mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-04 08:35:31 +00:00
Code Issues Releases Wiki Activity

3639. [bug] Treat type 65533 (KEYDATA) as opaque except when used

Browse Source 
in a key zone. [RT #34238]
This commit is contained in:
Mark Andrews
2013-09-04 13:14:06 +10:00
parent 92f2cf45ce
commit d6f99498d6
12 changed files with 111 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@@ -1,3 +1,6 @@
3639. [bug] Treat type 65533 (KEYDATA) as opaque except when used
in a key zone. [RT #34238]
3638. [cleanup] Add the ability to handle ENOPROTOOPT in case it is 3638. [cleanup] Add the ability to handle ENOPROTOOPT in case it is
encountered. [RT #34668] encountered. [RT #34668]

11
bin/tests/system/dnssec/tests.sh
View File

@@ -2282,6 +2282,17 @@ n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret` status=`expr $status + $ret`
echo "I:check KEYDATA records are printed in human readable form in key zone ($n)"
# force the zone to be written out
$PERL $SYSTEMTESTTOP/stop.pl --use-rndc . ns4
ret=0
grep KEYDATA ns4/managed-keys.bind > /dev/null || ret=1
# restart the server
$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns4
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:check dig's +nocrypto flag ($n)" echo "I:check dig's +nocrypto flag ($n)"
ret=0 ret=0
$DIG $DIGOPTS +norec +nocrypto DNSKEY . \ $DIG $DIGOPTS +norec +nocrypto DNSKEY . \

4
bin/tests/system/genzone.sh
View File

@@ -294,4 +294,8 @@ eui64 EUI64 01-23-45-67-89-ab-cd-ef
uri01 URI 10 20 "https://www.isc.org/" uri01 URI 10 20 "https://www.isc.org/"
uri02 URI 30 40 "https://www.isc.org/HolyCowThisSureIsAVeryLongURIRecordIDontEvenKnowWhatSomeoneWouldEverWantWithSuchAThingButTheSpecificationRequiresThatWesupportItSoHereWeGoTestingItLaLaLaLaLaLaLaSeriouslyThoughWhyWouldYouEvenConsiderUsingAURIThisLongItSeemsLikeASillyIdeaButEnhWhatAreYouGonnaDo/" uri02 URI 30 40 "https://www.isc.org/HolyCowThisSureIsAVeryLongURIRecordIDontEvenKnowWhatSomeoneWouldEverWantWithSuchAThingButTheSpecificationRequiresThatWesupportItSoHereWeGoTestingItLaLaLaLaLaLaLaSeriouslyThoughWhyWouldYouEvenConsiderUsingAURIThisLongItSeemsLikeASillyIdeaButEnhWhatAreYouGonnaDo/"
keydata TYPE65533 \# 0
keydata TYPE65533 \# 6 010203040506
keydata TYPE65533 \# 18 010203040506010203040506010203040506
EOF EOF

4
bin/tests/system/nsupdate/tests.sh
View File

@@ -500,8 +500,8 @@ grep ANY typelist.out.T.${n} > /dev/null && { ret=1; echo "I: failed: ANY found
grep ANY typelist.out.P.${n} > /dev/null && { ret=1; echo "I: failed: ANY found (-P)"; } grep ANY typelist.out.P.${n} > /dev/null && { ret=1; echo "I: failed: ANY found (-P)"; }
grep ANY typelist.out.TP.${n} > /dev/null && { ret=1; echo "I: failed: ANY found (-TP)"; } grep ANY typelist.out.TP.${n} > /dev/null && { ret=1; echo "I: failed: ANY found (-TP)"; }
grep KEYDATA typelist.out.T.${n} > /dev/null && { ret=1; echo "I: failed: KEYDATA found (-T)"; } grep KEYDATA typelist.out.T.${n} > /dev/null && { ret=1; echo "I: failed: KEYDATA found (-T)"; }
grep KEYDATA typelist.out.P.${n} > /dev/null || { ret=1; echo "I: failed: KEYDATA not found (-P)"; } grep KEYDATA typelist.out.P.${n} > /dev/null && { ret=1; echo "I: failed: KEYDATA found (-P)"; }
grep KEYDATA typelist.out.TP.${n} > /dev/null || { ret=1; echo "I: failed: KEYDATA not found (-TP)"; } grep KEYDATA typelist.out.TP.${n} > /dev/null && { ret=1; echo "I: failed: KEYDATA found (-TP)"; }
grep AAAA typelist.out.T.${n} > /dev/null || { ret=1; echo "I: failed: AAAA not found (-T)"; } grep AAAA typelist.out.T.${n} > /dev/null || { ret=1; echo "I: failed: AAAA not found (-T)"; }
grep AAAA typelist.out.P.${n} > /dev/null && { ret=1; echo "I: failed: AAAA found (-P)"; } grep AAAA typelist.out.P.${n} > /dev/null && { ret=1; echo "I: failed: AAAA found (-P)"; }
grep AAAA typelist.out.TP.${n} > /dev/null || { ret=1; echo "I: failed: AAAA not found (-TP)"; } grep AAAA typelist.out.TP.${n} > /dev/null || { ret=1; echo "I: failed: AAAA not found (-TP)"; }

