Move code handling key loading errors into a common function

Some values returned by dstkey_fromconfig() indicate that key loading should be interrupted, others do not. There are also certain subsequent checks to be made after parsing a key from configuration and the results of these checks also affect the key loading process. All of this complicates the key loading logic. In order to make the relevant parts of the code easier to follow, reduce the body of the inner for loop in load_view_keys() to a single call to a new function, process_key(). Move dstkey_fromconfig() error handling to process_key() as well and add comments to clearly describe the effects of various key loading errors.
2019-01-24 12:50:01 +01:00
parent 4d1ed1283a
commit b85007e0a6
2 changed files with 112 additions and 58 deletions
--- a/bin/tests/system/mkeys/tests.sh
+++ b/bin/tests/system/mkeys/tests.sh
@@ -763,12 +763,12 @@ rm -f ns6/managed-keys.bind*
 nextpart ns6/named.run > /dev/null
 $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} mkeys ns6
 # log when an unsupported algorithm is encountered during startup
-wait_for_log "skipping managed key for 'unsupported\.': algorithm is unsupported" ns6/named.run
+wait_for_log "ignoring managed key for 'unsupported\.': algorithm is unsupported" ns6/named.run
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`

 n=`expr $n + 1`
-echo_i "skipping unsupported algorithm in managed-keys ($n)"
+echo_i "ignoring unsupported algorithm in managed-keys ($n)"
 ret=0
 mkeys_status_on 6 > rndc.out.$n 2>&1
 # there should still be only two keys listed (for . and rsasha256.)
@@ -793,7 +793,7 @@ if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`

 n=`expr $n + 1`
-echo_i "skipping unsupported algorithm in rollover ($n)"
+echo_i "ignoring unsupported algorithm in rollover ($n)"
 ret=0
 mkeys_reload_on 1
 mkeys_refresh_on 6