diff --git a/lib/dns/include/dns/cert.h b/lib/dns/include/dns/cert.h index 71bfb7488d..228e5dc5b2 100644 --- a/lib/dns/include/dns/cert.h +++ b/lib/dns/include/dns/cert.h @@ -27,6 +27,7 @@ ISC_LANG_BEGINDECLS dns_result_t dns_cert_fromtext(dns_cert_t *certp, isc_textregion_t *source); /* * Convert the text 'source' refers to into a certificate type. + * The text may contain either a mnemonic type name or a decimal type number. * * Requires: * 'certp' is a valid pointer. @@ -35,7 +36,8 @@ dns_result_t dns_cert_fromtext(dns_cert_t *certp, isc_textregion_t *source); * * Returns: * DNS_R_SUCCESS on success - * DNS_R_UNKNOWN type is unknown + * DNS_R_UNKNOWN mnemonic type is unknown + * DNS_R_RANGE numeric type is out of range */ dns_result_t dns_cert_totext(dns_cert_t cert, isc_buffer_t *target); diff --git a/lib/dns/include/dns/keyflags.h b/lib/dns/include/dns/keyflags.h new file mode 100644 index 0000000000..3cb195adc4 --- /dev/null +++ b/lib/dns/include/dns/keyflags.h @@ -0,0 +1,50 @@ +/* + * Copyright (C) 1999 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS + * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE + * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL + * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR + * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS + * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS + * SOFTWARE. + */ + +#ifndef DNS_KEYFLAGS_H +#define DNS_KEYFLAGS_H 1 + +#include + +#include + +ISC_LANG_BEGINDECLS + +dns_result_t dns_keyflags_fromtext(dns_keyflags_t *flagsp, + isc_textregion_t *source); +/* + * Convert the text 'source' refers to into a DNSSEC KEY flags value. + * The text may contain either a set of flag mnemonics separated by + * vertical bars or a decimal flags value. For compatibility with + * older versions of BIND and the DNSSEC signer, octal values + * prefixed with a zero and hexadecimal values prefixed with "0x" + * are also accepted. + * + * Requires: + * 'flagsp' is a valid pointer. + * + * 'source' is a valid text region. + * + * Returns: + * DNS_R_SUCCESS on success + * DNS_R_UNKNOWN mnemonic flag is unknown + * DNS_R_RANGE numeric flag value is out of range + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_KEYFLAGS_H */ diff --git a/lib/dns/include/dns/secalg.h b/lib/dns/include/dns/secalg.h index 9ddd87a856..e6997084d7 100644 --- a/lib/dns/include/dns/secalg.h +++ b/lib/dns/include/dns/secalg.h @@ -28,6 +28,8 @@ dns_result_t dns_secalg_fromtext(dns_secalg_t *secalgp, isc_textregion_t *source); /* * Convert the text 'source' refers to into a DNSSEC security algorithm value. + * The text may contain either a mnemonic algorithm name or a decimal algorithm + * number. * * Requires: * 'secalgp' is a valid pointer. @@ -36,7 +38,8 @@ dns_result_t dns_secalg_fromtext(dns_secalg_t *secalgp, * * Returns: * DNS_R_SUCCESS on success - * DNS_R_UNKNOWN type is unknown + * DNS_R_UNKNOWN mnemonic type is unknown + * DNS_R_RANGE numeric type is out of range */ dns_result_t dns_secalg_totext(dns_secalg_t secalg, isc_buffer_t *target); diff --git a/lib/dns/include/dns/secproto.h b/lib/dns/include/dns/secproto.h new file mode 100644 index 0000000000..f2d4b58607 --- /dev/null +++ b/lib/dns/include/dns/secproto.h @@ -0,0 +1,66 @@ +/* + * Copyright (C) 1999 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS + * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE + * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL + * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR + * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS + * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS + * SOFTWARE. + */ + +#ifndef DNS_SECPROTO_H +#define DNS_SECPROTO_H 1 + +#include + +#include + +ISC_LANG_BEGINDECLS + +dns_result_t dns_secproto_fromtext(dns_secproto_t *secprotop, + isc_textregion_t *source); +/* + * Convert the text 'source' refers to into a DNSSEC security protocol value. + * The text may contain either a mnemonic protocol name or a decimal protocol + * number. + * + * Requires: + * 'secprotop' is a valid pointer. + * + * 'source' is a valid text region. + * + * Returns: + * DNS_R_SUCCESS on success + * DNS_R_UNKNOWN mnemonic type is unknown + * DNS_R_RANGE numeric type is out of range + */ + +dns_result_t dns_secproto_totext(dns_secproto_t secproto, isc_buffer_t *target); +/* + * Put a textual representation of the DNSSEC security protocol 'secproto' + * into 'target'. + * + * Requires: + * 'secproto' is a valid secproto. + * + * 'target' is a valid text buffer. + * + * Ensures: + * If the result is success: + * The used space in 'target' is updated. + * + * Returns: + * DNS_R_SUCCESS on success + * DNS_R_NOSPACE target buffer is too small + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_SECPROTO_H */ diff --git a/lib/dns/include/dns/types.h b/lib/dns/include/dns/types.h index e820158aea..a37eb55441 100644 --- a/lib/dns/include/dns/types.h +++ b/lib/dns/include/dns/types.h @@ -47,6 +47,8 @@ typedef unsigned char dns_offsets_t[128]; typedef struct dns_compress dns_compress_t; typedef struct dns_decompress dns_decompress_t; typedef isc_uint8_t dns_secalg_t; +typedef isc_uint8_t dns_secproto_t; +typedef isc_uint16_t dns_keyflags_t; typedef isc_uint16_t dns_rdataclass_t; typedef isc_uint16_t dns_rdatatype_t; typedef isc_uint16_t dns_rcode_t; diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index 434652b99d..b689533e20 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -15,7 +15,7 @@ * SOFTWARE. */ - /* $Id: rdata.c,v 1.61 1999/09/15 23:03:25 explorer Exp $ */ + /* $Id: rdata.c,v 1.62 1999/09/17 09:22:39 gson Exp $ */ #include @@ -37,6 +37,8 @@ #include #include #include +#include +#include #include #include #include @@ -168,7 +170,7 @@ static const char octdigits[] = "01234567"; { 254, "OID", 0}, \ { 0, NULL, 0} -/* draft-ietf-dnssec-secext2-07.txt section 7 */ +/* RFC2535 section 7 */ #define SECALGNAMES \ { 1, "RSAMD5", 0 }, \ @@ -180,6 +182,16 @@ static const char octdigits[] = "01234567"; { 254, "PRIVATEOID", 0 }, \ { 0, NULL, 0} +/* RFC2535 section 7.1 */ + +#define SECPROTONAMES \ + { 0, "NONE", 0 }, \ + { 1, "TLS", 0 }, \ + { 2, "EMAIL", 0 }, \ + { 3, "DNSSEC", 0 }, \ + { 4, "IPSEC", 0 }, \ + { 255, "ALL", 0 }, \ + { 0, NULL, 0} static struct tbl { unsigned int value; @@ -189,7 +201,47 @@ static struct tbl { classes[] = { METACLASSES CLASSNAMES EMPTYCLASSES { 0, NULL, 