Move setresign to rdataset.c and rename it

The setresign method is not diff specific, it only returns the minimum resign time of an rdataset. Move it to rdataset.c to simplify late refactoring. (cherry picked from commit 6f726ae3db)
2026-05-28 04:34:54 -04:00 · 2025-10-07 06:00:17 +02:00 · 2025-10-07 06:00:17 +02:00 · 019e70db4d
commit 019e70db4d
parent 1124a10f97
3 changed files with 54 additions and 36 deletions
--- a/lib/dns/diff.c
+++ b/lib/dns/diff.c
@ -211,41 +211,6 @@ dns_diff_appendminimal(dns_diff_t *diff, dns_difftuple_t **tuplep) {
 	}
 }

-static isc_stdtime_t
-setresign(dns_rdataset_t *modified) {
-	dns_rdata_t rdata = DNS_RDATA_INIT;
-	dns_rdata_rrsig_t sig;
-	int64_t when;
-	isc_result_t result;
-
-	result = dns_rdataset_first(modified);
-	INSIST(result == ISC_R_SUCCESS);
-	dns_rdataset_current(modified, &rdata);
-	(void)dns_rdata_tostruct(&rdata, &sig, NULL);
-	if ((rdata.flags & DNS_RDATA_OFFLINE) != 0) {
-		when = 0;
-	} else {
-		when = dns_time64_from32(sig.timeexpire);
-	}
-	dns_rdata_reset(&rdata);
-
-	result = dns_rdataset_next(modified);
-	while (result == ISC_R_SUCCESS) {
-		dns_rdataset_current(modified, &rdata);
-		(void)dns_rdata_tostruct(&rdata, &sig, NULL);
-		if ((rdata.flags & DNS_RDATA_OFFLINE) != 0) {
-			goto next_rr;
-		}
-		if (when == 0 || dns_time64_from32(sig.timeexpire) < when) {
-			when = dns_time64_from32(sig.timeexpire);
-		}
-	next_rr:
-		dns_rdata_reset(&rdata);
-		result = dns_rdataset_next(modified);
-	}
-	INSIST(result == ISC_R_NOMORE);
-	return (isc_stdtime_t)when;
-}

 static void
 getownercase(dns_rdataset_t *rdataset, dns_name_t *name) {
@ -420,7 +385,7 @@ diff_apply(const dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver,
 				     op == DNS_DIFFOP_ADDRESIGN))
 				{
 					isc_stdtime_t resign;
-					resign = setresign(&ardataset);
+					resign = dns_rdataset_minresign(&ardataset);
 					dns_db_setsigningtime(db, &ardataset,
 							      resign);
 				}
--- a/lib/dns/include/dns/rdataset.h
+++ b/lib/dns/include/dns/rdataset.h
@ -691,4 +691,17 @@ dns_trust_totext(dns_trust_t trust);
 * Display trust in textual form.
 */

+isc_stdtime_t
+dns_rdataset_minresign(dns_rdataset_t *rdataset);
+/*%<
+ * Return the minimum resign time from an RRSIG rdataset.
+ *
+ * This function iterates through all RRSIG records in the rdataset
+ * and returns the earliest expiration time, which indicates when
+ * the signatures should be resigned.
+ *
+ * Requires:
+ * \li	'rdataset' is a valid rdataset.
+ */
+
 ISC_LANG_ENDDECLS
--- a/lib/dns/rdataset.c
+++ b/lib/dns/rdataset.c
@ -29,6 +29,8 @@
 #include <dns/ncache.h>
 #include <dns/rdata.h>
 #include <dns/rdataset.h>
+#include <dns/time.h>
+#include <dns/types.h>

 static const char *trustnames[] = {
 	"none",		  "pending-additional",
@ -676,3 +678,41 @@ dns_rdataset_trimttl(dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset,
 	rdataset->ttl = ttl;
 	sigrdataset->ttl = ttl;
 }
+
+isc_stdtime_t
+dns_rdataset_minresign(dns_rdataset_t *rdataset) {
+	dns_rdata_t rdata = DNS_RDATA_INIT;
+	dns_rdata_rrsig_t sig;
+	int64_t when;
+	isc_result_t result;
+
+	REQUIRE(DNS_RDATASET_VALID(rdataset));
+
+	result = dns_rdataset_first(rdataset);
+	INSIST(result == ISC_R_SUCCESS);
+	dns_rdataset_current(rdataset, &rdata);
+	(void)dns_rdata_tostruct(&rdata, &sig, NULL);
+	if ((rdata.flags & DNS_RDATA_OFFLINE) != 0) {
+		when = 0;
+	} else {
+		when = dns_time64_from32(sig.timeexpire);
+	}
+	dns_rdata_reset(&rdata);
+
+	result = dns_rdataset_next(rdataset);
+	while (result == ISC_R_SUCCESS) {
+		dns_rdataset_current(rdataset, &rdata);
+		(void)dns_rdata_tostruct(&rdata, &sig, NULL);
+		if ((rdata.flags & DNS_RDATA_OFFLINE) != 0) {
+			goto next_rr;
+		}
+		if (when == 0 || dns_time64_from32(sig.timeexpire) < when) {
+			when = dns_time64_from32(sig.timeexpire);
+		}
+	next_rr:
+		dns_rdata_reset(&rdata);
+		result = dns_rdataset_next(rdataset);
+	}
+	INSIST(result == ISC_R_NOMORE);
+	return (isc_stdtime_t)when;
+}