isc_boolean_t key_collision(isc_uint16_t id, dns_name_t *name, const char *dir, dns_secalg_t alg, isc_mem_t *mctx, isc_boolean_t *exact) { isc_result_t result; isc_boolean_t conflict = ISC_FALSE; dns_dnsseckeylist_t matchkeys; dns_dnsseckey_t *key = NULL; isc_uint16_t oldid, diff; isc_uint16_t bits = DNS_KEYFLAG_REVOKE; /* flag bits to look for */ if (exact != NULL) *exact = ISC_FALSE; ISC_LIST_INIT(matchkeys); result = dns_dnssec_findmatchingkeys(name, dir, mctx, &matchkeys); if (result == ISC_R_NOTFOUND) return (ISC_FALSE); while (!ISC_LIST_EMPTY(matchkeys) && !conflict) { key = ISC_LIST_HEAD(matchkeys); if (dst_key_alg(key->key) != alg) goto next; oldid = dst_key_id(key->key); diff = (oldid > id) ? (oldid - id) : (id - oldid); if ((diff & ~bits) == 0) { conflict = ISC_TRUE; if (diff != 0) { if (verbose > 1) fprintf(stderr, "Key ID %d could " "collide with %d\n", id, oldid); } else { if (exact != NULL) *exact = ISC_TRUE; if (verbose > 1) fprintf(stderr, "Key ID %d exists\n", id); } } next: ISC_LIST_UNLINK(matchkeys, key, link); dns_dnsseckey_destroy(mctx, &key); } /* Finish freeing the list */ while (!ISC_LIST_EMPTY(matchkeys)) { key = ISC_LIST_HEAD(matchkeys); ISC_LIST_UNLINK(matchkeys, key, link); dns_dnsseckey_destroy(mctx, &key); } return (conflict); }
isc_boolean_t key_collision (dst_key_t * dstkey, dns_name_t * name, const char *dir, isc_mem_t * mctx, isc_boolean_t * exact) { isc_result_t result; isc_boolean_t conflict = ISC_FALSE; dns_dnsseckeylist_t matchkeys; dns_dnsseckey_t *key = NULL; isc_uint16_t id, oldid; isc_uint32_t rid, roldid; dns_secalg_t alg; if (exact != NULL) *exact = ISC_FALSE; id = dst_key_id (dstkey); rid = dst_key_rid (dstkey); alg = dst_key_alg (dstkey); ISC_LIST_INIT (matchkeys); result = dns_dnssec_findmatchingkeys (name, dir, mctx, &matchkeys); if (result == ISC_R_NOTFOUND) return (ISC_FALSE); while (!ISC_LIST_EMPTY (matchkeys) && !conflict) { key = ISC_LIST_HEAD (matchkeys); if (dst_key_alg (key->key) != alg) goto next; oldid = dst_key_id (key->key); roldid = dst_key_rid (key->key); if (oldid == rid || roldid == id || id == oldid) { conflict = ISC_TRUE; if (id != oldid) { if (verbose > 1) fprintf (stderr, "Key ID %d could " "collide with %d\n", id, oldid); } else { if (exact != NULL) *exact = ISC_TRUE; if (verbose > 1) fprintf (stderr, "Key ID %d exists\n", id); } } next: ISC_LIST_UNLINK (matchkeys, key, link); dns_dnsseckey_destroy (mctx, &key); } /* Finish freeing the list */ while (!ISC_LIST_EMPTY (matchkeys)) { key = ISC_LIST_HEAD (matchkeys); ISC_LIST_UNLINK (matchkeys, key, link); dns_dnsseckey_destroy (mctx, &key); } return (conflict); }