mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 22:15:20 +00:00
Code Issues Releases Wiki Activity

cleanup: more consistent abbreviated DS digest type mnemonics

Browse Source 
BIND supports the non-standard DNSKEY algorithm mnemonic ECDSA256
everywhere ECDSAP256SHA256 is allowed, and allows algorithm numbers
interchangeably with mnemonics. This is all done in one place by the
dns_secalg_fromtext() function.

DS digest types were less consistent: the rdata parser does not allow
abbreviations like SHA1, but the dnssec-* command line tools do; and
the command line tools do not alow numeric types though that is the
norm in rdata.

The command line tools now use the dns_dsdigest_fromtext() function
instead of rolling their own variant, and dns_dsdigest_fromtext() now
knows about abbreviated digest type mnemonics.
This commit is contained in:
Tony Finch
2019-10-02 19:43:09 +01:00
committed by Ondřej Surý
parent 8c33b12741
commit b770ea976d
2 changed files with 17 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
bin/dnssec/dnssectool.c
View File

@@ -314,35 +314,30 @@ dns_rdataclass_t
strtoclass(const char *str) { strtoclass(const char *str) {
isc_textregion_t r; isc_textregion_t r;
dns_rdataclass_t rdclass; dns_rdataclass_t rdclass;
isc_result_t ret; isc_result_t result;
if (str == NULL) if (str == NULL)
return dns_rdataclass_in; return dns_rdataclass_in;
DE_CONST(str, r.base); DE_CONST(str, r.base);
r.length = strlen(str); r.length = strlen(str);
ret = dns_rdataclass_fromtext(&rdclass, &r); result = dns_rdataclass_fromtext(&rdclass, &r);
if (ret != ISC_R_SUCCESS) if (result != ISC_R_SUCCESS)
fatal("unknown class %s", str); fatal("unknown class %s", str);
return (rdclass); return (rdclass);
} }
unsigned int unsigned int
strtodsdigest(const char *algname) { strtodsdigest(const char *str) {
if (strcasecmp(algname, "SHA1") == 0 || isc_textregion_t r;
strcasecmp(algname, "SHA-1") == 0) dns_dsdigest_t alg;
{ isc_result_t result;
return (DNS_DSDIGEST_SHA1);
} else if (strcasecmp(algname, "SHA256") == 0 || DE_CONST(str, r.base);
strcasecmp(algname, "SHA-256") == 0) r.length = strlen(str);
{ result = dns_dsdigest_fromtext(&alg, &r);
return (DNS_DSDIGEST_SHA256); if (result != ISC_R_SUCCESS)
} else if (strcasecmp(algname, "SHA384") == 0 || fatal("unknown DS algorithm %s", str);
strcasecmp(algname, "SHA-384") == 0) return (alg);
{
return (DNS_DSDIGEST_SHA384);
} else {
fatal("unknown algorithm %s", algname);
}
} }
static int static int

3
lib/dns/rcode.c
View File

@@ -141,9 +141,12 @@
#define DSDIGESTNAMES \ #define DSDIGESTNAMES \
{ DNS_DSDIGEST_SHA1, "SHA-1", 0 }, \ { DNS_DSDIGEST_SHA1, "SHA-1", 0 }, \
{ DNS_DSDIGEST_SHA1, "SHA1", 0 }, \
{ DNS_DSDIGEST_SHA256, "SHA-256", 0 }, \ { DNS_DSDIGEST_SHA256, "SHA-256", 0 }, \
{ DNS_DSDIGEST_SHA256, "SHA256", 0 }, \
{ DNS_DSDIGEST_GOST, "GOST", 0 }, \ { DNS_DSDIGEST_GOST, "GOST", 0 }, \
{ DNS_DSDIGEST_SHA384, "SHA-384", 0 }, \ { DNS_DSDIGEST_SHA384, "SHA-384", 0 }, \
{ DNS_DSDIGEST_SHA384, "SHA384", 0 }, \
{ 0, NULL, 0} { 0, NULL, 0}
struct tbl { struct tbl {