typedef uint16_t dns_keyflags_t;
typedef struct dns_keynode dns_keynode_t;
typedef ISC_LIST(dns_keynode_t) dns_keynodelist_t;
-typedef struct dns_keytable dns_keytable_t;
-typedef uint16_t dns_keytag_t;
+typedef struct dns_keytable dns_keytable_t;
+typedef uint16_t dns_keytag_t;
+typedef struct dns_keystore dns_keystore_t;
+typedef ISC_LIST(dns_keystore_t) dns_keystorelist_t;
typedef struct dns_loadctx dns_loadctx_t;
typedef struct dns_loadmgr dns_loadmgr_t;
typedef struct dns_masterrawheader dns_masterrawheader_t;
*\li Other errors are possible.
*/
+isc_result_t
+cfg_keystore_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx,
+ isc_log_t *logctx, dns_keystorelist_t *keystorelist,
+ dns_keystore_t **kspp);
+/*%<
+ * Create and configure a key store. If a 'keystorelist' is provided, a lookup
+ * happens and if a keystore already exists with the same name, no new one is
+ * created, and no attach to 'kspp' happens.
+ *
+ * Requires:
+ *
+ *\li config != NULL
+
+ *\li 'mctx' is a valid memory context.
+ *
+ *\li 'logctx' is a valid logging context.
+ *
+ *\li kspp != NULL && *kspp == NULL
+ *
+ * Returns:
+ *
+ *\li #ISC_R_SUCCESS If creating and configuring the keystore succeeds.
+ *\li #ISC_R_EXISTS If 'keystorelist' already has a keystore with 'name'.
+ *\li #ISC_R_NOMEMORY
+ *
+ *\li Other errors are possible.
+ */
+
ISC_LANG_ENDDECLS
#include <isc/util.h>
#include <dns/kasp.h>
+#include <dns/keystore.h>
#include <dns/keyvalues.h>
#include <dns/log.h>
#include <dns/nsec3.h>
return (cfg_obj_asduration(obj));
}
+/*
+ * Utility function for configuring strings.
+ */
+static const char *
+get_string(const cfg_obj_t **maps, const char *option) {
+ const cfg_obj_t *obj;
+ isc_result_t result;
+ obj = NULL;
+
+ result = confget(maps, option, &obj);
+ if (result == ISC_R_NOTFOUND) {
+ return (NULL);
+ }
+ INSIST(result == ISC_R_SUCCESS);
+ return (cfg_obj_asstring(obj));
+}
+
/*
* Create a new kasp key derived from configuration.
*/
dns_kasp_detach(&kasp);
return (result);
}
+
+isc_result_t
+cfg_keystore_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx,
+ isc_log_t *logctx, dns_keystorelist_t *keystorelist,
+ dns_keystore_t **kspp) {
+ isc_result_t result;
+ const cfg_obj_t *maps[2];
+ const cfg_obj_t *koptions = NULL;
+ const char *name = NULL;
+ dns_keystore_t *keystore = NULL;
+ int i = 0;
+
+ REQUIRE(config != NULL);
+ REQUIRE(kspp != NULL && *kspp == NULL);
+
+ name = cfg_obj_asstring(cfg_tuple_get(config, "name"));
+ INSIST(name != NULL);
+
+ result = dns_keystorelist_find(keystorelist, name, &keystore);
+
+ if (result == ISC_R_SUCCESS) {
+ cfg_obj_log(config, logctx, ISC_LOG_ERROR,
+ "key-store: duplicate key-store found '%s'", name);
+ dns_keystore_detach(&keystore);
+ return (ISC_R_EXISTS);
+ }
+ if (result != ISC_R_NOTFOUND) {
+ cfg_obj_log(config, logctx, ISC_LOG_ERROR,
+ "key-store: lookup '%s' failed: %s", name,
+ isc_result_totext(result));
+ return (result);
+ }
+
+ /*
+ * No key-store with configured name was found in list, create new one.
+ */
+ INSIST(keystore == NULL);
+ result = dns_keystore_create(mctx, name, &keystore);
+ if (result != ISC_R_SUCCESS) {
+ return (result);
+ }
+ INSIST(keystore != NULL);
+
+ /* Now configure. */
+ INSIST(DNS_KEYSTORE_VALID(keystore));
+
+ if (config != NULL) {
+ koptions = cfg_tuple_get(config, "options");
+ maps[i++] = koptions;
+ }
+ maps[i] = NULL;
+
+ /* Configuration */
+ dns_keystore_setdirectory(keystore, get_string(maps, "directory"));
+ dns_keystore_setpkcs11uri(keystore, get_string(maps, "uri"));
+
+ /* Append it to the list for future lookups. */
+ ISC_LIST_APPEND(*keystorelist, keystore, link);
+ INSIST(!(ISC_LIST_EMPTY(*keystorelist)));
+
+ /* Success: Attach the keystore to the pointer and return. */
+ dns_keystore_attach(keystore, kspp);
+
+ /* Don't detach as keystore is on '*keystorelist' */
+ return (ISC_R_SUCCESS);
+}
projects / thirdparty / bind9.git / commitdiff
