From b66a054e52c998b6b32bb35a9053dbca47cefafe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Va=C5=A1ek?= Date: Fri, 22 May 2026 14:06:17 +0200 Subject: [PATCH] WIP fixup! WIP keymgr: add the 'import-trash' command --- src/knot/dnssec/zone-keys.c | 12 ------------ src/knot/dnssec/zone-keys.h | 12 ------------ src/utils/keymgr/functions.c | 2 +- 3 files changed, 1 insertion(+), 25 deletions(-) diff --git a/src/knot/dnssec/zone-keys.c b/src/knot/dnssec/zone-keys.c index 48c231127..4594ee526 100644 --- a/src/knot/dnssec/zone-keys.c +++ b/src/knot/dnssec/zone-keys.c @@ -543,18 +543,6 @@ knot_kasp_keystore_t *knot_store_for_key(knot_kasp_keystore_t *keystores, bool k return NULL; } -bool knot_store_ok_for_key(knot_kasp_keystore_t *keystores, const char *kst_name, bool ksk) -{ - size_t len = strlen(kst_name); - for (size_t i = 0; i < keystores[0].count; i++) { - if ((ksk || !keystores[i].ksk_only) && - strncmp(keystores[i].name, kst_name, len) == 0) { - return true; - } - } - return false; -} - /*! * \brief Load private keys for active keys. */ diff --git a/src/knot/dnssec/zone-keys.h b/src/knot/dnssec/zone-keys.h index d625fa762..ab7a3aa8e 100644 --- a/src/knot/dnssec/zone-keys.h +++ b/src/knot/dnssec/zone-keys.h @@ -160,18 +160,6 @@ int kdnssec_load_private(knot_kasp_keystore_t *keystores, const char *id, */ knot_kasp_keystore_t *knot_store_for_key(knot_kasp_keystore_t *keystores, bool ksk); -/*! - * \brief Find out if there is a keystore of the same name suitable for the key. - * - * \param keystores Array of keystores. - * \param kst_name Required name of the keystore. - * \param ksk If the generated key is a KSK or CSK. - * - * \return true if there is a suitable keystore of the given name, false otherwise - */ -bool knot_store_ok_for_key(knot_kasp_keystore_t *keystores, const char *kst_name, - bool ksk); - /*! * \brief Load zone keys and init cryptographic context. * diff --git a/src/utils/keymgr/functions.c b/src/utils/keymgr/functions.c index ccc5f1bbe..aa971d834 100644 --- a/src/utils/keymgr/functions.c +++ b/src/utils/keymgr/functions.c @@ -806,7 +806,7 @@ int keymgr_import_trash(kdnssec_ctx_t *ctx, char *key_id, int argc, char *argv[] return KNOT_DNSSEC_ENOKEYSTORE; } - if (!knot_store_ok_for_key(ctx->keystores, info.ks_name, params.is_ksk)) { + if (!params.is_ksk && info.ksk_only) { WARN2("key %s: policy configuration conflict for keystore %s and this key", key_id, info.ks_name); }