0} }, rcodes[] = { RCODENAMES }, certs[] = { CERTNAMES }, -secalgs[] = { SECALGNAMES }; +secalgs[] = { SECALGNAMES }, +secprotos[] = { SECPROTONAMES }; + +static struct keyflag { + char *name; + unsigned int value; + unsigned int mask; +} keyflags[] = { + { "NOCONF", 0x4000, 0xC000 }, + { "NOAUTH", 0x8000, 0xC000 }, + { "NOKEY", 0xC000, 0xC000 }, + { "FLAG2", 0x2000, 0x2000 }, + { "EXTEND", 0x1000, 0x1000 }, + { "FLAG4", 0x0800, 0x0800 }, + { "FLAG5", 0x0400, 0x0400 }, + { "USER", 0x0000, 0x0300 }, + { "ZONE", 0x0100, 0x0300 }, + { "HOST", 0x0200, 0x0300 }, + { "NTYP3", 0x0300, 0x0300 }, + { "FLAG8", 0x0080, 0x0080 }, + { "FLAG9", 0x0040, 0x0040 }, + { "FLAG10", 0x0020, 0x0020 }, + { "FLAG11", 0x0010, 0x0010 }, + { "SIG0", 0x0000, 0x000F }, + { "SIG1", 0x0001, 0x000F }, + { "SIG2", 0x0002, 0x000F }, + { "SIG3", 0x0003, 0x000F }, + { "SIG4", 0x0004, 0x000F }, + { "SIG5", 0x0005, 0x000F }, + { "SIG6", 0x0006, 0x000F }, + { "SIG7", 0x0007, 0x000F }, + { "SIG8", 0x0008, 0x000F }, + { "SIG9", 0x0009, 0x000F }, + { "SIG10", 0x000A, 0x000F }, + { "SIG11", 0x000B, 0x000F }, + { "SIG12", 0x000C, 0x000F }, + { "SIG13", 0x000D, 0x000F }, + { "SIG14", 0x000E, 0x000F }, + { "SIG15", 0x000F, 0x000F }, + { NULL, 0, 0 } +}; /*** *** Initialization @@ -587,6 +639,64 @@ dns_rdata_digest(dns_rdata_t *rdata, dns_digestfunc_t digest, void *arg) { return (result); } +#define NUMBERSIZE sizeof("037777777777") /* 2^32-1 octal + NUL */ + +static dns_result_t +dns_mnemonic_fromtext(unsigned int *valuep, isc_textregion_t *source, + struct tbl *table, unsigned int max) +{ + int i; + + if (isdigit(source->base[0]) && source->length <= NUMBERSIZE - 1) { + unsigned int n; + char *e; + char buffer[NUMBERSIZE]; + /* + * We have a potential number. Try to parse it with strtoul(). + * strtoul() requires null termination, so we must make + * a copy. + */ + strncpy(buffer, source->base, NUMBERSIZE); + INSIST(buffer[source->length] == '\0'); + + n = strtoul(buffer, &e, 10); + if (*e == 0) { + if (n > max) + return (DNS_R_RANGE); + *valuep = n; + return (DNS_R_SUCCESS); + } + /* It was not a number after all; fall through. */ + } + + for (i = 0; table[i].name != NULL; i++) { + unsigned int n; + n = strlen(table[i].name); + if (n == source->length && + strncasecmp(source->base, table[i].name, n) == 0) { + *valuep = table[i].value; + return (DNS_R_SUCCESS); + } + } + return (DNS_R_UNKNOWN); +} + +static dns_result_t +dns_mnemonic_totext(unsigned int value, isc_buffer_t *target, + struct tbl *table) +{ + int i = 0; + char buf[sizeof "4294967296"]; + while (table[i].name != NULL) { + if (table[i].value == value) { + return (str_totext(table[i].name, target)); + } + i++; + } + sprintf(buf, "%u", value); + return (str_totext(buf, target)); +} + dns_result_t dns_rdataclass_fromtext(dns_rdataclass_t *classp, isc_textregion_t *source) { int i = 0; @@ -610,17 +720,7 @@ dns_rdataclass_fromtext(dns_rdataclass_t *classp, isc_textregion_t *source) { dns_result_t dns_rdataclass_totext(dns_rdataclass_t rdclass, isc_buffer_t *target) { - int i = 0; - char buf[sizeof "65000"]; - - while (classes[i].name != NULL) { - if (classes[i].value == rdclass) { - return (str_totext(classes[i].name, target)); - } - i++; - } - sprintf(buf, "%u", rdclass); - return (str_totext(buf, target)); + return (dns_mnemonic_totext(rdclass, target, classes)); } /* XXXRTH Should we use a hash table here? */ @@ -648,17 +748,7 @@ dns_rdatatype_fromtext(dns_rdatatype_t *typep, isc_textregion_t *source) { dns_result_t dns_rdatatype_totext(dns_rdatatype_t type, isc_buffer_t *target) { - int i = 0; - char buf[sizeof "65000"]; - - while (types[i].name != NULL) { - if (types[i].value == type) { - return (str_totext(types[i].name, target)); - } - i++; - } - sprintf(buf, "%u", type); - return (str_totext(buf, target)); + return (dns_mnemonic_totext(type, target, types)); } /* XXXRTH Should we use a hash table here? */ @@ -682,84 +772,109 @@ dns_rcode_fromtext(dns_rcode_t *rcodep, isc_textregion_t *source) { dns_result_t dns_rcode_totext(dns_rcode_t rcode, isc_buffer_t *target) { - int i = 0; - char buf[sizeof "65000"]; - - while (rcodes[i].name != NULL) { - if (rcodes[i].value == rcode) { - return (str_totext(rcodes[i].name, target)); - } - i++; - } - sprintf(buf, "%u", rcode); - return (str_totext(buf, target)); + return (dns_mnemonic_totext(rcode, target, rcodes)); } dns_result_t dns_cert_fromtext(dns_cert_t *certp, isc_textregion_t *source) { - int i = 0; - unsigned int n; - - while (certs[i].name != NULL) { - n = strlen(certs[i].name); - if (n == source->length && - strncasecmp(source->base, certs[i].name, n) == 0) { - *certp = certs[i].value; - return (DNS_R_SUCCESS); - } - i++; - } - return (DNS_R_UNKNOWN); -} + unsigned int value; + RETERR(dns_mnemonic_fromtext(&value, source, certs, 0xffff)); + *certp = value; + return (DNS_R_SUCCESS); +} dns_result_t dns_cert_totext(dns_cert_t cert, isc_buffer_t *target) { - int i = 0; - char buf[sizeof "65000"]; - - while (certs[i].name != NULL) { - if (certs[i].value == cert) { - return (str_totext(certs[i].name, target)); - } - i++; - } - sprintf(buf, "%u", cert); - return (str_totext(buf, target)); + return (dns_mnemonic_totext(cert, target, certs)); } dns_result_t dns_secalg_fromtext(dns_secalg_t *secalgp, isc_textregion_t *source) { - int i = 0; - unsigned int n; - - while (secalgs[i].name != NULL) { - n = strlen(secalgs[i].name); - if (n == source->length && - strncasecmp(source->base, secalgs[i].name, n) == 0) { - *secalgp = secalgs[i].value; - return (DNS_R_SUCCESS); - } - i++; - } - return (DNS_R_UNKNOWN); + unsigned int value; + RETERR(dns_mnemonic_fromtext(&value, source, secalgs, 0xff)); + *secalgp = value; + return (DNS_R_SUCCESS); } dns_result_t dns_secalg_totext(dns_secalg_t secalg, isc_buffer_t *target) { - int i = 0; - char buf[sizeof "65000"]; - - while (secalgs[i].name != NULL) { - if (secalgs[i].value == secalg) { - return (str_totext(secalgs[i].name, target)); - } - i++; - } - sprintf(buf, "%u", secalg); - return (str_totext(buf, target)); + return (dns_mnemonic_totext(secalg, target, secalgs)); } - /* Private function */ +dns_result_t +dns_secproto_fromtext(dns_secproto_t *secprotop, isc_textregion_t *source) { + unsigned int value; + RETERR(dns_mnemonic_fromtext(&value, source, secprotos, 0xff)); + *secprotop = value; + return (DNS_R_SUCCESS); +} + +dns_result_t +dns_secproto_totext(dns_secproto_t secproto, isc_buffer_t *target) { + return (dns_mnemonic_totext(secproto, target, secprotos)); +} + +dns_result_t +dns_keyflags_fromtext(dns_keyflags_t *flagsp, isc_textregion_t *source) +{ + char *text, *end; + unsigned int value, mask; + + if (isdigit(source->base[0]) && source->length <= NUMBERSIZE - 1) { + unsigned int n; + char *e; + char buffer[NUMBERSIZE]; + /* + * We have a potential number. Try to parse it with strtoul(). + * strtoul() requires null termination, so we must make + * a copy. + */ + strncpy(buffer, source->base, NUMBERSIZE); + INSIST(buffer[source->length] == '\0'); + + n = strtoul(buffer, &e, 0); /* Allow hex/octal. */ + if (*e == 0) { + if (n > 0xffff) + return (DNS_R_RANGE); + *flagsp = n; + return (DNS_R_SUCCESS); + } + /* It was not a number after all; fall through. */ + } + + text = source->base; + end = source->base + source->length; + value = mask = 0; + + while (text < end) { + struct keyflag *p; + unsigned int len; + char *delim = memchr(text, '|', end - text); + if (delim != NULL) + len = delim - text; + else + len = end - text; + for (p = keyflags; p->name != NULL; p++) { + if (strncasecmp(p->name, text, len) == 0) + break; + } + if (p->name == NULL) + return (DNS_R_UNKNOWN); + value |= p->value; +#ifdef notyet + if ((mask & p->mask) != 0) + warn("overlapping key flags"); +#endif + mask |= p->mask; + text += len; + if (delim != NULL) + text++; /* Skip "|" */ + } + *flagsp = value; + return (DNS_R_SUCCESS); +} + +/* Private function */ static unsigned int name_length(dns_name_t *name) { diff --git a/lib/dns/rdata/generic/cert_37.c b/lib/dns/rdata/generic/cert_37.c index 8db4528958..e3b4270392 100644 --- a/lib/dns/rdata/generic/cert_37.c +++ b/lib/dns/rdata/generic/cert_37.c @@ -15,7 +15,7 @@ * SOFTWARE. */ - /* $Id: cert_37.c,v 1.14 1999/09/15 23:03:27 explorer Exp $ */ + /* $Id: cert_37.c,v 1.15 1999/09/17 09:22:40 gson Exp $ */ /* draft-ietf-dnssec-certs-04.txt */ @@ -35,20 +35,14 @@ fromtext_cert(dns_rdataclass_t rdclass, dns_rdatatype_t type, REQUIRE(type == 37); - rdclass = rdclass; /*unused*/ + rdclass = rdclass; /*unused*/ origin = origin; /*unused*/ downcase = downcase; /*unused*/ /* cert type */ RETERR(gettoken(lexer, &token, isc_tokentype_string, ISC_FALSE)); n = strtol(token.value.as_pointer, &e, 10); - if (*e != 0) { - RETERR(dns_cert_fromtext(&cert, &token.value.as_textregion)); - } else { - if (n < 0 || n > 0xffff) - return (DNS_R_RANGE); - cert = n; - } + RETERR(dns_cert_fromtext(&cert, &token.value.as_textregion)); RETERR(uint16_tobuffer(cert, target)); /* key tag */ @@ -59,15 +53,7 @@ fromtext_cert(dns_rdataclass_t rdclass, dns_rdatatype_t type, /* algorithm */ RETERR(gettoken(lexer, &token, isc_tokentype_string, ISC_FALSE)); - n = strtol(token.value.as_pointer, &e, 10); - if (*e != 0) { - RETERR(dns_secalg_fromtext(&secalg, - &token.value.as_textregion)); - } else { - if (n < 0 || n > 0xff) - return (DNS_R_RANGE); - secalg = n; - } + RETERR(dns_secalg_fromtext(&secalg, &token.value.as_textregion)); RETERR(mem_tobuffer(target, &secalg, 1)); return (isc_base64_tobuffer(lexer, target, -1)); diff --git a/lib/dns/rdata/generic/key_25.c b/lib/dns/rdata/generic/key_25.c index 