From c50936eb40263b65ebf6afe4e6556e2dc67c10e4 Mon Sep 17 00:00:00 2001 From: Brian Wellington Date: Fri, 19 May 2000 00:20:59 +0000 Subject: [PATCH] changed dst_key_free() prototype, misc. dst cleanup --- CHANGES | 2 ++ bin/dnssec/dnssec-keygen.c | 10 +++--- bin/dnssec/dnssec-makekeyset.c | 4 +-- bin/dnssec/dnssec-signkey.c | 4 +-- bin/dnssec/dnssec-signzone.c | 8 ++--- bin/named/server.c | 2 +- bin/named/tkeyconf.c | 6 ++-- bin/named/update.c | 2 +- bin/tests/dst/dst_test.c | 16 ++++----- bin/tests/dst/t_dst.c | 24 ++++++------- lib/dns/dnssec.c | 11 +++--- lib/dns/keytable.c | 2 +- lib/dns/message.c | 4 +-- lib/dns/sec/dst/dst_api.c | 59 ++++++++++++++++++------------- lib/dns/sec/dst/include/dst/dst.h | 15 ++++---- lib/dns/tkey.c | 8 ++--- lib/dns/tkeyconf.c | 6 ++-- lib/dns/tsig.c | 4 +-- lib/dns/validator.c | 15 ++++---- lib/omapi/protocol.c | 4 +-- 20 files changed, 105 insertions(+), 101 deletions(-) diff --git a/CHANGES b/CHANGES index 709d76a006..3fd03d6d82 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,5 @@ + 193. [func] changed dst_key_free() prototype + 192. [bug] Zone configuration validation is now done at end of config file parsing, and before loading callbacks. diff --git a/bin/dnssec/dnssec-keygen.c b/bin/dnssec/dnssec-keygen.c index 520427abf7..045ac031ec 100644 --- a/bin/dnssec/dnssec-keygen.c +++ b/bin/dnssec/dnssec-keygen.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THE SOFTWARE. */ -/* $Id: dnssec-keygen.c,v 1.22 2000/05/18 23:28:26 tale Exp $ */ +/* $Id: dnssec-keygen.c,v 1.23 2000/05/19 00:20:39 bwelling Exp $ */ #include @@ -113,7 +113,7 @@ int main(int argc, char **argv) { char *algname = NULL, *nametype = NULL, *type = NULL; char *prog, *endp; - dst_key_t *key, *oldkey; + dst_key_t *key = NULL, *oldkey; char *name = NULL; isc_uint16_t flags = 0; dns_secalg_t alg; @@ -348,13 +348,13 @@ main(int argc, char **argv) { DST_TYPE_PRIVATE, mctx, &oldkey); /* do not overwrite an existing key */ if (ret == ISC_R_SUCCESS) { - dst_key_free(oldkey); + dst_key_free(&oldkey); conflict = ISC_TRUE; if (null_key) break; } if (conflict == ISC_TRUE) - dst_key_free(key); + dst_key_free(&key); } while (conflict == ISC_TRUE); @@ -377,7 +377,7 @@ main(int argc, char **argv) { isc_mem_free(mctx, prog); if (type != NULL) isc_mem_free(mctx, type); - dst_key_free(key); + dst_key_free(&key); isc_mem_destroy(&mctx); return (0); diff --git a/bin/dnssec/dnssec-makekeyset.c b/bin/dnssec/dnssec-makekeyset.c index 19d50c793e..aa6fca655d 100644 --- a/bin/dnssec/dnssec-makekeyset.c +++ b/bin/dnssec/dnssec-makekeyset.c @@ -351,7 +351,7 @@ main(int argc, char *argv[]) { dns_rdatatype_key, &r); ISC_LIST_APPEND(rdatalist.rdata, rdata, link); isc_mem_put(mctx, namestr, strlen(namestr) + 1); - dst_key_free(key); + dst_key_free(&key); } isc_mem_free(mctx, savedname); @@ -440,7 +440,7 @@ main(int argc, char *argv[]) { while (!ISC_LIST_EMPTY(keylist)) { keynode = ISC_LIST_HEAD(keylist); ISC_LIST_UNLINK(keylist, keynode, link); - dst_key_free(keynode->key); + dst_key_free(&keynode->key); isc_mem_put(mctx, keynode, sizeof(keynode_t)); } diff --git a/bin/dnssec/dnssec-signkey.c b/bin/dnssec/dnssec-signkey.c index 7b18605364..24ccc96ef2 100644 --- a/bin/dnssec/dnssec-signkey.c +++ b/bin/dnssec/dnssec-signkey.c @@ -368,7 +368,7 @@ main(int argc, char *argv[]) { dst_key_name(key), algtostr(dst_key_alg(key)), dst_key_id(key), isc_result_totext(result)); ISC_LIST_APPEND(sigrdatalist.rdata, rdata, link); - dst_key_free(key); + dst_key_free(&key); } dns_rdataset_init(&newsigrdataset); @@ -402,7 +402,7 @@ main(int argc, char *argv[]) { while (!ISC_LIST_EMPTY(keylist)) { keynode = ISC_LIST_HEAD(keylist); ISC_LIST_UNLINK(keylist, keynode, link); - dst_key_free(keynode->key); + dst_key_free(&keynode->key); isc_mem_put(mctx, keynode, sizeof(keynode_t)); } diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c index dc07af74d4..1a58d5cf1b 100644 --- a/bin/dnssec/dnssec-signzone.c +++ b/bin/dnssec/dnssec-signzone.c @@ -243,7 +243,7 @@ keythatsigned(dns_rdata_sig_t *sig) { DST_TYPE_PRIVATE, mctx, &privkey); if (result == ISC_R_SUCCESS) { key->key = privkey; - dst_key_free(pubkey); + dst_key_free(&pubkey); } else key->key = pubkey; @@ -573,7 +573,7 @@ hasnullkey(dns_rdataset_t *rdataset) { fatal("could not convert KEY into internal format"); if (dst_key_isnullkey(key)) found = ISC_TRUE; - dst_key_free(key); + dst_key_free(&key); if (found == ISC_TRUE) return (ISC_TRUE); result = dns_rdataset_next(rdataset); @@ -897,7 +897,7 @@ signname(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, fatal("failed to generate null key"); isc_buffer_init(&b, keydata, sizeof keydata); result = dst_key_todns(dstkey, &b); - dst_key_free(dstkey); + dst_key_free(&dstkey); isc_buffer_usedregion(&b, &r); dns_rdata_fromregion(&keyrdata, rdataset.rdclass, @@ -1552,7 +1552,7 @@ main(int argc, char *argv[]) { key = ISC_LIST_HEAD(keylist); while (key != NULL) { signer_key_t *next = ISC_LIST_NEXT(key, link); - dst_key_free(key->key); + dst_key_free(&key->key); isc_mem_put(mctx, key, sizeof(signer_key_t)); key = next; } diff --git a/bin/named/server.c b/bin/named/server.c index d98af79580..38216ba55e 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -257,7 +257,7 @@ configure_view_dnsseckeys(dns_c_ctx_t *cctx, cleanup: if (dstkey != NULL) - dst_key_free(dstkey); + dst_key_free(&dstkey); return (result); } diff --git a/bin/named/tkeyconf.c b/bin/named/tkeyconf.c index d6906e4893..67cba3629a 100644 --- a/bin/named/tkeyconf.c +++ b/bin/named/tkeyconf.c @@ -78,10 +78,8 @@ dns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx, return (ISC_R_SUCCESS); failure: - if (tctx->dhkey != NULL) { - dst_key_free(tctx->dhkey); - tctx->dhkey = NULL; - } + if (tctx->dhkey != NULL) + dst_key_free(&tctx->dhkey); if (tctx->domain != NULL) { dns_name_free(tctx->domain, mctx); isc_mem_put(mctx, tctx->domain, sizeof(dns_name_t)); diff --git a/bin/named/update.c b/bin/named/update.c index 37d4d763bd..b2f786260e 100644 --- a/bin/named/update.c +++ b/bin/named/update.c @@ -1712,7 +1712,7 @@ update_signatures(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *oldver, dns_diff_clear(&diffnames); for (i = 0; i < nkeys; i++) - dst_key_free(zone_keys[i]); + dst_key_free(&zone_keys[i]); return (result); } diff --git a/bin/tests/dst/dst_test.c b/bin/tests/dst/dst_test.c index 78f5f5981e..13e71fcd90 100644 --- a/bin/tests/dst/dst_test.c +++ b/bin/tests/dst/dst_test.c @@ -92,12 +92,12 @@ dns(dst_key_t *key, isc_mem_t *mctx) { match = (r1.length == r2.length && memcmp(r1.base, r2.base, r1.length) == 0); printf("compare(%d): %s\n", dst_key_alg(key), match ? "true" : "false"); - dst_key_free(newkey); + dst_key_free(&newkey); } static void io(char *name, int id, int alg, int type, isc_mem_t *mctx) { - dst_key_t *key; + dst_key_t *key = NULL; isc_result_t ret; chdir(current); @@ -112,12 +112,12 @@ io(char *name, int id, int alg, int type, isc_mem_t *mctx) { return; use(key); dns(key, mctx); - dst_key_free(key); + dst_key_free(&key); } static void dh(char *name1, int id1, char *name2, int id2, isc_mem_t *mctx) { - dst_key_t *key1, *key2; + dst_key_t *key1 = NULL, *key2 = NULL; isc_result_t ret; isc_buffer_t b1, b2; isc_region_t r1, r2; @@ -173,14 +173,14 @@ dh(char *name1, int id1, char *name2, int id2, isc_mem_t *mctx) { printf("%02x ", r2.base[i]); printf("\n"); } - dst_key_free(key1); - dst_key_free(key2); + dst_key_free(&key1); + dst_key_free(&key2); } static void generate(int alg, isc_mem_t *mctx) { isc_result_t ret; - dst_key_t *key; + dst_key_t *key = NULL; ret = dst_key_generate("test.", alg, 512, 0, 0, 0, mctx, &key); printf("generate(%d) returned: %s\n", alg, isc_result_totext(ret)); @@ -188,7 +188,7 @@ generate(int alg, isc_mem_t *mctx) { if (alg != DST_ALG_DH) use(key); - dst_key_free(key); + dst_key_free(&key); } static void diff --git a/bin/tests/dst/t_dst.c b/bin/tests/dst/t_dst.c index ed73bcb65d..68400b3f29 100644 --- a/bin/tests/dst/t_dst.c +++ b/bin/tests/dst/t_dst.c @@ -112,7 +112,7 @@ static void dh(char *name1, int id1, char *name2, int id2, isc_mem_t *mctx, isc_result_t exp_result, int *nfails, int *nprobs) { - dst_key_t *key1, *key2; + dst_key_t *key1 = NULL, *key2 = NULL; isc_result_t ret; int rval; char current[PATH_MAX + 1]; @@ -223,15 +223,15 @@ dh(char *name1, int id1, char *name2, int id2, isc_mem_t *mctx, return; } - dst_key_free(key1); - dst_key_free(key2); + dst_key_free(&key1); + dst_key_free(&key2); } static void io(char *name, int id, int alg, int type, isc_mem_t *mctx, isc_result_t exp_result, int *nfails, int *nprobs) { - dst_key_t *key; + dst_key_t *key = NULL; isc_result_t ret; int rval; char current[PATH_MAX + 1]; @@ -292,13 +292,13 @@ io(char *name, int id, int alg, int type, isc_mem_t *mctx, cleandir(tmp); - dst_key_free(key); + dst_key_free(&key); } static void generate(int alg, isc_mem_t *mctx, int size, int *nfails) { isc_result_t ret; - dst_key_t *key; + dst_key_t *key = NULL; ret = dst_key_generate("test.", alg, size, 0, 0, 0, mctx, &key); if (ret != ISC_R_SUCCESS) { @@ -310,7 +310,7 @@ generate(int alg, isc_mem_t *mctx, int size, int *nfails) { if (alg != DST_ALG_DH) use(key, ISC_R_SUCCESS, nfails); - dst_key_free(key); + dst_key_free(&key); } #define DBUFSIZ 25 @@ -584,7 +584,7 @@ t2_sigchk(char *datapath, char *sigpath, char *keyname, int len; int fd; int exp_res; - dst_key_t *key; + dst_key_t *key = NULL; unsigned char sig[T_SIGMAX]; unsigned char *p; unsigned char *data; @@ -662,7 +662,7 @@ t2_sigchk(char *datapath, char *sigpath, char *keyname, t_info("dst_sign(%d) failed %s\n", dst_result_totext(isc_result)); (void) free(data); - (void) dst_key_free(key); + dst_key_free(&key); ++*nprobs; return; } @@ -672,7 +672,7 @@ t2_sigchk(char *datapath, char *sigpath, char *keyname, t_info("sig_tofile failed\n"); ++*nprobs; (void) free(data); - (void) dst_key_free(key); + dst_key_free(&key); return; } @@ -688,7 +688,7 @@ t2_sigchk(char *datapath, char *sigpath, char *keyname, if (rval != 0) { t_info("sig_fromfile failed\n"); (void) free(data); - (void) dst_key_free(key); + dst_key_free(&key); ++*nprobs; return; } @@ -714,7 +714,7 @@ t2_sigchk(char *datapath, char *sigpath, char *keyname, } (void) free(data); - (void) dst_key_free(key); + dst_key_free(&key); return; } diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index 64a4e99d3c..e029831662 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -16,7 +16,7 @@ */ /* - * $Id: dnssec.c,v 1.36 2000/05/17 22:48:00 bwelling Exp $ + * $Id: dnssec.c,v 1.37 2000/05/19 00:20:48 bwelling Exp $ * Principal Author: Brian Wellington */ @@ -521,6 +521,7 @@ dns_dnssec_findzonekeys(dns_db_t *db, dns_dbversion_t *ver, RETERR(dns_dnssec_keyfromrdata(name, &rdata, mctx, &pubkey)); if (!is_zone_key(pubkey)) goto next; + keys[count] = NULL; result = dst_key_fromfile(dst_key_name(pubkey), dst_key_id(pubkey), dst_key_alg(pubkey), @@ -531,14 +532,12 @@ dns_dnssec_findzonekeys(dns_db_t *db, dns_dbversion_t *ver, if (result != ISC_R_SUCCESS) goto failure; if ((dst_key_flags(keys[count]) & DNS_KEYTYPE_NOAUTH) != 0) { - dst_key_free(keys[count]); - keys[count] = NULL; + dst_key_free(&keys[count]); goto next; } count++; next: - dst_key_free(pubkey); - pubkey = NULL; + dst_key_free(&pubkey); result = dns_rdataset_next(&rdataset); } if (result != ISC_R_NOMORE) @@ -552,7 +551,7 @@ dns_dnssec_findzonekeys(dns_db_t *db, dns_dbversion_t *ver, if (dns_rdataset_isassociated(&rdataset)) dns_rdataset_disassociate(&rdataset); if (pubkey != NULL) - dst_key_free(pubkey); + dst_key_free(&pubkey); *nkeys = count; return (result); } diff --git a/lib/dns/keytable.c b/lib/dns/keytable.c index 464963ae13..135d34d1f6 100644 --- a/lib/dns/keytable.c +++ b/lib/dns/keytable.c @@ -58,7 +58,7 @@ free_keynode(void *node, void *arg) { isc_mem_t *mctx = arg; REQUIRE(VALID_KEYNODE(keynode)); - dst_key_free(keynode->key); + dst_key_free(&keynode->key); isc_mem_put(mctx, keynode, sizeof(dns_keynode_t)); } diff --git a/lib/dns/message.c b/lib/dns/message.c index bf3b4a6486..8c393140a0 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -2357,11 +2357,11 @@ dns_message_checksig(dns_message_t *msg, dns_view_t *view) { !