diff --git a/bin/named/include/named/tsigconf.h b/bin/named/include/named/tsigconf.h index 32a0120083..240eebe130 100644 --- a/bin/named/include/named/tsigconf.h +++ b/bin/named/include/named/tsigconf.h @@ -22,7 +22,7 @@ ISC_LANG_BEGINDECLS isc_result_t named_tsigkeyring_fromconfig(const cfg_obj_t *config, const cfg_obj_t *vconfig, - isc_mem_t *mctx, dns_tsig_keyring_t **ringp); + isc_mem_t *mctx, dns_tsigkeyring_t **ringp); /*%< * Create a TSIG key ring and configure it according to the 'key' * statements in the global and view configuration objects. diff --git a/bin/named/server.c b/bin/named/server.c index 4456cfb12c..058a85f6a3 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -4087,7 +4087,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, uint32_t lame_ttl, fail_ttl; uint32_t max_stale_ttl = 0; uint32_t stale_refresh_time = 0; - dns_tsig_keyring_t *ring = NULL; + dns_tsigkeyring_t *ring = NULL; dns_transport_list_t *transports = NULL; dns_view_t *pview = NULL; /* Production view */ dns_dispatch_t *dispatch4 = NULL; diff --git a/bin/named/tsigconf.c b/bin/named/tsigconf.c index 550046275e..cfa934f0e1 100644 --- a/bin/named/tsigconf.c +++ b/bin/named/tsigconf.c @@ -31,7 +31,7 @@ #include static isc_result_t -add_initial_keys(const cfg_obj_t *list, dns_tsig_keyring_t *ring, +add_initial_keys(const cfg_obj_t *list, dns_tsigkeyring_t *ring, isc_mem_t *mctx) { dns_tsigkey_t *tsigkey = NULL; const cfg_listelt_t *element; @@ -136,10 +136,10 @@ failure: isc_result_t named_tsigkeyring_fromconfig(const cfg_obj_t *config, const cfg_obj_t *vconfig, - isc_mem_t *mctx, dns_tsig_keyring_t **ringp) { + isc_mem_t *mctx, dns_tsigkeyring_t **ringp) { const cfg_obj_t *maps[3]; const cfg_obj_t *keylist; - dns_tsig_keyring_t *ring = NULL; + dns_tsigkeyring_t *ring = NULL; isc_result_t result; int i; diff --git a/bin/nsupdate/nsupdate.c b/bin/nsupdate/nsupdate.c index c539f10399..da91da6ab4 100644 --- a/bin/nsupdate/nsupdate.c +++ b/bin/nsupdate/nsupdate.c @@ -135,7 +135,7 @@ static dns_name_t *userzone = NULL; static dns_name_t *zname = NULL; static dns_name_t tmpzonename = DNS_NAME_INITEMPTY; static dns_name_t restart_primary = DNS_NAME_INITEMPTY; -static dns_tsig_keyring_t *gssring = NULL; +static dns_tsigkeyring_t *gssring = NULL; static dns_tsigkey_t *tsigkey = NULL; static dst_key_t *sig0key = NULL; static isc_sockaddr_t *servers = NULL; diff --git a/fuzz/dns_message_checksig.c b/fuzz/dns_message_checksig.c index f60154dea4..72f50cc24a 100644 --- a/fuzz/dns_message_checksig.c +++ b/fuzz/dns_message_checksig.c @@ -89,8 +89,8 @@ static isc_stdtime_t fuzztime = 0x622acce1; static isc_loopmgr_t *loopmgr = NULL; static dns_view_t *view = NULL; static dns_tsigkey_t *tsigkey = NULL; -static dns_tsig_keyring_t *ring = NULL; -static dns_tsig_keyring_t *emptyring = NULL; +static dns_tsigkeyring_t *ring = NULL; +static dns_tsigkeyring_t *emptyring = NULL; static char *wd = NULL; static char template[] = "/tmp/dns-message-checksig-XXXXXX"; diff --git a/lib/dns/include/dns/tkey.h b/lib/dns/include/dns/tkey.h index ac65603b03..7d8f2dc735 100644 --- a/lib/dns/include/dns/tkey.h +++ b/lib/dns/include/dns/tkey.h @@ -69,7 +69,7 @@ dns_tkeyctx_destroy(dns_tkeyctx_t **tctxp); isc_result_t dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, - dns_tsig_keyring_t *ring); + dns_tsigkeyring_t *ring); /*%< * Processes a query containing a TKEY record, adding or deleting TSIG * keys if necessary, and modifies the message to contain the response. @@ -113,7 +113,7 @@ dns_tkey_buildgssquery(dns_message_t *msg, const dns_name_t *name, isc_result_t dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, const dns_name_t *server, dns_gss_ctx_id_t *context, - dns_tsigkey_t **outkey, dns_tsig_keyring_t *ring, + dns_tsigkey_t **outkey, dns_tsigkeyring_t *ring, char **err_message); /*%< * Client side negotiation of GSS-TSIG. Process the response diff --git a/lib/dns/include/dns/tsig.h b/lib/dns/include/dns/tsig.h index c9329c67d7..acf4fb0d9e 100644 --- a/lib/dns/include/dns/tsig.h +++ b/lib/dns/include/dns/tsig.h @@ -28,6 +28,9 @@ #include +/* Define to 1 for detailed reference tracing */ +#undef DNS_TSIG_TRACE + /* * Algorithms. */ @@ -51,7 +54,7 @@ extern const dns_name_t *dns_tsig_hmacsha512_name; */ #define DNS_TSIG_FUDGE 300 -struct dns_tsig_keyring { +struct dns_tsigkeyring { dns_rbt_t *keys; unsigned int writecount; isc_rwlock_t lock; @@ -68,18 +71,18 @@ struct dns_tsig_keyring { struct dns_tsigkey { /* Unlocked */ - unsigned int magic; /*%< Magic number. */ - isc_mem_t *mctx; - dst_key_t *key; /*%< Key */ - dns_name_t name; /*%< Key name */ - const dns_name_t *algorithm; /*%< Algorithm name */ - dns_name_t *creator; /*%< name that created secret */ - bool generated : 1; /*%< key was auto-generated */ - bool restored : 1; /*%< key was restored at startup */ - isc_stdtime_t inception; /*%< start of validity period */ - isc_stdtime_t expire; /*%< end of validity period */ - dns_tsig_keyring_t *ring; /*%< the enclosing keyring */ - isc_refcount_t refs; /*%< reference counter */ + unsigned int magic; /*%< Magic number. */ + isc_mem_t *mctx; + dst_key_t *key; /*%< Key */ + dns_name_t name; /*%< Key name */ + const dns_name_t *algorithm; /*%< Algorithm name */ + dns_name_t *creator; /*%< name that created secret */ + bool generated : 1; /*%< key was auto-generated */ + bool restored : 1; /*%< key was restored at startup */ + isc_stdtime_t inception; /*%< start of validity period */ + isc_stdtime_t expire; /*%< end of validity period */ + dns_tsigkeyring_t *ring; /*%< the enclosing keyring */ + isc_refcount_t references; /*%< reference counter */ ISC_LINK(dns_tsigkey_t) link; }; @@ -108,7 +111,7 @@ dns_tsigkey_createfromkey(const dns_name_t *name, const dns_name_t *algorithm, dst_key_t *dstkey, bool generated, bool restored, const dns_name_t *creator, isc_stdtime_t inception, isc_stdtime_t expire, isc_mem_t *mctx, - dns_tsig_keyring_t *ring, dns_tsigkey_t **key); + dns_tsigkeyring_t *ring, dns_tsigkey_t **key); /*%< * Creates a tsig key structure and saves it in the keyring. If key is * not NULL, *key will contain a copy of the key. The keys validity @@ -141,31 +144,7 @@ dns_tsigkey_createfromkey(const dns_name_t *name, const dns_name_t *algorithm, */ void -dns_tsigkey_attach(dns_tsigkey_t *source, dns_tsigkey_t **targetp); -/*%< - * Attach '*targetp' to 'source'. - * - * Requires: - *\li 'key' is a valid TSIG key - * - * Ensures: - *\li *targetp is attached to source. - */ - -void -dns_tsigkey_detach(dns_tsigkey_t **keyp); -/*%< - * Detaches from the tsig key structure pointed to by '*key'. - * - * Requires: - *\li 'keyp' is not NULL and '*keyp' is a valid TSIG key - * - * Ensures: - *\li 'keyp' points to NULL - */ - -void -dns_tsigkey_setdeleted(dns_tsigkey_t *key); +dns_tsigkey_delete(dns_tsigkey_t *key); /*%< * Prevents this key from being used again. It will be deleted when * no references exist. @@ -194,7 +173,7 @@ dns_tsig_sign(dns_message_t *msg); isc_result_t dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, - dns_tsig_keyring_t *ring1, dns_tsig_keyring_t *ring2); + dns_tsigkeyring_t *ring1, dns_tsigkeyring_t *ring2); /*%< * Verifies the TSIG record in this message * @@ -223,7 +202,7 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, isc_result_t dns_tsigkey_find(dns_tsigkey_t **tsigkey, const dns_name_t *name, - const dns_name_t *algorithm, dns_tsig_keyring_t *ring); + const dns_name_t *algorithm, dns_tsigkeyring_t *ring); /*%< * Returns the TSIG key corresponding to this name and (possibly) * algorithm. Also increments the key's reference counter. @@ -241,7 +220,7 @@ dns_tsigkey_find(dns_tsigkey_t **tsigkey, const dns_name_t *name, */ isc_result_t -dns_tsigkeyring_create(isc_mem_t *mctx, dns_tsig_keyring_t **ringp); +dns_tsigkeyring_create(isc_mem_t *mctx, dns_tsigkeyring_t **ringp); /*%< * Create an empty TSIG key ring. * @@ -255,7 +234,7 @@ dns_tsigkeyring_create(isc_mem_t *mctx, dns_tsig_keyring_t **ringp); */ isc_result_t -dns_tsigkeyring_add(dns_tsig_keyring_t *ring, const dns_name_t *name, +dns_tsigkeyring_add(dns_tsigkeyring_t *ring, const dns_name_t *name, dns_tsigkey_t *tkey); /*%< * Place a TSIG key onto a key ring. @@ -270,14 +249,8 @@ dns_tsigkeyring_add(dns_tsig_keyring_t *ring, const dns_name_t *name, *\li Any other value indicates failure. */ -void -dns_tsigkeyring_attach(dns_tsig_keyring_t *source, dns_tsig_keyring_t **target); - -void -dns_tsigkeyring_detach(dns_tsig_keyring_t **ringp); - isc_result_t -dns_tsigkeyring_dumpanddetach(dns_tsig_keyring_t **ringp, FILE *fp); +dns_tsigkeyring_dumpanddetach(dns_tsigkeyring_t **ringp, FILE *fp); /*%< * Destroy a TSIG key ring. @@ -287,6 +260,33 @@ dns_tsigkeyring_dumpanddetach(dns_tsig_keyring_t **ringp, FILE *fp); */ void -dns_tsigkeyring_restore(dns_tsig_keyring_t *ring, FILE *fp); +dns_tsigkeyring_restore(dns_tsigkeyring_t *ring, FILE *fp); +/*%< + * Restore a TSIG keyring from a dump file 'fp'. + */ + +#if DNS_TSIG_TRACE +#define dns_tsigkey_ref(ptr) dns_tsigkey__ref(ptr, __func__, __FILE__, __LINE__) +#define dns_tsigkey_unref(ptr) \ + dns_tsigkey__unref(ptr, __func__, __FILE__, __LINE__) +#define dns_tsigkey_attach(ptr, ptrp) \ + dns_tsigkey__attach(ptr, ptrp, __func__, __FILE__, __LINE__) +#define dns_tsigkey_detach(ptrp) \ + dns_tsigkey__detach(ptrp, __func__, __FILE__, __LINE__) +ISC_REFCOUNT_TRACE_DECL(dns_tsigkey); + +#define dns_tsigkeyring_ref(ptr) \ + dns_tsigkeyring__ref(ptr, __func__, __FILE__, __LINE__) +#define dns_tsigkeyring_unref(ptr) \ + dns_tsigkeyring__unref(ptr, __func__, __FILE__, __LINE__) +#define dns_tsigkeyring_attach(ptr, ptrp) \ + dns_tsigkeyring__attach(ptr, ptrp, __func__, __FILE__, __LINE__) +#define dns_tsigkeyring_detach(ptrp) \ + dns_tsigkeyring__detach(ptrp, __func__, __FILE__, __LINE__) +ISC_REFCOUNT_TRACE_DECL(dns_tsigkeyring); +#else +ISC_REFCOUNT_DECL(dns_tsigkey); +ISC_REFCOUNT_DECL(dns_tsigkeyring); +#endif ISC_LANG_ENDDECLS diff --git a/lib/dns/include/dns/types.h b/lib/dns/include/dns/types.h index 96297e8f6a..e0a0b27f78 100644 --- a/lib/dns/include/dns/types.h +++ b/lib/dns/include/dns/types.h @@ -147,7 +147,7 @@ typedef struct dns_tkeyctx dns_tkeyctx_t; typedef struct dns_transport dns_transport_t; typedef struct dns_transport_list dns_transport_list_t; typedef uint16_t dns_trust_t; -typedef struct dns_tsig_keyring dns_tsig_keyring_t; +typedef struct dns_tsigkeyring dns_tsigkeyring_t; typedef struct dns_tsigkey dns_tsigkey_t; typedef uint32_t dns_ttl_t; typedef struct dns_update_state dns_update_state_t; diff --git a/lib/dns/include/dns/view.h b/lib/dns/include/dns/view.h index adb8dc7612..b28ececce6 100644 --- a/lib/dns/include/dns/view.h +++ b/lib/dns/include/dns/view.h @@ -108,8 +108,8 @@ struct dns_view { /* Configurable data. */ dns_transport_list_t *transports; - dns_tsig_keyring_t *statickeys; - dns_tsig_keyring_t *dynamickeys; + dns_tsigkeyring_t *statickeys; + dns_tsigkeyring_t *dynamickeys; dns_peerlist_t *peers; dns_order_t *order; dns_fwdtable_t *fwdtable; @@ -433,9 +433,9 @@ void dns_view_settransports(dns_view_t *view, dns_transport_list_t *list); void -dns_view_setkeyring(dns_view_t *view, dns_tsig_keyring_t *ring); +dns_view_setkeyring(dns_view_t *view, dns_tsigkeyring_t *ring); void -dns_view_setdynamickeyring(dns_view_t *view, dns_tsig_keyring_t *ring); +dns_view_setdynamickeyring(dns_view_t *view, dns_tsigkeyring_t *ring); /*%< * Set the view's static TSIG keys * @@ -452,7 +452,7 @@ dns_view_setdynamickeyring(dns_view_t *view, dns_tsig_keyring_t *ring); */ void -dns_view_getdynamickeyring(dns_view_t *view, dns_tsig_keyring_t **ringp); +dns_view_getdynamickeyring(dns_view_t *view, dns_tsigkeyring_t **ringp); /*%< * Return the views dynamic keys. * diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c index 37e283c50e..00efdd7091 100644 --- a/lib/dns/tkey.c +++ b/lib/dns/tkey.c @@ -174,7 +174,7 @@ free_namelist(dns_message_t *msg, dns_namelist_t *namelist) { static isc_result_t process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, dns_tkeyctx_t *tctx, dns_rdata_tkey_t *tkeyout, - dns_tsig_keyring_t *ring) { + dns_tsigkeyring_t *ring) { isc_result_t result = ISC_R_SUCCESS; dst_key_t *dstkey = NULL; dns_tsigkey_t *tsigkey = NULL; @@ -327,7 +327,7 @@ failure: static isc_result_t process_deletetkey(dns_name_t *signer, dns_name_t *name, dns_rdata_tkey_t *tkeyin, dns_rdata_tkey_t *tkeyout, - dns_tsig_keyring_t *ring) { + dns_tsigkeyring_t *ring) { isc_result_t result; dns_tsigkey_t *tsigkey = NULL; const dns_name_t *identity; @@ -353,7 +353,7 @@ process_deletetkey(dns_name_t *signer, dns_name_t *name, * was not generated with TKEY and is in the config file, it may be * reloaded later. */ - dns_tsigkey_setdeleted(tsigkey); + dns_tsigkey_delete(tsigkey); /* Release the reference */ dns_tsigkey_detach(&tsigkey); @@ -363,7 +363,7 @@ process_deletetkey(dns_name_t *signer, dns_name_t *name, isc_result_t dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, - dns_tsig_keyring_t *ring) { + dns_tsigkeyring_t *ring) { isc_result_t result = ISC_R_SUCCESS; dns_rdata_tkey_t tkeyin, tkeyout; bool freetkeyin = false; @@ -729,7 +729,7 @@ find_tkey(dns_message_t *msg, dns_name_t **name, dns_rdata_t *rdata, isc_result_t dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, const dns_name_t *server, dns_gss_ctx_id_t *context, - dns_tsigkey_t **outkey, dns_tsig_keyring_t *ring, + dns_tsigkey_t **outkey, dns_tsigkeyring_t *ring, char **err_message) { dns_rdata_t rtkeyrdata = DNS_RDATA_INIT, qtkeyrdata = DNS_RDATA_INIT; dns_name_t *tkeyname; diff --git a/lib/dns/tsig.c b/lib/dns/tsig.c index cb453c5665..cfd32f954a 100644 --- a/lib/dns/tsig.c +++ b/lib/dns/tsig.c @@ -112,9 +112,7 @@ tsig_log(dns_tsigkey_t *key, int level, const char *fmt, ...) ISC_FORMAT_PRINTF(3, 4); static void -cleanup_ring(dns_tsig_keyring_t *ring); -static void -tsigkey_free(dns_tsigkey_t *key); +cleanup_ring(dns_tsigkeyring_t *ring); bool dns__tsig_algvalid(unsigned int alg) { @@ -194,7 +192,7 @@ adjust_lru(dns_tsigkey_t *tkey) { * counter: it's protected by a separate lock. */ static isc_result_t -keyring_add(dns_tsig_keyring_t *ring, const dns_name_t *name, +keyring_add(dns_tsigkeyring_t *ring, const dns_name_t *name, dns_tsigkey_t *tkey) { isc_result_t result; @@ -237,7 +235,7 @@ dns_tsigkey_createfromkey(const dns_name_t *name, const dns_name_t *algorithm, dst_key_t *dstkey, bool generated, bool restored, const dns_name_t *creator, isc_stdtime_t