cleanup: use dns_secalg_t and dns_dsdigest_t where appropriate
Use them in structs for various rdata types where they are missing. This doesn't change the structs since we are replacing explicit uint8_t field types with aliases for uint8_t. Use dns_dsdigest_t in library function arguments. Improve dnssec-cds with these more specific types.
This commit is contained in:
Tony Finch
Mark Andrews
4
CHANGES
4
CHANGES
@@ -1,3 +1,7 @@
|
||||
5179. [cleanup] Replace some vague type declarations with the more
|
||||
specific dns_secalg_t and dns_dsdigest_t.
|
||||
Thanks to Tony Finch. [GL !1498]
|
||||
|
||||
5178. [bug] Handle EDQUOT (disk quota) and ENOSPC (disk full)
|
||||
errors when writing files. [GL #902]
|
||||
|
||||
|
||||
@@ -86,7 +86,7 @@ static dns_rdataclass_t rdclass = dns_rdataclass_in;
|
||||
* List of digest types used by ds_from_cdnskey(), filled in by add_dtype()
|
||||
* from -a arguments. The size of the array is an arbitrary limit.
|
||||
*/
|
||||
static uint8_t dtype[8];
|
||||
static dns_dsdigest_t dtype[8];
|
||||
|
||||
static const char *startstr = NULL; /* from which we derive notbefore */
|
||||
static isc_stdtime_t notbefore = 0; /* restrict sig inception times */
|
||||
@@ -129,7 +129,7 @@ static int nkey; /* number of child zone DNSKEY records */
|
||||
typedef struct keyinfo {
|
||||
dns_rdata_t rdata;
|
||||
dst_key_t *dst;
|
||||
uint8_t algo;
|
||||
dns_secalg_t algo;
|
||||
dns_keytag_t tag;
|
||||
} keyinfo_t;
|
||||
|
||||
@@ -614,12 +614,12 @@ free_keytable(keyinfo_t **keytable_p) {
|
||||
* otherwise the key algorithm. This is used by the signature coverage
|
||||
* check functions below.
|
||||
*/
|
||||
static uint8_t *
|
||||
static dns_secalg_t *
|
||||
matching_sigs(keyinfo_t *keytbl, dns_rdataset_t *rdataset,
|
||||
dns_rdataset_t *sigset)
|
||||
{
|
||||
isc_result_t result;
|
||||
uint8_t *algo;
|
||||
dns_secalg_t *algo;
|
||||
int i;
|
||||
|
||||
algo = isc_mem_get(mctx, nkey);
|
||||
@@ -702,7 +702,7 @@ matching_sigs(keyinfo_t *keytbl, dns_rdataset_t *rdataset,
|
||||
* fetched from the child zone, any working signature is enough.
|
||||
*/
|
||||
static bool
|
||||
signed_loose(uint8_t *algo) {
|
||||
signed_loose(dns_secalg_t *algo) {
|
||||
bool ok = false;
|
||||
int i;
|
||||
for (i = 0; i < nkey; i++) {
|
||||
@@ -721,7 +721,7 @@ signed_loose(uint8_t *algo) {
|
||||
* RRset.
|
||||
*/
|
||||
static bool
|
||||
signed_strict(dns_rdataset_t *dsset, uint8_t *algo) {
|
||||
signed_strict(dns_rdataset_t *dsset, dns_secalg_t *algo) {
|
||||
isc_result_t result;
|
||||
bool all_ok = true;
|
||||
|
||||
@@ -844,14 +844,14 @@ ds_from_cdnskey(dns_rdatalist_t *dslist, isc_buffer_t *buf,
|
||||
*/
|
||||
static int
|
||||
cmp_dtype(const void *ap, const void *bp) {
|
||||
int a = *(const uint8_t *)ap;
|
||||
int b = *(const uint8_t *)bp;
|
||||
int a = *(const dns_dsdigest_t *)ap;
|
||||
int b = *(const dns_dsdigest_t *)bp;
|
||||
return (a - b);
|
||||
}
|
||||
|
||||
static void
|
||||
add_dtype(const char *dn) {
|
||||
uint8_t dt;
|
||||
dns_dsdigest_t dt;
|
||||
unsigned i, n;
|
||||
|
||||
dt = strtodsdigest(dn);
|
||||
@@ -936,7 +936,7 @@ consistent_digests(dns_rdataset_t *dsset) {
|
||||
dns_rdata_t *arrdata;
|
||||
dns_rdata_ds_t *ds;
|
||||
dns_keytag_t key_tag;
|
||||
uint8_t algorithm;
|
||||
dns_secalg_t algorithm;
|
||||
bool match;
|
||||
int i, j, n, d;
|
||||
|
||||
|
||||
@@ -235,7 +235,7 @@ logkey(dns_rdata_t *rdata)
|
||||
}
|
||||
|
||||
static void
|
||||
emit(unsigned int dtype, bool showall, char *lookaside,
|
||||
emit(dns_dsdigest_t dtype, bool showall, char *lookaside,
|
||||
bool cds, dns_rdata_t *rdata)
|
||||
{
|
||||
isc_result_t result;
|
||||
