314. [func] Inet controls named.conf statement can now have

any non-negative number of keys specified.

CHANGES

@@ -1,3 +1,6 @@
+ 314.	[func]		Inet controls named.conf statement can now have 
+			any non-negative number of keys specified.
+
  313.	[bug]		When parsing resolv.conf, don't terminate on an
 			error.  Instead, parse as much as possible, but
 			still return an error if one was found.

bin/tests/named.conf

@@ -15,7 +15,7 @@
  * SOFTWARE.
  */
 
-/* $Id: named.conf,v 1.39 2000/07/07 13:56:09 brister Exp $ */
+/* $Id: named.conf,v 1.40 2000/07/07 23:11:41 brister Exp $ */
 
 /*
  * This is a worthless, nonrunnable example of a named.conf file that has
@@ -200,7 +200,7 @@ options {
 controls {
 	inet * port 52 allow { any; };			// a bad idea
 	inet 10.0.0.1 allow { any; };			// a bad idea
-	inet 10.0.0.2 allow { none; } keys "foo"; 	// a bad idea
+	inet 10.0.0.2 allow { none; } keys { "key-1"; "key-2"; };// a bad idea
 	unix "/var/run/ndc" perm 0600 owner 0 group 0;	// the default
 };
 

lib/dns/config/confctl.c

@@ -15,7 +15,7 @@
  * SOFTWARE.
  */
 
-/* $Id: confctl.c,v 1.22 2000/07/07 14:30:00 brister Exp $ */
+/* $Id: confctl.c,v 1.23 2000/07/07 23:11:42 brister Exp $ */
 
 #include <config.h>
 
@@ -105,7 +105,7 @@ dns_c_ctrllist_delete(dns_c_ctrllist_t **list) {
 isc_result_t
 dns_c_ctrlinet_new(isc_mem_t *mem, dns_c_ctrl_t **control,
 		   isc_sockaddr_t addr, in_port_t port,
-		   dns_c_ipmatchlist_t *iml, const char *key,
+		   dns_c_ipmatchlist_t *iml, dns_c_kidlist_t *keylist,
 		   isc_boolean_t copy)
 {
 	dns_c_ctrl_t  *ctrl;
@@ -124,14 +124,10 @@ dns_c_ctrlinet_new(isc_mem_t *mem, dns_c_ctrl_t **control,
 	ctrl->control_type = dns_c_inet_control;
 	ctrl->u.inet_v.addr = addr;
 	ctrl->u.inet_v.port = port;
-	ctrl->u.inet_v.key = NULL;
+	ctrl->keyidlist = NULL;
 
-	if (key != NULL) {
-		ctrl->u.inet_v.key = isc_mem_strdup(mem, key);
-		if (ctrl->u.inet_v.key == NULL) {
-			isc_mem_put(mem, ctrl, sizeof *ctrl);
-			return (ISC_R_NOMEMORY);
-		}
+	if (keylist != NULL) {
+		ctrl->keyidlist = keylist;
 	}
 
 	if (copy) {
@@ -177,6 +173,8 @@ dns_c_ctrlunix_new(isc_mem_t *mem, dns_c_ctrl_t **control,
 	ctrl->u.unix_v.perm = perm;
 	ctrl->u.unix_v.owner = uid;
 	ctrl->u.unix_v.group = gid;
+
+	ctrl->keyidlist = NULL;
 	
 	*control = ctrl;
 
@@ -206,10 +204,6 @@ dns_c_ctrl_delete(dns_c_ctrl_t **control) {
 		else
 			res = ISC_R_SUCCESS;
 
-		if (ctrl->u.inet_v.key != NULL) {
-			isc_mem_free(mem, ctrl->u.inet_v.key);
-		}
-		
 		break;
 
 	case dns_c_unix_control:
@@ -218,6 +212,10 @@ dns_c_ctrl_delete(dns_c_ctrl_t **control) {
 		break;
 	}
 
+	if (ctrl->keyidlist != NULL) {
+		dns_c_kidlist_delete(&ctrl->keyidlist);
+	}
+
 	ctrl->magic = 0;
 	
 	isc_mem_put(mem, ctrl, sizeof *ctrl);
@@ -253,11 +251,11 @@ dns_c_ctrl_print(FILE *fp, int indent, dns_c_ctrl_t *ctl) {
 		fprintf(fp, "allow ");
 		dns_c_ipmatchlist_print(fp, indent + 2, iml);
 
-		if (ctl->u.inet_v.key != NULL) {
+		if (ctl->keyidlist != NULL) {
 			fprintf(fp, "\n");
-			dns_c_printtabs(fp, indent + 1);
-			fprintf(fp, "keys { \"%s\" ; }", ctl->u.inet_v.key);
+			dns_c_kidlist_print(fp, indent + 1, ctl->keyidlist);
 		}
+
 		fprintf(fp, ";\n");
 	} else {
 		/* The "#" means force a leading zero */

lib/dns/config/confkeys.c

@@ -15,7 +15,7 @@
  * SOFTWARE.
  */
 
-/* $Id: confkeys.c,v 1.23 2000/06/05 09:17:07 brister Exp $ */
+/* $Id: confkeys.c,v 1.24 2000/07/07 23:11:43 brister Exp $ */
 