3
bin/tests/system/xfer/dig1.good
View File

@@ -29,6 +29,9 @@ isdn02.example. 3600 IN ISDN "isdn-address" "subaddress"
isdn03.example. 3600 IN ISDN "isdn-address" isdn03.example. 3600 IN ISDN "isdn-address"
isdn04.example. 3600 IN ISDN "isdn-address" "subaddress" isdn04.example. 3600 IN ISDN "isdn-address" "subaddress"
dnskey01.example. 3600 IN DNSKEY 512 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8= dnskey01.example. 3600 IN DNSKEY 512 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8=
keydata.example. 3600 IN TYPE65533 \# 0
keydata.example. 3600 IN TYPE65533 \# 6 010203040506
keydata.example. 3600 IN TYPE65533 \# 18 010203040506010203040506010203040506
kx01.example. 3600 IN KX 10 kdc.example. kx01.example. 3600 IN KX 10 kdc.example.
kx02.example. 3600 IN KX 10 . kx02.example. 3600 IN KX 10 .
loc01.example. 3600 IN LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m loc01.example. 3600 IN LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m

3
bin/tests/system/xfer/dig2.good
View File

@@ -29,6 +29,9 @@ isdn04.example. 3600 IN ISDN "isdn-address" "subaddress"
hip1.example. 3600 IN HIP 2 200100107B1A74DF365639CC39F1D578 AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D hip1.example. 3600 IN HIP 2 200100107B1A74DF365639CC39F1D578 AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D
hip2.example. 3600 IN HIP 2 200100107B1A74DF365639CC39F1D578 AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D rvs.example.com. hip2.example. 3600 IN HIP 2 200100107B1A74DF365639CC39F1D578 AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D rvs.example.com.
dnskey01.example. 3600 IN DNSKEY 512 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8= dnskey01.example. 3600 IN DNSKEY 512 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8=
keydata.example. 3600 IN TYPE65533 \# 0
keydata.example. 3600 IN TYPE65533 \# 6 010203040506
keydata.example. 3600 IN TYPE65533 \# 18 010203040506010203040506010203040506
kx01.example. 3600 IN KX 10 kdc.example. kx01.example. 3600 IN KX 10 kdc.example.
kx02.example. 3600 IN KX 10 . kx02.example. 3600 IN KX 10 .
loc01.example. 3600 IN LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m loc01.example. 3600 IN LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m

8
lib/dns/gen.c
View File

@@ -779,6 +779,14 @@ main(int argc, char **argv) {
ttn = find_typename(i); ttn = find_typename(i);
if (ttn == NULL) if (ttn == NULL)
continue; continue;
/*
* Remove KEYDATA (65533) from the type to memonic
* translation as it is internal use only. This
* stops the tools from displaying KEYDATA instead
* of TYPE65533.
*/
if (i == 65533U)
continue;
fprintf(stdout, "\tcase %u: return " fprintf(stdout, "\tcase %u: return "
"(str_totext(\"%s\", target)); \\\n", "(str_totext(\"%s\", target)); \\\n",
i, upper(ttn->typename)); i, upper(ttn->typename));

5
lib/dns/include/dns/masterdump.h
View File

@@ -151,6 +151,11 @@ LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_simple;
*/ */
LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_debug; LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_debug;
/*%
* The style used for dumping "key" zones.
*/
LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_keyzone;
/*** /***
*** Functions *** Functions
***/ ***/

