mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 22:15:20 +00:00
Code Issues Releases Wiki Activity

Add dst_key_role function

Browse Source 
Change the static function 'get_ksk_zsk' to a library function that
can be used to determine the role of a dst_key. Add checks if the
boolean parameters to store the role are not NULL. Rename to
'dst_key_role'.
This commit is contained in:
Matthijs Mekking
2021-05-12 11:09:33 +02:00
parent 6f92d4b9a5
commit c9b7f62767
2 changed files with 32 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
lib/dns/dst_api.c
View File

@@ -2372,20 +2372,31 @@ dst_key_is_unused(dst_key_t *key) {
return (true);
}
static void
get_ksk_zsk(dst_key_t *key, bool *ksk, bool *zsk) {
isc_result_t
dst_key_role(dst_key_t *key, bool *ksk, bool *zsk) {
bool k = false, z = false;
isc_result_t result, ret = ISC_R_SUCCESS;
if (dst_key_getbool(key, DST_BOOL_KSK, &k) == ISC_R_SUCCESS) {
*ksk = k;
} else {
*ksk = ((dst_key_flags(key) & DNS_KEYFLAG_KSK) != 0);
if (ksk != NULL) {
result = dst_key_getbool(key, DST_BOOL_KSK, &k);
if (result == ISC_R_SUCCESS) {
*ksk = k;
} else {
*ksk = ((dst_key_flags(key) & DNS_KEYFLAG_KSK) != 0);
ret = result;
}
}
if (dst_key_getbool(key, DST_BOOL_ZSK, &z) == ISC_R_SUCCESS) {
*zsk = z;
} else {
*zsk = ((dst_key_flags(key) & DNS_KEYFLAG_KSK) == 0);
if (zsk != NULL) {
result = dst_key_getbool(key, DST_BOOL_ZSK, &z);
if (result == ISC_R_SUCCESS) {
*zsk = z;
} else {
*zsk = ((dst_key_flags(key) & DNS_KEYFLAG_KSK) == 0);
ret = result;
}
}
return (ret);
}
/* Hints on key whether it can be published and/or used for signing. */
@@ -2444,7 +2455,7 @@ dst_key_is_active(dst_key_t *key, isc_stdtime_t now) {
time_ok = (when <= now);
}
get_ksk_zsk(key, &ksk, &zsk);
(void)dst_key_role(key, &ksk, &zsk);
/* Check key states:
* KSK: If the DS is RUMOURED or OMNIPRESENT the key is considered
@@ -2505,7 +2516,7 @@ dst_key_is_signing(dst_key_t *key, int role, isc_stdtime_t now,
time_ok = (when <= now);
}
get_ksk_zsk(key, &ksk, &zsk);
(void)dst_key_role(key, &ksk, &zsk);
/* Check key states:
* If the RRSIG state is RUMOURED or OMNIPRESENT, it means the key