3048. [bug] Fully seperate view key mangement. [RT #23419]

diff --git a/CHANGES b/CHANGES
index 0be9d9274821ec30e842d1d77d0d157d515858e5..b14e4c64785a007995fa73c2e997381803f6cdcf 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,8 @@
-3047.   [bug]           DNSKEY NODATA responses not cached fixed in
-                        validator.c. Tests added to dnssec system test.
-                        [RT #22908]
+3048.  [bug]           Fully seperate view key mangement. [RT #23419]
+
+3047.   [bug]          DNSKEY NODATA responses not cached fixed in
+                       validator.c. Tests added to dnssec system test.
+                       [RT #22908]
 
 3046.  [bug]           Use RRSIG original TTL to compute validated RRset
                        and RRSIG TTL. [RT #23332]

diff --git a/bin/tests/system/conf.sh.in b/bin/tests/system/conf.sh.in
index 168bab153a207cbd9783566dc890b49a21016e06..e5dfa8e6b690b7f4e1f105609eb2369b871f35ce 100644 (file)
--- a/bin/tests/system/conf.sh.in
+++ b/bin/tests/system/conf.sh.in
@@ -15,7 +15,7 @@
 # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 # PERFORMANCE OF THIS SOFTWARE.
 
-# $Id: conf.sh.in,v 1.59.8.1 2011/02/22 04:25:55 marka Exp $
+# $Id: conf.sh.in,v 1.59.8.2 2011/03/01 23:15:17 marka Exp $
 
 #
 # Common configuration data for system tests, to be sourced into
@@ -53,8 +53,8 @@ JOURNALPRINT=$TOP/bin/tools/named-journalprint
 # load on the machine to make it unusable to other users.
 # v6synth
 SUBDIRS="acl allow_query addzone autosign cacheclean checkconf checknames
-         database dlv @DLZ_SYSTEM_TEST@ dlzexternal dns64 dnssec forward
-        glue gost ixfr limits lwresd masterfile masterformat metadata
+        database dlv dlvauto @DLZ_SYSTEM_TEST@ dlzexternal dns64 dnssec
+        forward glue gost ixfr limits lwresd masterfile masterformat metadata
         notify nsupdate pending pkcs11 resolver rpz rrsetorder
         sortlist smartsign staticstub stub tkey tsig tsiggss
         unknown upforwd views xfer xferquota zonechecks"

diff --git a/bin/tests/system/dlvauto/clean.sh b/bin/tests/system/dlvauto/clean.sh
new file mode 100644 (file)
index 0000000..22797df
--- /dev/null
+++ b/bin/tests/system/dlvauto/clean.sh
@@ -0,0 +1,29 @@
+# Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+# $Id: clean.sh,v 1.2.2.2 2011/03/01 23:15:18 marka Exp $
+
+rm -f random.data
+rm -f ns1/K*
+rm -f ns1/*.signed
+rm -f ns1/*.db
+rm -f ns1/dlv.conf
+rm -f ns1/*.mkeys.jnl
+rm -f ns1/*.mkeys
+rm -f */named.run
+rm -f */named.memstats
+rm -f ns1/dsset-*.
+rm -f ns2/*.mkeys
+rm -f ns2/*.mkeys.jnl
+rm -f dig.out.ns?.test*

diff --git a/bin/tests/system/dlvauto/ns1/dlv.isc.org.db.in b/bin/tests/system/dlvauto/ns1/dlv.isc.org.db.in
new file mode 100644 (file)
index 0000000..27fda0d
--- /dev/null
+++ b/bin/tests/system/dlvauto/ns1/dlv.isc.org.db.in
@@ -0,0 +1,25 @@
+; Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
+;
+; Permission to use, copy, modify, and/or distribute this software for any
+; purpose with or without fee is hereby granted, provided that the above
+; copyright notice and this permission notice appear in all copies.
+;
+; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+; AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+; PERFORMANCE OF THIS SOFTWARE.
+
+; $Id: dlv.isc.org.db.in,v 1.2.2.2 2011/03/01 23:15:19 marka Exp $
+
+$TTL 300
+@                      IN SOA  a.root-servers.nil. hostmaster.isc.org. (
+                               2000042100      ; serial
+                               600             ; refresh
+                               600             ; retry
+                               1200            ; expire
+                               600             ; minimum
+                               )
+@                      NS      a.root-servers.nil.

diff --git a/bin/tests/system/dlvauto/ns1/named.conf b/bin/tests/system/dlvauto/ns1/named.conf
new file mode 100644 (file)
index 0000000..bd875e0
--- /dev/null
+++ b/bin/tests/system/dlvauto/ns1/named.conf
@@ -0,0 +1,45 @@
+/*
+ * Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id: named.conf,v 1.2.2.2 2011/03/01 23:15:20 marka Exp $ */
+
+// NS1
+
+controls { /* empty */ };
+
+options {
+       query-source address 10.53.0.1;
+       notify-source 10.53.0.1;
+       transfer-source 10.53.0.1;
+       port 5300;
+       pid-file "named.pid";
+       listen-on { 10.53.0.1; };
+       listen-on-v6 { none; };
+       recursion no;
+       notify yes;
+       dnssec-enable yes;
+       dnssec-validation yes;
+};
+
+zone "." {
+       type master;
+       file "root.db";
+};
+
+zone "dlv.isc.org" {
+       type master;
+       file "dlv.isc.org.db.signed";
+};

diff --git a/bin/tests/system/dlvauto/ns1/root.db.in b/bin/tests/system/dlvauto/ns1/root.db.in
new file mode 100644 (file)
index 0000000..e021669
--- /dev/null
+++ b/bin/tests/system/dlvauto/ns1/root.db.in
@@ -0,0 +1,28 @@
+; Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
+;
+; Permission to use, copy, modify, and/or distribute this software for any
+; purpose with or without fee is hereby granted, provided that the above
+; copyright notice and this permission notice appear in all copies.
+;
+; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+; AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+; PERFORMANCE OF THIS SOFTWARE.
+
+; $Id: root.db.in,v 1.2.2.2 2011/03/01 23:15:20 marka Exp $
+
+$TTL 300
+.                      IN SOA  gson.nominum.com. a.root.servers.nil. (
+                               2000042100      ; serial
+                               600             ; refresh
+                               600             ; retry
+                               1200            ; expire
+                               600             ; minimum
+                               )
+.                      NS      a.root-servers.nil.
+a.root-servers.nil.    A       10.53.0.1
+
+dlv.isc.org.           NS      a.root-servers.nil.

diff --git a/bin/tests/system/dlvauto/ns1/sign.sh b/bin/tests/system/dlvauto/ns1/sign.sh
new file mode 100644 (file)
index 0000000..9e38d01
--- /dev/null
+++ b/bin/tests/system/dlvauto/ns1/sign.sh
@@ -0,0 +1,44 @@
+#!/bin/sh -e
+#
+# Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+# $Id: sign.sh,v 1.2.2.2 2011/03/01 23:15:20 marka Exp $
+
+SYSTEMTESTTOP=../..
+. $SYSTEMTESTTOP/conf.sh
+
+RANDFILE=../random.data
+
+zone=dlv.isc.org
+infile=dlv.isc.org.db.in
+zonefile=dlv.isc.org.db
+
+keyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
+cat $infile $keyname.key > $zonefile
+$SIGNER -P -g -r $RANDFILE -o $zone $zonefile > /dev/null
+
+cp root.db.in root.db
+
+# Configure the resolving server with a trusted key.
+
+cat $keyname.key | grep -v '^; ' | $PERL -n -e '
+local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
+local $key = join("", @rest);
+print <<EOF
+managed-keys {
+    "$dn" initial-key $flags $proto $alg "$key";
+};
+EOF
+' >  dlv.conf

diff --git a/bin/tests/system/dlvauto/ns2/named.conf b/bin/tests/system/dlvauto/ns2/named.conf
new file mode 100644 (file)
index 0000000..cee939b
--- /dev/null
+++ b/bin/tests/system/dlvauto/ns2/named.conf
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id: named.conf,v 1.2.2.2 2011/03/01 23:15:21 marka Exp $ */
+
+// NS2
+
+controls { /* empty */ };
+
+options {
+       query-source address 10.53.0.2;
+       notify-source 10.53.0.2;
+       transfer-source 10.53.0.2;
+       port 5300;
+       pid-file "named.pid";
+       listen-on { 10.53.0.2; };
+       listen-on-v6 { none; };
+       notify no;
+       dnssec-enable yes;
+       dnssec-validation yes;
+       bindkeys-file "../ns1/dlv.conf";
+       dnssec-lookaside "auto";
+};
+
+view "in" {
+       recursion yes;
+       zone "." {
+               type hint;
+               file "../../common/root.hint";
+       };
+};
+
+view "ch" ch {
+       match-clients { 127.0.0.1; };
+};

diff --git a/bin/tests/system/dlvauto/setup.sh b/bin/tests/system/dlvauto/setup.sh
new file mode 100644 (file)
index 0000000..6fce987
--- /dev/null
+++ b/bin/tests/system/dlvauto/setup.sh
@@ -0,0 +1,23 @@
+#!/bin/sh -e
+#
+# Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+# $Id: setup.sh,v 1.2.2.2 2011/03/01 23:15:19 marka Exp $
+
+sh clean.sh 
+
+../../../tools/genrandom 400 random.data
+
+cd ns1 && sh sign.sh

diff --git a/bin/tests/system/dlvauto/tests.sh b/bin/tests/system/dlvauto/tests.sh
new file mode 100644 (file)
index 0000000..2b3f3ee
--- /dev/null
+++ b/bin/tests/system/dlvauto/tests.sh
@@ -0,0 +1,45 @@
+# Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+# $Id: tests.sh,v 1.2.2.2 2011/03/01 23:15:19 marka Exp $
+
+SYSTEMTESTTOP=..
+. $SYSTEMTESTTOP/conf.sh
+
+DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300"
+
+status=0
+n=1
+
+#
+#  When this was initialy reported there was a REQUIRE failure on restarting.
+#
+echo "I:checking dnssec-lookaside "'"auto"'"; with views of multiple classes ($n)" 
+if [ -s  ns2/named.pid ]
+then
+       ret=0
+       kill -TERM `cat ns2/named.pid`
+       sleep 1
+       (cd ns2; $NAMED -f -d 100 -c named.conf >> named.run 2>&1 & )
+       sleep 2
+       $DIG $DIGOPTS soa . @10.53.0.2 > dig.out.ns2.test$n || ret=1
+       grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1
+       if [ $ret != 0 ]; then echo "I:failed"; fi
+       status=`expr $status + $ret`
+else
+       echo "I:failed"
+       status=1
+fi
+
+exit $status

diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index 588bce889053337b192610daa569cade3b2d46d5..c276e46dab99234daae04004f8e91950dac6aebd 100644 (file)
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: zone.c,v 1.582.8.8 2011/02/22 04:25:56 marka Exp $ */
+/* $Id: zone.c,v 1.582.8.9 2011/03/01 23:15:21 marka Exp $ */
 
 /*! \file */
 
@@ -2840,16 +2840,15 @@ compute_tag(dns_name_t *name, dns_rdata_dnskey_t *dnskey, isc_mem_t *mctx,
 }
 
 /*
- * Add key to the security roots for all views.
+ * Add key to the security roots. 
  */
 static void
-trust_key(dns_viewlist_t *viewlist, dns_name_t *keyname,
+trust_key(dns_zone_t *zone, dns_name_t *keyname,
          dns_rdata_dnskey_t *dnskey, isc_mem_t *mctx) {
        isc_result_t result;
        dns_rdata_t rdata = DNS_RDATA_INIT;
        unsigned char data[4096];
        isc_buffer_t buffer;
-       dns_view_t *view;
        dns_keytable_t *sr = NULL;
        dst_key_t *dstkey = NULL;
 
@@ -2858,17 +2857,13 @@ trust_key(dns_viewlist_t *viewlist, dns_name_t *keyname,
        dns_rdata_fromstruct(&rdata, dnskey->common.rdclass,
                             dns_rdatatype_dnskey, dnskey, &buffer);
 
-       for (view = ISC_LIST_HEAD(*viewlist); view != NULL;
-            view = ISC_LIST_NEXT(view, link)) {
-
-               result = dns_view_getsecroots(view, &sr);
-               if (result != ISC_R_SUCCESS)
-                       continue;
+       result = dns_view_getsecroots(zone->view, &sr);
+       if (result != ISC_R_SUCCESS)
+               goto failure;
 
-               CHECK(dns_dnssec_keyfromrdata(keyname, &rdata, mctx, &dstkey));
-               CHECK(dns_keytable_add(sr, ISC_TRUE, &dstkey));
-               dns_keytable_detach(&sr);
-       }
+       CHECK(dns_dnssec_keyfromrdata(keyname, &rdata, mctx, &dstkey));
+       CHECK(dns_keytable_add(sr, ISC_TRUE, &dstkey));
+       dns_keytable_detach(&sr);
 
   failure:
        if (dstkey != NULL)
@@ -2879,37 +2874,16 @@ trust_key(dns_viewlist_t *viewlist, dns_name_t *keyname,
 }
 
