From 019e70db4dbd20c8fd14caa56926919b289a0ecf Mon Sep 17 00:00:00 2001 From: Alessio Podda Date: Tue, 7 Oct 2025 06:00:17 +0200 Subject: [PATCH] Move setresign to rdataset.c and rename it The setresign method is not diff specific, it only returns the minimum resign time of an rdataset. Move it to rdataset.c to simplify late refactoring. (cherry picked from commit 6f726ae3db00e98f063302363b39fa41a5a7a8d3) --- lib/dns/diff.c | 37 +------------------------------ lib/dns/include/dns/rdataset.h | 13 +++++++++++ lib/dns/rdataset.c | 40 ++++++++++++++++++++++++++++++++++ 3 files changed, 54 insertions(+), 36 deletions(-) diff --git a/lib/dns/diff.c b/lib/dns/diff.c index d3885c7311..88333abc0f 100644 --- a/lib/dns/diff.c +++ b/lib/dns/diff.c @@ -211,41 +211,6 @@ dns_diff_appendminimal(dns_diff_t *diff, dns_difftuple_t **tuplep) { } } -static isc_stdtime_t -setresign(dns_rdataset_t *modified) { - dns_rdata_t rdata = DNS_RDATA_INIT; - dns_rdata_rrsig_t sig; - int64_t when; - isc_result_t result; - - result = dns_rdataset_first(modified); - INSIST(result == ISC_R_SUCCESS); - dns_rdataset_current(modified, &rdata); - (void)dns_rdata_tostruct(&rdata, &sig, NULL); - if ((rdata.flags & DNS_RDATA_OFFLINE) != 0) { - when = 0; - } else { - when = dns_time64_from32(sig.timeexpire); - } - dns_rdata_reset(&rdata); - - result = dns_rdataset_next(modified); - while (result == ISC_R_SUCCESS) { - dns_rdataset_current(modified, &rdata); - (void)dns_rdata_tostruct(&rdata, &sig, NULL); - if ((rdata.flags & DNS_RDATA_OFFLINE) != 0) { - goto next_rr; - } - if (when == 0 || dns_time64_from32(sig.timeexpire) < when) { - when = dns_time64_from32(sig.timeexpire); - } - next_rr: - dns_rdata_reset(&rdata); - result = dns_rdataset_next(modified); - } - INSIST(result == ISC_R_NOMORE); - return (isc_stdtime_t)when; -} static void getownercase(dns_rdataset_t *rdataset, dns_name_t *name) { @@ -420,7 +385,7 @@ diff_apply(const dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver, op == DNS_DIFFOP_ADDRESIGN)) { isc_stdtime_t resign; - resign = setresign(&ardataset); + resign = dns_rdataset_minresign(&ardataset); dns_db_setsigningtime(db, &ardataset, resign); } diff --git a/lib/dns/include/dns/rdataset.h b/lib/dns/include/dns/rdataset.h index 0dc54cf58e..c52ff87dff 100644 --- a/lib/dns/include/dns/rdataset.h +++ b/lib/dns/include/dns/rdataset.h @@ -691,4 +691,17 @@ dns_trust_totext(dns_trust_t trust); * Display trust in textual form. */ +isc_stdtime_t +dns_rdataset_minresign(dns_rdataset_t *rdataset); +/*%< + * Return the minimum resign time from an RRSIG rdataset. + * + * This function iterates through all RRSIG records in the rdataset + * and returns the earliest expiration time, which indicates when + * the signatures should be resigned. + * + * Requires: + * \li 'rdataset' is a valid rdataset. + */ + ISC_LANG_ENDDECLS diff --git a/lib/dns/rdataset.c b/lib/dns/rdataset.c index b6043ba7ea..dadb1aeca5 100644 --- a/lib/dns/rdataset.c +++ b/lib/dns/rdataset.c @@ -29,6 +29,8 @@ #include #include #include +#include +#include static const char *trustnames[] = { "none", "pending-additional", @@ -676,3 +678,41 @@ dns_rdataset_trimttl(dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, rdataset->ttl = ttl; sigrdataset->ttl = ttl; } + +isc_stdtime_t +dns_rdataset_minresign(dns_rdataset_t *rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdata_rrsig_t sig; + int64_t when; + isc_result_t result; + + REQUIRE(DNS_RDATASET_VALID(rdataset)); + + result = dns_rdataset_first(rdataset); + INSIST(result == ISC_R_SUCCESS); + dns_rdataset_current(rdataset, &rdata); + (void)dns_rdata_tostruct(&rdata, &sig, NULL); + if ((rdata.flags & DNS_RDATA_OFFLINE) != 0) { + when = 0; + } else { + when = dns_time64_from32(sig.timeexpire); + } + dns_rdata_reset(&rdata); + + result = dns_rdataset_next(rdataset); + while (result == ISC_R_SUCCESS) { + dns_rdataset_current(rdataset, &rdata); + (void)dns_rdata_tostruct(&rdata, &sig, NULL); + if ((rdata.flags & DNS_RDATA_OFFLINE) != 0) { + goto next_rr; + } + if (when == 0 || dns_time64_from32(sig.timeexpire) < when) { + when = dns_time64_from32(sig.timeexpire); + } + next_rr: + dns_rdata_reset(&rdata); + result = dns_rdataset_next(rdataset); + } + INSIST(result == ISC_R_NOMORE); + return (isc_stdtime_t)when; +}