1 files changed, 0 insertions, 401 deletions
diff --git a/contrib/bind9/bin/dnssec/dnssec-makekeyset.c b/contrib/bind9/bin/dnssec/dnssec-makekeyset.c
deleted file mode 100644
index c8224ed..0000000
--- a/contrib/bind9/bin/dnssec/dnssec-makekeyset.c
+++ /dev/null
@@ -1,401 +0,0 @@
-/*
- * Portions Copyright (C) 2004  Internet Systems Consortium, Inc. ("ISC")
- * Portions Copyright (C) 2000-2003  Internet Software Consortium.
- * Portions Copyright (C) 1995-2000 by Network Associates, Inc.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE
- * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
- * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/* $Id: dnssec-makekeyset.c,v 1.52.2.1.10.7 2004/08/28 06:25:27 marka Exp $ */
-
-#include <config.h>
-
-#include <stdlib.h>
-
-#include <isc/commandline.h>
-#include <isc/entropy.h>
-#include <isc/mem.h>
-#include <isc/print.h>
-#include <isc/string.h>
-#include <isc/util.h>
-
-#include <dns/db.h>
-#include <dns/diff.h>
-#include <dns/dnssec.h>
-#include <dns/fixedname.h>
-#include <dns/log.h>
-#include <dns/rdata.h>
-#include <dns/rdataset.h>
-#include <dns/result.h>
-#include <dns/secalg.h>
-#include <dns/time.h>
-
-#include <dst/dst.h>
-
-#include "dnssectool.h"
-
-const char *program = "dnssec-makekeyset";
-int verbose;
-
-typedef struct keynode keynode_t;
-struct keynode {
-	dst_key_t *key;
-	ISC_LINK(keynode_t) link;
-};
-typedef ISC_LIST(keynode_t) keylist_t;
-
-static isc_stdtime_t starttime = 0, endtime = 0, now;
-static int ttl = -1;
-
-static isc_mem_t *mctx = NULL;
-static isc_entropy_t *ectx = NULL;
-
-static keylist_t keylist;
-
-static void
-usage(void) {
-	fprintf(stderr, "Usage:\n");
-	fprintf(stderr, "\t%s [options] keys\n", program);
-
-	fprintf(stderr, "\n");
-
-	fprintf(stderr, "Version: %s\n", VERSION);
-
-	fprintf(stderr, "Options: (default value in parenthesis) \n");
-	fprintf(stderr, "\t-a\n");
-	fprintf(stderr, "\t\tverify generated signatures\n");
-	fprintf(stderr, "\t-s YYYYMMDDHHMMSS|+offset:\n");
-	fprintf(stderr, "\t\tSIG start time - absolute|offset (now)\n");
-	fprintf(stderr, "\t-e YYYYMMDDHHMMSS|+offset|\"now\"+offset]:\n");
-	fprintf(stderr, "\t\tSIG end time  - "
-			     "absolute|from start|from now (now + 30 days)\n");
-	fprintf(stderr, "\t-t ttl\n");
-	fprintf(stderr, "\t-p\n");
-	fprintf(stderr, "\t\tuse pseudorandom data (faster but less secure)\n");
-	fprintf(stderr, "\t-r randomdev:\n");
-	fprintf(stderr, "\t\ta file containing random data\n");
-	fprintf(stderr, "\t-v level:\n");
-	fprintf(stderr, "\t\tverbose level (0)\n");
-
-	fprintf(stderr, "\n");
-
-	fprintf(stderr, "keys:\n");
-	fprintf(stderr, "\tkeyfile (Kname+alg+tag)\n");
-
-	fprintf(stderr, "\n");
-
-	fprintf(stderr, "Output:\n");
-	fprintf(stderr, "\tkeyset (keyset-<name>)\n");
-	exit(0);
-}
-
-static isc_boolean_t
-zonekey_on_list(dst_key_t *key) {
-	keynode_t *keynode;
-	for (keynode = ISC_LIST_HEAD(keylist);
-	     keynode != NULL;
-	     keynode = ISC_LIST_NEXT(keynode, link))
-	{
-		if (dst_key_compare(keynode->key, key))
-			return (ISC_TRUE);
-	}
-	return (ISC_FALSE);
-}
-
-int
-main(int argc, char *argv[]) {
-	int i, ch;
-	char *startstr = NULL, *endstr = NULL;
-	dns_fixedname_t fdomain;
-	dns_name_t *domain = NULL;
-	char *output = NULL;
-	char *endp;
-	unsigned char data[65536];
-	dns_db_t *db;
-	dns_dbversion_t *version;
-	dns_diff_t diff;
-	dns_difftuple_t *tuple;
-	dns_fixedname_t tname;
-	dst_key_t *key = NULL;
-	dns_rdata_t rdata = DNS_RDATA_INIT;
-	dns_rdataset_t rdataset;
-	dns_rdataclass_t rdclass;
-	isc_result_t result;
-	isc_buffer_t b;
-	isc_region_t r;
-	isc_log_t *log = NULL;
-	keynode_t *keynode;
-	unsigned int eflags;
-	isc_boolean_t pseudorandom = ISC_FALSE;
-	isc_boolean_t tryverify = ISC_FALSE;
-
-	result = isc_mem_create(0, 0, &mctx);
-	if (result != ISC_R_SUCCESS)
-		fatal("failed to create memory context: %s",
-		      isc_result_totext(result));
-
-	dns_result_register();
-
-	while ((ch = isc_commandline_parse(argc, argv, "as:e:t:r:v:ph")) != -1)
-	{
-		switch (ch) {
-		case 'a':
-			tryverify = ISC_TRUE;
-			break;
-		case 's':
-			startstr = isc_commandline_argument;
-			break;
-
-		case 'e':
-			endstr = isc_commandline_argument;
-			break;
-
-		case 't':
-			endp = NULL;
-			ttl = strtol(isc_commandline_argument, &endp, 0);
-			if (*endp != '\0')
-				fatal("TTL must be numeric");
-			break;
-
-		case 'r':
-			setup_entropy(mctx, isc_commandline_argument, &ectx);
-			break;
-
-		case 'v':
-			endp = NULL;
-			verbose = strtol(isc_commandline_argument, &endp, 0);
-			if (*endp != '\0')
-				fatal("verbose level must be numeric");
-			break;
-
-		case 'p':
-			pseudorandom = ISC_TRUE;
-			break;
-
-		case 'h':
-		default:
-			usage();
-
-		}
-	}
-
-	argc -= isc_commandline_index;
-	argv += isc_commandline_index;
-
-	if (argc < 1)
-		usage();
-
-	if (ectx == NULL)
-		setup_entropy(mctx, NULL, &ectx);
-	eflags = ISC_ENTROPY_BLOCKING;
-	if (!pseudorandom)
-		eflags |= ISC_ENTROPY_GOODONLY;
-	result = dst_lib_init(mctx, ectx, eflags);
-	if (result != ISC_R_SUCCESS)
-		fatal("could not initialize dst: %s", 
-		      isc_result_totext(result));
-
-	isc_stdtime_get(&now);
-
-	if (startstr != NULL)
-		starttime = strtotime(startstr, now, now);
-	else
-		starttime = now;
-
-	if (endstr != NULL)
-		endtime = strtotime(endstr, now, starttime);
-	else
-		endtime = starttime + (30 * 24 * 60 * 60);
-
-	if (ttl == -1) {
-		ttl = 3600;
-		fprintf(stderr, "%s: TTL not specified, assuming 3600\n",
-			program);
-	}
-
-	setup_logging(verbose, mctx, &log);
-
-	dns_diff_init(mctx, &diff);
-	rdclass = 0;
-
-	ISC_LIST_INIT(keylist);
-
-	for (i = 0; i < argc; i++) {
-		char namestr[DNS_NAME_FORMATSIZE];
-		isc_buffer_t namebuf;
-
-		key = NULL;
-		result = dst_key_fromnamedfile(argv[i], DST_TYPE_PUBLIC,
-					       mctx, &key);
-		if (result != ISC_R_SUCCESS)
-			fatal("error loading key from %s: %s", argv[i],
-			      isc_result_totext(result));
-		if (rdclass == 0)
-			rdclass = dst_key_class(key);
-
-		isc_buffer_init(&namebuf, namestr, sizeof(namestr));
-		result = dns_name_tofilenametext(dst_key_name(key),
-						 ISC_FALSE,
-						 &namebuf);
-		check_result(result, "dns_name_tofilenametext");
-		isc_buffer_putuint8(&namebuf, 0);
-
-		if (domain == NULL) {
-			dns_fixedname_init(&fdomain);
-			domain = dns_fixedname_name(&fdomain);
-			dns_name_copy(dst_key_name(key), domain, NULL);
-		} else if (!dns_name_equal(domain, dst_key_name(key))) {
-			char str[DNS_NAME_FORMATSIZE];
-			dns_name_format(domain, str, sizeof(str));
-			fatal("all keys must have the same owner - %s "
-			      "and %s do not match", str, namestr);
-		}
-
-		if (output == NULL) {
-			output = isc_mem_allocate(mctx,
-						  strlen("keyset-") +
-						  strlen(namestr) + 1);
-			if (output == NULL)
-				fatal("out of memory");
-			sprintf(output, "keyset-%s", namestr);
-		}
-
-		if (dst_key_iszonekey(key)) {
-			dst_key_t *zonekey = NULL;
-			result = dst_key_fromnamedfile(argv[i],
-						       DST_TYPE_PUBLIC |
-						       DST_TYPE_PRIVATE,
-						       mctx, &zonekey);
-			if (result != ISC_R_SUCCESS)
-				fatal("failed to read private key %s: %s",
-				      argv[i], isc_result_totext(result));
-			if (!zonekey_on_list(zonekey)) {