(dst_key_proto(key) == DNS_KEYPROTO_DNSSEC || dst_key_proto(key) == DNS_KEYPROTO_ANY)) { - dst_key_free(key); + dst_key_free(&key); continue; } result = dns_dnssec_verifymessage(&msgb, msg, key); - dst_key_free(key); + dst_key_free(&key); if (result == ISC_R_SUCCESS) break; } diff --git a/lib/dns/sec/dst/dst_api.c b/lib/dns/sec/dst/dst_api.c index 8812c773af..be1a31fdf7 100644 --- a/lib/dns/sec/dst/dst_api.c +++ b/lib/dns/sec/dst/dst_api.c @@ -19,7 +19,7 @@ /* * Principal Author: Brian Wellington - * $Id: dst_api.c,v 1.37 2000/05/17 22:48:04 bwelling Exp $ + * $Id: dst_api.c,v 1.38 2000/05/19 00:20:57 bwelling Exp $ */ #include @@ -46,7 +46,7 @@ #define KEY_MAGIC 0x44535421U /* DST! */ -#define VALID_KEY(key) (key != NULL && key->magic == KEY_MAGIC) +#define VALID_KEY(key) ((key) != NULL && (key)->magic == KEY_MAGIC) dst_func *dst_t_func[DST_MAX_ALGS]; @@ -322,9 +322,8 @@ dst_key_fromfile(const char *name, const isc_uint16_t id, const int alg, RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS); REQUIRE(name != NULL); REQUIRE(mctx != NULL); - REQUIRE(keyp != NULL); + REQUIRE(keyp != NULL && *keyp == NULL); - *keyp = NULL; if (dst_algorithm_supported(alg) == ISC_FALSE) return (DST_R_UNSUPPORTEDALG); @@ -347,7 +346,7 @@ dst_key_fromfile(const char *name, const isc_uint16_t id, const int alg, key = get_key_struct(name, pubkey->key_alg, pubkey->key_flags, pubkey->key_proto, 0, mctx); - dst_key_free(pubkey); + dst_key_free(&pubkey); } if (key == NULL) @@ -358,7 +357,7 @@ dst_key_fromfile(const char *name, const isc_uint16_t id, const int alg, */ ret = key->func->from_file(key, id, mctx); if (ret != ISC_R_SUCCESS) { - dst_key_free(key); + dst_key_free(&key); return (ret); } @@ -433,10 +432,10 @@ dst_key_fromdns(const char *name, isc_buffer_t *source, isc_mem_t *mctx, dst_key_t *key = NULL; RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS); - REQUIRE (name != NULL); - REQUIRE (source != NULL); - REQUIRE (mctx != NULL); - REQUIRE (keyp != NULL); + REQUIRE(name != NULL); + REQUIRE(source != NULL); + REQUIRE(mctx != NULL); + REQUIRE(keyp != NULL && *keyp == NULL); isc_buffer_remainingregion(source, &r); if (r.length < 4) /* 2 bytes of flags, 1 proto, 1 alg */ @@ -462,7 +461,7 @@ dst_key_fromdns(const char *name, isc_buffer_t *source, isc_mem_t *mctx, ret = key->func->from_dns(key, source, mctx); if (ret != ISC_R_SUCCESS) { - dst_key_free(key); + dst_key_free(&key); return (ret); } @@ -492,26 +491,30 @@ dst_key_frombuffer(const char *name, const int alg, const int flags, const int protocol, isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp) { + dst_key_t *key; isc_result_t ret; RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS); REQUIRE(name != NULL); REQUIRE(source != NULL); REQUIRE(mctx != NULL); + REQUIRE(keyp != NULL && *keyp == NULL); if (dst_algorithm_supported(alg) == ISC_FALSE) return (DST_R_UNSUPPORTEDALG); - *keyp = get_key_struct(name, alg, flags, protocol, 0, mctx); + key = get_key_struct(name, alg, flags, protocol, 0, mctx); - if (*keyp == NULL) + if (key == NULL) return (ISC_R_NOMEMORY); - ret = (*keyp)->func->from_dns((*keyp), source, mctx); + ret = key->func->from_dns(key, source, mctx); if (ret != ISC_R_SUCCESS) { - dst_key_free((*keyp)); + dst_key_free(&key); return (ret); } + + *keyp = key; return (ISC_R_SUCCESS); } @@ -570,31 +573,34 @@ dst_key_generate(const char *name, const int alg, const int bits, const int exp, const int flags, const int protocol, isc_mem_t *mctx, dst_key_t **keyp) { + dst_key_t *key; isc_result_t ret; RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS); REQUIRE(name != NULL); REQUIRE(mctx != NULL); - REQUIRE(keyp != NULL); + REQUIRE(keyp != NULL && *keyp == NULL); if (dst_algorithm_supported(alg) == ISC_FALSE) return (DST_R_UNSUPPORTEDALG); - *keyp = get_key_struct(name, alg, flags, protocol, bits, mctx); - if (*keyp == NULL) + key = get_key_struct(name, alg, flags, protocol, bits, mctx); + if (key == NULL) return (ISC_R_NOMEMORY); if (bits == 0) { /* NULL KEY */ - (*keyp)->key_flags |= DNS_KEYTYPE_NOKEY; + key->key_flags |= DNS_KEYTYPE_NOKEY; + *keyp = key; return (ISC_R_SUCCESS); } - ret = (*keyp)->func->generate(*keyp, exp, mctx); + ret = key->func->generate(key, exp, mctx); if (ret != ISC_R_SUCCESS) { - dst_key_free(*keyp); + dst_key_free(&key); return (ret); } + *keyp = key; return (ISC_R_SUCCESS); } @@ -657,15 +663,17 @@ dst_key_paramcompare(const dst_key_t *key1, const dst_key_t *key2) { * dst_key_free * Release all data structures pointed to by a key structure. * Parameters - * key Key structure to be freed. + * keyp Pointer to key structure to be freed. */ void -dst_key_free(dst_key_t *key) { +dst_key_free(dst_key_t **keyp) { isc_mem_t *mctx; + dst_key_t *key; RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS); - REQUIRE(VALID_KEY(key)); + REQUIRE(keyp != NULL && VALID_KEY(*keyp)); + key = *keyp; mctx = key->mctx; if (key->opaque != NULL) @@ -674,6 +682,7 @@ dst_key_free(dst_key_t *key) { isc_mem_free(mctx, key->key_name); memset(key, 0, sizeof(dst_key_t)); isc_mem_put(mctx, key, sizeof(dst_key_t)); + *keyp = NULL; } char * @@ -1108,7 +1117,7 @@ read_public_key(const char *name, const isc_uint16_t id, int alg, tempkey->key_id = id; isc_buffer_init(&b, filename, sizeof(filename)); ret = dst_key_buildfilename(tempkey, DST_TYPE_PUBLIC, &b); - dst_key_free(tempkey); + dst_key_free(&tempkey); if (ret != ISC_R_SUCCESS) return (ret); diff --git a/lib/dns/sec/dst/include/dst/dst.h b/lib/dns/sec/dst/include/dst/dst.h index 1514beedf4..6d7d56e5c4 100644 --- a/lib/dns/sec/dst/include/dst/dst.h +++ b/lib/dns/sec/dst/include/dst/dst.h @@ -143,7 +143,7 @@ dst_key_fromfile(const char *name, const isc_uint16_t id, const int alg, * "alg" is a supported key algorithm. * "type" is either DST_TYPE_PUBLIC or DST_TYPE_PRIVATE. * "mctx" is a valid memory context. - * "keyp" is not NULL. + * "keyp" is not NULL and "*keyp" is NULL. * * Ensures: * If successful, *keyp will contain a valid key. @@ -169,7 +169,7 @@ dst_key_fromdns(const char *name, isc_buffer_t *source, isc_mem_t *mctx, * "name" is not NULL. * "source" is a valid buffer. There must be at least 4 bytes available. * "mctx" is a valid memory context. - * "keyp" is not NULL. + * "keyp" is not NULL and "*keyp" is NULL. * * Ensures: * If successful, *keyp will contain a valid key, and the consumed @@ -201,7 +201,7 @@ dst_key_frombuffer(const char *name, const int alg, const int flags, * "alg" is a supported key algorithm. * "source" is a valid buffer. * "mctx" is a valid memory context. - * "keyp" is not NULL. + * "keyp" is not NULL and "*keyp" is NULL. * * Ensures: * If successful, *keyp will contain a valid key, and the consumed @@ -232,7 +232,7 @@ dst_key_generate(const char *name, const int alg, const int bits, * "name" is not NULL * "alg" is a supported algorithm * "bits" is a valid key size for the given algorithm - * "keyp" is not NULL. + * "keyp" is not NULL and "*keyp" is NULL. * * Ensures: * If successful, *keyp will contain a valid key. @@ -259,15 +259,16 @@ dst_key_paramcompare(const dst_key_t *key1, const dst_key_t *key2); */ void -dst_key_free(dst_key_t *key); +dst_key_free(dst_key_t **keyp); /* * Free a DST key. * * Requires: - * "key" is a valid key. + * "keyp" is not NULL and "*keyp" is a valid key. * * Ensures: - * All memory associated with "key" will be freed. + * All memory associated with "*keyp" will be freed. + * *keyp == NULL */ /* diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c index 2a8b58e4c9..849d0b9065 100644 --- a/lib/dns/tkey.c +++ b/lib/dns/tkey.c @@ -16,7 +16,7 @@ */ /* - * $Id: tkey.c,v 1.35 2000/05/17 22:48:02 bwelling Exp $ + * $Id: tkey.c,v 1.36 2000/05/19 00:20:52 bwelling Exp $ * Principal Author: Brian Wellington */ @@ -69,7 +69,7 @@ dns_tkeyctx_destroy(dns_tkey_ctx_t **tctx) { REQUIRE(*tctx != NULL); if ((*tctx)->dhkey != NULL) - dst_key_free((*tctx)->dhkey); + dst_key_free(&(*tctx)->dhkey); if ((*tctx)->domain != NULL) { dns_name_free((*tctx)->domain, (*tctx)->mctx); isc_mem_put((*tctx)->mctx, (*tctx)->domain, @@ -261,7 +261,7 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, else found_incompatible = ISC_TRUE; } - dst_key_free(pubkey); + dst_key_free(&pubkey); result = dns_rdataset_next(keyset); } } @@ -338,7 +338,7 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, r2.length = tkeyin->keylen; RETERR(compute_secret(shared, &r2, &r, &secret)); - dst_key_free(pubkey); + dst_key_free(&pubkey); isc_buffer_usedregion(&secret, &r); result = dns_tsigkey_create(name, &tkeyin->algorithm, r.base, r.length, ISC_TRUE, signer, tkeyin->inception, diff --git a/lib/dns/tkeyconf.c b/lib/dns/tkeyconf.c index d6906e4893..67cba3629a 100644 --- a/lib/dns/tkeyconf.c +++ b/lib/dns/tkeyconf.c @@ -78,10 +78,8 @@ dns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx, return (ISC_R_SUCCESS); failure: - if (tctx->dhkey != NULL) { - dst_key_free(tctx->dhkey); - tctx->dhkey = NULL; - } + if (tctx->dhkey != NULL) + dst_key_free(&tctx->dhkey); if (tctx->domain != NULL) { dns_name_free(tctx->domain, mctx); isc_mem_put(mctx, tctx->domain, sizeof(dns_name_t)); diff --git a/lib/dns/tsig.c b/lib/dns/tsig.c index ae6867a93a..988237f0cf 100644 --- a/lib/dns/tsig.c +++ b/lib/dns/tsig.c @@ -16,7 +16,7 @@ */ /* - * $Id: tsig.c,v 1.58 2000/05/17 22:48:03 bwelling Exp $ + * $Id: tsig.c,v 1.59 2000/05/19 00:20:54 bwelling Exp $ * Principal Author: Brian Wellington */ @@ -205,7 +205,7 @@ tsigkey_free(dns_tsigkey_t **key) { dns_name_free(&tkey->name, tkey->mctx); dns_name_free(&tkey->algorithm, tkey->mctx); if (tkey->key != NULL) - dst_key_free(tkey->key); + dst_key_free(&tkey->key); if (tkey->creator != NULL) { dns_name_free(tkey->creator, tkey->mctx); isc_mem_put(tkey->mctx, tkey->creator, sizeof(dns_name_t)); diff --git a/lib/dns/validator.c b/lib/dns/validator.c index 91feeebfa6..b2a36e0490 100644 --- a/lib/dns/validator.c +++ b/lib/dns/validator.c @@ -543,7 +543,7 @@ containsnullkey(dns_validator_t *val, dns_rdataset_t *rdataset) { continue; if (dst_key_isnullkey(key)) found = ISC_TRUE; - dst_key_free(key); + dst_key_free(&key); result = dns_rdataset_next(rdataset); } return (found); @@ -614,19 +614,17 @@ get_dst_key(dns_validator_t *val, dns_siginfo_t *siginfo, else if (dst_key_compare(oldkey, val->key) == ISC_TRUE) { foundold = ISC_TRUE; - dst_key_free(oldkey); - oldkey = NULL; + dst_key_free(&oldkey); } } - dst_key_free(val->key); - val->key = NULL; + dst_key_free(&val->key); result = dns_rdataset_next(rdataset); } while (result == ISC_R_SUCCESS); if (result == ISC_R_NOMORE) result = ISC_R_NOTFOUND; if (oldkey != NULL) - dst_key_free(oldkey); + dst_key_free(&oldkey); return (result); } @@ -898,8 +896,7 @@ validate(dns_validator_t *val, isc_boolean_t resume) { dns_keytable_detachkeynode(val->keytable, &val->keynode); else if (val->key != NULL) - dst_key_free(val->key); - val->key = NULL; + dst_key_free(&val->key); if (result == ISC_R_SUCCESS) { event->rdataset->trust = dns_trust_secure; event->sigrdataset->trust = dns_trust_secure; @@ -1354,7 +1351,7 @@ destroy(dns_validator_t *val) { if (val->keynode != NULL) dns_keytable_detachkeynode(val->keytable, &val->keynode); else if (val->key != NULL) - dst_key_free(val->key); + dst_key_free(&val->key); if (val->keyvalidator != NULL) dns_validator_destroy(&val->keyvalidator); mctx = val->view->mctx; diff --git a/lib/omapi/protocol.c b/lib/omapi/protocol.c index 30f2b58668..efc1dc85bd 100644 --- a/lib/omapi/protocol.c +++ b/lib/omapi/protocol.c @@ -721,7 +721,7 @@ protocol_setvalue(omapi_object_t *h, omapi_string_t *name, omapi_data_t *value) if (result != ISC_R_SUCCESS) { if (p->key != NULL) - dst_key_free(p->key); + dst_key_free(&p->key); isc_mem_put(omapi_mctx, p->authname, strlen(p->authname) + 1); p->authname = NULL; @@ -767,7 +767,7 @@ protocol_destroy(omapi_object_t *h) { } if (p->key != NULL) { - dst_key_free(p->key); + dst_key_free(&p->key); p->key = NULL; } }