cleanup: use dns_secalg_t and dns_dsdigest_t where appropriate 1498/head
authorTony Finch <dot@dotat.at>
Fri, 8 Feb 2019 17:54:56 +0000 (17:54 +0000)
committerMark Andrews <marka@isc.org>
Fri, 8 Mar 2019 07:37:50 +0000 (18:37 +1100)
Use them in structs for various rdata types where they are missing.
This doesn't change the structs since we are replacing explicit
uint8_t field types with aliases for uint8_t.

Use dns_dsdigest_t in library function arguments.

Improve dnssec-cds with these more specific types.

CHANGES
bin/dnssec/dnssec-cds.c
bin/dnssec/dnssec-dsfromkey.c
lib/dns/ds.c
lib/dns/include/dns/ds.h
lib/dns/rdata/generic/ds_43.h
lib/dns/rdata/generic/key_25.h
lib/dns/rdata/generic/keydata_65533.h
lib/dns/validator.c

diff --git a/CHANGES b/CHANGES
index f324517..fc83438 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+5179.  [cleanup]       Replace some vague type declarations with the more
+                       specific dns_secalg_t and dns_dsdigest_t.
+                       Thanks to Tony Finch. [GL !1498]
+
 5178.  [bug]           Handle EDQUOT (disk quota) and ENOSPC (disk full)
                        errors when writing files. [GL #902]
 
index 955315f..404fa71 100644 (file)
@@ -86,7 +86,7 @@ static dns_rdataclass_t rdclass = dns_rdataclass_in;
  * List of digest types used by ds_from_cdnskey(), filled in by add_dtype()
  * from -a arguments. The size of the array is an arbitrary limit.
  */
-static uint8_t dtype[8];
+static dns_dsdigest_t dtype[8];
 
 static const char *startstr  = NULL;   /* from which we derive notbefore */
 static isc_stdtime_t notbefore = 0;    /* restrict sig inception times */
@@ -129,7 +129,7 @@ static int nkey; /* number of child zone DNSKEY records */
 typedef struct keyinfo {
        dns_rdata_t rdata;
        dst_key_t *dst;
-       uint8_t algo;
+       dns_secalg_t algo;
        dns_keytag_t tag;
 } keyinfo_t;
 
@@ -614,12 +614,12 @@ free_keytable(keyinfo_t **keytable_p) {
  * otherwise the key algorithm. This is used by the signature coverage
  * check functions below.
  */
-static uint8_t *
+static dns_secalg_t *
 matching_sigs(keyinfo_t *keytbl, dns_rdataset_t *rdataset,
              dns_rdataset_t *sigset)
 {
        isc_result_t result;
-       uint8_t *algo;
+       dns_secalg_t *algo;
        int i;
 
        algo = isc_mem_get(mctx, nkey);
@@ -702,7 +702,7 @@ matching_sigs(keyinfo_t *keytbl, dns_rdataset_t *rdataset,
  * fetched from the child zone, any working signature is enough.
  */
 static bool
-signed_loose(uint8_t *algo) {
+signed_loose(dns_secalg_t *algo) {
        bool ok = false;
        int i;
        for (i = 0; i < nkey; i++) {
@@ -721,7 +721,7 @@ signed_loose(uint8_t *algo) {
  * RRset.
  */
 static bool
-signed_strict(dns_rdataset_t *dsset, uint8_t *algo) {
+signed_strict(dns_rdataset_t *dsset, dns_secalg_t *algo) {
        isc_result_t result;
        bool all_ok = true;
 
@@ -844,14 +844,14 @@ ds_from_cdnskey(dns_rdatalist_t *dslist, isc_buffer_t *buf,
  */
 static int
 cmp_dtype(const void *ap, const void *bp) {
-       int a = *(const uint8_t *)ap;
-       int b = *(const uint8_t *)bp;
+       int a = *(const dns_dsdigest_t *)ap;
+       int b = *(const dns_dsdigest_t *)bp;
        return (a - b);
 }
 
 static void
 add_dtype(const char *dn) {
-       uint8_t dt;
+       dns_dsdigest_t dt;
        unsigned i, n;
 
        dt = strtodsdigest(dn);
@@ -936,7 +936,7 @@ consistent_digests(dns_rdataset_t *dsset) {
        dns_rdata_t *arrdata;
        dns_rdata_ds_t *ds;
        dns_keytag_t key_tag;
-       uint8_t algorithm;
+       dns_secalg_t algorithm;
        bool match;
        int i, j, n, d;
 
index ae11561..9a47fb4 100644 (file)
@@ -235,7 +235,7 @@ logkey(dns_rdata_t *rdata)
 }
 
