fix delv when using the builtin trust-anchors

Since the builtin trust-anchors are now called `builtin-trust-anchors`,
delv needs specific handling in order to be able to parse those when
they are used.

Before, delv was simply parsing a single clause (either in the case of
an overriden trust-anchors value from bindkeys file or by simply reading
the builtin value). But since the name changed, the same code can't be
shared and the builtin version is expected to be in a map.

diff --git a/bin/delv/delv.c b/bin/delv/delv.c
index b05e05f2d22f3c715b6b1746fdf656020bb67a0a..f462a13c1656611e9dae8e0f74f716d7b9f3b7b0 100644 (file)
--- a/bin/delv/delv.c
+++ b/bin/delv/delv.c
@@ -75,6 +75,7 @@
 
 #include <dst/dst.h>
 
+#include <isccfg/grammar.h>
 #include <isccfg/namedconf.h>
 
 #include <ns/client.h>
@@ -158,9 +159,17 @@ static dns_name_t *anchor_name = NULL;
 static dns_master_style_t *style = NULL;
 static dns_fixedname_t qfn;
 
-/* Default trust anchors */
+/* Default trust anchors and clause/type definitions */
 static char anchortext[] = TRUST_ANCHORS;
 
+static cfg_clausedef_t delv_clauses[] = { { "builtin-trust-anchors",
+                                           &cfg_type_builtin_dnsseckeys,
+                                           CFG_CLAUSEFLAG_MULTI },
+                                         { NULL, NULL, 0 } };
+static cfg_clausedef_t *delv_clausesets[] = { delv_clauses, NULL };
+static cfg_type_t delv_type = { "delv", cfg_parse_mapbody, NULL,
+                               NULL,   &cfg_rep_map,      delv_clausesets };
+
 /*
  * Static function prototypes
  */
@@ -833,20 +842,23 @@ setup_dnsseckeys(dns_client_t *client, dns_view_t *toview) {
                if (result != ISC_R_SUCCESS) {
                        fatal("Unable to load keys from '%s'", anchorfile);
                }
+
+               INSIST(bindkeys != NULL);
+               cfg_map_get(bindkeys, "trust-anchors", &trust_anchors);
        } else {
                isc_buffer_t b;
 
                isc_buffer_init(&b, anchortext, sizeof(anchortext) - 1);
                isc_buffer_add(&b, sizeof(anchortext) - 1);
-               result = cfg_parse_buffer(isc_g_mctx, &b, NULL, 0,
-                                         &cfg_type_bindkeys, 0, &bindkeys);
+               result = cfg_parse_buffer(isc_g_mctx, &b, NULL, 0, &delv_type,
+                                         0, &bindkeys);
                if (result != ISC_R_SUCCESS) {
                        fatal("Unable to parse built-in keys");
                }
+               INSIST(bindkeys != NULL);
+               cfg_map_get(bindkeys, "builtin-trust-anchors", &trust_anchors);
        }
 
-       INSIST(bindkeys != NULL);
-       cfg_map_get(bindkeys, "trust-anchors", &trust_anchors);
        if (trust_anchors != NULL) {
                CHECK(load_keys(trust_anchors, client, toview));
        }

diff --git a/lib/isccfg/include/isccfg/namedconf.h b/lib/isccfg/include/isccfg/namedconf.h
index d2fa34b58edfa642f243112641f25af432570d21..8843b926232dd108654fc29a4786e0e8ae1308f2 100644 (file)
--- a/lib/isccfg/include/isccfg/namedconf.h
+++ b/lib/isccfg/include/isccfg/namedconf.h
@@ -29,6 +29,9 @@ extern cfg_type_t cfg_type_namedconf;
 extern cfg_type_t cfg_type_bindkeys;
 /*%< A bind.keys file. */
 
+extern cfg_type_t cfg_type_builtin_dnsseckeys;
+/*%< The builtin dnsseckey builtin-trust-anchors */
+
 extern cfg_type_t cfg_type_addzoneconf;
 /*%< A single zone passed via the addzone rndc command. */