dst now stores the key name as a dns_name_t, not a char *.

CHANGES

@@ -1,3 +1,6 @@
+ 206.   [cleanup]	dst now stores the key name as a dns_name_t, not
+			a char *.
+
  205.   [cleanup]       On IRIX, turn off the mostly harmless warnings 1692
                         ("prototyped function redeclared without prototype")
                         and 1552 ("variable ... set but not used") when

bin/dnssec/dnssec-keygen.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THE SOFTWARE.
  */
 
-/* $Id: dnssec-keygen.c,v 1.25 2000/05/24 17:13:29 bwelling Exp $ */
+/* $Id: dnssec-keygen.c,v 1.26 2000/05/24 23:13:12 bwelling Exp $ */
 
 #include <config.h>
 
@@ -28,8 +28,12 @@
 #include <isc/string.h>
 #include <isc/util.h>
 
+#include <dns/fixedname.h>
 #include <dns/keyvalues.h>
+#include <dns/name.h>
+#include <dns/result.h>
 #include <dns/secalg.h>
+
 #include <dst/dst.h>
 #include <dst/result.h>
 
@@ -114,7 +118,8 @@ main(int argc, char **argv) {
 	char		*algname = NULL, *nametype = NULL, *type = NULL;
 	char		*prog, *endp;
 	dst_key_t	*key = NULL, *oldkey;
-	char		*name = NULL;
+	dns_fixedname_t	fname;
+	dns_name_t	*name;
 	isc_uint16_t	flags = 0;
 	dns_secalg_t	alg;
 	isc_boolean_t    conflict = ISC_FALSE, null_key = ISC_FALSE;
@@ -138,6 +143,9 @@ main(int argc, char **argv) {
 	if (argc == 1)
 		usage();
 
+	dns_result_register();
+	dst_result_register();
+
 	while ((ch = isc_commandline_parse(argc, argv,
 					   "a:b:eg:n:t:p:s:hv:")) != -1)
 	{
@@ -295,16 +303,15 @@ main(int argc, char **argv) {
 			fatal("Specified null key with signing authority");
 	}
 
-	name = isc_mem_allocate(mctx, strlen(argv[isc_commandline_index]) + 2);
+	dns_fixedname_init(&fname);
-	if (name == NULL)
+	name = dns_fixedname_name(&fname);
-		fatal("out of memory");
+	isc_buffer_init(&buf, argv[isc_commandline_index],
-	strcpy(name, argv[isc_commandline_index]);
+			strlen(argv[isc_commandline_index]));
-	if (name[strlen(name) - 1] != '.') {
+	isc_buffer_add(&buf, strlen(argv[isc_commandline_index]));
-		strcat(name, ".");
+	ret = dns_name_fromtext(name, &buf, dns_rootname, ISC_FALSE, NULL);
-		fprintf(stderr,
+	if (ret != ISC_R_SUCCESS)
-			"%s: added a trailing dot to fully qualify the name\n",
+		fatal("Invalid key name %s: %s", argv[isc_commandline_index],
-			PROGRAM);
+		      isc_result_totext(ret));
-	}
 
 	switch(alg) {
 	case DNS_KEYALG_RSA:
@@ -323,7 +330,6 @@ main(int argc, char **argv) {
 		null_key = ISC_TRUE;
 
 	isc_buffer_init(&buf, filename, sizeof(filename) - 1);
-	dst_result_register();
 
 	do { 
 		conflict = ISC_FALSE; 
@@ -382,7 +388,6 @@ main(int argc, char **argv) {
 	ret = dst_key_buildfilename(key, 0, &buf);
 	filename[isc_buffer_usedlength(&buf)] = 0;
 	printf("%s\n", filename);
-	isc_mem_free(mctx, name);
 	isc_mem_free(mctx, algname);
 	isc_mem_free(mctx, nametype);
 	isc_mem_free(mctx, prog);

bin/dnssec/dnssec-makekeyset.c

@@ -178,7 +178,8 @@ main(int argc, char *argv[]) {
 	isc_log_t *log = NULL;
 	isc_logconfig_t *logconfig;
 	keynode_t *keynode;
-	char *savedname = NULL;
+	dns_fixedname_t fsavedname;
+	dns_name_t *savedname = NULL;
 
 	dns_result_register();
 
@@ -273,25 +274,29 @@ main(int argc, char *argv[]) {
 	for (i = 0; i < argc; i++) {
 		isc_uint16_t id;
 		int alg;
-		char *namestr = NULL;
+		dns_fixedname_t fname;
+		dns_name_t *name;
+		char namestr[1025];
 
 		isc_buffer_init(&b, argv[i], strlen(argv[i]));
 		isc_buffer_add(&b, strlen(argv[i]));
-		result = dst_key_parsefilename(&b, mctx, &namestr, &id, &alg,
+		dns_fixedname_init(&fname);
-					       NULL);
+		name = dns_fixedname_name(&fname);
+		result = dst_key_parsefilename(&b, mctx, name, &id, &alg, NULL);
 		if (result != ISC_R_SUCCESS)
 			fatal("%s is not a valid key filename", argv[i]);
+		strncpy(namestr, nametostr(name), sizeof(namestr) - 1);
+		namestr[sizeof(namestr) - 1] = 0;
 
 		if (savedname == NULL) {
-			savedname = isc_mem_strdup(mctx, namestr);
+			fsavedname = fname;
-			if (savedname == NULL)
+			savedname = dns_fixedname_name(&fsavedname);
-				fatal("out of memory");
 		}
 		else {
-			if (strcmp(savedname, namestr) != 0)
+			if (!dns_name_equal(savedname, name) != 0)
 				fatal("all keys must have the same owner - %s "
 				      "and %s do not match",
-				      savedname, namestr);
+				      nametostr(savedname), namestr);
 		}
 		if (output == NULL) {
 			output = isc_mem_allocate(mctx,
@@ -314,12 +319,12 @@ main(int argc, char *argv[]) {
 				      namestr, isc_result_totext(result));
 		}
 		key = NULL;
-		result = dst_key_fromfile(namestr, id, alg, DST_TYPE_PUBLIC,
+		result = dst_key_fromfile(name, id, alg, DST_TYPE_PUBLIC,
 					  mctx, &key);
 		check_result(result, "dst_key_fromfile");
 		if (dst_key_iszonekey(key)) {
 			dst_key_t *zonekey = NULL;
-			result = dst_key_fromfile(namestr, id, alg,
+			result = dst_key_fromfile(name, id, alg,
 						  DST_TYPE_PRIVATE, mctx,
 						  &zonekey);
 			
@@ -351,12 +356,9 @@ main(int argc, char *argv[]) {
 		dns_rdata_fromregion(rdata, dns_rdataclass_in,
 				     dns_rdatatype_key, &r);
 		ISC_LIST_APPEND(rdatalist.rdata, rdata, link);
-		isc_mem_put(mctx, namestr, strlen(namestr) + 1);
 		dst_key_free(&key);
 	}
 
-	isc_mem_free(mctx, savedname);
-
 	dns_rdataset_init(&rdataset);
 	result = dns_rdatalist_tordataset(&rdatalist, &rdataset);
 	check_result(result, "dns_rdatalist_tordataset()");
@@ -387,7 +389,7 @@ main(int argc, char *argv[]) {
 					 rdata);
 		if (result != ISC_R_SUCCESS)
 			fatal("failed to sign keyset with key %s/%s/%d: %s",
-			      dst_key_name(keynode->key),
+			      nametostr(dst_key_name(keynode->key)),
 			      algtostr(dst_key_alg(keynode->key)),
 			      dst_key_id(keynode->key),
 			      isc_result_totext(result));

bin/dnssec/dnssec-signkey.c

@@ -335,23 +335,24 @@ main(int argc, char *argv[]) {
 	for (i = 0; i < argc; i++) {
 		isc_uint16_t id;
 		int alg;
-		char *namestr = NULL;
+		dns_fixedname_t fname;
+		dns_name_t *name;
 
 		isc_buffer_init(&b, argv[i], strlen(argv[i]));
 		isc_buffer_add(&b, strlen(argv[i]));
-		result = dst_key_parsefilename(&b, mctx, &namestr, &id, &alg,
+		dns_fixedname_init(&fname);
-					       NULL);
+		name = dns_fixedname_name(&fname);
+		result = dst_key_parsefilename(&b, mctx, name, &id, &alg, NULL);
 		if (result != ISC_R_SUCCESS)
 			usage();
 