 static void
-emit(unsigned int dtype, bool showall, char *lookaside,
+emit(dns_dsdigest_t dtype, bool showall, char *lookaside,
      bool cds, dns_rdata_t *rdata)
 {
        isc_result_t result;
@@ -350,7 +350,7 @@ main(int argc, char **argv) {
        char            *lookaside = NULL;
        char            *endp;
        int             ch;
-       unsigned int    dtype = DNS_DSDIGEST_SHA1;
+       dns_dsdigest_t  dtype = DNS_DSDIGEST_SHA1;
        bool    cds = false;
        bool    both = true;
        bool    usekeyset = false;
index e4d8131..0311809 100644 (file)
@@ -32,7 +32,7 @@
 
 isc_result_t
 dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
-                 unsigned int digest_type, unsigned char *buffer,
+                 dns_dsdigest_t digest_type, unsigned char *buffer,
                  dns_rdata_t *rdata)
 {
        dns_fixedname_t fname;
@@ -54,17 +54,6 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
                return (ISC_R_NOTIMPLEMENTED);
        }
 
-       name = dns_fixedname_initname(&fname);
-       (void)dns_name_downcase(owner, name, NULL);
-
-       memset(buffer, 0, DNS_DS_BUFFERSIZE);
-       isc_buffer_init(&b, buffer, DNS_DS_BUFFERSIZE);
-
-       md = isc_md_new();
-       if (md == NULL) {
-               return (ISC_R_NOMEMORY);
-       }
-
        switch (digest_type) {
        case DNS_DSDIGEST_SHA1:
                md_type = ISC_MD_SHA1;
@@ -75,9 +64,23 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
                break;
 
        case DNS_DSDIGEST_SHA256:
-       default:
                md_type = ISC_MD_SHA256;
                break;
+
+       default:
+               INSIST(0);
+               ISC_UNREACHABLE();
+       }
+
+       name = dns_fixedname_initname(&fname);
+       (void)dns_name_downcase(owner, name, NULL);
+
+       memset(buffer, 0, DNS_DS_BUFFERSIZE);
+       isc_buffer_init(&b, buffer, DNS_DS_BUFFERSIZE);
+
+       md = isc_md_new();
+       if (md == NULL) {
+               return (ISC_R_NOMEMORY);
        }
 
        ret = isc_md_init(md, md_type);
index 122d6cd..a1df4a5 100644 (file)
@@ -31,7 +31,7 @@ ISC_LANG_BEGINDECLS
 
 isc_result_t
 dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
-                 unsigned int digest_type, unsigned char *buffer,
+                 dns_dsdigest_t digest_type, unsigned char *buffer,
                  dns_rdata_t *rdata);
 /*%<
  * Build the rdata of a DS record.
index 0d373ec..9d47738 100644 (file)
@@ -19,8 +19,8 @@ typedef struct dns_rdata_ds {
        dns_rdatacommon_t       common;
        isc_mem_t               *mctx;
        uint16_t                key_tag;
-       uint8_t         algorithm;
-       uint8_t         digest_type;
+       dns_secalg_t            algorithm;
+       dns_dsdigest_t          digest_type;
        uint16_t                length;
        unsigned char           *digest;
 } dns_rdata_ds_t;
index 330363b..4bcad50 100644 (file)
@@ -20,8 +20,8 @@ typedef struct dns_rdata_key {
        dns_rdatacommon_t       common;
        isc_mem_t *             mctx;
        uint16_t                flags;
-       uint8_t         protocol;
-       uint8_t         algorithm;
+       dns_secproto_t          protocol;
+       dns_secalg_t            algorithm;
        uint16_t                datalen;
        unsigned char *         data;
 } dns_rdata_key_t;
index 40061e1..45a8fa9 100644 (file)
@@ -20,8 +20,8 @@ typedef struct dns_rdata_keydata {
        uint32_t                addhd;        /* Hold-down timer for adding */
        uint32_t                removehd;     /* Hold-down timer for removing */
        uint16_t                flags;        /* Copy of DNSKEY_48 */
-       uint8_t         protocol;
-       uint8_t         algorithm;
+       dns_secproto_t          protocol;
+       dns_secalg_t            algorithm;
        uint16_t                datalen;
        unsigned char *         data;
 } dns_rdata_keydata_t;
index 32f5fd6..7c2d5fe 100644 (file)
@@ -1758,7 +1758,7 @@ checkkey(dns_validator_t *val, dns_rdata_t *keyrdata, uint16_t keyid,
  */
 static isc_result_t
 keyfromds(dns_validator_t *val, dns_rdataset_t *rdataset, dns_rdata_t *dsrdata,
-         uint8_t digest, uint16_t keyid, dns_secalg_t algorithm,
+         dns_dsdigest_t digest, uint16_t keyid, dns_secalg_t algorithm,
          dns_rdata_t *keyrdata)
 {
        dns_keytag_t keytag;