3
lib/dns/include/dns/rdata.h
View File

@@ -171,6 +171,9 @@ struct dns_rdata {
#define DNS_STYLEFLAG_COMMENT 0x00000002U #define DNS_STYLEFLAG_COMMENT 0x00000002U
#define DNS_STYLEFLAG_RRCOMMENT 0x00000004U #define DNS_STYLEFLAG_RRCOMMENT 0x00000004U
/*% Output KEYDATA in human readable format. */
#define DNS_STYLEFLAG_KEYDATA 0x00000008U
#define DNS_RDATA_DOWNCASE DNS_NAME_DOWNCASE #define DNS_RDATA_DOWNCASE DNS_NAME_DOWNCASE
#define DNS_RDATA_CHECKNAMES DNS_NAME_CHECKNAMES #define DNS_RDATA_CHECKNAMES DNS_NAME_CHECKNAMES
#define DNS_RDATA_CHECKNAMESFAIL DNS_NAME_CHECKNAMESFAIL #define DNS_RDATA_CHECKNAMESFAIL DNS_NAME_CHECKNAMESFAIL

34
lib/dns/masterdump.c
View File

@@ -100,6 +100,21 @@ typedef struct dns_totext_ctx {
isc_boolean_t current_ttl_valid; isc_boolean_t current_ttl_valid;
} dns_totext_ctx_t; } dns_totext_ctx_t;
LIBDNS_EXTERNAL_DATA const dns_master_style_t
dns_master_style_keyzone = {
DNS_STYLEFLAG_OMIT_OWNER |
DNS_STYLEFLAG_OMIT_CLASS |
DNS_STYLEFLAG_REL_OWNER |
DNS_STYLEFLAG_REL_DATA |
DNS_STYLEFLAG_OMIT_TTL |
DNS_STYLEFLAG_TTL |
DNS_STYLEFLAG_COMMENT |
DNS_STYLEFLAG_RRCOMMENT |
DNS_STYLEFLAG_MULTILINE |
DNS_STYLEFLAG_KEYDATA,
24, 24, 24, 32, 80, 8, UINT_MAX
};
LIBDNS_EXTERNAL_DATA const dns_master_style_t LIBDNS_EXTERNAL_DATA const dns_master_style_t
dns_master_style_default = { dns_master_style_default = {
DNS_STYLEFLAG_OMIT_OWNER | DNS_STYLEFLAG_OMIT_OWNER |
@@ -504,9 +519,22 @@ rdataset_totext(dns_rdataset_t *rdataset,
type_start = target->used; type_start = target->used;
if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0)
RETERR(str_totext("\\-", target)); RETERR(str_totext("\\-", target));
result = dns_rdatatype_totext(type, target); switch (type) {
if (result != ISC_R_SUCCESS) case dns_rdatatype_keydata:
return (result); #define KEYDATA "KEYDATA"
if ((ctx->style.flags & DNS_STYLEFLAG_KEYDATA) != 0) {
if (isc_buffer_availablelength(target) <
(sizeof(KEYDATA) - 1))
return (ISC_R_NOSPACE);
isc_buffer_putstr(target, KEYDATA);
break;
}
/* FALLTHROUGH */
default:
result = dns_rdatatype_totext(type, target);
if (result != ISC_R_SUCCESS)
return (result);
}
column += (target->used - type_start); column += (target->used - type_start);
/* /*

