Commit 2e173bbd authored by Tony Finch's avatar Tony Finch Committed by Evan Hunt

cleanup: allow building DS directly from CDNSKEY

Relax an assertion in lib/dns/ds.c so that dnssec-cds does
not have to work around it. This will also be useful for
dnssec-dsfromkey.
parent 18d94c80
......@@ -482,7 +482,6 @@ match_key_dsset(keyinfo_t *ki, dns_rdataset_t *dsset, strictness_t strictness)
dns_rdata_ds_t ds;
dns_rdata_t dsrdata = DNS_RDATA_INIT;
dns_rdata_t newdsrdata = DNS_RDATA_INIT;
dns_rdatatype_t keytype;
bool c;
dns_rdataset_current(dsset, &dsrdata);
......@@ -493,12 +492,8 @@ match_key_dsset(keyinfo_t *ki, dns_rdataset_t *dsset, strictness_t strictness)
continue;
}
/* allow for both DNSKEY and CDNSKEY */
keytype = ki->rdata.type;
ki->rdata.type = dns_rdatatype_dnskey;
result = dns_ds_buildrdata(name, &ki->rdata, ds.digest_type,
dsbuf, &newdsrdata);
ki->rdata.type = keytype;
if (result != ISC_R_SUCCESS) {
vbprintf(3, "dns_ds_buildrdata("
"keytag=%d, algo=%d, digest=%d): %s\n",
......@@ -826,7 +821,6 @@ ds_from_cdnskey(dns_rdatalist_t *dslist, isc_buffer_t *buf,
return (ISC_R_NOSPACE);
}
cdnskey->type = dns_rdatatype_dnskey;
rdata = rdata_get();
result = dns_ds_buildrdata(name, cdnskey, dtype[i],
r.base, rdata);
......
......@@ -47,7 +47,8 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
isc_result_t ret;
REQUIRE(key != NULL);
REQUIRE(key->type == dns_rdatatype_dnskey);
REQUIRE(key->type == dns_rdatatype_dnskey ||
key->type == dns_rdatatype_cdnskey);
if (!dst_ds_digest_supported(digest_type)) {
return (ISC_R_NOTIMPLEMENTED);
......
......@@ -37,7 +37,7 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
* Build the rdata of a DS record.
*
* Requires:
*\li key Points to a valid DNS KEY record.
*\li key Points to a valid DNSKEY or CDNSKEY record.
*\li buffer Points to a temporary buffer of at least
* #DNS_DS_BUFFERSIZE bytes.
*\li rdata Points to an initialized dns_rdata_t.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment