increment the reference count.
Note: dns_tsigkey_createfromkey() callers should now
always call dst_key_free() rather than setting it
to NULL on success. [RT #22672]
+2982. [bug] Reference count dst keys. dst_key_attach() can be used
+ increment the reference count.
+
+ Note: dns_tsigkey_createfromkey() callers should now
+ always call dst_key_free() rather than setting it
+ to NULL on success. [RT #22672]
+
2980. [bug] named didn't properly handle UPDATES that changed the
TTL of the NSEC3PARAM RRset. [RT #22363]
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dighost.c,v 1.328.22.5 2010/12/02 23:26:56 marka Exp $ */
+/* $Id: dighost.c,v 1.328.22.6 2010/12/09 01:05:27 marka Exp $ */
/*! \file
* \note
goto failure;
}
result = dns_tsigkey_createfromkey(dst_key_name(dstkey), hmacname,
- &dstkey, ISC_FALSE, NULL, 0, 0,
+ dstkey, ISC_FALSE, NULL, 0, 0,
mctx, NULL, &key);
if (result != ISC_R_SUCCESS) {
printf(";; Couldn't create key %s: %s\n",
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: server.c,v 1.556.8.31 2010/12/02 23:26:56 marka Exp $ */
+/* $Id: server.c,v 1.556.8.32 2010/12/09 01:05:28 marka Exp $ */
/*! \file */
/* Store the key in tsigkey. */
isc_stdtime_get(&now);
- CHECK(dns_tsigkey_createfromkey(dst_key_name(key), algname, &key,
+ CHECK(dns_tsigkey_createfromkey(dst_key_name(key), algname, key,
ISC_FALSE, NULL, now, now, mctx, NULL,
&tsigkey));
RUNTIME_CHECK(isc_stdio_flush(fp) == ISC_R_SUCCESS);
RUNTIME_CHECK(isc_stdio_close(fp) == ISC_R_SUCCESS);
+ dst_key_free(&key);
+
*tsigkeyp = tsigkey;
return (ISC_R_SUCCESS);
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: nsupdate.c,v 1.173.66.10 2010/12/03 00:39:46 marka Exp $ */
+/* $Id: nsupdate.c,v 1.173.66.11 2010/12/09 01:05:28 marka Exp $ */
/*! \file */
debug("Creating key...");
+ if (sig0key != NULL)
+ dst_key_free(&sig0key);
+
/* Try reading the key from a K* pair */
result = dst_key_fromnamedfile(keyfile, NULL,
DST_TYPE_PRIVATE | DST_TYPE_KEY, mctx,
}
if (hmacname != NULL) {
result = dns_tsigkey_createfromkey(dst_key_name(dstkey),
- hmacname, &dstkey, ISC_FALSE,
+ hmacname, dstkey, ISC_FALSE,
NULL, 0, 0, mctx, NULL,
&tsigkey);
+ dst_key_free(&dstkey);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "could not create key from %s: %s\n",
keyfile, isc_result_totext(result));
- dst_key_free(&dstkey);
return;
}
- } else
- sig0key = dstkey;
+ } else
+ dst_key_attach(dstkey, &sig0key);
}
static void
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: keydelete.c,v 1.13.126.2 2010/12/02 23:46:30 tbox Exp $ */
+/* $Id: keydelete.c,v 1.13.126.3 2010/12/09 01:05:28 marka Exp $ */
#include <config.h>
CHECK("dst_key_fromnamedfile", result);
result = dns_tsigkey_createfromkey(dst_key_name(dstkey),
DNS_TSIG_HMACMD5_NAME,
- &dstkey, ISC_TRUE, NULL, 0, 0,
+ dstkey, ISC_TRUE, NULL, 0, 0,
mctx, ring, &tsigkey);
+ dst_key_free(&dstkey);
CHECK("dns_tsigkey_createfromkey", result);
(void)isc_app_run();
/*
* Principal Author: Brian Wellington
- * $Id: dst_api.c,v 1.47.22.4 2010/12/02 23:26:57 marka Exp $
+ * $Id: dst_api.c,v 1.47.22.5 2010/12/09 01:05:28 marka Exp $
*/
/*! \file */
#include <isc/once.h>
#include <isc/platform.h>
#include <isc/print.h>
+#include <isc/refcount.h>
#include <isc/random.h>
#include <isc/string.h>
#include <isc/time.h>
return (ISC_FALSE);
}
+void
+dst_key_attach(dst_key_t *source, dst_key_t **target) {
+
+ REQUIRE(dst_initialized == ISC_TRUE);
+ REQUIRE(target != NULL && *target == NULL);
+ REQUIRE(VALID_KEY(source));
+
+ isc_refcount_increment(&source->refs, NULL);
+ *target = source;
+}
+
void
dst_key_free(dst_key_t **keyp) {
isc_mem_t *mctx;
dst_key_t *key;
+ unsigned int refs;
REQUIRE(dst_initialized == ISC_TRUE);
REQUIRE(keyp != NULL && VALID_KEY(*keyp));
key = *keyp;
mctx = key->mctx;
+ isc_refcount_decrement(&key->refs, &refs);
+ if (refs != 0)
+ return;
+
+ isc_refcount_destroy(&key->refs);
if (key->keydata.generic != NULL) {
INSIST(key->func->destroy != NULL);
key->func->destroy(key);
memset(key, 0, sizeof(dst_key_t));
key->magic = KEY_MAGIC;
+ result = isc_refcount_init(&key->refs, 1);
+ if (result != ISC_R_SUCCESS) {
+ isc_mem_put(mctx, key, sizeof(dst_key_t));
+ return (NULL);
+ }
+
key->key_name = isc_mem_get(mctx, sizeof(dns_name_t));
if (key->key_name == NULL) {
+ isc_refcount_destroy(&key->refs);
isc_mem_put(mctx, key, sizeof(dst_key_t));
return (NULL);
}
dns_name_init(key->key_name, NULL);
result = dns_name_dup(name, mctx, key->key_name);
if (result != ISC_R_SUCCESS) {
+ isc_refcount_destroy(&key->refs);
isc_mem_put(mctx, key->key_name, sizeof(dns_name_t));
isc_mem_put(mctx, key, sizeof(dst_key_t));
return (NULL);
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dst_internal.h,v 1.23 2009/10/27 22:25:37 marka Exp $ */
+/* $Id: dst_internal.h,v 1.23.32.1 2010/12/09 01:05:28 marka Exp $ */
#ifndef DST_DST_INTERNAL_H
#define DST_DST_INTERNAL_H 1
#include <isc/region.h>
#include <isc/types.h>
#include <isc/md5.h>
+#include <isc/refcount.h>
#include <isc/sha1.h>
#include <isc/sha2.h>
#include <isc/stdtime.h>
/*% DST Key Structure */
struct dst_key {
unsigned int magic;
+ isc_refcount_t refs;
dns_name_t * key_name; /*%< name of the key */
unsigned int key_size; /*%< size of the key in bits */
unsigned int key_proto; /*%< protocols this key is used for */
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: tsec.h,v 1.3.104.2 2010/12/02 23:46:30 tbox Exp $ */
+/* $Id: tsec.h,v 1.3.104.3 2010/12/09 01:05:29 marka Exp $ */
#ifndef DNS_TSEC_H
#define DNS_TSEC_H 1
} dns_tsectype_t;
isc_result_t
-dns_tsec_create(isc_mem_t *mctx, dns_tsectype_t type, dst_key_t **keyp,
+dns_tsec_create(isc_mem_t *mctx, dns_tsectype_t type, dst_key_t *key,
dns_tsec_t **tsecp);
/*%<
* Create a TSEC structure and stores a type-dependent key structure in it.