22
lib/dns/rdata/generic/keydata_65533.c
View File

@@ -21,7 +21,7 @@
#include <dst/dst.h> #include <dst/dst.h>
#define RRTYPE_KEYDATA_ATTRIBUTES (DNS_RDATATYPEATTR_DNSSEC) #define RRTYPE_KEYDATA_ATTRIBUTES (0)
static inline isc_result_t static inline isc_result_t
fromtext_keydata(ARGS_FROMTEXT) { fromtext_keydata(ARGS_FROMTEXT) {
@@ -102,7 +102,9 @@ totext_keydata(ARGS_TOTEXT) {
const char *keyinfo; const char *keyinfo;
REQUIRE(rdata->type == 65533); REQUIRE(rdata->type == 65533);
REQUIRE(rdata->length != 0);
if ((tctx->flags & DNS_STYLEFLAG_KEYDATA) == 0 || rdata->length < 16)
return (unknown_totext(rdata, tctx, target));
dns_rdata_toregion(rdata, &sr); dns_rdata_toregion(rdata, &sr);
@@ -204,18 +206,6 @@ fromwire_keydata(ARGS_FROMWIRE) {
UNUSED(options); UNUSED(options);
isc_buffer_activeregion(source, &sr); isc_buffer_activeregion(source, &sr);
if (sr.length < 16)
return (ISC_R_UNEXPECTEDEND);
/*
* RSAMD5 computes key ID differently from other
* algorithms: we need to ensure there's enough data
* present for the computation
*/
algorithm = sr.base[15];
if (algorithm == DST_ALG_RSAMD5 && sr.length < 19)
return (ISC_R_UNEXPECTEDEND);
isc_buffer_forward(source, sr.length); isc_buffer_forward(source, sr.length);
return (mem_tobuffer(target, sr.base, sr.length)); return (mem_tobuffer(target, sr.base, sr.length));
} }
@@ -225,7 +215,6 @@ towire_keydata(ARGS_TOWIRE) {
isc_region_t sr; isc_region_t sr;
REQUIRE(rdata->type == 65533); REQUIRE(rdata->type == 65533);
REQUIRE(rdata->length != 0);
UNUSED(cctx); UNUSED(cctx);
@@ -241,8 +230,6 @@ compare_keydata(ARGS_COMPARE) {
REQUIRE(rdata1->type == rdata2->type); REQUIRE(rdata1->type == rdata2->type);
REQUIRE(rdata1->rdclass == rdata2->rdclass); REQUIRE(rdata1->rdclass == rdata2->rdclass);
REQUIRE(rdata1->type == 65533); REQUIRE(rdata1->type == 65533);
REQUIRE(rdata1->length != 0);
REQUIRE(rdata2->length != 0);
dns_rdata_toregion(rdata1, &r1); dns_rdata_toregion(rdata1, &r1);
dns_rdata_toregion(rdata2, &r2); dns_rdata_toregion(rdata2, &r2);
@@ -290,7 +277,6 @@ tostruct_keydata(ARGS_TOSTRUCT) {
REQUIRE(rdata->type == 65533); REQUIRE(rdata->type == 65533);
REQUIRE(target != NULL); REQUIRE(target != NULL);
REQUIRE(rdata->length != 0);
keydata->common.rdclass = rdata->rdclass; keydata->common.rdclass = rdata->rdclass;
keydata->common.rdtype = rdata->type; keydata->common.rdtype = rdata->type;