 #include <config.h>
 
@@ -558,7 +558,7 @@ dns_c_kidlist_print(FILE *fp, int indent,
 	}
 	
 	dns_c_printtabs(fp, indent);
-	fprintf(fp, "};\n");
+	fprintf(fp, "}");
 }
 
 

lib/dns/config/confparser.y

@@ -16,7 +16,7 @@
  * SOFTWARE.
  */
 
-/* $Id: confparser.y,v 1.100 2000/07/07 13:56:11 brister Exp $ */
+/* $Id: confparser.y,v 1.101 2000/07/07 23:11:45 brister Exp $ */
 
 #include <config.h>
 
@@ -226,6 +226,7 @@ static isc_boolean_t	int_too_big(isc_uint32_t base, isc_uint32_t mult);
 	dns_rdataclass_t	orderclass;
 	dns_c_ordering_t	ordering;
 	dns_c_iplist_t	       *iplist;
+	dns_c_kidlist_t	       *kidlist;
 }
 
 /* Misc */
@@ -443,7 +444,8 @@ static isc_boolean_t	int_too_big(isc_uint32_t base, isc_uint32_t mult);
 %type <text>		channel_name
 %type <text>		domain_name
 %type <text>		key_value
-%type <text>		control_key
+%type <kidlist>		control_keys
+%type <kidlist>		keyid_list
 %type <text>		ordering_name
 %type <text>		secret
 %type <tformat>		transfer_format
@@ -1491,17 +1493,13 @@ controls: control L_EOS
 
 control: /* Empty */
 	| L_INET maybe_wild_addr control_port
-	  L_ALLOW L_LBRACE address_match_list L_RBRACE control_key
+	  L_ALLOW L_LBRACE address_match_list L_RBRACE control_keys
 	{
 		dns_c_ctrl_t *control;
 
 		tmpres = dns_c_ctrlinet_new(currcfg->mem, &control,
 					    $2, $3, $6, $8, ISC_FALSE);
 
-		if ($8 != NULL) {
-			isc_mem_free(memctx, $8);
-		}
-		
 		if (tmpres != ISC_R_SUCCESS) {
 			parser_error(ISC_FALSE,
 				     "failed to build inet control structure");
@@ -1529,13 +1527,13 @@ control: /* Empty */
 	;
 
 
-control_key: /* nothing */
+control_keys: /* nothing */
 	{
 		$$ = NULL;
 	}
-	| L_KEYS key_value
+	| L_KEYS L_LBRACE keyid_list L_RBRACE
 	{
-		$$ = $2;
+		$$ = $3;
 	};
 
 		
@@ -2867,6 +2865,36 @@ key_value: L_LBRACE any_string maybe_eos L_RBRACE
 	};
 
 
+keyid_list: /* nothing */
+	{
+		dns_c_kidlist_t *kidlist = NULL;
+
+		tmpres = dns_c_kidlist_new(currcfg->mem, &kidlist);
+		if (tmpres != ISC_R_SUCCESS) {
+			parser_error(ISC_FALSE, "failed to create kidlist");
+			YYABORT;
+		}
+
+		$$ = kidlist;
+	}
+	| keyid_list any_string L_EOS
+	{
+		dns_c_kid_t *kid = NULL;
+
+		tmpres = dns_c_kid_new($$->mem, $2, &kid);
+		if (tmpres != ISC_R_SUCCESS) {
+			parser_error(ISC_FALSE, "failed to create key id");
+			dns_c_kidlist_delete(&$$);
+			$$ = NULL;
+			YYABORT;
+		}
+
+		isc_mem_free(memctx, $2);
+			
+		dns_c_kidlist_append($$, kid);
+	};
+
+	
 /*
  * Address Matching
  */

lib/dns/include/dns/confctl.h

@@ -15,7 +15,7 @@
  * SOFTWARE.
  */
 
-/* $Id: confctl.h,v 1.16 2000/07/07 13:56:13 brister Exp $ */
+/* $Id: confctl.h,v 1.17 2000/07/07 23:11:47 brister Exp $ */
 
 #ifndef DNS_CONFCTL_H
 #define DNS_CONFCTL_H 1
@@ -61,6 +61,7 @@
 #include <isc/magic.h>
 
 #include <dns/confip.h>
+#include <dns/confkeys.h>
 
 #define DNS_C_CONFCTL_MAGIC	0x4363746cU
 #define DNS_C_CONFCTLLIST_MAGIC	0x4354424cU
@@ -87,7 +88,6 @@ struct dns_c_ctrl {
 			isc_sockaddr_t addr;
 			in_port_t port;
 			dns_c_ipmatchlist_t *matchlist;
-			char *key;
 		} inet_v; /* when control_type == dns_c_inet_control  */
 		struct {
 			char *pathname;
@@ -96,6 +96,7 @@ struct dns_c_ctrl {
 			gid_t group;
 		} unix_v; /* when control_type == dns_c_unix_control  */
 	} u;
+	dns_c_kidlist_t *keyidlist;
 	
 	ISC_LINK(dns_c_ctrl_t) next;
 };
@@ -117,7 +118,7 @@ ISC_LANG_BEGINDECLS
 isc_result_t
 dns_c_ctrlinet_new(isc_mem_t *mem, dns_c_ctrl_t **control,
 		   isc_sockaddr_t addr, in_port_t port,
-		   dns_c_ipmatchlist_t *iml, const char *key,
+		   dns_c_ipmatchlist_t *iml, dns_c_kidlist_t *keylist,
 		   isc_boolean_t copy);
 /*
  * Creates a new INET control object. If COPY is true then a deep copy is