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: tsig.h,v 1.53.136.3 2010/12/02 23:26:58 marka Exp $ */
+/* $Id: tsig.h,v 1.53.136.4 2010/12/09 01:05:29 marka Exp $ */
#ifndef DNS_TSIG_H
#define DNS_TSIG_H 1
isc_result_t
dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm,
- dst_key_t **dstkeyp, isc_boolean_t generated,
+ dst_key_t *dstkey, isc_boolean_t generated,
dns_name_t *creator, isc_stdtime_t inception,
isc_stdtime_t expire, isc_mem_t *mctx,
dns_tsig_keyring_t *ring, dns_tsigkey_t **key);
* allows a transient key with an invalid algorithm to exist long enough
* to generate a BADKEY response.
*
+ * If dns_tsigkey_createfromkey is successful a new reference to 'dstkey'
+ * will have been made.
+ *
* Requires:
*\li 'name' is a valid dns_name_t
*\li 'algorithm' is a valid dns_name_t
*\li 'secret' is a valid pointer
*\li 'length' is an integer >= 0
- *\li 'key' is a valid dst key or NULL
+ *\li 'dstkey' is a valid dst key or NULL
*\li 'creator' points to a valid dns_name_t or is NULL
*\li 'mctx' is a valid memory context
*\li 'ring' is a valid TSIG keyring or NULL
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dst.h,v 1.25 2009/10/26 21:18:24 each Exp $ */
+/* $Id: dst.h,v 1.25.36.1 2010/12/09 01:05:29 marka Exp $ */
#ifndef DST_DST_H
#define DST_DST_H 1
* \li ISC_FALSE
*/
+void
+dst_key_attach(dst_key_t *source, dst_key_t **target);
+/*
+ * Attach to a existing key increasing the reference count.
+ *
+ * Requires:
+ *\li 'source' to be a valid key.
+ *\li 'target' to be non-NULL and '*target' to be NULL.
+ */
+
void
dst_key_free(dst_key_t **keyp);
/*%<
*/
/*
- * $Id: tkey.c,v 1.92.104.3 2010/12/02 23:26:57 marka Exp $
+ * $Id: tkey.c,v 1.92.104.4 2010/12/09 01:05:28 marka Exp $
*/
/*! \file */
#include <config.h>
expire = now + lifetime;
#endif
RETERR(dns_tsigkey_createfromkey(name, &tkeyin->algorithm,
- &dstkey, ISC_TRUE,
+ dstkey, ISC_TRUE,
dns_fixedname_name(&principal),
now, expire, ring->mctx, ring,
NULL));
+ dst_key_free(&dstkey);
tkeyout->inception = now;
tkeyout->expire = expire;
} else {
&dstkey));
RETERR(dns_tsigkey_createfromkey(tkeyname, DNS_TSIG_GSSAPI_NAME,
- &dstkey, ISC_FALSE, NULL,
+ dstkey, ISC_FALSE, NULL,
rtkey.inception, rtkey.expire,
ring->mctx, ring, outkey));
+ dst_key_free(&dstkey);
dns_rdata_freestruct(&rtkey);
return (result);
(win2k
? DNS_TSIG_GSSAPIMS_NAME
: DNS_TSIG_GSSAPI_NAME),
- &dstkey, ISC_TRUE, NULL,
+ dstkey, ISC_TRUE, NULL,
rtkey.inception, rtkey.expire,
ring->mctx, ring, outkey));
+ dst_key_free(&dstkey);
dns_rdata_freestruct(&rtkey);
return (result);
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: tsec.c,v 1.4.104.2 2010/12/02 23:46:30 tbox Exp $ */
+/* $Id: tsec.c,v 1.4.104.3 2010/12/09 01:05:28 marka Exp $ */
#include <config.h>
};
isc_result_t
-dns_tsec_create(isc_mem_t *mctx, dns_tsectype_t type, dst_key_t **keyp,
+dns_tsec_create(isc_mem_t *mctx, dns_tsectype_t type, dst_key_t *key,
dns_tsec_t **tsecp)
{
isc_result_t result;
dns_tsec_t *tsec;