-				keynode = isc_mem_get(mctx, sizeof(keynode_t));
-				if (keynode == NULL)
-					fatal("out of memory");
-				keynode->key = zonekey;
-				ISC_LIST_INITANDAPPEND(keylist, keynode, link);
-			} else
-				dst_key_free(&zonekey);
-		}
-		dns_rdata_reset(&rdata);
-		isc_buffer_init(&b, data, sizeof(data));
-		result = dst_key_todns(key, &b);
-		dst_key_free(&key);
-		if (result != ISC_R_SUCCESS)
-			fatal("failed to convert key %s to a DNS KEY: %s",
-			      argv[i], isc_result_totext(result));
-		isc_buffer_usedregion(&b, &r);
-		dns_rdata_fromregion(&rdata, rdclass, dns_rdatatype_dnskey, &r);
-		tuple = NULL;
-		result = dns_difftuple_create(mctx, DNS_DIFFOP_ADD,
-					      domain, ttl, &rdata, &tuple);
-		check_result(result, "dns_difftuple_create");
-		dns_diff_append(&diff, &tuple);
-	}
-
-	db = NULL;
-	result = dns_db_create(mctx, "rbt", dns_rootname, dns_dbtype_zone,
-			       rdclass, 0, NULL, &db);
-	if (result != ISC_R_SUCCESS)
-		fatal("failed to create a database");
-
-	version = NULL;
-	dns_db_newversion(db, &version);
-
-	result = dns_diff_apply(&diff, db, version);
-	check_result(result, "dns_diff_apply");
-	dns_diff_clear(&diff);
-
-	dns_fixedname_init(&tname);
-	dns_rdataset_init(&rdataset);
-	result = dns_db_find(db, domain, version, dns_rdatatype_dnskey, 0, 0,
-			     NULL, dns_fixedname_name(&tname), &rdataset,
-			     NULL);
-	check_result(result, "dns_db_find");
-
-	if (ISC_LIST_EMPTY(keylist))
-		fprintf(stderr,
-			"%s: no private zone key found; not self-signing\n",
-			program);
-	for (keynode = ISC_LIST_HEAD(keylist);
-	     keynode != NULL;
-	     keynode = ISC_LIST_NEXT(keynode, link))
-	{
-		dns_rdata_reset(&rdata);
-		isc_buffer_init(&b, data, sizeof(data));
-		result = dns_dnssec_sign(domain, &rdataset, keynode->key,
-					 &starttime, &endtime, mctx, &b,
-					 &rdata);
-		isc_entropy_stopcallbacksources(ectx);
-		if (result != ISC_R_SUCCESS) {
-			char keystr[KEY_FORMATSIZE];
-			key_format(keynode->key, keystr, sizeof(keystr));
-			fatal("failed to sign keyset with key %s: %s",
-			      keystr, isc_result_totext(result));
-		}
-		if (tryverify) {
-			result = dns_dnssec_verify(domain, &rdataset,
-						   keynode->key, ISC_TRUE,
-						   mctx, &rdata);
-			if (result != ISC_R_SUCCESS) {
-				char keystr[KEY_FORMATSIZE];
-				key_format(keynode->key, keystr, sizeof(keystr));
-				fatal("signature from key '%s' failed to "
-				      "verify: %s",
-				      keystr, isc_result_totext(result));
-			}
-		}
-		tuple = NULL;
-		result = dns_difftuple_create(mctx, DNS_DIFFOP_ADD,
-					      domain, ttl, &rdata, &tuple);
-		check_result(result, "dns_difftuple_create");
-		dns_diff_append(&diff, &tuple);
-	}
-
-	result = dns_diff_apply(&diff, db, version);
-	check_result(result, "dns_diff_apply");
-	dns_diff_clear(&diff);
-
-	dns_rdataset_disassociate(&rdataset);
-
-	dns_db_closeversion(db, &version, ISC_TRUE);
-	result = dns_db_dump(db, version, output);
-	if (result != ISC_R_SUCCESS) {
-		char domainstr[DNS_NAME_FORMATSIZE];
-		dns_name_format(domain, domainstr, sizeof(domainstr));
-		fatal("failed to write database for %s to %s",
-		      domainstr, output);
-	}
-
-	printf("%s\n", output);
-
-	dns_db_detach(&db);
-
-	while (!ISC_LIST_EMPTY(keylist)) {
-		keynode = ISC_LIST_HEAD(keylist);
-		ISC_LIST_UNLINK(keylist, keynode, link);
-		dst_key_free(&keynode->key);
-		isc_mem_put(mctx, keynode, sizeof(keynode_t));
-	}
-
-	cleanup_logging(&log);
-	cleanup_entropy(&ectx);
-
-	isc_mem_free(mctx, output);
-	dst_lib_destroy();
-	if (verbose > 10)
-		isc_mem_stats(mctx, stdout);
-	isc_mem_destroy(&mctx);
-	return (0);
-}