mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-05 00:55:24 +00:00
Code Issues Releases Wiki Activity

3076. [func] New '-L' option in dnssec-keygen, dnsset-settime, and

Browse Source 
dnssec-keyfromlabel sets the default TTL of the
			key.  When possible, automatic signing will use that
			TTL when the key is published.  [RT #23304]
This commit is contained in:
Evan Hunt
2011-03-17 01:40:40 +00:00
parent 0e095727ff
commit 61bcc23203
25 changed files with 535 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
lib/dns/dst_api.c
View File

@@ -31,7 +31,7 @@
/*
* Principal Author: Brian Wellington
* $Id: dst_api.c,v 1.57 2011/01/11 23:47:13 tbox Exp $
* $Id: dst_api.c,v 1.58 2011/03/17 01:40:39 each Exp $
*/
/*! \file */
@@ -91,6 +91,7 @@ static dst_key_t * get_key_struct(dns_name_t *name,
unsigned int protocol,
unsigned int bits,
dns_rdataclass_t rdclass,
dns_ttl_t ttl,
isc_mem_t *mctx);
static isc_result_t write_public_key(const dst_key_t *key, int type,
const char *directory);
@@ -514,7 +515,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname,
key = get_key_struct(pubkey->key_name, pubkey->key_alg,
pubkey->key_flags, pubkey->key_proto, 0,
pubkey->key_class, mctx);
pubkey->key_class, pubkey->key_ttl, mctx);
if (key == NULL) {
dst_key_free(&pubkey);
return (ISC_R_NOMEMORY);
@@ -712,7 +713,7 @@ dst_key_fromgssapi(dns_name_t *name, gss_ctx_id_t gssctx, isc_mem_t *mctx,
REQUIRE(keyp != NULL && *keyp == NULL);
key = get_key_struct(name, DST_ALG_GSSAPI, 0, DNS_KEYPROTO_DNSSEC,
0, dns_rdataclass_in, mctx);
0, dns_rdataclass_in, 0, mctx);
if (key == NULL)
return (ISC_R_NOMEMORY);
@@ -750,7 +751,7 @@ dst_key_fromlabel(dns_name_t *name, int alg, unsigned int flags,
CHECKALG(alg);
key = get_key_struct(name, alg, flags, protocol, 0, rdclass, mctx);
key = get_key_struct(name, alg, flags, protocol, 0, rdclass, 0, mctx);
if (key == NULL)
return (ISC_R_NOMEMORY);
@@ -804,7 +805,8 @@ dst_key_generate2(dns_name_t *name, unsigned int alg,
CHECKALG(alg);
key = get_key_struct(name, alg, flags, protocol, bits, rdclass, mctx);
key = get_key_struct(name, alg, flags, protocol, bits,
rdclass, 0, mctx);
if (key == NULL)
return (ISC_R_NOMEMORY);
@@ -1210,7 +1212,7 @@ dst_key_restore(dns_name_t *name, unsigned int alg, unsigned int flags,
if (dst_t_func[alg]->restore == NULL)
return (ISC_R_NOTIMPLEMENTED);
key = get_key_struct(name, alg, flags, protocol, 0, rdclass, mctx);
key = get_key_struct(name, alg, flags, protocol, 0, rdclass, 0, mctx);
if (key == NULL)
return (ISC_R_NOMEMORY);
@@ -1234,7 +1236,7 @@ static dst_key_t *
get_key_struct(dns_name_t *name, unsigned int alg,
unsigned int flags, unsigned int protocol,
unsigned int bits, dns_rdataclass_t rdclass,
isc_mem_t *mctx)
dns_ttl_t ttl, isc_mem_t *mctx)
{
dst_key_t *key;
isc_result_t result;
@@ -1274,6 +1276,7 @@ get_key_struct(dns_name_t *name, unsigned int alg,
key->keydata.generic = NULL;
key->key_size = bits;
key->key_class = rdclass;
key->key_ttl = ttl;
key->func = dst_t_func[alg];
key->fmt_major = 0;
key->fmt_minor = 0;
@@ -1301,7 +1304,7 @@ dst_key_read_public(const char *filename, int type,
unsigned int opt = ISC_LEXOPT_DNSMULTILINE;
dns_rdataclass_t rdclass = dns_rdataclass_in;
isc_lexspecials_t specials;
isc_uint32_t ttl;
isc_uint32_t ttl = 0;
isc_result_t result;
dns_rdatatype_t keytype;
@@ -1402,6 +1405,8 @@ dst_key_read_public(const char *filename, int type,
if (ret != ISC_R_SUCCESS)
goto cleanup;
dst_key_setttl(*keyp, ttl);
cleanup:
if (lex != NULL)
isc_lex_destroy(&lex);
@@ -1568,9 +1573,11 @@ write_public_key(const dst_key_t *key, int type, const char *directory) {
/* Now print the actual key */
ret = dns_name_print(key->key_name, fp);
fprintf(fp, " ");
if (key->key_ttl != 0)
fprintf(fp, "%d ", key->key_ttl);
isc_buffer_usedregion(&classb, &r);
isc_util_fwrite(r.base, 1, r.length, fp);
@@ -1659,7 +1666,7 @@ frombuffer(dns_name_t *name, unsigned int alg, unsigned int flags,
REQUIRE(mctx != NULL);
REQUIRE(keyp != NULL && *keyp == NULL);
key = get_key_struct(name, alg, flags, protocol, 0, rdclass, mctx);
key = get_key_struct(name, alg, flags, protocol, 0, rdclass, 0, mctx);
if (key == NULL)
return (ISC_R_NOMEMORY);