[Opendnssec-commits] [keihatsu.kirei.se/svn/dnssec] r3841 - trunk/OpenDNSSEC/signer/src/signer

Matthijs Mekking matthijs at nlnetlabs.nl
Tue Aug 31 14:59:13 CEST 2010


Author: matthijs
Date: 2010-08-31 14:59:13 +0200 (Tue, 31 Aug 2010)
New Revision: 3841

Modified:
   trunk/OpenDNSSEC/signer/src/signer/hsm.c
Log:
be more gentle than assert



Modified: trunk/OpenDNSSEC/signer/src/signer/hsm.c
===================================================================
--- trunk/OpenDNSSEC/signer/src/signer/hsm.c	2010-08-31 12:51:41 UTC (rev 3840)
+++ trunk/OpenDNSSEC/signer/src/signer/hsm.c	2010-08-31 12:59:13 UTC (rev 3841)
@@ -90,15 +90,49 @@
 {
     se_log_assert(dname);
     se_log_assert(key_id);
-    se_log_assert(key_id->dnskey);
-    se_log_assert(key_id->hsmkey);
-    se_log_assert(key_id->params);
     se_log_assert(rrset);
     se_log_assert(inception);
     se_log_assert(expiration);
 
+    if (!key_id->params) {
+        key_id->params = hsm_sign_params_new();
+        if (key_id->params) {
+            key_id->params->owner = ldns_rdf_clone(dname);
+            key_id->params->algorithm = key_id->algorithm;
+            key_id->params->flags = key_id->flags;
+        } else {
+            /* could not create params */
+            se_log_error("could not create params for key %s",
+                key_id->locator?key_id->locator:"(null)");
+            return NULL;
+        }
+    }
+
     key_id->params->inception = inception;
     key_id->params->expiration = expiration;
 
+    /* lookup key */
+    if (!key_id->hsmkey) {
+        key_id->hsmkey = hsm_find_key_by_id(ctx, key_id->locator);
+
+        if (!key_id->hsmkey) {
+            /* could not find key */
+            se_log_error("could not find key %s",
+                key_id->locator?key_id->locator:"(null)");
+            return NULL;
+        }
+    }
+
+    if (!key_id->dnskey) {
+        key_id->dnskey = hsm_get_dnskey(ctx, key_id->hsmkey, key_id->params);
+        if (!key_id->dnskey) {
+            /* could not find key */
+            se_log_error("could not create DNSKEY for %s",
+                key_id->locator?key_id->locator:"(null)");
+            return NULL;
+        }
+        key_id->params->keytag = ldns_calc_keytag(key_id->dnskey);
+    }
+
     return hsm_sign_rrset(ctx, rrset, key_id->hsmkey, key_id->params);
 }




More information about the Opendnssec-commits mailing list