45
lib/dns/zone.c
View File

@@ -2117,15 +2117,20 @@ zone_gotwritehandle(isc_task_t *task, isc_event_t *event) {
INSIST(zone != zone->raw); INSIST(zone != zone->raw);
ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read);
if (zone->db != NULL) { if (zone->db != NULL) {
const dns_master_style_t *output_style;
dns_db_currentversion(zone->db, &version); dns_db_currentversion(zone->db, &version);
dns_master_initrawheader(&rawdata); dns_master_initrawheader(&rawdata);
if (inline_secure(zone)) if (inline_secure(zone))
get_raw_serial(zone->raw, &rawdata); get_raw_serial(zone->raw, &rawdata);
if (zone->type == dns_zone_key)
output_style = &dns_master_style_keyzone;
else
output_style = &dns_master_style_default;
result = dns_master_dumpinc3(zone->mctx, zone->db, version, result = dns_master_dumpinc3(zone->mctx, zone->db, version,
&dns_master_style_default, output_style, zone->masterfile,
zone->masterfile, zone->task, zone->task, dump_done, zone, &zone->dctx, zone->masterformat,
dump_done, zone, &zone->dctx, &rawdata);
zone->masterformat, &rawdata);
dns_db_closeversion(zone->db, &version, ISC_FALSE); dns_db_closeversion(zone->db, &version, ISC_FALSE);
} else } else
result = ISC_R_CANCELED; result = ISC_R_CANCELED;
@@ -3572,6 +3577,8 @@ load_secroots(dns_zone_t *zone, dns_name_t *name, dns_rdataset_t *rdataset) {
/* Convert rdata to keydata. */ /* Convert rdata to keydata. */
result = dns_rdata_tostruct(&rdata, &keydata, NULL); result = dns_rdata_tostruct(&rdata, &keydata, NULL);
if (result == ISC_R_UNEXPECTEDEND)
continue;
RUNTIME_CHECK(result == ISC_R_SUCCESS); RUNTIME_CHECK(result == ISC_R_SUCCESS);
/* Set the key refresh timer. */ /* Set the key refresh timer. */
@@ -8178,7 +8185,7 @@ zone_sign(dns_zone_t *zone) {
isc_time_settoepoch(&zone->signingtime); isc_time_settoepoch(&zone->signingtime);
} }
static void static isc_result_t
normalize_key(dns_rdata_t *rr, dns_rdata_t *target, normalize_key(dns_rdata_t *rr, dns_rdata_t *target,
unsigned char *data, int size) { unsigned char *data, int size) {
dns_rdata_dnskey_t dnskey; dns_rdata_dnskey_t dnskey;
@@ -8199,6 +8206,8 @@ normalize_key(dns_rdata_t *rr, dns_rdata_t *target,
break; break;
case dns_rdatatype_keydata: case dns_rdatatype_keydata:
result = dns_rdata_tostruct(rr, &keydata, NULL); result = dns_rdata_tostruct(rr, &keydata, NULL);
if (result == ISC_R_UNEXPECTEDEND)
return (result);
RUNTIME_CHECK(result == ISC_R_SUCCESS); RUNTIME_CHECK(result == ISC_R_SUCCESS);
dns_keydata_todnskey(&keydata, &dnskey, NULL); dns_keydata_todnskey(&keydata, &dnskey, NULL);
dns_rdata_fromstruct(target, rr->rdclass, dns_rdatatype_dnskey, dns_rdata_fromstruct(target, rr->rdclass, dns_rdatatype_dnskey,
@@ -8207,6 +8216,7 @@ normalize_key(dns_rdata_t *rr, dns_rdata_t *target,
default: default:
INSIST(0); INSIST(0);
} }
return (ISC_R_SUCCESS);
} }
/* /*
@@ -8230,14 +8240,18 @@ matchkey(dns_rdataset_t *rdset, dns_rdata_t *rr) {
dns_rdata_init(&rdata1); dns_rdata_init(&rdata1);
dns_rdata_init(&rdata2); dns_rdata_init(&rdata2);
normalize_key(rr, &rdata1, data1, sizeof(data1)); result = normalize_key(rr, &rdata1, data1, sizeof(data1));
if (result != ISC_R_SUCCESS)
return (ISC_FALSE);
for (result = dns_rdataset_first(rdset); for (result = dns_rdataset_first(rdset);
result == ISC_R_SUCCESS; result == ISC_R_SUCCESS;
result = dns_rdataset_next(rdset)) { result = dns_rdataset_next(rdset)) {
dns_rdata_reset(&rdata); dns_rdata_reset(&rdata);
dns_rdataset_current(rdset, &rdata); dns_rdataset_current(rdset, &rdata);
normalize_key(&rdata, &rdata2, data2, sizeof(data2)); result = normalize_key(&rdata, &rdata2, data2, sizeof(data2));
if (result != ISC_R_SUCCESS)
continue;
if (dns_rdata_compare(&rdata1, &rdata2) == 0) if (dns_rdata_compare(&rdata1, &rdata2) == 0)
return (ISC_TRUE); return (ISC_TRUE);
} }
@@ -8344,7 +8358,11 @@ minimal_update(dns_keyfetch_t *kfetch, dns_dbversion_t *ver, dns_diff_t *diff)
name, 0, &rdata)); name, 0, &rdata));
/* Update refresh timer */ /* Update refresh timer */
CHECK(dns_rdata_tostruct(&rdata, &keydata, NULL)); result = dns_rdata_tostruct(&rdata, &keydata, NULL);
if (result == ISC_R_UNEXPECTEDEND)
continue;
if (result != ISC_R_SUCCESS)
goto failure;
keydata.refresh = refresh_time(kfetch, ISC_TRUE); keydata.refresh = refresh_time(kfetch, ISC_TRUE);
set_refreshkeytimer(zone, &keydata, now); set_refreshkeytimer(zone, &keydata, now);
@@ -9574,15 +9592,20 @@ zone_dump(dns_zone_t *zone, isc_boolean_t compact) {
result = DNS_R_CONTINUE; result = DNS_R_CONTINUE;
UNLOCK_ZONE(zone); UNLOCK_ZONE(zone);
} else { } else {
const dns_master_style_t *output_style;
dns_masterrawheader_t rawdata; dns_masterrawheader_t rawdata;
dns_db_currentversion(db, &version); dns_db_currentversion(db, &version);
dns_master_initrawheader(&rawdata); dns_master_initrawheader(&rawdata);
if (inline_secure(zone)) if (inline_secure(zone))
get_raw_serial(zone->raw, &rawdata); get_raw_serial(zone->raw, &rawdata);
if (zone->type == dns_zone_key)
output_style = &dns_master_style_keyzone;
else
output_style = &dns_master_style_default;
result = dns_master_dump3(zone->mctx, db, version, result = dns_master_dump3(zone->mctx, db, version,
&dns_master_style_default, output_style, masterfile,
masterfile, masterformat, masterformat, &rawdata);
&rawdata);
dns_db_closeversion(db, &version, ISC_FALSE); dns_db_closeversion(db, &version, ISC_FALSE);
} }
fail: fail: