upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-21 09:26:12 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

chg: dev: Allow any valid DNS name as a TSIG/RNDC key name
Some checks are pending
CodeQL / Analyze (push) Waiting to run
Details
SonarCloud / Build and analyze (push) Waiting to run
Details

Browse source 
The key-generation tools (tsig-keygen, rndc-confgen) now accept any valid DNS name for key names.

Merge branch 'ondrej/allow-all-valid-keynames' into 'main'

See merge request isc-projects/bind9!12029
This commit is contained in:
Ondřej Surý 2026-05-15 11:00:31 +02:00
commit fce9f32367
1 changed files with 9 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
bin/confgen/keygen.c
View file

@ -26,6 +26,7 @@
#include <isc/result.h>
#include <isc/string.h>
#include <dns/fixedname.h>
#include <dns/keyvalues.h>
#include <dns/name.h>
@ -95,17 +96,17 @@ alg_bits(dns_secalg_t alg) {
*/
void
validate_keyname(const char *keyname) {
dns_fixedname_t fixed;
dns_name_t *name = dns_fixedname_initname(&fixed);
isc_result_t result;
if (keyname == NULL || keyname[0] == '\0') {
fatal("key name must not be empty");
}
for (const char *p = keyname; *p != '\0'; p++) {
unsigned char c = (unsigned char)*p;
if (!isalnum(c) && c != '.' && c != '-' && c != '_') {
fatal("key name '%s' contains invalid character; "
"only alphanumerics, '.', '-', and '_' are "
"allowed",
keyname);
}
result = dns_name_fromstring(name, keyname, dns_rootname, 0, NULL);
if (result != ISC_R_SUCCESS) {
fatal("invalid key name: %s", isc_result_totext(result));
}
}