 		key = NULL;
-		result = dst_key_fromfile(namestr, id, alg, DST_TYPE_PRIVATE,
+		result = dst_key_fromfile(name, id, alg, DST_TYPE_PRIVATE,
 					  mctx, &key);
 		if (result != ISC_R_SUCCESS)
 			fatal("failed to read key %s/%s/%d from disk: %s",
 			      dst_key_name(key), algtostr(dst_key_alg(key)),
 			      dst_key_id(key), isc_result_totext(result));
-		isc_mem_put(mctx, namestr, strlen(namestr) + 1);
 
 		rdata = isc_mem_get(mctx, sizeof(dns_rdata_t));
 		if (rdata == NULL)

bin/dnssec/dnssec-signzone.c

@@ -176,7 +176,7 @@ signwithkey(dns_name_t *name, dns_rdataset_t *rdataset, dns_rdata_t *rdata,
 				 mctx, b, rdata);
 	if (result != ISC_R_SUCCESS)
 		fatal("key '%s/%s/%d' failed to sign data: %s",
-		      dst_key_name(key), algtostr(dst_key_alg(key)),
+		      nametostr(dst_key_name(key)), algtostr(dst_key_alg(key)),
 		      dst_key_id(key), isc_result_totext(result));
 
 	if (tryverify) {
@@ -196,17 +196,9 @@ issigningkey(signer_key_t *key) {
 
 static inline isc_boolean_t
 iszonekey(signer_key_t *key, dns_db_t *db) {
-	char origin[1024];
+	return (dns_name_equal(dst_key_name(key->key), dns_db_origin(db)) &&
-	isc_buffer_t b;
-	isc_result_t result;
-
-	isc_buffer_init(&b, origin, sizeof(origin));
-	result = dns_name_totext(dns_db_origin(db), ISC_FALSE, &b);
-	check_result(result, "dns_name_totext()");
-
-	return (ISC_TF(strcasecmp(dst_key_name(key->key), origin) == 0 &&
 		(dst_key_flags(key->key) & DNS_KEYFLAG_OWNERMASK) ==
-		 DNS_KEYOWNER_ZONE));
+		 DNS_KEYOWNER_ZONE);
 }
 
 /*
@@ -215,23 +207,20 @@ iszonekey(signer_key_t *key, dns_db_t *db) {
  */
 static signer_key_t *
 keythatsigned(dns_rdata_sig_t *sig) {
-	char *keyname;
 	isc_result_t result;
 	dst_key_t *pubkey = NULL, *privkey = NULL;
 	signer_key_t *key;
 
-	keyname = nametostr(&sig->signer);
-
 	key = ISC_LIST_HEAD(keylist);
 	while (key != NULL) {
 		if (sig->keyid == dst_key_id(key->key) &&
 		    sig->algorithm == dst_key_alg(key->key) &&
-		    strcasecmp(keyname, dst_key_name(key->key)) == 0)
+		    dns_name_equal(&sig->signer, dst_key_name(key->key)))
 			return key;
 		key = ISC_LIST_NEXT(key, link);
 	}
 
-	result = dst_key_fromfile(keyname, sig->keyid, sig->algorithm,
+	result = dst_key_fromfile(&sig->signer, sig->keyid, sig->algorithm,
 				  DST_TYPE_PUBLIC, mctx, &pubkey);
 	if (result != ISC_R_SUCCESS)
 		return (NULL);
@@ -240,7 +229,7 @@ keythatsigned(dns_rdata_sig_t *sig) {
 	if (key == NULL)
 		fatal("out of memory");
 
-	result = dst_key_fromfile(keyname, sig->keyid, sig->algorithm,
+	result = dst_key_fromfile(&sig->signer, sig->keyid, sig->algorithm,
 				  DST_TYPE_PRIVATE, mctx, &privkey);
 	if (result == ISC_R_SUCCESS) {
 		key->key = privkey;
@@ -465,7 +454,7 @@ signset(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node,
 			else if (resign) {
 				allocbufferandrdata;
 				vbprintf(1, "\tresigning with key %s/%s/%d\n",
-				       dst_key_name(key->key),
+				       nametostr(dst_key_name(key->key)),
 				       algtostr(dst_key_alg(key->key)),
 				       dst_key_id(key->key));
 				signwithkey(name, set, trdata, key->key, &b);
@@ -496,7 +485,7 @@ signset(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node,
 		{
 			allocbufferandrdata;
 			vbprintf(1, "\tsigning with key %s/%s/%d\n",
-			       dst_key_name(key->key),
+			       nametostr(dst_key_name(key->key)),
 			       algtostr(dst_key_alg(key->key)),
 			       dst_key_id(key->key));
 			signwithkey(name, set, trdata, key->key, &b);
@@ -889,7 +878,7 @@ signname(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node,
 				dns_rdatalist_init(&keyrdatalist);
 				dstkey = NULL;
 				
-				result = dst_key_generate("", DNS_KEYALG_DSA,
+				result = dst_key_generate(name, DNS_KEYALG_DSA,
 							  0, 0,
 							  DNS_KEYTYPE_NOKEY |
 							  DNS_KEYOWNER_ZONE,
@@ -1489,12 +1478,15 @@ main(int argc, char *argv[]) {
 		for (i = 0; i < argc; i++) {
 			isc_uint16_t id;
 			int alg;
-			char *namestr = NULL;
+			dns_fixedname_t fname;
+			dns_name_t *name;
 			isc_buffer_t b;
 
 			isc_buffer_init(&b, argv[i], strlen(argv[i]));
 			isc_buffer_add(&b, strlen(argv[i]));
-			result = dst_key_parsefilename(&b, mctx, &namestr,
+			dns_fixedname_init(&fname);
+			name = dns_fixedname_name(&fname);
+			result = dst_key_parsefilename(&b, mctx, name,
 						       &id, &alg, NULL);
 			if (result != ISC_R_SUCCESS)
 				usage();
@@ -1504,31 +1496,30 @@ main(int argc, char *argv[]) {
 				dst_key_t *dkey = key->key;
 				if (dst_key_id(dkey) == id &&
 				    dst_key_alg(dkey) == alg &&
-				    strcasecmp(namestr,
+				    dns_name_equal(name, dst_key_name(dkey)))
-					       dst_key_name(dkey)) == 0)
 				{
 					key->isdefault = ISC_TRUE;
 					if (!dst_key_isprivate(dkey))
 						fatal("cannot sign zone with "
 						      "non-private key "
 						      "'%s/%s/%d'",
-						      dst_key_name(dkey),
+						  nametostr(dst_key_name(dkey)),
-						   algtostr(dst_key_alg(dkey)),
+						  algtostr(dst_key_alg(dkey)),
-						      dst_key_id(dkey));
+						  dst_key_id(dkey));
 					break;
 				}
 				key = ISC_LIST_NEXT(key, link);
 			}
 			if (key == NULL) {
 				dst_key_t *dkey = NULL;
-				result = dst_key_fromfile(namestr, id, alg,
+				result = dst_key_fromfile(name, id, alg,
 							  DST_TYPE_PRIVATE,
 							  mctx, &dkey);
 				if (result != ISC_R_SUCCESS)
 					fatal("failed to load key '%s/%s/%d' "
-					      "from disk: %s", namestr,
+					      "from disk: %s",
-					      algtostr(alg), id,
+					      nametostr(name), algtostr(alg),
-					      isc_result_totext(result));
+					      id, isc_result_totext(result));
 				key = isc_mem_get(mctx, sizeof(signer_key_t));
 				if (key == NULL)
 					fatal("out of memory");
@@ -1536,7 +1527,6 @@ main(int argc, char *argv[]) {
 				key->isdefault = ISC_TRUE;
 				ISC_LIST_APPEND(keylist, key, link);
 			}
-		isc_mem_put(mctx, namestr, strlen(namestr) + 1);
 		}
 	}
 

bin/named/server.c

@@ -199,6 +199,9 @@ configure_view_dnsseckeys(dns_c_ctx_t *cctx,
 			unsigned char rrdata[4096];
 			isc_buffer_t rrdatabuf;
 			isc_region_t r;
+			dns_fixedname_t fkeyname;
+			dns_name_t *keyname;
+			isc_buffer_t namebuf;
 			
 			if (cview == NULL)
 				viewclass = dns_rdataclass_in;
@@ -241,7 +244,14 @@ configure_view_dnsseckeys(dns_c_ctx_t *cctx,
 						   keystruct.common.rdclass,
 						   keystruct.common.rdtype,
 						   &keystruct, &rrdatabuf));
-			CHECK(dst_key_fromdns(ckey->domain, &rrdatabuf, mctx,
+			dns_fixedname_init(&fkeyname);
+			keyname = dns_fixedname_name(&fkeyname);
+			isc_buffer_init(&namebuf, ckey->domain,
+					strlen(ckey->domain));
+			isc_buffer_add(&namebuf, strlen(ckey->domain));
+			CHECK(dns_name_fromtext(keyname, &namebuf,
+						dns_rootname, ISC_FALSE, NULL));
+			CHECK(dst_key_fromdns(keyname, &rrdatabuf, mctx,
 					      &dstkey));
 			
 			CHECK(dns_keytable_add(keytable, &dstkey));

bin/named/tkeyconf.c

@@ -43,7 +43,7 @@ dns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx,
 	int n;
 	isc_buffer_t b, namebuf;
 	unsigned char data[1024];
-	dns_name_t domain;
+	dns_name_t domain, keyname;
 
 	result = dns_tkeyctx_create(mctx, &tctx);
 	if (result != ISC_R_SUCCESS)
@@ -55,7 +55,12 @@ dns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx,
 		*tctxp = tctx;
 		return (ISC_R_SUCCESS);
 	}
-	RETERR(dst_key_fromfile(s, n, DNS_KEYALG_DH,
+	isc_buffer_init(&namebuf, data, sizeof(data));
+	dns_name_init(&keyname, NULL);
+	isc_buffer_init(&b, s, strlen(s));
+	isc_buffer_add(&b, strlen(s));
+	dns_name_fromtext(&keyname, &b, dns_rootname, ISC_FALSE, &namebuf);
+	RETERR(dst_key_fromfile(&keyname, n, DNS_KEYALG_DH,
 				DST_TYPE_PUBLIC|DST_TYPE_PRIVATE,
 				mctx, &tctx->dhkey));
 	s = NULL;
@@ -69,7 +74,6 @@ dns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx,
 	dns_name_init(tctx->domain, NULL);
 	isc_buffer_init(&b, s, strlen(s));
 	isc_buffer_add(&b, strlen(s));
-	isc_buffer_init(&namebuf, data, sizeof(data));
 	RETERR(dns_name_fromtext(&domain, &b, dns_rootname, ISC_FALSE,
 				 &namebuf));
 	RETERR(dns_name_dup(&domain, mctx, tctx->domain));

bin/tests/dst/dst_test.c

@@ -26,6 +26,8 @@
 #include <isc/region.h>
 #include <isc/string.h>		/* Required for HP/UX (and others?) */
 
+#include <dns/fixedname.h>
+#include <dns/name.h>
 #include <dns/result.h>
 
 #include <dst/dst.h>
@@ -97,7 +99,7 @@ dns(dst_key_t *key, isc_mem_t *mctx) {
 }
 
 static void
-io(char *name, int id, int alg, int type, isc_mem_t *mctx) {
+io(dns_name_t *name, int id, int alg, int type, isc_mem_t *mctx) {
 	dst_key_t *key = NULL;
 	isc_result_t ret;
 
@@ -117,7 +119,7 @@ io(char *name, int id, int alg, int type, isc_mem_t *mctx) {
 }
 
 static void
-dh(char *name1, int id1, char *name2, int id2, isc_mem_t *mctx) {
+dh(dns_name_t *name1, int id1, dns_name_t *name2, int id2, isc_mem_t *mctx) {
 	dst_key_t *key1 = NULL, *key2 = NULL;
 	isc_result_t ret;
 	isc_buffer_t b1, b2;
@@ -183,7 +185,7 @@ generate(int alg, isc_mem_t *mctx) {
 	isc_result_t ret;
 	dst_key_t *key = NULL;
 
-	ret = dst_key_generate("test.", alg, 512, 0, 0, 0, mctx, &key);
+	ret = dst_key_generate(dns_rootname, alg, 512, 0, 0, 0, mctx, &key);
 	printf("generate(%d) returned: %s\n", alg, isc_result_totext(ret));
 
 	if (alg != DST_ALG_DH)
@@ -210,6 +212,9 @@ get_random(void) {
 int
 main(void) {
 	isc_mem_t *mctx = NULL;
+	isc_buffer_t b;
+	dns_fixedname_t fname;
+	dns_name_t *name;
 
 	isc_mem_create(0, 0, &mctx);
 
@@ -219,14 +224,19 @@ main(void) {
 	dns_result_register();
 	dst_result_register();
 
-	io("test.", 6204, DST_ALG_DSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC, mctx);
+	dns_fixedname_init(&fname);
-	io("test.", 54622, DST_ALG_RSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC,
+	name = dns_fixedname_name(&fname);
-	   mctx);
+	isc_buffer_init(&b, "test.", 5);
+	dns_name_fromtext(name, &b, NULL, ISC_FALSE, NULL);
+	io(name, 6204, DST_ALG_DSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC, mctx);
+	io(name, 54622, DST_ALG_RSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC, mctx);
 
-	io("test.", 0, DST_ALG_DSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC, mctx);
+	io(name, 0, DST_ALG_DSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC, mctx);
-	io("test.", 0, DST_ALG_RSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC, mctx);
+	io(name, 0, DST_ALG_RSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC, mctx);
 
-	dh("dh.", 18088, "dh.", 48443, mctx);
+	isc_buffer_init(&b, "dh.", 3);
+	dns_name_fromtext(name, &b, NULL, ISC_FALSE, NULL);
+	dh(name, 18088, name, 48443, mctx);
 
 	generate(DST_ALG_RSA, mctx);
 	generate(DST_ALG_DH, mctx);

bin/tests/dst/t_dst.c

@@ -34,6 +34,9 @@
 #include <isc/string.h>
 #include <isc/util.h>
 
+#include <dns/fixedname.h>
+#include <dns/name.h>
+
 #include <dst/dst.h>
 #include <dst/result.h>
 
@@ -109,7 +112,7 @@ use(dst_key_t *key, isc_result_t exp_result, int *nfails) {
 }
 
 static void
-dh(char *name1, int id1, char *name2, int id2, isc_mem_t *mctx,
+dh(dns_name_t *name1, int id1, dns_name_t *name2, int id2, isc_mem_t *mctx,
    isc_result_t exp_result, int *nfails, int *nprobs)
 {
 	dst_key_t	*key1 = NULL, *key2 = NULL;
@@ -228,7 +231,7 @@ dh(char *name1, int id1, char *name2, int id2, isc_mem_t *mctx,
 }
 
 static void
-io(char *name, int id, int alg, int type, isc_mem_t *mctx,
+io(dns_name_t *name, int id, int alg, int type, isc_mem_t *mctx,
    isc_result_t exp_result, int *nfails, int *nprobs)
 {
 	dst_key_t	*key = NULL;
@@ -302,7 +305,7 @@ generate(int alg, isc_mem_t *mctx, int size, int *nfails) {
 	isc_result_t ret;
 	dst_key_t *key = NULL;
 
-	ret = dst_key_generate("test.", alg, size, 0, 0, 0, mctx, &key);
+	ret = dst_key_generate(dns_rootname, alg, size, 0, 0, 0, mctx, &key);
 	if (ret != ISC_R_SUCCESS) {
 		t_info("dst_key_generate(%d) returned: %s\n", alg,
 		       dst_result_totext(ret));
@@ -369,6 +372,9 @@ t1(void) {
 	int		nprobs;
 	int		result;
 	isc_result_t	isc_result;
+	dns_fixedname_t	fname;
+	dns_name_t	*name;
+	isc_buffer_t	b;
 
 	t_assert("dst", 1, T_REQUIRED, a1);
 
@@ -384,20 +390,28 @@ t1(void) {
 	}
 
 	t_info("testing use of stored keys [1]\n");
-	io("test.", 6204, DST_ALG_DSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC,
+
+	dns_fixedname_init(&fname);
+	name = dns_fixedname_name(&fname);
+	isc_buffer_init(&b, "test.", 5);
+	dns_name_fromtext(name, &b, NULL, ISC_FALSE, NULL);
+	io(name, 6204, DST_ALG_DSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC,
 			mctx, ISC_R_SUCCESS, &nfails, &nprobs);
 	t_info("testing use of stored keys [2]\n");
-	io("test.", 54622, DST_ALG_RSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC,
+	io(name, 54622, DST_ALG_RSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC,
 			mctx, ISC_R_SUCCESS, &nfails, &nprobs);
 
 	t_info("testing use of stored keys [3]\n");
-	io("test.", 0, DST_ALG_DSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC,
+	io(name, 0, DST_ALG_DSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC,
 			mctx, DST_R_NULLKEY, &nfails, &nprobs);
 	t_info("testing use of stored keys [4]\n");
-	io("test.", 0, DST_ALG_RSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC,
+	io(name, 0, DST_ALG_RSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC,
 			mctx, DST_R_NULLKEY, &nfails, &nprobs);
 
-	dh("dh.", 18088, "dh.", 48443, mctx, ISC_R_SUCCESS, &nfails, &nprobs);
+	isc_buffer_init(&b, "dh.", 3);
+	dns_name_fromtext(name, &b, NULL, ISC_FALSE, NULL);
+
+	dh(name, 18088, name, 48443, mctx, ISC_R_SUCCESS, &nfails, &nprobs);
 
 	t_info("testing use of generated keys\n");
 	generate(DST_ALG_RSA, mctx, 512, &nfails);
@@ -599,6 +613,9 @@ t2_sigchk(char *datapath, char *sigpath, char *keyname,
 	isc_buffer_t	sigbuf;
 	isc_region_t	datareg;
 	isc_region_t	sigreg;
+	dns_fixedname_t	fname;
+	dns_name_t	*name;
+	isc_buffer_t	b;
 
 	/*
 	 * Read data from file in a form usable by dst_verify.
@@ -639,7 +656,11 @@ t2_sigchk(char *datapath, char *sigpath, char *keyname,
 	/*
 	 * Read key from file in a form usable by dst_verify.
 	 */
-	isc_result = dst_key_fromfile(keyname, id, alg, type, mctx, &key);
+	dns_fixedname_init(&fname);
+	name = dns_fixedname_name(&fname);
+	isc_buffer_init(&b, keyname, strlen(keyname));
+	dns_name_fromtext(name, &b, dns_rootname, ISC_FALSE, NULL);
+	isc_result = dst_key_fromfile(name, id, alg, type, mctx, &key);
 	if (isc_result != ISC_R_SUCCESS) {
 		t_info("dst_key_fromfile failed %s\n",
 			isc_result_totext(isc_result));

lib/dns/dnssec.c

@@ -16,7 +16,7 @@
  */
 
 /*
- * $Id: dnssec.c,v 1.38 2000/05/20 01:27:28 bwelling Exp $
+ * $Id: dnssec.c,v 1.39 2000/05/24 23:13:19 bwelling Exp $
  * Principal Author: Brian Wellington
  */
 
@@ -62,9 +62,6 @@ typedef struct digestctx {
 static isc_result_t
 digest_callback(void *arg, isc_region_t *data);
 
-static isc_result_t
-keyname_to_name(char *keyname, isc_mem_t *mctx, dns_name_t *name);
-
 static int
 rdata_compare_wrapper(const void *rdata1, const void *rdata2);
 
@@ -88,30 +85,6 @@ digest_callback(void *arg, isc_region_t *data) {
 	return (result);
 }
 
-/*
- * Converts the name of a key into a canonical dns_name_t.
- */
-static isc_result_t
-keyname_to_name(char *keyname, isc_mem_t *mctx, dns_name_t *name) {
-	isc_buffer_t src, dst;
-	unsigned char data[1024];
-	isc_result_t ret;
-	dns_name_t tname;
-
-	dns_name_init(name, NULL);
-	dns_name_init(&tname, NULL);
-	isc_buffer_init(&src, keyname, strlen(keyname));
-	isc_buffer_add(&src, strlen(keyname));
-	isc_buffer_init(&dst, data, sizeof(data));
-	ret = dns_name_fromtext(&tname, &src, NULL, ISC_TRUE, &dst);
-	if (ret != ISC_R_SUCCESS)
-		return (ret);
-
-	ret = dns_name_dup(&tname, mctx, name);
-	dns_name_downcase(name, name, NULL);
-	return (ret);
-}
-
 /*
  * Make qsort happy.
  */
@@ -168,10 +141,8 @@ isc_result_t
 dns_dnssec_keyfromrdata(dns_name_t *name, dns_rdata_t *rdata, isc_mem_t *mctx,
 			dst_key_t **key)
 {
-	isc_buffer_t b, namebuf;
+	isc_buffer_t b;
 	isc_region_t r;
-	isc_result_t ret;
-	char namestr[1024];
 
 	INSIST(name != NULL);
 	INSIST(rdata != NULL);
@@ -179,16 +150,10 @@ dns_dnssec_keyfromrdata(dns_name_t *name, dns_rdata_t *rdata, isc_mem_t *mctx,
 	INSIST(key != NULL);
 	INSIST(*key == NULL);
 
-	isc_buffer_init(&namebuf, namestr, sizeof(namestr) - 1);
-	ret = dns_name_totext(name, ISC_FALSE, &namebuf);
-	if (ret != ISC_R_SUCCESS)
-		return ret;
-	isc_buffer_usedregion(&namebuf, &r);
-	namestr[r.length] = 0;
 	dns_rdata_toregion(rdata, &r);
 	isc_buffer_init(&b, r.base, r.length);
 	isc_buffer_add(&b, r.length);
-	return (dst_key_fromdns(namestr, &b, mctx, key));
+	return (dst_key_fromdns(name, &b, mctx, key));
 }
 
 isc_result_t
@@ -234,9 +199,8 @@ dns_dnssec_sign(dns_name_t *name, dns_rdataset_t *set, dst_key_t *key,
 	sig.common.rdtype = dns_rdatatype_sig;
 	ISC_LINK_INIT(&sig.common, link);
 
-	ret = keyname_to_name(dst_key_name(key), mctx, &sig.signer);
+	dns_name_init(&sig.signer, NULL);
-	if (ret != ISC_R_SUCCESS)
+	dns_name_clone(dst_key_name(key), &sig.signer);
-		return (ret);
 
 	sig.covered = set->type;
 	sig.algorithm = dst_key_alg(key);
@@ -253,7 +217,7 @@ dns_dnssec_sign(dns_name_t *name, dns_rdataset_t *set, dst_key_t *key,
 	sig.siglen = sigsize;
 	sig.signature = isc_mem_get(mctx, sig.siglen);
 	if (sig.signature == NULL)
-		goto cleanup_name;
+		return (ISC_R_NOMEMORY);
 
 	isc_buffer_init(&b, data, sizeof(data));
 	ret = dns_rdata_fromstruct(NULL, sig.common.rdclass,
@@ -344,8 +308,6 @@ cleanup_array:
 	isc_mem_put(mctx, rdatas, nrdatas * sizeof(dns_rdata_t));
 cleanup_signature:
 	isc_mem_put(mctx, sig.signature, sig.siglen);
-cleanup_name:
-	dns_name_free(&sig.signer, mctx);
 
 	return (ret);
 }
@@ -564,7 +526,6 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) {
 	isc_buffer_t headerbuf, databuf, sigbuf;
 	unsigned int sigsize;
 	isc_buffer_t *dynbuf;
-	dns_name_t signer;
 	dns_rdata_t *rdata;
 	dns_rdatalist_t *datalist;
 	dns_rdataset_t *dataset;
@@ -601,8 +562,8 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) {
 
 	sig.keyid = dst_key_id(key);
 
-	dns_name_init(&signer, NULL);
+	dns_name_init(&sig.signer, NULL);
-	RETERR(keyname_to_name(dst_key_name(key), mctx, &sig.signer));
+	dns_name_clone(dst_key_name(key), &sig.signer);
 
 	sig.siglen = 0;
 	sig.signature = NULL;
@@ -660,7 +621,6 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) {
 				    dns_rdatatype_sig, &sig, dynbuf));
 
 	isc_mem_put(mctx, sig.signature, sig.siglen);
-	dns_name_free(&sig.signer, mctx);
 	signeedsfree = ISC_FALSE;
 
 	dns_message_takebuffer(msg, &dynbuf);
@@ -684,10 +644,8 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) {
 failure:
 	if (dynbuf != NULL)
 		isc_buffer_free(&dynbuf);
-	if (signeedsfree) {
+	if (signeedsfree)
 		isc_mem_put(mctx, sig.signature, sig.siglen);
-		dns_name_free(&sig.signer, mctx);
-	}
 
 	return (result);
 }

lib/dns/keytable.c

@@ -184,10 +184,7 @@ dns_keytable_add(dns_keytable_t *keytable, dst_key_t **keyp) {
 	isc_result_t result;
 	dns_keynode_t *knode;
 	dns_rbtnode_t *node;
-	dns_fixedname_t fname;
+	dns_name_t *keyname;
-	char *keyname;
-	isc_buffer_t buffer;
-	size_t len;
 
 	/*
 	 * Add '*keyp' to 'keytable'.
@@ -197,15 +194,6 @@ dns_keytable_add(dns_keytable_t *keytable, dst_key_t **keyp) {
 	REQUIRE(keyp != NULL);
 
 	keyname = dst_key_name(*keyp);
-	INSIST(keyname != NULL);
-	len = strlen(keyname);
-	isc_buffer_init(&buffer, keyname, len);
-	isc_buffer_add(&buffer, len);
-	dns_fixedname_init(&fname);
-	result = dns_name_fromtext(dns_fixedname_name(&fname), &buffer,
-				   dns_rootname, ISC_FALSE, NULL);
-	if (result != ISC_R_SUCCESS)
-		return (result);
 
 	knode = isc_mem_get(keytable->mctx, sizeof *knode);
 	if (knode == NULL)
@@ -214,8 +202,7 @@ dns_keytable_add(dns_keytable_t *keytable, dst_key_t **keyp) {
 	RWLOCK(&keytable->rwlock, isc_rwlocktype_write);
 
 	node = NULL;
-	result = dns_rbt_addnode(keytable->table, dns_fixedname_name(&fname),
+	result = dns_rbt_addnode(keytable->table, keyname, &node);
-				 &node);
 
 	if (result == ISC_R_SUCCESS || result == ISC_R_EXISTS) {
 		knode->magic = KEYNODE_MAGIC;

lib/dns/message.c

@@ -2385,11 +2385,8 @@ dns_message_checksig(dns_message_t *msg, dns_view_t *view) {
 			isc_buffer_init(&b, rdata.data, rdata.length);
 			isc_buffer_add(&b, rdata.length);
 
-			/*
+			result = dst_key_fromdns(&sig.signer, &b, view->mctx,
-			 * XXXBEW should actually pass in the key name,
+						 &key);
-			 * but it's not used anyway.
-			 */
-			result = dst_key_fromdns("", &b, view->mctx, &key);
 			if (result != ISC_R_SUCCESS)
 				continue;
 			if (dst_key_alg(key) != sig.algorithm ||

lib/dns/sec/dst/dst_api.c

@@ -19,7 +19,7 @@
 
 /*
  * Principal Author: Brian Wellington
- * $Id: dst_api.c,v 1.40 2000/05/24 05:09:36 tale Exp $
+ * $Id: dst_api.c,v 1.41 2000/05/24 23:13:28 bwelling Exp $
  */
 
 #include <config.h>
@@ -36,6 +36,7 @@
 #include <isc/time.h>
 #include <isc/util.h>
 
+#include <dns/name.h>
 #include <dns/rdata.h>
 #include <dns/keyvalues.h>
 
@@ -56,10 +57,10 @@ static isc_mutex_t random_lock;
 
 /* Static functions */
 static void		initialize(void);
-static dst_key_t *	get_key_struct(const char *name, const int alg,
+static dst_key_t *	get_key_struct(dns_name_t *name, const int alg,
 				       const int flags, const int protocol,
 				       const int bits, isc_mem_t *mctx);
-static isc_result_t	read_public_key(const char *name,
+static isc_result_t	read_public_key(dns_name_t *name,
 					const isc_uint16_t id, int in_alg,
 					isc_mem_t *mctx, dst_key_t **keyp);
 static isc_result_t	write_public_key(const dst_key_t *key);
@@ -314,14 +315,14 @@ dst_key_tofile(const dst_key_t *key, const int type) {
  *	!ISC_R_SUCCESS	Failure
  */
 isc_result_t
-dst_key_fromfile(const char *name, const isc_uint16_t id, const int alg,
+dst_key_fromfile(dns_name_t *name, const isc_uint16_t id, const int alg,
 		 const int type, isc_mem_t *mctx, dst_key_t **keyp)
 {
 	dst_key_t *key = NULL, *pubkey = NULL;
 	isc_result_t ret;
 
 	RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS);
-	REQUIRE(name != NULL);
+	REQUIRE(dns_name_isabsolute(name));
 	REQUIRE(mctx != NULL);
 	REQUIRE(keyp != NULL && *keyp == NULL);
 
@@ -346,7 +347,7 @@ dst_key_fromfile(const char *name, const isc_uint16_t id, const int alg,
 		}
 	
 		key = get_key_struct(name, pubkey->key_alg, pubkey->key_flags,
-					   pubkey->key_proto, 0, mctx);
+				     pubkey->key_proto, 0, mctx);
 		dst_key_free(&pubkey);
 	}
 
@@ -423,7 +424,7 @@ dst_key_todns(const dst_key_t *key, isc_buffer_t *target) {
  */
 
 isc_result_t
-dst_key_fromdns(const char *name, isc_buffer_t *source, isc_mem_t *mctx,
+dst_key_fromdns(dns_name_t *name, isc_buffer_t *source, isc_mem_t *mctx,
 		dst_key_t **keyp)
 {
 	isc_region_t r;
@@ -433,7 +434,7 @@ dst_key_fromdns(const char *name, isc_buffer_t *source, isc_mem_t *mctx,
 	dst_key_t *key = NULL;
 
 	RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS);
-	REQUIRE(name != NULL);
+	REQUIRE(dns_name_isabsolute(name));
 	REQUIRE(source != NULL);
 	REQUIRE(mctx != NULL);
 	REQUIRE(keyp != NULL && *keyp == NULL);
@@ -488,7 +489,7 @@ dst_key_fromdns(const char *name, isc_buffer_t *source, isc_mem_t *mctx,
  *	!ISC_R_SUCCESS	Failure
  */
 isc_result_t
-dst_key_frombuffer(const char *name, const int alg, const int flags,
+dst_key_frombuffer(dns_name_t *name, const int alg, const int flags,
 		   const int protocol, isc_buffer_t *source, isc_mem_t *mctx,
 		   dst_key_t **keyp)
 {
@@ -496,7 +497,7 @@ dst_key_frombuffer(const char *name, const int alg, const int flags,
 	isc_result_t ret;
 
 	RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS);
-	REQUIRE(name != NULL);
+	REQUIRE(dns_name_isabsolute(name));
 	REQUIRE(source != NULL);
 	REQUIRE(mctx != NULL);
 	REQUIRE(keyp != NULL && *keyp == NULL);
@@ -570,7 +571,7 @@ dst_key_tobuffer(const dst_key_t *key, isc_buffer_t *target) {
  *	!ISC_R_SUCCESS	Failure
  */
 isc_result_t
-dst_key_generate(const char *name, const int alg, const int bits,
+dst_key_generate(dns_name_t *name, const int alg, const int bits,
 		 const int exp, const int flags, const int protocol,
 		 isc_mem_t *mctx, dst_key_t **keyp)
 {
@@ -578,7 +579,7 @@ dst_key_generate(const char *name, const int alg, const int bits,
 	isc_result_t ret;
 
 	RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS);
-	REQUIRE(name != NULL);
+	REQUIRE(dns_name_isabsolute(name));
 	REQUIRE(mctx != NULL);
 	REQUIRE(keyp != NULL && *keyp == NULL);
 
@@ -680,13 +681,14 @@ dst_key_free(dst_key_t **keyp) {
 	if (key->opaque != NULL)
 		key->func->destroy(key->opaque, mctx);
 
-	isc_mem_free(mctx, key->key_name);
+	dns_name_free(key->key_name, mctx);
+	isc_mem_put(mctx, key->key_name, sizeof(dns_name_t));
 	memset(key, 0, sizeof(dst_key_t));
 	isc_mem_put(mctx, key, sizeof(dst_key_t));
 	*keyp = NULL;
 }
 
-char *
+dns_name_t *
 dst_key_name(const dst_key_t *key) {
 	REQUIRE(VALID_KEY(key));
 	return (key->key_name);
@@ -757,11 +759,10 @@ dst_key_isnullkey(const dst_key_t *key) {
 }
 
 isc_result_t
-dst_key_buildfilename(const dst_key_t *key, const int type, isc_buffer_t *out)
+dst_key_buildfilename(const dst_key_t *key, const int type, isc_buffer_t *out) {
-{
 	char *suffix;
-	unsigned int namelen;
+	unsigned int len;
-	isc_region_t r;
+	isc_result_t result;
 
 	REQUIRE(VALID_KEY(key));
 	REQUIRE(type == DST_TYPE_PRIVATE || type == DST_TYPE_PUBLIC ||
@@ -773,32 +774,35 @@ dst_key_buildfilename(const dst_key_t *key, const int type, isc_buffer_t *out)
 		suffix = ".private";
 	else
 		suffix = ".key";
-	namelen =  1 + strlen(key->key_name) + 1 + 3 + 1 + 5 + 1 +
+	if (isc_buffer_availablelength(out) < 1)
-		   strlen(suffix);
-	isc_buffer_availableregion(out, &r);
-	if (namelen >= r.length)
 		return (ISC_R_NOSPACE);
-	if (namelen >= ISC_DIR_NAMEMAX)
+	isc_buffer_putstr(out, "K");
-		return (ISC_R_INVALIDFILE);
+	result = dns_name_totext(key->key_name, ISC_FALSE, out);
-	sprintf((char *) r.base, "K%s+%03d+%05d%s", key->key_name,
+	if (result != ISC_R_SUCCESS)
+		return (result);
+	len = 1 + 3 + 1 + 5 + strlen(suffix) + 1;
+	if (isc_buffer_availablelength(out) < len)
+		return (ISC_R_NOSPACE);
+	sprintf((char *) isc_buffer_used(out), "+%03d+%05d%s",
 		key->key_alg, key->key_id, suffix);
-	isc_buffer_add(out, namelen);
+	isc_buffer_add(out, len);
 	return (ISC_R_SUCCESS);
 }
 
 isc_result_t
-dst_key_parsefilename(isc_buffer_t *source, isc_mem_t *mctx, char **name,
+dst_key_parsefilename(isc_buffer_t *source, isc_mem_t *mctx, dns_name_t *name,
 		      isc_uint16_t *id, int *alg, char **suffix)
 {
 	isc_result_t result = ISC_R_SUCCESS;
 	char c, str[6], *p, *endp;
 	isc_region_t r;
+	isc_buffer_t b;
 	unsigned int length;
 	long l;
 
 	REQUIRE(source != NULL);
 	REQUIRE(mctx != NULL);
-	REQUIRE(name != NULL && *name == NULL);
+	REQUIRE(dns_name_hasbuffer(name));
 	REQUIRE(id != NULL);
 	REQUIRE(alg != NULL);
 	REQUIRE(suffix == NULL || *suffix == NULL);
@@ -806,10 +810,9 @@ dst_key_parsefilename(isc_buffer_t *source, isc_mem_t *mctx, char **name,
 	if (isc_buffer_remaininglength(source) < 1)
 		return (ISC_R_UNEXPECTEDEND);
 	c = (char) isc_buffer_getuint8(source);
-	if (c != 'K') {
+	if (c != 'K')
-		result = ISC_R_INVALIDFILE;
+		return (ISC_R_INVALIDFILE);
-		goto fail;
+
-	}
 	isc_buffer_remainingregion(source, &r);
 	p = (char *)r.base;
 	length = r.length;
@@ -819,45 +822,35 @@ dst_key_parsefilename(isc_buffer_t *source, isc_mem_t *mctx, char **name,
 	}
 	if (length == 0)
 		return (ISC_R_UNEXPECTEDEND);
-	length = p - (char *) r.base;
+	length = p - (char *)r.base;
-	*name = isc_mem_get(mctx, length + 1);
+	isc_buffer_init(&b, r.base, length);
-	if (*name == NULL)
+	isc_buffer_add(&b, length);
-		return (ISC_R_NOMEMORY);
+	result = dns_name_fromtext(name, &b, dns_rootname, ISC_FALSE, NULL);
-	memcpy(*name, r.base, length);
+	if (result != ISC_R_SUCCESS)
-	(*name)[length] = 0;
+		return (result);
 	isc_buffer_forward(source, length);
-	if (isc_buffer_remaininglength(source) < 1 + 3 + 1 + 5) {
+	if (isc_buffer_remaininglength(source) < 1 + 3 + 1 + 5)
-		result = ISC_R_UNEXPECTEDEND;
+		return (ISC_R_UNEXPECTEDEND);
-		goto fail;
-	}
 	c = (char) isc_buffer_getuint8(source);
-	if (c != '+') {
+	if (c != '+')
-		result = ISC_R_INVALIDFILE;
+		return (ISC_R_INVALIDFILE);
-		goto fail;
-	}
 	isc_buffer_remainingregion(source, &r);
 	memcpy(str, r.base, 3);
 	str[3] = 0;
 	*alg = strtol(str, &endp, 10);
-	if (*endp != '\0') {
+	if (*endp != '\0')
-		result = ISC_R_INVALIDFILE;
+		return (ISC_R_INVALIDFILE);
-		goto fail;
-	}
 	isc_buffer_forward(source, 3);
 	c = (char) isc_buffer_getuint8(source);
-	if (c != '+') {
+	if (c != '+')
-		result = ISC_R_INVALIDFILE;
+		return (ISC_R_INVALIDFILE);
-		goto fail;
-	}
 	isc_buffer_remainingregion(source, &r);
 	memcpy(str, r.base, 5);
 	str[5] = 0;
 
 	l = strtol(str, &endp, 10);
-	if (*endp != '\0' || l > (isc_uint16_t)-1) {
+	if (*endp != '\0' || l > (isc_uint16_t)-1)
-		result = ISC_R_INVALIDFILE;
+		return (ISC_R_INVALIDFILE);
-		goto fail;
-	}
 	*id = (isc_uint16_t)l;
 
 	isc_buffer_forward(source, 5);
@@ -865,20 +858,12 @@ dst_key_parsefilename(isc_buffer_t *source, isc_mem_t *mctx, char **name,
 		return (ISC_R_SUCCESS);
 	isc_buffer_remainingregion(source, &r);
 	*suffix = isc_mem_get(mctx, r.length + 1);
-	if (*suffix == NULL) {
+	if (*suffix == NULL)
-		result = ISC_R_NOMEMORY;
+		return (ISC_R_NOMEMORY);
-		goto fail;
-	}
 	if (r.length > 0)
 		memcpy(*suffix, r.base, r.length);
 	(*suffix)[r.length] = 0;
 	return (ISC_R_SUCCESS);
-
- fail:
-	if (*name != NULL)
-		 isc_mem_put(mctx, name, strlen(*name) + 1);
-	return (result);
-
 }
 
 /*
@@ -1051,10 +1036,11 @@ initialize(void) {
  *	valid pointer	otherwise
  */
 static dst_key_t *
-get_key_struct(const char *name, const int alg, const int flags,
+get_key_struct(dns_name_t *name, const int alg, const int flags,
 	       const int protocol, const int bits, isc_mem_t *mctx)
 {
 	dst_key_t *key; 
+	isc_result_t result;
 
 	REQUIRE(dst_algorithm_supported(alg) != ISC_FALSE);
 
@@ -1064,20 +1050,18 @@ get_key_struct(const char *name, const int alg, const int flags,
 
 	memset(key, 0, sizeof(dst_key_t));
 	key->magic = KEY_MAGIC;
-	if (name[strlen(name) - 1] == '.') {
+
-		key->key_name = isc_mem_strdup(mctx, name);
+	key->key_name = isc_mem_get(mctx, sizeof(dns_name_t));
-		if (key->key_name == NULL) {
+	if (key->key_name == NULL) {
-			isc_mem_free(mctx, key);
+		isc_mem_put(mctx, key, sizeof(dst_key_t));
-			return (NULL);
+		return (NULL);
-		}
 	}
-	else {
+	dns_name_init(key->key_name, NULL);
-		key->key_name = isc_mem_allocate(mctx, strlen(name) + 2);
+	result = dns_name_dup(name, mctx, key->key_name);
-		if (key->key_name == NULL) {
+	if (result != ISC_R_SUCCESS) {
-			isc_mem_free(mctx, key);
+		isc_mem_put(mctx, key->key_name, sizeof(dns_name_t));
-			return (NULL);
+		isc_mem_put(mctx, key, sizeof(dst_key_t));
-		}
+		return (NULL);
-		sprintf(key->key_name, "%s.", name);
 	}
 	key->key_alg = alg;
 	key->key_flags = flags;
@@ -1090,7 +1074,7 @@ get_key_struct(const char *name, const int alg, const int flags,
 }
 
 /*
- *  dst_read_public_key
+ *  read_public_key
  *	Read a public key from disk
  *  Parameters
  *	name		The name
@@ -1104,7 +1088,7 @@ get_key_struct(const char *name, const int alg, const int flags,
  */
 
 static isc_result_t
-read_public_key(const char *name, const isc_uint16_t id, int alg,
+read_public_key(dns_name_t *name, const isc_uint16_t id, int alg,
 		isc_mem_t *mctx, dst_key_t **keyp)
 {
 	char filename[ISC_DIR_NAMEMAX];
@@ -1258,7 +1242,11 @@ write_public_key(const dst_key_t *key) {
 	if ((fp = fopen(filename, "w")) == NULL)
 		return (DST_R_WRITEERROR);
 
-	fprintf(fp, "%s IN KEY ", key->key_name);
+	ret = dns_name_print(key->key_name, fp);
+	if (ret != ISC_R_SUCCESS)
+		return (ret);
+
+	fprintf(fp, " IN KEY ");
 	fwrite(r.base, 1, r.length, fp);
 	fputc('\n', fp);
 	fclose(fp);

lib/dns/sec/dst/dst_internal.h

@@ -47,7 +47,7 @@ typedef struct dst_func dst_func;
 
 struct dst_key {
 	unsigned int	magic;
-	char *		key_name;	/* name of the key */
+	dns_name_t *	key_name;	/* name of the key */
 	int		key_size;	/* size of the key in bits */
 	int		key_proto;	/* protocols this key is used for */
 	int		key_alg;	/* algorithm of the key */

lib/dns/sec/dst/include/dst/dst.h

@@ -4,6 +4,8 @@
 #include <isc/lang.h>
 #include <isc/types.h>
 
+#include <dns/types.h>
+
 ISC_LANG_BEGINDECLS
 
 /***
@@ -132,13 +134,13 @@ dst_key_computesecret(const dst_key_t *pub, const dst_key_t *priv,
  */
 
 isc_result_t
-dst_key_fromfile(const char *name, const isc_uint16_t id, const int alg,
+dst_key_fromfile(dns_name_t *name, const isc_uint16_t id, const int alg,
 		 const int type, isc_mem_t *mctx, dst_key_t **keyp);
 /*
  * Reads a key from permanent storage.
  *
  * Requires:
- *	"name" is not NULL.
+ *	"name" is a valid absolute dns name.
  *	"id" is a valid key tag identifier.
  *	"alg" is a supported key algorithm.
  *	"type" is either DST_TYPE_PUBLIC or DST_TYPE_PRIVATE.
@@ -160,13 +162,13 @@ dst_key_tofile(const dst_key_t *key, const int type);
  */
 
 isc_result_t
-dst_key_fromdns(const char *name, isc_buffer_t *source, isc_mem_t *mctx,
+dst_key_fromdns(dns_name_t *name, isc_buffer_t *source, isc_mem_t *mctx,
 		dst_key_t **keyp);
 /*
  * Converts a DNS KEY record into a DST key.
  *
  * Requires:
- *	"name" is not NULL.
+ *	"name" is a valid absolute dns name.
  *	"source" is a valid buffer.  There must be at least 4 bytes available.
  *	"mctx" is a valid memory context.
  *	"keyp" is not NULL and "*keyp" is NULL.
@@ -190,14 +192,14 @@ dst_key_todns(const dst_key_t *key, isc_buffer_t *target);
  */
 
 isc_result_t
-dst_key_frombuffer(const char *name, const int alg, const int flags,
+dst_key_frombuffer(dns_name_t *name, const int alg, const int flags,
 		   const int protocol, isc_buffer_t *source, isc_mem_t *mctx,
 		   dst_key_t **keyp);
 /*
  * Converts a buffer containing DNS KEY RDATA into a DST key.
  *
  * Requires:
- *	"name" is not NULL.
+ *	"name" is a valid absolute dns name.
  *	"alg" is a supported key algorithm.
  *	"source" is a valid buffer.
  *	"mctx" is a valid memory context.
@@ -222,14 +224,14 @@ dst_key_tobuffer(const dst_key_t *key, isc_buffer_t *target);
  */
 
 isc_result_t
-dst_key_generate(const char *name, const int alg, const int bits,
+dst_key_generate(dns_name_t *name, const int alg, const int bits,
 		 const int param, const int flags, const int protocol,
 		 isc_mem_t *mctx, dst_key_t **keyp);
 /*
  * Generate a DST key (or keypair)
  *
  * Requires:
- *	"name" is not NULL
+ *	"name" is a valid absolute dns name.
  *	"alg" is a supported algorithm
  *	"bits" is a valid key size for the given algorithm
  *	"keyp" is not NULL and "*keyp" is NULL.
@@ -277,7 +279,7 @@ dst_key_free(dst_key_t **keyp);
  * Require:
  *	"key" is a valid key.
  */
-char *
+dns_name_t *
 dst_key_name(const dst_key_t *key);
 
 int
@@ -320,7 +322,7 @@ dst_key_buildfilename(const dst_key_t *key, const int type, isc_buffer_t *out);
  */
 
 isc_result_t
-dst_key_parsefilename(isc_buffer_t *source, isc_mem_t *mctx, char **name,
+dst_key_parsefilename(isc_buffer_t *source, isc_mem_t *mctx, dns_name_t *name,
 		      isc_uint16_t *id, int *alg, char **suffix);
 /*
  * Parses a dst key filename into its components.
@@ -328,7 +330,7 @@ dst_key_parsefilename(isc_buffer_t *source, isc_mem_t *mctx, char **name,
  * Requires:
  *	"source" is a valid buffer
  *	"mctx" is a valid memory context
- *	"name" is not NULL and "*name" is NULL
+ *	"name" is a valid name with a dedicated buffer
  *	"id" and "alg" are not NULL
  *	Either "suffix" is NULL or "suffix" is not NULL and "*suffix" is NULL
  *

lib/dns/tkey.c

@@ -16,7 +16,7 @@
  */
 
 /*
- * $Id: tkey.c,v 1.38 2000/05/23 23:36:39 bwelling Exp $
+ * $Id: tkey.c,v 1.39 2000/05/24 23:13:23 bwelling Exp $
  * Principal Author: Brian Wellington
  */
 
@@ -218,11 +218,10 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name,
 	dns_rdata_t keyrdata, ourkeyrdata;
 	isc_boolean_t found_key = ISC_FALSE, found_incompatible = ISC_FALSE;
 	dst_key_t *pubkey = NULL;
-	isc_buffer_t ourkeybuf, ournamein, ournameout, *shared = NULL;
+	isc_buffer_t ourkeybuf, *shared = NULL;
 	isc_region_t r, r2, ourkeyr;
 	isc_uint32_t ourttl;
 	unsigned char keydata[DST_KEY_MAXSIZE];
-	unsigned char namedata[1024];
 	unsigned int sharedsize;
 	isc_buffer_t randombuf, secret;
 	unsigned char *randomdata = NULL, secretdata[256];
@@ -285,13 +284,10 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name,
 	isc_buffer_usedregion(&ourkeybuf, &ourkeyr);
 	dns_rdata_fromregion(&ourkeyrdata, dns_rdataclass_any,
 			     dns_rdatatype_key, &ourkeyr);
-	isc_buffer_init(&ournamein, dst_key_name(tctx->dhkey),
+
-		        strlen(dst_key_name(tctx->dhkey)));
+
-	isc_buffer_add(&ournamein, strlen(dst_key_name(tctx->dhkey)));
-	isc_buffer_init(&ournameout, namedata, sizeof(namedata));
 	dns_name_init(&ourname, NULL);
-	RETERR(dns_name_fromtext(&ourname, &ournamein, dns_rootname, ISC_FALSE,
+	dns_name_clone(dst_key_name(tctx->dhkey), &ourname);
-				 &ournameout));
 	ourttl = 0;
 #if 0
 	/*
@@ -721,7 +717,7 @@ dns_tkey_builddhquery(dns_message_t *msg, dst_key_t *key, dns_name_t *name,
 {
 	dns_rdata_tkey_t tkey;
 	dns_rdata_t *rdata = NULL;
-	isc_buffer_t src, *dynbuf = NULL;
+	isc_buffer_t *dynbuf = NULL;
 	isc_region_t r;
 	dns_name_t keyname;
 	dns_namelist_t namelist;
@@ -769,13 +765,10 @@ dns_tkey_builddhquery(dns_message_t *msg, dst_key_t *key, dns_name_t *name,
 	dns_rdata_fromregion(rdata, dns_rdataclass_any,
 			     dns_rdatatype_key, &r);
 	dns_message_takebuffer(msg, &dynbuf);
-	isc_buffer_init(&src, dst_key_name(key), strlen(dst_key_name(key)));
+
-	isc_buffer_add(&src, strlen(dst_key_name(key)));
-	RETERR(isc_buffer_allocate(msg->mctx, &dynbuf, 1024));
 	dns_name_init(&keyname, NULL);
-	RETERR(dns_name_fromtext(&keyname, &src, dns_rootname, ISC_FALSE,
+	dns_name_clone(dst_key_name(key), &keyname);
-				 dynbuf));
+
-	dns_message_takebuffer(msg, &dynbuf);
 	ISC_LIST_INIT(namelist);
 	RETERR(add_rdata_to_list(msg, &keyname, rdata, 0, &namelist));
 	dns_message_addname(msg, ISC_LIST_HEAD(namelist),
@@ -851,9 +844,9 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg,
 	dns_rdata_t theirkeyrdata;
 	dst_key_t *theirkey;
 	dns_rdata_tkey_t qtkey, rtkey;
-	unsigned char keydata[1024], secretdata[256];
+	unsigned char secretdata[256];
 	unsigned int sharedsize;
-	isc_buffer_t keysrc, keybuf, *shared = NULL, secret;
+	isc_buffer_t *shared = NULL, secret;
 	isc_region_t r, r2;
 	isc_result_t result;
 
@@ -886,12 +879,8 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg,
 		goto failure;
 	}
 
-	isc_buffer_init(&keysrc, dst_key_name(key), strlen(dst_key_name(key)));
-	isc_buffer_add(&keysrc, strlen(dst_key_name(key)));
-	isc_buffer_init(&keybuf, keydata, sizeof(keydata));
 	dns_name_init(&keyname, NULL);
-	RETERR(dns_name_fromtext(&keyname, &keysrc, dns_rootname,
+	dns_name_clone(dst_key_name(key), &keyname);
-				 ISC_FALSE, &keybuf));
 
 	ourkeyname = NULL;
 	ourkeyset = NULL;

lib/dns/tkeyconf.c

@@ -43,7 +43,7 @@ dns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx,
 	int n;
 	isc_buffer_t b, namebuf;
 	unsigned char data[1024];
-	dns_name_t domain;
+	dns_name_t domain, keyname;
 
 	result = dns_tkeyctx_create(mctx, &tctx);
 	if (result != ISC_R_SUCCESS)
@@ -55,7 +55,12 @@ dns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx,
 		*tctxp = tctx;
 		return (ISC_R_SUCCESS);
 	}
-	RETERR(dst_key_fromfile(s, n, DNS_KEYALG_DH,
+	isc_buffer_init(&namebuf, data, sizeof(data));
+	dns_name_init(&keyname, NULL);
+	isc_buffer_init(&b, s, strlen(s));
+	isc_buffer_add(&b, strlen(s));
+	dns_name_fromtext(&keyname, &b, dns_rootname, ISC_FALSE, &namebuf);
+	RETERR(dst_key_fromfile(&keyname, n, DNS_KEYALG_DH,
 				DST_TYPE_PUBLIC|DST_TYPE_PRIVATE,
 				mctx, &tctx->dhkey));
 	s = NULL;
@@ -69,7 +74,6 @@ dns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx,
 	dns_name_init(tctx->domain, NULL);
 	isc_buffer_init(&b, s, strlen(s));
 	isc_buffer_add(&b, strlen(s));
-	isc_buffer_init(&namebuf, data, sizeof(data));
 	RETERR(dns_name_fromtext(&domain, &b, dns_rootname, ISC_FALSE,
 				 &namebuf));
 	RETERR(dns_name_dup(&domain, mctx, tctx->domain));

lib/dns/tsig.c

@@ -16,7 +16,7 @@
  */
 
 /*
- * $Id: tsig.c,v 1.62 2000/05/24 05:09:15 tale Exp $
+ * $Id: tsig.c,v 1.63 2000/05/24 23:13:25 bwelling Exp $
  * Principal Author: Brian Wellington
  */
 
@@ -57,12 +57,10 @@ dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm,
 		   isc_stdtime_t expire, isc_mem_t *mctx,
 		   dns_tsig_keyring_t *ring, dns_tsigkey_t **key)
 {
-	isc_buffer_t b, nameb;
+	isc_buffer_t b;
-	char namestr[1025];
 	isc_uint16_t alg;
 	dns_tsigkey_t *tkey;
 	isc_result_t ret;
-	isc_region_t r;
 
 	REQUIRE(key == NULL || *key == NULL);
 	REQUIRE(name != NULL);
@@ -109,14 +107,6 @@ dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm,
 	else
 		tkey->creator = NULL;
 
-	isc_buffer_init(&nameb, namestr, sizeof(namestr) - 1);
-	ret = dns_name_totext(name, ISC_FALSE, &nameb);
-	if (ret != ISC_R_SUCCESS)
-		goto cleanup_algorithm;
-
-	isc_buffer_usedregion(&nameb, &r);
-	namestr[r.length] = '\0';
-
 	tkey->key = NULL;
 	tkey->ring = NULL;
 	if (length > 0) {
@@ -124,7 +114,7 @@ dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm,
 
 		isc_buffer_init(&b, secret, length);
 		isc_buffer_add(&b, length);
-		ret = dst_key_frombuffer(namestr, alg,
+		ret = dst_key_frombuffer(name, alg,
 					 DNS_KEYOWNER_ENTITY,
 					 DNS_KEYPROTO_DNSSEC,
 					 &b, mctx, &tkey->key);

lib/dns/validator.c

@@ -558,7 +558,8 @@ containsnullkey(dns_validator_t *val, dns_rdataset_t *rdataset) {
 		 * The key name is unimportant, so we can avoid any name/text
 		 * conversion.
 		 */
-		result = dst_key_fromdns("", &b, val->view->mctx, &key);
+		result = dst_key_fromdns(dns_rootname, &b, val->view->mctx,
+					 &key);
 		if (result != ISC_R_SUCCESS)
 			continue;
 		if (dst_key_isnullkey(key))
@@ -583,7 +584,6 @@ get_dst_key(dns_validator_t *val, dns_siginfo_t *siginfo,
 	isc_result_t result;
 	isc_buffer_t b;
 	dns_rdata_t rdata;
-	char ntext[1024];
 	dst_key_t *oldkey = val->key;
 	isc_boolean_t foundold;
 
@@ -599,24 +599,11 @@ get_dst_key(dns_validator_t *val, dns_siginfo_t *siginfo,
 		goto failure;
 	do {
 		dns_rdataset_current(rdataset, &rdata);
-		/*
-		 * We keep one byte of ntext in reserve so
-		 * we're sure we can NUL terminate.
-		 */
-		isc_buffer_init(&b, ntext, sizeof(ntext) - 1);
-		result = dns_name_totext(&siginfo->signer, ISC_FALSE, &b);
-		if (result != ISC_R_SUCCESS)
-			goto failure;
-
-		/*
-		 * NUL-terminate the character string.
-		 */
-		isc_buffer_putuint8(&b, 0);
 
 		isc_buffer_init(&b, rdata.data, rdata.length);
 		isc_buffer_add(&b, rdata.length);
 		INSIST(val->key == NULL);
-		result = dst_key_fromdns(ntext, &b, val->view->mctx,
+		result = dst_key_fromdns(&siginfo->signer, &b, val->view->mctx,
 					 &val->key);
 		if (result != ISC_R_SUCCESS)
 			goto failure;

lib/omapi/auth.c

@@ -15,7 +15,7 @@
  * SOFTWARE.
  */
 
-/* $Id: auth.c,v 1.6 2000/05/08 14:38:08 tale Exp $ */
+/* $Id: auth.c,v 1.7 2000/05/24 23:13:32 bwelling Exp $ */
 
 /* Principal Author: DCL */
 
@@ -110,6 +110,9 @@ auth_makekey(const char *name, unsigned int algorithm, dst_key_t **key) {
 	auth_t *auth = NULL;
 	unsigned int dst_algorithm;
 	unsigned int secret_len;
+	dns_name_t dnsname;
+	char namebuf[1025];
+	isc_buffer_t srcb, dstb;
 
 	REQUIRE(name != NULL && algorithm != 0);
 	REQUIRE(key != NULL && *key == NULL);
@@ -136,7 +139,14 @@ auth_makekey(const char *name, unsigned int algorithm, dst_key_t **key) {
 
 		isc_buffer_add(&secret, secret_len);
 
-		result = dst_key_frombuffer(auth->name, dst_algorithm, 0,
+		dns_name_init(&dnsname, NULL);
+		isc_buffer_init(&srcb, auth->name, strlen(auth->name));
+		isc_buffer_init(&dstb, namebuf, sizeof(namebuf));
+		result = dns_name_fromtext(&dnsname, &srcb, dns_rootname,
+					   ISC_FALSE, &dstb);
+		if (result != ISC_R_SUCCESS)
+			return (result);
+		result = dst_key_frombuffer(&dnsname, dst_algorithm, 0,
 					    0, &secret, omapi_mctx, key);
 	}