 @@
 
 /*
  * Principal Author: Brian Wellington
- * $Id: dst_result.c,v 1.20 2004/03/05 05:10:30 marka Exp $
+ * $Id: dst_result.c,v 1.21 2004/06/11 00:27:01 marka Exp $
  */
 
 #include <config.h>
@@ -49,6 +49,7 @@ static const char *text[DST_R_NRESULTS] = {
        "not a key that can compute a secret",  /* 17 */
        "failure computing a shared secret",    /* 18 */
        "no randomness available",              /* 19 */
+       "bad key type"                          /* 20 */
 };
 
 #define DST_RESULT_RESULTSET                   2

diff --git a/lib/dns/sec/dst/include/dst/dst.h b/lib/dns/sec/dst/include/dst/dst.h
index 64bd0ea4ec581566ffbdf8fed734594dc8b4cec7..0589efe110886edeb7495644b50e1c0ea20b3cbe 100644 (file)
--- a/lib/dns/sec/dst/include/dst/dst.h
+++ b/lib/dns/sec/dst/include/dst/dst.h
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: dst.h,v 1.47 2004/03/10 02:19:58 marka Exp $ */
+/* $Id: dst.h,v 1.48 2004/06/11 00:27:01 marka Exp $ */
 
 #ifndef DST_DST_H
 #define DST_DST_H 1
@@ -218,6 +218,7 @@ dst_key_fromfile(dns_name_t *name, dns_keytag_t id, unsigned int alg, int type,
  *     "id" is a valid key tag identifier.
  *     "alg" is a supported key algorithm.
  *     "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union.
+ *               DST_TYPE_KEY look for a KEY record otherwise DNSKEY
  *     "mctx" is a valid memory context.
  *     "keyp" is not NULL and "*keyp" is NULL.
  *
@@ -240,6 +241,7 @@ dst_key_fromnamedfile(const char *filename, int type, isc_mem_t *mctx,
  * Requires:
  *     "filename" is not NULL
  *     "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union
+ *               DST_TYPE_KEY look for a KEY record otherwise DNSKEY
  *     "mctx" is a valid memory context
  *     "keyp" is not NULL and "*keyp" is NULL.
  *

diff --git a/lib/dns/sec/dst/include/dst/result.h b/lib/dns/sec/dst/include/dst/result.h
index 339cf360bee0b4438d5182b3564c88ddb7eff5f7..89251a75099ef5c546f25444b0e5bebd5b0b3992 100644 (file)
--- a/lib/dns/sec/dst/include/dst/result.h
+++ b/lib/dns/sec/dst/include/dst/result.h
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: result.h,v 1.21 2004/03/05 05:10:38 marka Exp $ */
+/* $Id: result.h,v 1.22 2004/06/11 00:27:01 marka Exp $ */
 
 #ifndef DST_RESULT_H
 #define DST_RESULT_H 1
@@ -51,8 +51,9 @@
 #define DST_R_KEYCANNOTCOMPUTESECRET   (ISC_RESULTCLASS_DST + 17)
 #define DST_R_COMPUTESECRETFAILURE     (ISC_RESULTCLASS_DST + 18)
 #define DST_R_NORANDOMNESS             (ISC_RESULTCLASS_DST + 19)
+#define DST_R_BADKEYTYPE               (ISC_RESULTCLASS_DST + 20)
 
-#define DST_R_NRESULTS                 20      /* Number of results */
+#define DST_R_NRESULTS                 21      /* Number of results */
 
 ISC_LANG_BEGINDECLS
 

diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c
index 02af731ec2572ae3b5e88261fc2094d48f1ade9a..27ac05b4e0dff871b53428913724c6c5eacb2b6f 100644 (file)
--- a/lib/dns/tkey.c
+++ b/lib/dns/tkey.c
@@ -16,7 +16,7 @@
  */
 
 /*
- * $Id: tkey.c,v 1.76 2004/03/05 05:09:25 marka Exp $
+ * $Id: tkey.c,v 1.77 2004/06/11 00:27:00 marka Exp $
  */
 
 #include <config.h>
@@ -285,7 +285,7 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name,
                keyname = NULL;
                dns_message_currentname(msg, DNS_SECTION_ADDITIONAL, &keyname);
                keyset = NULL;
-               result = dns_message_findtype(keyname, dns_rdatatype_dnskey, 0,
+               result = dns_message_findtype(keyname, dns_rdatatype_key, 0,
                                              &keyset);
                if (result != ISC_R_SUCCESS)
                        continue;
@@ -333,7 +333,7 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name,
        RETERR(dst_key_todns(tctx->dhkey, &ourkeybuf));
        isc_buffer_usedregion(&ourkeybuf, &ourkeyr);
        dns_rdata_fromregion(&ourkeyrdata, dns_rdataclass_any,
-                            dns_rdatatype_dnskey, &ourkeyr);
+                            dns_rdatatype_key, &ourkeyr);
 
        dns_name_init(&ourname, NULL);
        dns_name_clone(dst_key_name(tctx->dhkey), &ourname);
@@ -877,7 +877,7 @@ dns_tkey_builddhquery(dns_message_t *msg, dst_key_t *key, dns_name_t *name,
        RETERR(dst_key_todns(key, dynbuf));
        isc_buffer_usedregion(dynbuf, &r);
        dns_rdata_fromregion(rdata, dns_rdataclass_any,
-                            dns_rdatatype_dnskey, &r);
+                            dns_rdatatype_key, &r);
        dns_message_takebuffer(msg, &dynbuf);
 
        dns_name_init(&keyname, NULL);
@@ -1049,7 +1049,7 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg,
        ourkeyname = NULL;
        ourkeyset = NULL;
        RETERR(dns_message_findname(rmsg, DNS_SECTION_ANSWER, &keyname,
-                                   dns_rdatatype_dnskey, 0, &ourkeyname,
+                                   dns_rdatatype_key, 0, &ourkeyname,
                                    &ourkeyset));
 
        result = dns_message_firstname(rmsg, DNS_SECTION_ANSWER);
@@ -1060,7 +1060,7 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg,
                if (dns_name_equal(theirkeyname, ourkeyname))
                        goto next;
                theirkeyset = NULL;
-               result = dns_message_findtype(theirkeyname, dns_rdatatype_dnskey,
+               result = dns_message_findtype(theirkeyname, dns_rdatatype_key,
                                              0, &theirkeyset);
                if (result == ISC_R_SUCCESS) {
                        RETERR(dns_rdataset_first(theirkeyset));

diff --git a/lib/isc/result.c b/lib/isc/result.c
index 7eb3a4332c9bc08578b8083dadfa159ac738c08a..aa47d3258081d52523a397f25230129fb4fb3d26 100644 (file)
--- a/lib/isc/result.c
+++ b/lib/isc/result.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: result.c,v 1.63 2004/05/15 03:37:33 jinmei Exp $ */
+/* $Id: result.c,v 1.64 2004/06/11 00:27:02 marka Exp $ */
 
 #include <config.h>
 
@@ -125,7 +125,7 @@ register_table(unsigned int base, unsigned int nresults, const char **text,
        if (table == NULL)
                return (ISC_R_NOMEMORY);
        table->base = base;
-       table->last = base + nresults;
+       table->last = base + nresults - 1;
        table->text = text;
        table->msgcat = msgcat;
        table->set = set;