Initialize the DST subsystem implicitly

Instead of calling dst_lib_init() and dst_lib_destroy() explicitly by all the programs, create a separate memory context for the DST subsystem and use the library constructor and destructor to initialize the DST internals.
2025-08-30 22:15:20 +00:00 · 2024-08-05 12:14:26 +02:00
parent ab2abfc8b0
commit e6f2f2a5e6
39 changed files with 101 additions and 492 deletions
--- a/lib/dns/opensslrsa_link.c
+++ b/lib/dns/opensslrsa_link.c
@@ -1233,10 +1233,6 @@ check_algorithm(unsigned char algorithm) {
 	isc_result_t ret = ISC_R_SUCCESS;
 	size_t len;

-	if (evp_md_ctx == NULL) {
-		DST_RET(ISC_R_NOMEMORY);
-	}
-
 	switch (algorithm) {
 	case DST_ALG_RSASHA1:
 	case DST_ALG_NSEC3RSASHA1:
@@ -1258,23 +1254,14 @@ check_algorithm(unsigned char algorithm) {
 		DST_RET(ISC_R_NOTIMPLEMENTED);
 	}

-	if (type == NULL) {
-		DST_RET(ISC_R_NOTIMPLEMENTED);
-	}
-
 	/*
 	 * Construct pkey.
 	 */
 	c.e = BN_bin2bn(e_bytes, sizeof(e_bytes) - 1, NULL);
 	c.n = BN_bin2bn(n_bytes, sizeof(n_bytes) - 1, NULL);
-	if (c.e == NULL || c.n == NULL) {
-		DST_RET(ISC_R_NOMEMORY);
-	}

 	ret = opensslrsa_build_pkey(false, &c, &pkey);
-	if (ret != ISC_R_SUCCESS) {
-		goto err;
-	}
+	INSIST(ret == ISC_R_SUCCESS);

 	/*
 	 * Check that we can verify the signature.
@@ -1294,21 +1281,13 @@ err:
 	return (ret);
 }

-isc_result_t
+void
 dst__opensslrsa_init(dst_func_t **funcp, unsigned char algorithm) {
-	isc_result_t result;
-
 	REQUIRE(funcp != NULL);

-	result = check_algorithm(algorithm);
-
-	if (result == ISC_R_SUCCESS) {
-		if (*funcp == NULL) {
+	if (*funcp == NULL) {
+		if (check_algorithm(algorithm) == ISC_R_SUCCESS) {
 			*funcp = &opensslrsa_functions;
 		}
-	} else if (result == ISC_R_NOTIMPLEMENTED) {
-		result = ISC_R_SUCCESS;
 	}
-
-	return (result);
 }