 /*
- * Remove key from the security roots for all views.
- */
-static void
-untrust_key(dns_viewlist_t *viewlist, dns_name_t *keyname, isc_mem_t *mctx,
-           dns_rdata_dnskey_t *dnskey)
-{
-       dns_view_t *view;
-
-       for (view = ISC_LIST_HEAD(*viewlist); view != NULL;
-            view = ISC_LIST_NEXT(view, link))
-               dns_view_untrust(view, keyname, dnskey, mctx);
-}
-
-/*
- * Add a null key to the security roots for all views, so that all queries
+ * Add a null key to the security roots for so that all queries
  * to the zone will fail.
  */
 static void
-fail_secure(dns_viewlist_t *viewlist, dns_name_t *keyname) {
+fail_secure(dns_zone_t *zone, dns_name_t *keyname) {
        isc_result_t result;
-       dns_view_t *view;
-
-       for (view = ISC_LIST_HEAD(*viewlist);
-            view != NULL;
-            view = ISC_LIST_NEXT(view, link)) {
-               dns_keytable_t *sr = NULL;
-
-               result = dns_view_getsecroots(view, &sr);
-               if (result != ISC_R_SUCCESS)
-                       continue;
+       dns_keytable_t *sr = NULL;
 
+       result = dns_view_getsecroots(zone->view, &sr);
+       if (result == ISC_R_SUCCESS) {
                dns_keytable_marksecure(sr, keyname);
                dns_keytable_detach(&sr);
        }
@@ -2917,8 +2891,7 @@ fail_secure(dns_viewlist_t *viewlist, dns_name_t *keyname) {
 
 /*
  * Scan a set of KEYDATA records from the key zone.  The ones that are
- * valid (i.e., the add holddown timer has expired) become trusted keys for
- * all views.
+ * valid (i.e., the add holddown timer has expired) become trusted keys.
  */
 static void
 load_secroots(dns_zone_t *zone, dns_name_t *name, dns_rdataset_t *rdataset) {
@@ -2927,22 +2900,14 @@ load_secroots(dns_zone_t *zone, dns_name_t *name, dns_rdataset_t *rdataset) {
        dns_rdata_keydata_t keydata;
        dns_rdata_dnskey_t dnskey;
        isc_mem_t *mctx = zone->mctx;
-       dns_view_t *view = zone->view;
-       dns_viewlist_t *viewlist = view->viewlist;
        int trusted = 0, revoked = 0, pending = 0;
        isc_stdtime_t now;
+       dns_keytable_t *sr = NULL;
 
        isc_stdtime_get(&now);
 
-       /* For each view, delete references to this key from secroots. */
-       for (view = ISC_LIST_HEAD(*viewlist); view != NULL;
-            view = ISC_LIST_NEXT(view, link)) {
-               dns_keytable_t *sr = NULL;
-
-               result = dns_view_getsecroots(view, &sr);
-               if (result != ISC_R_SUCCESS)
-                       continue;
-
+       result = dns_view_getsecroots(zone->view, &sr);
+       if (result == ISC_R_SUCCESS) {
                dns_keytable_delete(sr, name);
                dns_keytable_detach(&sr);
        }
@@ -2980,7 +2945,7 @@ load_secroots(dns_zone_t *zone, dns_name_t *name, dns_rdataset_t *rdataset) {
 
                /* Add to keytables. */
                trusted++;
-               trust_key(viewlist, name, &dnskey, mctx);
+               trust_key(zone, name, &dnskey, mctx);
        }
 
        if (trusted == 0 && pending != 0) {
@@ -2993,7 +2958,7 @@ load_secroots(dns_zone_t *zone, dns_name_t *name, dns_rdataset_t *rdataset) {
                             revoked, pending);
                dns_zone_log(zone, ISC_LOG_ERROR,
                             "All queries to '%s' will fail", namebuf);
-               fail_secure(viewlist, name);
+               fail_secure(zone, name);
        }
 }
 
@@ -7486,8 +7451,8 @@ keyfetch_done(isc_task_t *task, isc_event_t *event) {
                                        deletekey = ISC_TRUE;
                                } else if (keydata.removehd == 0) {
                                        /* Remove from secroots */
-                                       untrust_key(zone->view->viewlist,
-                                                   keyname, mctx, &dnskey);
+                                       dns_view_untrust(zone->view, keyname,
+                                                        &dnskey, mctx);
 
                                        /* If initializing, delete now */
                                        if (keydata.addhd == 0)
@@ -7597,10 +7562,9 @@ keyfetch_done(isc_task_t *task, isc_event_t *event) {
                }
 
                if (trustkey) {
-                       /* Trust this key in all views */
+                       /* Trust this key. */
                        dns_rdata_tostruct(&dnskeyrr, &dnskey, NULL);
-                       trust_key(zone->view->viewlist, keyname, &dnskey,
-                                 mctx);
+                       trust_key(zone, keyname, &dnskey, mctx);
                }
 
                if (!deletekey)
@@ -7617,7 +7581,7 @@ keyfetch_done(isc_task_t *task, isc_event_t *event) {
         * the security roots; then all queries to the zone will fail.
         */
        if (pending != 0)
-               fail_secure(zone->view->viewlist, keyname);
+               fail_secure(zone, keyname);
 
   failure:
        if (changed) {