mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-01 06:55:30 +00:00
Code Issues Releases Wiki Activity

2771. [bug] dnssec-signzone: DNSKEY records could be

Browse Source 
corrupted when importing from key files [RT #20624]
This commit is contained in:
Evan Hunt
2009-11-17 05:46:53 +00:00
parent f9a07be8b3
commit 7ee4b13ded
2 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@@ -1,3 +1,6 @@
2771. [bug] dnssec-signzone: DNSKEY records could be
corrupted when importing from key files [RT #20624]
2770. [cleanup] Add log messages to resolver.c to indicate events 2770. [cleanup] Add log messages to resolver.c to indicate events
causing FORMERR responses. [RT #20526] causing FORMERR responses. [RT #20526]

15
lib/dns/dnssec.c
View File

@@ -16,7 +16,7 @@
*/ */
/* /*
* $Id: dnssec.c,v 1.109 2009/11/16 01:44:33 each Exp $ * $Id: dnssec.c,v 1.110 2009/11/17 05:46:53 each Exp $
*/ */
/*! \file */ /*! \file */
@@ -1364,13 +1364,14 @@ dns_dnssec_keylistfromrdataset(dns_name_t *origin,
} }
static isc_result_t static isc_result_t
make_dnskey(dst_key_t *key, dns_rdata_t *target) { make_dnskey(dst_key_t *key, unsigned char *buf, int bufsize,
dns_rdata_t *target)
{
isc_result_t result; isc_result_t result;
unsigned char data[DST_KEY_MAXSIZE];
isc_buffer_t b; isc_buffer_t b;
isc_region_t r; isc_region_t r;
isc_buffer_init(&b, data, sizeof(data)); isc_buffer_init(&b, buf, bufsize);
result = dst_key_todns(key, &b); result = dst_key_todns(key, &b);
if (result != ISC_R_SUCCESS) if (result != ISC_R_SUCCESS)
return (result); return (result);
@@ -1389,11 +1390,12 @@ publish_key(dns_diff_t *add, dns_dnsseckey_t *key, dns_name_t *origin,
{ {
isc_result_t result; isc_result_t result;
dns_difftuple_t *tuple = NULL; dns_difftuple_t *tuple = NULL;
unsigned char buf[DST_KEY_MAXSIZE];
dns_rdata_t dnskey = DNS_RDATA_INIT; dns_rdata_t dnskey = DNS_RDATA_INIT;
char alg[80]; char alg[80];
dns_rdata_reset(&dnskey); dns_rdata_reset(&dnskey);
RETERR(make_dnskey(key->key, &dnskey)); RETERR(make_dnskey(key->key, buf, sizeof(buf), &dnskey));
dns_secalg_format(dst_key_alg(key->key), alg, sizeof(alg)); dns_secalg_format(dst_key_alg(key->key), alg, sizeof(alg));
report("Fetching %s %d/%s from key %s\n", report("Fetching %s %d/%s from key %s\n",
@@ -1430,6 +1432,7 @@ remove_key(dns_diff_t *del, dns_dnsseckey_t *key, dns_name_t *origin,
{ {
isc_result_t result; isc_result_t result;
dns_difftuple_t *tuple = NULL; dns_difftuple_t *tuple = NULL;
unsigned char buf[DST_KEY_MAXSIZE];
dns_rdata_t dnskey = DNS_RDATA_INIT; dns_rdata_t dnskey = DNS_RDATA_INIT;
char alg[80]; char alg[80];
@@ -1437,7 +1440,7 @@ remove_key(dns_diff_t *del, dns_dnsseckey_t *key, dns_name_t *origin,
report("Removing %s key %d/%s from DNSKEY RRset.\n", report("Removing %s key %d/%s from DNSKEY RRset.\n",
reason, dst_key_id(key->key), alg); reason, dst_key_id(key->key), alg);
RETERR(make_dnskey(key->key, &dnskey)); RETERR(make_dnskey(key->key, buf, sizeof(buf), &dnskey));
RETERR(dns_difftuple_create(mctx, DNS_DIFFOP_DEL, origin, ttl, &dnskey, RETERR(dns_difftuple_create(mctx, DNS_DIFFOP_DEL, origin, ttl, &dnskey,
&tuple)); &tuple));
dns_diff_append(del, &tuple); dns_diff_append(del, &tuple);