Handle placeholder KEYDATA record

A placeholder keydata record can appear in a zone file.  Allow them
to be read back in.

bin/tests/system/journal/clean.sh

@@ -14,4 +14,5 @@ rm -f */named.run
 rm -f dig.out*
 rm -f journalprint.out.*
 rm -f ns1/managed-keys.bind
+rm -f ns2/managed-keys.bind
 rm -f tmp.jnl

bin/tests/system/journal/ns2/managed-keys.bind.in

@@ -0,0 +1,14 @@
+$ORIGIN .
+$TTL 0	; 0 seconds
+@			IN SOA	. . (
+				29         ; serial
+				0          ; refresh (0 seconds)
+				0          ; retry (0 seconds)
+				0          ; expire (0 seconds)
+				0          ; minimum (0 seconds)
+				)
+			KEYDATA	20210611104535 19700101000000 19700101000000 0 0 0 (
+
+				) ; ZSK; alg = 0; key id = 0
+				; next refresh: Fri, 11 Jun 2021 10:45:35 GMT
+				; no trust

bin/tests/system/journal/ns2/named.conf.in

@@ -0,0 +1,34 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+options {
+	query-source address 10.53.0.2;
+	notify-source 10.53.0.2;
+	transfer-source 10.53.0.2;
+	port @PORT@;
+	session-keyfile "session.key";
+	pid-file "named.pid";
+	listen-on { 10.53.0.2; };
+	listen-on-v6 { none; };
+	dnssec-validation yes;
+	minimal-responses no;
+	recursion no;
+	notify yes;
+};
+
+key rndc_key {
+	secret "1234abcd8765";
+	algorithm hmac-sha256;
+};
+
+controls {
+	inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};

bin/tests/system/journal/setup.sh

@@ -43,3 +43,7 @@ cp ns1/maxjournal2.jnl.saved ns1/maxjournal2.db.jnl
 
 cp ns1/managed-keys.bind.in ns1/managed-keys.bind
 $PERL ../fromhex.pl < ns1/managed-keys.bind.jnl.in > ns1/managed-keys.bind.jnl
+
+copy_setports ns2/named.conf.in ns2/named.conf
+cp ns2/managed-keys.bind.in ns2/managed-keys.bind
+cp ns2/managed-keys.bind.jnl.in ns2/managed-keys.bind.jnl

bin/tests/system/journal/tests.sh

@@ -243,5 +243,11 @@ done
 [ $ret -eq 0 ] || echo_i "failed"
 status=`expr $status + $ret`
 
+n=`expr $n + 1`
+echo_i "check that journal is applied to zone with keydata placeholder record"
+ret=0
+grep 'managed-keys-zone: journal rollforward completed successfully: up to date' ns2/named.run > /dev/null 2>&1 || ret=1
+[ $ret -eq 0 ] || echo_i "failed"
+
 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1

lib/dns/rdata/generic/keydata_65533.c

@@ -71,6 +71,11 @@ fromtext_keydata(ARGS_FROMTEXT) {
 	RETTOK(dns_secalg_fromtext(&alg, &token.value.as_textregion));
 	RETERR(mem_tobuffer(target, &alg, 1));
 
+	/* Do we have a placeholder KEYDATA record? */
+	if (flags == 0 && proto == 0 && alg == 0) {
+		return (ISC_R_SUCCESS);
+	}
+
 	/* No Key? */
 	if ((flags & 0xc000) == 0xc000) {
 		return (ISC_R_SUCCESS);
@@ -84,7 +89,7 @@ totext_keydata(ARGS_TOTEXT) {
 	isc_region_t sr;
 	char buf[sizeof("64000")];
 	unsigned int flags;
-	unsigned char algorithm;
+	unsigned char proto, algorithm;
 	unsigned long refresh, add, deltime;
 	char algbuf[DNS_NAME_FORMATSIZE];
 	const char *keyinfo;
@@ -132,7 +137,8 @@ totext_keydata(ARGS_TOTEXT) {
 	}
 
 	/* protocol */
-	snprintf(buf, sizeof(buf), "%u", sr.base[0]);
+	proto = sr.base[0];
+	snprintf(buf, sizeof(buf), "%u", proto);
 	isc_region_consume(&sr, 1);
 	RETERR(str_totext(buf, target));
 	RETERR(str_totext(" ", target));
@@ -143,6 +149,14 @@ totext_keydata(ARGS_TOTEXT) {
 	isc_region_consume(&sr, 1);
 	RETERR(str_totext(buf, target));
 
+	/* Do we have a placeholder KEYDATA record? */
+	if (flags == 0 && proto == 0 && algorithm == 0) {
+		if ((tctx->flags & DNS_STYLEFLAG_RRCOMMENT) != 0) {
+			RETERR(str_totext(" ; placeholder", target));
+		}
+		return (ISC_R_SUCCESS);
+	}
+
 	/* No Key? */
 	if ((flags & 0xc000) == 0xc000) {
 		return (ISC_R_SUCCESS);