mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 14:07:59 +00:00
Code Issues Releases Wiki Activity

3268. [bug] Convert RRSIG expiry times to 64 timestamps to work

Browse Source 
out the earliest expiry time. [RT #23311]
This commit is contained in:
Mark Andrews
2012-01-27 01:43:53 +00:00
parent 1bb3831e13
commit bc298cd0f7
5 changed files with 45 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@@ -1,3 +1,6 @@
3268. [bug] Convert RRSIG expiry times to 64 timestamps to work
out the earliest expiry time. [RT #23311]
3267. [bug] Memory allocation failures could be mis-reported as 3267. [bug] Memory allocation failures could be mis-reported as
unexpected error. New ISC_R_UNSET result code. unexpected error. New ISC_R_UNSET result code.
[RT #27336] [RT #27336]

8
lib/dns/include/dns/time.h
View File

@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE. * PERFORMANCE OF THIS SOFTWARE.
*/ */
/* $Id: time.h,v 1.17 2007/06/19 23:47:17 tbox Exp $ */ /* $Id: time.h,v 1.18 2012/01/27 01:43:52 marka Exp $ */
#ifndef DNS_TIME_H #ifndef DNS_TIME_H
#define DNS_TIME_H 1 #define DNS_TIME_H 1
@@ -67,6 +67,12 @@ dns_time32_totext(isc_uint32_t value, isc_buffer_t *target);
* current date is chosen. * current date is chosen.
*/ */
isc_int64_t
dns_time64_from32(isc_uint32_t value);
/*%<
* Covert a 32-bit cyclic time value into a 64 bit time stamp.
*/
ISC_LANG_ENDDECLS ISC_LANG_ENDDECLS
#endif /* DNS_TIME_H */ #endif /* DNS_TIME_H */

14
lib/dns/time.c
View File

@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE. * PERFORMANCE OF THIS SOFTWARE.
*/ */
/* $Id: time.c,v 1.37 2011/03/09 23:47:17 tbox Exp $ */ /* $Id: time.c,v 1.38 2012/01/27 01:43:51 marka Exp $ */
/*! \file */ /*! \file */
@@ -103,8 +103,8 @@ dns_time64_totext(isc_int64_t t, isc_buffer_t *target) {
return (ISC_R_SUCCESS); return (ISC_R_SUCCESS);
} }
isc_result_t isc_int64_t
dns_time32_totext(isc_uint32_t value, isc_buffer_t *target) { dns_time64_from32(isc_uint32_t value) {
isc_stdtime_t now; isc_stdtime_t now;
isc_int64_t start; isc_int64_t start;
isc_int64_t t; isc_int64_t t;
@@ -121,7 +121,13 @@ dns_time32_totext(isc_uint32_t value, isc_buffer_t *target) {
t = start + (value - now); t = start + (value - now);
else else
t = start - (now - value); t = start - (now - value);
return (dns_time64_totext(t, target));
return (t);
}
isc_result_t
dns_time32_totext(isc_uint32_t value, isc_buffer_t *target) {
return (dns_time64_totext(dns_time64_from32(value), target));
} }
isc_result_t isc_result_t

1
lib/dns/win32/libdns.def
View File

@@ -686,6 +686,7 @@ dns_tcpmsg_readmessage
dns_tcpmsg_setmaxsize dns_tcpmsg_setmaxsize
dns_time32_fromtext dns_time32_fromtext
dns_time32_totext dns_time32_totext
dns_time64_from32
dns_time64_fromtext dns_time64_fromtext
dns_time64_totext dns_time64_totext
dns_timer_setidle dns_timer_setidle

38
lib/dns/zone.c
View File

@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE. * PERFORMANCE OF THIS SOFTWARE.
*/ */
/* $Id: zone.c,v 1.664 2012/01/25 23:46:49 tbox Exp $ */ /* $Id: zone.c,v 1.665 2012/01/27 01:43:51 marka Exp $ */
/*! \file */ /*! \file */
@@ -76,6 +76,7 @@
#include <dns/soa.h> #include <dns/soa.h>
#include <dns/ssu.h> #include <dns/ssu.h>
#include <dns/stats.h> #include <dns/stats.h>
#include <dns/time.h>
#include <dns/tsig.h> #include <dns/tsig.h>
#include <dns/update.h> #include <dns/update.h>
#include <dns/xfrin.h> #include <dns/xfrin.h>
@@ -5001,7 +5002,7 @@ offline(dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, dns_name_t *name,
} }
static void static void
set_key_expiry_warning(dns_zone_t *zone, isc_stdtime_t when, isc_stdtime_t now) set_key_expiry_warning(dns_zone_t *zone, isc_uint64_t when, isc_stdtime_t now)
{ {
unsigned int delta; unsigned int delta;
char timebuf[80]; char timebuf[80];
@@ -5080,7 +5081,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name,
unsigned int i; unsigned int i;
dns_rdata_rrsig_t rrsig; dns_rdata_rrsig_t rrsig;
isc_boolean_t found, changed; isc_boolean_t found, changed;
isc_stdtime_t warn = 0, maybe = 0; isc_int64_t warn = 0, maybe = 0;
dns_rdataset_init(&rdataset); dns_rdataset_init(&rdataset);
@@ -5182,21 +5183,20 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name,
* iff there is a new offline signature. * iff there is a new offline signature.
*/ */
if (!dst_key_isprivate(keys[i])) { if (!dst_key_isprivate(keys[i])) {
if (warn != 0 && isc_int64_t timeexpire =
warn > rrsig.timeexpire) dns_time64_from32(rrsig.timeexpire);
warn = rrsig.timeexpire; if (warn != 0 && warn > timeexpire)
warn = timeexpire;
if (rdata.flags & DNS_RDATA_OFFLINE) { if (rdata.flags & DNS_RDATA_OFFLINE) {
if (maybe == 0 || if (maybe == 0 ||
maybe > rrsig.timeexpire) maybe > timeexpire)
maybe = maybe = timeexpire;
rrsig.timeexpire;
break; break;
} }
if (warn == 0) if (warn == 0)
warn = maybe; warn = maybe;
if (warn == 0 || if (warn == 0 || warn > timeexpire)
warn > rrsig.timeexpire) warn = timeexpire;
warn = rrsig.timeexpire;
result = offline(db, ver, diff, name, result = offline(db, ver, diff, name,
rdataset.ttl, &rdata); rdataset.ttl, &rdata);
break; break;
@@ -5227,8 +5227,18 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name,
dns_rdataset_disassociate(&rdataset); dns_rdataset_disassociate(&rdataset);
if (result == ISC_R_NOMORE) if (result == ISC_R_NOMORE)
result = ISC_R_SUCCESS; result = ISC_R_SUCCESS;
if (warn != 0) if (warn > 0) {
set_key_expiry_warning(zone, warn, now); #if defined(STDTIME_ON_32BITS)
isc_stdtime_t stdwarn = (isc_stdtime_t)warn;
if (warn == stdwarn)
#endif
set_key_expiry_warning(zone, (isc_stdtime_t)warn, now);
#if defined(STDTIME_ON_32BITS)
else
dns_zone_log(zone, ISC_LOG_ERROR,
"key expiry warning time out of range");
#endif
}
failure: failure:
if (node != NULL) if (node != NULL)
dns_db_detachnode(db, &node); dns_db_detachnode(db, &node);