cleanup: more consistent abbreviated DS digest type mnemonics

BIND supports the non-standard DNSKEY algorithm mnemonic ECDSA256 everywhere ECDSAP256SHA256 is allowed, and allows algorithm numbers interchangeably with mnemonics. This is all done in one place by the dns_secalg_fromtext() function. DS digest types were less consistent: the rdata parser does not allow abbreviations like SHA1, but the dnssec-* command line tools do; and the command line tools do not alow numeric types though that is the norm in rdata. The command line tools now use the dns_dsdigest_fromtext() function instead of rolling their own variant, and dns_dsdigest_fromtext() now knows about abbreviated digest type mnemonics.
2025-08-30 14:07:59 +00:00 · 2019-10-02 19:43:09 +01:00 · 2019-10-02 19:43:09 +01:00 · b770ea976d
commit b770ea976d
parent 8c33b12741
2 changed files with 17 additions and 19 deletions
--- a/bin/dnssec/dnssectool.c
+++ b/bin/dnssec/dnssectool.c
@ -314,35 +314,30 @@ dns_rdataclass_t
 strtoclass(const char *str) {
 	isc_textregion_t r;
 	dns_rdataclass_t rdclass;
-	isc_result_t ret;
+	isc_result_t result;

 	if (str == NULL)
 		return dns_rdataclass_in;
 	DE_CONST(str, r.base);
 	r.length = strlen(str);
-	ret = dns_rdataclass_fromtext(&rdclass, &r);
-	if (ret != ISC_R_SUCCESS)
+	result = dns_rdataclass_fromtext(&rdclass, &r);
+	if (result != ISC_R_SUCCESS)
 		fatal("unknown class %s", str);
 	return (rdclass);
 }

 unsigned int
-strtodsdigest(const char *algname) {
-	if (strcasecmp(algname, "SHA1") == 0 ||
-	    strcasecmp(algname, "SHA-1") == 0)
-	{
-		return (DNS_DSDIGEST_SHA1);
-	} else if (strcasecmp(algname, "SHA256") == 0 ||
-		   strcasecmp(algname, "SHA-256") == 0)
-	{
-		return (DNS_DSDIGEST_SHA256);
-	} else if (strcasecmp(algname, "SHA384") == 0 ||
-		   strcasecmp(algname, "SHA-384") == 0)
-	{
-		return (DNS_DSDIGEST_SHA384);
-	} else {
-		fatal("unknown algorithm %s", algname);
-	}
+strtodsdigest(const char *str) {
+	isc_textregion_t r;
+	dns_dsdigest_t alg;
+	isc_result_t result;
+
+	DE_CONST(str, r.base);
+	r.length = strlen(str);
+	result = dns_dsdigest_fromtext(&alg, &r);
+	if (result != ISC_R_SUCCESS)
+		fatal("unknown DS algorithm %s", str);
+	return (alg);
 }

 static int
--- a/lib/dns/rcode.c
+++ b/lib/dns/rcode.c
@ -141,9 +141,12 @@

 #define DSDIGESTNAMES \
 	{ DNS_DSDIGEST_SHA1, "SHA-1", 0 }, \
+	{ DNS_DSDIGEST_SHA1, "SHA1", 0 }, \
 	{ DNS_DSDIGEST_SHA256, "SHA-256", 0 }, \
+	{ DNS_DSDIGEST_SHA256, "SHA256", 0 }, \
 	{ DNS_DSDIGEST_GOST, "GOST", 0 }, \
 	{ DNS_DSDIGEST_SHA384, "SHA-384", 0 }, \
+	{ DNS_DSDIGEST_SHA384, "SHA384", 0 }, \
 	{ 0, NULL, 0}

 struct tbl {