dns_tsigkey_t *tsigkey = NULL;
dns_name_t *algname;
- dst_key_t *key;
- REQUIRE(keyp != NULL && *keyp != NULL);
REQUIRE(mctx != NULL);
REQUIRE(tsecp != NULL && *tsecp == NULL);
if (tsec == NULL)
return (ISC_R_NOMEMORY);
- key = *keyp;
-
tsec->type = type;
tsec->mctx = mctx;
return (DNS_R_BADALG);
}
result = dns_tsigkey_createfromkey(dst_key_name(key),
- algname, keyp, ISC_FALSE,
+ algname, key, ISC_FALSE,
NULL, 0, 0, mctx, NULL,
&tsigkey);
if (result != ISC_R_SUCCESS) {
break;
case dns_tsectype_sig0:
tsec->ukey.key = key;
- *keyp = NULL;
break;
default:
INSIST(0);
tsec->magic = DNS_TSEC_MAGIC;
*tsecp = tsec;
- ENSURE(*keyp == NULL);
return (ISC_R_SUCCESS);
}
*/
/*
- * $Id: tsig.c,v 1.138.136.4 2010/12/02 23:26:57 marka Exp $
+ * $Id: tsig.c,v 1.138.136.5 2010/12/09 01:05:28 marka Exp $
*/
/*! \file */
#include <config.h>
isc_result_t
dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm,
- dst_key_t **dstkeyp, isc_boolean_t generated,
+ dst_key_t *dstkey, isc_boolean_t generated,
dns_name_t *creator, isc_stdtime_t inception,
isc_stdtime_t expire, isc_mem_t *mctx,
dns_tsig_keyring_t *ring, dns_tsigkey_t **key)
dns_tsigkey_t *tkey;
isc_result_t ret;
unsigned int refs = 0;
- dst_key_t *dstkey;
REQUIRE(key == NULL || *key == NULL);
REQUIRE(name != NULL);
REQUIRE(mctx != NULL);
REQUIRE(key != NULL || ring != NULL);
- if (dstkeyp != NULL)
- dstkey = *dstkeyp;
- else
- dstkey = NULL;
tkey = (dns_tsigkey_t *) isc_mem_get(mctx, sizeof(dns_tsigkey_t));
if (tkey == NULL)
return (ISC_R_NOMEMORY);
} else
tkey->creator = NULL;
- tkey->key = dstkey;
+ tkey->key = NULL;
+ if (dstkey != NULL)
+ dst_key_attach(dstkey, &tkey->key);
tkey->ring = ring;
if (key != NULL)
namestr);
}
- if (dstkeyp != NULL)
- *dstkeyp = NULL;
if (key != NULL)
*key = tkey;
isc_refcount_decrement(&tkey->refs, NULL);
isc_refcount_destroy(&tkey->refs);
cleanup_creator:
+ if (tkey->key != NULL)
+ dst_key_free(&tkey->key);
if (tkey->creator != NULL) {
dns_name_free(tkey->creator, mctx);
isc_mem_put(mctx, tkey->creator, sizeof(dns_name_t));
} else if (length > 0)
return (DNS_R_BADALG);
- result = dns_tsigkey_createfromkey(name, algorithm, &dstkey,
+ result = dns_tsigkey_createfromkey(name, algorithm, dstkey,
generated, creator,
inception, expire, mctx, ring, key);
- if (result != ISC_R_SUCCESS && dstkey != NULL)
+ if (dstkey != NULL)
dst_key_free(&dstkey);
return (result);
}
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: sample-update.c,v 1.5.66.4 2010/12/03 21:48:11 marka Exp $ */
+/* $Id: sample-update.c,v 1.5.66.5 2010/12/09 01:05:29 marka Exp $ */
#include <config.h>
else
tsectype = dns_tsectype_sig0;
- result = dns_tsec_create(mctx, tsectype, &dstkey, &tsec);
+ result = dns_tsec_create(mctx, tsectype, dstkey, &tsec);
+ dst_key_free(&dstkey);
if (result != ISC_R_SUCCESS) {
- if (dstkey != NULL)
- dst_key_free(&dstkey);
fprintf(stderr, "could not create tsec: %s\n",
isc_result_totext(result));
exit(1);
projects / thirdparty / bind9.git / commitdiff