@@ -350,7 +350,7 @@ main(int argc, char **argv) {
|
||||
char *lookaside = NULL;
|
||||
char *endp;
|
||||
int ch;
|
||||
unsigned int dtype = DNS_DSDIGEST_SHA1;
|
||||
dns_dsdigest_t dtype = DNS_DSDIGEST_SHA1;
|
||||
bool cds = false;
|
||||
bool both = true;
|
||||
bool usekeyset = false;
|
||||
|
||||
29
lib/dns/ds.c
29
lib/dns/ds.c
@@ -32,7 +32,7 @@
|
||||
|
||||
isc_result_t
|
||||
dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
|
||||
unsigned int digest_type, unsigned char *buffer,
|
||||
dns_dsdigest_t digest_type, unsigned char *buffer,
|
||||
dns_rdata_t *rdata)
|
||||
{
|
||||
dns_fixedname_t fname;
|
||||
@@ -54,17 +54,6 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
|
||||
return (ISC_R_NOTIMPLEMENTED);
|
||||
}
|
||||
|
||||
name = dns_fixedname_initname(&fname);
|
||||
(void)dns_name_downcase(owner, name, NULL);
|
||||
|
||||
memset(buffer, 0, DNS_DS_BUFFERSIZE);
|
||||
isc_buffer_init(&b, buffer, DNS_DS_BUFFERSIZE);
|
||||
|
||||
md = isc_md_new();
|
||||
if (md == NULL) {
|
||||
return (ISC_R_NOMEMORY);
|
||||
}
|
||||
|
||||
switch (digest_type) {
|
||||
case DNS_DSDIGEST_SHA1:
|
||||
md_type = ISC_MD_SHA1;
|
||||
@@ -75,9 +64,23 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
|
||||
break;
|
||||
|
||||
case DNS_DSDIGEST_SHA256:
|
||||
default:
|
||||
md_type = ISC_MD_SHA256;
|
||||
break;
|
||||
|
||||
default:
|
||||
INSIST(0);
|
||||
ISC_UNREACHABLE();
|
||||
}
|
||||
|
||||
name = dns_fixedname_initname(&fname);
|
||||
(void)dns_name_downcase(owner, name, NULL);
|
||||
|
||||
memset(buffer, 0, DNS_DS_BUFFERSIZE);
|
||||
isc_buffer_init(&b, buffer, DNS_DS_BUFFERSIZE);
|
||||
|
||||
md = isc_md_new();
|
||||
if (md == NULL) {
|
||||
return (ISC_R_NOMEMORY);
|
||||
}
|
||||
|
||||
ret = isc_md_init(md, md_type);
|
||||
|
||||
@@ -31,7 +31,7 @@ ISC_LANG_BEGINDECLS
|
||||
|
||||
isc_result_t
|
||||
dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
|
||||
unsigned int digest_type, unsigned char *buffer,
|
||||
dns_dsdigest_t digest_type, unsigned char *buffer,
|
||||
dns_rdata_t *rdata);
|
||||
/*%<
|
||||
* Build the rdata of a DS record.
|
||||
|
||||
@@ -19,8 +19,8 @@ typedef struct dns_rdata_ds {
|
||||
dns_rdatacommon_t common;
|
||||
isc_mem_t *mctx;
|
||||
uint16_t key_tag;
|
||||
uint8_t algorithm;
|
||||
uint8_t digest_type;
|
||||
dns_secalg_t algorithm;
|
||||
dns_dsdigest_t digest_type;
|
||||
uint16_t length;
|
||||
unsigned char *digest;
|
||||
} dns_rdata_ds_t;
|
||||
|
||||
@@ -20,8 +20,8 @@ typedef struct dns_rdata_key {
|
||||
dns_rdatacommon_t common;
|
||||
isc_mem_t * mctx;
|
||||
uint16_t flags;
|
||||
uint8_t protocol;
|
||||
uint8_t algorithm;
|
||||
dns_secproto_t protocol;
|
||||
dns_secalg_t algorithm;
|
||||
uint16_t datalen;
|
||||
unsigned char * data;
|
||||
} dns_rdata_key_t;
|
||||
|
||||
@@ -20,8 +20,8 @@ typedef struct dns_rdata_keydata {
|
||||
uint32_t addhd; /* Hold-down timer for adding */
|
||||
uint32_t removehd; /* Hold-down timer for removing */
|
||||
uint16_t flags; /* Copy of DNSKEY_48 */
|
||||
uint8_t protocol;
|
||||
uint8_t algorithm;
|
||||
dns_secproto_t protocol;
|
||||
dns_secalg_t algorithm;
|
||||
uint16_t datalen;
|
||||
unsigned char * data;
|
||||
} dns_rdata_keydata_t;
|
||||
|
||||
@@ -1758,7 +1758,7 @@ checkkey(dns_validator_t *val, dns_rdata_t *keyrdata, uint16_t keyid,
|
||||
*/
|
||||
static isc_result_t
|
||||
keyfromds(dns_validator_t *val, dns_rdataset_t *rdataset, dns_rdata_t *dsrdata,
|
||||
uint8_t digest, uint16_t keyid, dns_secalg_t algorithm,
|
||||
dns_dsdigest_t digest, uint16_t keyid, dns_secalg_t algorithm,
|
||||
dns_rdata_t *keyrdata)
|
||||
{
|
||||
dns_keytag_t keytag;
|
||||
|
||||
Reference in New Issue
Block a user