51fc2f7321..28a30ff7a1 100644 --- a/lib/dns/rdata/generic/key_25.c +++ b/lib/dns/rdata/generic/key_25.c @@ -15,7 +15,7 @@ * SOFTWARE. */ - /* $Id: key_25.c,v 1.12 1999/09/15 23:03:29 explorer Exp $ */ + /* $Id: key_25.c,v 1.13 1999/09/17 09:22:40 gson Exp $ */ /* RFC 2065 */ @@ -28,32 +28,30 @@ fromtext_key(dns_rdataclass_t rdclass, dns_rdatatype_t type, isc_boolean_t downcase, isc_buffer_t *target) { isc_token_t token; - unsigned char c; - unsigned int flags; + dns_secalg_t alg; + dns_secproto_t proto; + dns_keyflags_t flags; REQUIRE(type == 25); - rdclass = rdclass; /*unused*/ + rdclass = rdclass; /*unused*/ origin = origin; /*unused*/ downcase = downcase; /*unused*/ - RETERR(gettoken(lexer, &token, isc_tokentype_number, ISC_FALSE)); - if (token.value.as_ulong > 0xffff) - return (DNS_R_RANGE); - RETERR(uint16_tobuffer(token.value.as_ulong, target)); - flags = token.value.as_ulong; + /* flags */ + RETERR(gettoken(lexer, &token, isc_tokentype_string, ISC_FALSE)); + RETERR(dns_keyflags_fromtext(&flags, &token.value.as_textregion)); + RETERR(uint16_tobuffer(flags, target)); - RETERR(gettoken(lexer, &token, isc_tokentype_number, ISC_FALSE)); - if (token.value.as_ulong > 0xff) - return (DNS_R_RANGE); - c = token.value.as_ulong; - RETERR(mem_tobuffer(target, &c, 1)); + /* protocol */ + RETERR(gettoken(lexer, &token, isc_tokentype_string, ISC_FALSE)); + RETERR(dns_secproto_fromtext(&proto, &token.value.as_textregion)); + RETERR(mem_tobuffer(target, &proto, 1)); - RETERR(gettoken(lexer, &token, isc_tokentype_number, ISC_FALSE)); - if (token.value.as_ulong > 0xff) - return (DNS_R_RANGE); - c = token.value.as_ulong; - RETERR(mem_tobuffer(target, &c, 1)); + /* algorithm */ + RETERR(gettoken(lexer, &token, isc_tokentype_string, ISC_FALSE)); + RETERR(dns_secalg_fromtext(&alg, &token.value.as_textregion)); + RETERR(mem_tobuffer(target, &alg, 1)); /* No Key? */ if ((flags & 0xc000) == 0xc000) diff --git a/lib/dns/rdata/generic/sig_24.c b/lib/dns/rdata/generic/sig_24.c index 9254507df4..8cebf4ba17 100644 --- a/lib/dns/rdata/generic/sig_24.c +++ b/lib/dns/rdata/generic/sig_24.c @@ -15,7 +15,7 @@ * SOFTWARE. */ - /* $Id: sig_24.c,v 1.21 1999/09/15 23:03:32 explorer Exp $ */ + /* $Id: sig_24.c,v 1.22 1999/09/17 09:22:40 gson Exp $ */ /* RFC 2065 */ @@ -55,10 +55,8 @@ fromtext_sig(dns_rdataclass_t rdclass, dns_rdatatype_t type, RETERR(uint16_tobuffer(covered, target)); /* algorithm */ - RETERR(gettoken(lexer, &token, isc_tokentype_number, ISC_FALSE)); - if (token.value.as_ulong > 0xff) - return (DNS_R_RANGE); - c = token.value.as_ulong; + RETERR(gettoken(lexer, &token, isc_tokentype_string, ISC_FALSE)); + RETERR(dns_secalg_fromtext(&c, &token.value.as_textregion)); RETERR(mem_tobuffer(target, &c, 1)); /* labels */ diff --git a/util/copyrights b/util/copyrights index 5f179a7825..76eb19bc66 100644 --- a/util/copyrights +++ b/util/copyrights @@ -322,6 +322,8 @@ ./lib/dns/include/dns/resolver.h C 1999 ./lib/dns/include/dns/result.h C 1998,1999 ./lib/dns/include/dns/secalg.h C 1999 +./lib/dns/include/dns/secproto.h C 1999 +./lib/dns/include/dns/keyflags.h C 1999 ./lib/dns/include/dns/tcpmsg.h C 1999 ./lib/dns/include/dns/time.h C 1999 ./lib/dns/include/dns/tsig.h C 1999