mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 05:57:52 +00:00
Code Issues Releases Wiki Activity

2331. [bug] Failure to regenerate any signatures was not being reported

Browse Source 
or past back to the UPDATE client. [RT #17570]
This commit is contained in:
Mark Andrews 2008-02-07 03:12:15 +00:00
parent 43581a71ab
commit c09c2bf800
2 changed files with 24 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@ -1,3 +1,6 @@
2331. [bug] Failure to regenerate any signatures was not being reported
or past back to the UPDATE client. [RT #17570]
2330. [bug] Remove potential race condition when handling 2330. [bug] Remove potential race condition when handling
over memory events. [RT #17572] over memory events. [RT #17572]

33
bin/named/update.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE. * PERFORMANCE OF THIS SOFTWARE.
*/ */
/* $Id: update.c,v 1.141 2008/01/18 23:46:57 tbox Exp $ */ /* $Id: update.c,v 1.142 2008/02/07 03:12:15 marka Exp $ */
#include <config.h> #include <config.h>
@ -1675,10 +1675,11 @@ ksk_sanity(dns_db_t *db, dns_dbversion_t *ver) {
* Add RRSIG records for an RRset, recording the change in "diff". * Add RRSIG records for an RRset, recording the change in "diff".
*/ */
static isc_result_t static isc_result_t
add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, add_sigs(ns_client_t *client, dns_zone_t *zone, dns_db_t *db,
dns_rdatatype_t type, dns_diff_t *diff, dst_key_t **keys, dns_dbversion_t *ver, dns_name_t *name, dns_rdatatype_t type,
unsigned int nkeys, isc_mem_t *mctx, isc_stdtime_t inception, dns_diff_t *diff, dst_key_t **keys, unsigned int nkeys,
isc_stdtime_t expire, isc_boolean_t check_ksk) isc_mem_t *mctx, isc_stdtime_t inception, isc_stdtime_t expire,
isc_boolean_t check_ksk)
{ {
isc_result_t result; isc_result_t result;
dns_dbnode_t *node = NULL; dns_dbnode_t *node = NULL;
@ -1687,6 +1688,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name,
isc_buffer_t buffer; isc_buffer_t buffer;
unsigned char data[1024]; /* XXX */ unsigned char data[1024]; /* XXX */
unsigned int i; unsigned int i;
isc_boolean_t added_sig = ISC_FALSE;
dns_rdataset_init(&rdataset); dns_rdataset_init(&rdataset);
isc_buffer_init(&buffer, data, sizeof(data)); isc_buffer_init(&buffer, data, sizeof(data));
@ -1716,6 +1718,13 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name,
CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_ADD, name, CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_ADD, name,
rdataset.ttl, &sig_rdata)); rdataset.ttl, &sig_rdata));
dns_rdata_reset(&sig_rdata); dns_rdata_reset(&sig_rdata);
added_sig = ISC_TRUE;
}
if (!added_sig) {
update_log(client, zone, ISC_LOG_ERROR,
"found no private keys, "
"unable to generate any signatures");
result = ISC_R_NOTFOUND;
} }
failure: failure:
@ -1847,9 +1856,9 @@ update_signatures(ns_client_t *client, dns_zone_t *zone, dns_db_t *db,
*/ */
CHECK(rrset_exists(db, newver, name, type, 0, &flag)); CHECK(rrset_exists(db, newver, name, type, 0, &flag));
if (flag) { if (flag) {
CHECK(add_sigs(db, newver, name, type, CHECK(add_sigs(client, zone, db, newver, name,
&sig_diff, zone_keys, nkeys, type, &sig_diff, zone_keys,
client->mctx, inception, nkeys, client->mctx, inception,
expire, check_ksk)); expire, check_ksk));
} }
skip: skip:
@ -2033,10 +2042,10 @@ update_signatures(ns_client_t *client, dns_zone_t *zone, dns_db_t *db,
dns_rdatatype_rrsig, dns_rdatatype_nsec, dns_rdatatype_rrsig, dns_rdatatype_nsec,
NULL, &sig_diff)); NULL, &sig_diff));
} else if (t->op == DNS_DIFFOP_ADD) { } else if (t->op == DNS_DIFFOP_ADD) {
CHECK(add_sigs(db, newver, &t->name, dns_rdatatype_nsec, CHECK(add_sigs(client, zone, db, newver, &t->name,
&sig_diff, zone_keys, nkeys, dns_rdatatype_nsec, &sig_diff,
client->mctx, inception, expire, zone_keys, nkeys, client->mctx,
check_ksk)); inception, expire, check_ksk));
} else { } else {
INSIST(0); INSIST(0);
} }