inception, isc_stdtime_t expire, isc_mem_t *mctx, - dns_tsig_keyring_t *ring, dns_tsigkey_t **key) { + dns_tsigkeyring_t *ring, dns_tsigkey_t **key) { dns_tsigkey_t *tkey = NULL; isc_result_t ret; unsigned int refs = 0; @@ -305,7 +303,7 @@ dns_tsigkey_createfromkey(const dns_name_t *name, const dns_name_t *algorithm, refs++; } - isc_refcount_init(&tkey->refs, refs); + isc_refcount_init(&tkey->references, refs); isc_mem_attach(mctx, &tkey->mctx); tkey->magic = TSIG_MAGIC; @@ -348,9 +346,9 @@ dns_tsigkey_createfromkey(const dns_name_t *name, const dns_name_t *algorithm, cleanup_refs: tkey->magic = 0; while (refs-- > 0) { - isc_refcount_decrement0(&tkey->refs); + isc_refcount_decrement0(&tkey->references); } - isc_refcount_destroy(&tkey->refs); + isc_refcount_destroy(&tkey->references); if (tkey->key != NULL) { dst_key_free(&tkey->key); @@ -377,7 +375,7 @@ cleanup_name: * Find a few nodes to destroy if possible. */ static void -cleanup_ring(dns_tsig_keyring_t *ring) { +cleanup_ring(dns_tsigkeyring_t *ring) { isc_result_t result; dns_rbtnodechain_t chain; dns_name_t foundname; @@ -407,7 +405,7 @@ again: tkey = node->data; if (tkey != NULL) { if (tkey->generated && - isc_refcount_current(&tkey->refs) == 1 && + isc_refcount_current(&tkey->references) == 1 && tkey->inception != tkey->expire && tkey->expire < now) { @@ -427,13 +425,19 @@ again: } static void -destroyring(dns_tsig_keyring_t *ring) { +destroyring(dns_tsigkeyring_t *ring) { isc_refcount_destroy(&ring->references); dns_rbt_destroy(&ring->keys); isc_rwlock_destroy(&ring->lock); - isc_mem_putanddetach(&ring->mctx, ring, sizeof(dns_tsig_keyring_t)); + isc_mem_putanddetach(&ring->mctx, ring, sizeof(dns_tsigkeyring_t)); } +#if DNS_TSIG_TRACE +ISC_REFCOUNT_TRACE_IMPL(dns_tsigkeyring, destroyring); +#else +ISC_REFCOUNT_IMPL(dns_tsigkeyring, destroyring); +#endif + /* * Look up the DST_ALG_ constant for a given name. */ @@ -489,7 +493,7 @@ dns__tsig_algallocated(const dns_name_t *algorithm) { } static isc_result_t -restore_key(dns_tsig_keyring_t *ring, isc_stdtime_t now, FILE *fp) { +restore_key(dns_tsigkeyring_t *ring, isc_stdtime_t now, FILE *fp) { dst_key_t *dstkey = NULL; char namestr[1024]; char creatorstr[1024]; @@ -588,14 +592,14 @@ dump_key(dns_tsigkey_t *tkey, FILE *fp) { } isc_result_t -dns_tsigkeyring_dumpanddetach(dns_tsig_keyring_t **ringp, FILE *fp) { +dns_tsigkeyring_dumpanddetach(dns_tsigkeyring_t **ringp, FILE *fp) { isc_result_t result; dns_rbtnodechain_t chain; dns_name_t foundname; dns_fixedname_t fixedorigin; dns_name_t *origin = NULL; isc_stdtime_t now = isc_stdtime_now(); - dns_tsig_keyring_t *ring = NULL; + dns_tsigkeyring_t *ring = NULL; REQUIRE(ringp != NULL && *ringp != NULL); @@ -693,17 +697,8 @@ dns_tsigkey_create(const dns_name_t *name, const dns_name_t *algorithm, return (result); } -void -dns_tsigkey_attach(dns_tsigkey_t *source, dns_tsigkey_t **targetp) { - REQUIRE(VALID_TSIG_KEY(source)); - REQUIRE(targetp != NULL && *targetp == NULL); - - isc_refcount_increment(&source->refs); - *targetp = source; -} - static void -tsigkey_free(dns_tsigkey_t *key) { +destroy_tsigkey(dns_tsigkey_t *key) { REQUIRE(VALID_TSIG_KEY(key)); key->magic = 0; @@ -723,20 +718,14 @@ tsigkey_free(dns_tsigkey_t *key) { isc_mem_putanddetach(&key->mctx, key, sizeof(dns_tsigkey_t)); } -void -dns_tsigkey_detach(dns_tsigkey_t **keyp) { - REQUIRE(keyp != NULL && VALID_TSIG_KEY(*keyp)); - dns_tsigkey_t *key = *keyp; - *keyp = NULL; - - if (isc_refcount_decrement(&key->refs) == 1) { - isc_refcount_destroy(&key->refs); - tsigkey_free(key); - } -} +#if DNS_TSIG_TRACE +ISC_REFCOUNT_TRACE_IMPL(dns_tsigkey, destroy_tsigkey); +#else +ISC_REFCOUNT_IMPL(dns_tsigkey, destroy_tsigkey); +#endif void -dns_tsigkey_setdeleted(dns_tsigkey_t *key) { +dns_tsigkey_delete(dns_tsigkey_t *key) { REQUIRE(VALID_TSIG_KEY(key)); REQUIRE(key->ring != NULL); @@ -1045,7 +1034,7 @@ cleanup_context: isc_result_t dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, - dns_tsig_keyring_t *ring1, dns_tsig_keyring_t *ring2) { + dns_tsigkeyring_t *ring1, dns_tsigkeyring_t *ring2) { dns_rdata_any_tsig_t tsig, querytsig; isc_region_t r, source_r, header_r, sig_r; isc_buffer_t databuf; @@ -1722,7 +1711,7 @@ cleanup_querystruct: isc_result_t dns_tsigkey_find(dns_tsigkey_t **tsigkey, const dns_name_t *name, - const dns_name_t *algorithm, dns_tsig_keyring_t *ring) { + const dns_name_t *algorithm, dns_tsigkeyring_t *ring) { dns_tsigkey_t *key = NULL; isc_stdtime_t now = isc_stdtime_now(); isc_result_t result; @@ -1756,7 +1745,7 @@ dns_tsigkey_find(dns_tsigkey_t **tsigkey, const dns_name_t *name, RWUNLOCK(&ring->lock, isc_rwlocktype_write); return (ISC_R_NOTFOUND); } - isc_refcount_increment(&key->refs); + isc_refcount_increment(&key->references); RWUNLOCK(&ring->lock, isc_rwlocktype_read); adjust_lru(key); *tsigkey = key; @@ -1778,16 +1767,16 @@ free_tsignode(void *node, void *arg ISC_ATTR_UNUSED) { } isc_result_t -dns_tsigkeyring_create(isc_mem_t *mctx, dns_tsig_keyring_t **ringp) { +dns_tsigkeyring_create(isc_mem_t *mctx, dns_tsigkeyring_t **ringp) { isc_result_t result; - dns_tsig_keyring_t *ring = NULL; + dns_tsigkeyring_t *ring = NULL; REQUIRE(mctx != NULL); REQUIRE(ringp != NULL); REQUIRE(*ringp == NULL); - ring = isc_mem_get(mctx, sizeof(dns_tsig_keyring_t)); - *ring = (dns_tsig_keyring_t){ + ring = isc_mem_get(mctx, sizeof(dns_tsigkeyring_t)); + *ring = (dns_tsigkeyring_t){ .maxgenerated = DNS_TSIG_MAXGENERATEDKEYS, .lru = ISC_LIST_INITIALIZER, }; @@ -1795,7 +1784,7 @@ dns_tsigkeyring_create(isc_mem_t *mctx, dns_tsig_keyring_t **ringp) { result = dns_rbt_create(mctx, free_tsignode, NULL, &ring->keys); if (result != ISC_R_SUCCESS) { isc_rwlock_destroy(&ring->lock); - isc_mem_put(mctx, ring, sizeof(dns_tsig_keyring_t)); + isc_mem_put(mctx, ring, sizeof(dns_tsigkeyring_t)); return (result); } @@ -1808,7 +1797,7 @@ dns_tsigkeyring_create(isc_mem_t *mctx, dns_tsig_keyring_t **ringp) { } isc_result_t -dns_tsigkeyring_add(dns_tsig_keyring_t *ring, const dns_name_t *name, +dns_tsigkeyring_add(dns_tsigkeyring_t *ring, const dns_name_t *name, dns_tsigkey_t *tkey) { isc_result_t result; @@ -1818,40 +1807,14 @@ dns_tsigkeyring_add(dns_tsig_keyring_t *ring, const dns_name_t *name, result = keyring_add(ring, name, tkey); if (result == ISC_R_SUCCESS) { - isc_refcount_increment(&tkey->refs); + isc_refcount_increment(&tkey->references); } return (result); } void -dns_tsigkeyring_attach(dns_tsig_keyring_t *source, - dns_tsig_keyring_t **target) { - REQUIRE(source != NULL); - REQUIRE(target != NULL && *target == NULL); - - isc_refcount_increment(&source->references); - - *target = source; -} - -void -dns_tsigkeyring_detach(dns_tsig_keyring_t **ringp) { - dns_tsig_keyring_t *ring = NULL; - - REQUIRE(ringp != NULL); - REQUIRE(*ringp != NULL); - - ring = *ringp; - *ringp = NULL; - - if (isc_refcount_decrement(&ring->references) == 1) { - destroyring(ring); - } -} - -void -dns_tsigkeyring_restore(dns_tsig_keyring_t *ring, FILE *fp) { +dns_tsigkeyring_restore(dns_tsigkeyring_t *ring, FILE *fp) { isc_stdtime_t now = isc_stdtime_now(); isc_result_t result; diff --git a/lib/dns/view.c b/lib/dns/view.c index 754c9974aa..5b3ea09e0d 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -692,7 +692,7 @@ dns_view_settransports(dns_view_t *view, dns_transport_list_t *list) { } void -dns_view_setkeyring(dns_view_t *view, dns_tsig_keyring_t *ring) { +dns_view_setkeyring(dns_view_t *view, dns_tsigkeyring_t *ring) { REQUIRE(DNS_VIEW_VALID(view)); REQUIRE(ring != NULL); if (view->statickeys != NULL) { @@ -702,7 +702,7 @@ dns_view_setkeyring(dns_view_t *view, dns_tsig_keyring_t *ring) { } void -dns_view_setdynamickeyring(dns_view_t *view, dns_tsig_keyring_t *ring) { +dns_view_setdynamickeyring(dns_view_t *view, dns_tsigkeyring_t *ring) { REQUIRE(DNS_VIEW_VALID(view)); REQUIRE(ring != NULL); if (view->dynamickeys != NULL) { @@ -712,7 +712,7 @@ dns_view_setdynamickeyring(dns_view_t *view, dns_tsig_keyring_t *ring) { } void -dns_view_getdynamickeyring(dns_view_t *view, dns_tsig_keyring_t **ringp) { +dns_view_getdynamickeyring(dns_view_t *view, dns_tsigkeyring_t **ringp) { REQUIRE(DNS_VIEW_VALID(view)); REQUIRE(ringp != NULL && *ringp == NULL); if (view->dynamickeys != NULL) { diff --git a/tests/dns/tsig_test.c b/tests/dns/tsig_test.c index 743c5def1e..65837fc39b 100644 --- a/tests/dns/tsig_test.c +++ b/tests/dns/tsig_test.c @@ -271,7 +271,7 @@ ISC_RUN_TEST_IMPL(tsig_tcp) { dns_fixedname_t fkeyname; dns_message_t *msg = NULL; dns_name_t *keyname; - dns_tsig_keyring_t *ring = NULL; + dns_tsigkeyring_t *ring = NULL; dns_tsigkey_t *key = NULL; isc_buffer_t *buf = NULL; isc_buffer_t *querytsig = NULL;