knsupdate: allow algorithm specification in key command

6325e8fa · Daniel Salzman · 25d15d25 · 6325e8fa · 6325e8fa · 6325e8fa
Commit 6325e8fa authored 9 years ago by Daniel Salzman
--- a/doc/man/knsupdate.1in
+++ b/doc/man/knsupdate.1in
@@ -105,10 +105,10 @@ class is IN.
 Sets \fIvalue\fP as the default TTL (in seconds). If not used, the default value
 is 0.
 .TP
-\fBkey\fP \fIname\fP \fIkey\fP
-Specifies TSIG \fIkey\fP named \fIname\fP to authenticate the request. This command
-has the same effect as the program option \fB\-y\fP, except that the MAC
-algorithm cannot be set.
+\fBkey\fP [\fIalg\fP:]\fIname\fP \fIkey\fP
+Specifies TSIG \fIkey\fP named \fIname\fP to authenticate the request. An optional
+\fIalg\fP algorithm can be specified. This command has the same effect as
+the program option \fB\-y\fP\&.
 .TP
 [\fBprereq\fP] \fBnxdomain\fP \fIname\fP
 Adds a prerequisite for a non\-existing record owned by \fIname\fP\&.

--- a/doc/man_knsupdate.rst
+++ b/doc/man_knsupdate.rst
@@ -82,10 +82,10 @@ Commands
  Sets *value* as the default TTL (in seconds). If not used, the default value
  is 0.

-**key** *name* *key*
-  Specifies TSIG *key* named *name* to authenticate the request. This command
-  has the same effect as the program option **-y**, except that the MAC
-  algorithm cannot be set.
+**key** [*alg*:]\ *name* *key*
+  Specifies TSIG *key* named *name* to authenticate the request. An optional
+  *alg* algorithm can be specified. This command has the same effect as
+  the program option **-y**.

 [**prereq**] **nxdomain** *name*
  Adds a prerequisite for a non-existing record owned by *name*.

--- a/src/utils/knsupdate/knsupdate_exec.c
+++ b/src/utils/knsupdate/knsupdate_exec.c
@@ -74,7 +74,7 @@ const char* cmd_array[] = {
 	"\x3" "del",
 	"\x6" "delete",
 	"\x7" "gsstsig",
-	"\x3" "key",           /* {name} {secret} */
+	"\x3" "key",           /* {[alg:]name} {secret} */
 	"\x5" "local",         /* {address} [port] */
 	"\x8" "nxdomain",
 	"\x7" "nxrrset",
@@ -980,19 +980,24 @@ int cmd_key(const char* lp, knsupdate_params_t *params)
 	}

 	int ret = KNOT_EOK;
-	size_t len = strcspn(lp, SEP_CHARS);
-	if(kstr[len] == '\0') {
-		ERR("command 'key' without {secret} specified\n");
-		ret = KNOT_EINVAL;
-	} else {
-		/* Override existing key. */
-		knot_tsig_key_deinit(&params->tsig_key);

-		kstr[len] = ':'; /* Replace ' ' with ':' sep */
-		ret = knot_tsig_key_init_str(&params->tsig_key, kstr);
+	/* Search for the name secret separation. Allow also alg:name:key form. */
+	char *sep = strchr(kstr, ' ');
+	if (sep != NULL) {
+		/* Replace ' ' with ':'. More spaces are ignored in base64. */
+		*sep = ':';
+	}
+
+	/* Override existing key. */
+	knot_tsig_key_deinit(&params->tsig_key);
+
+	ret = knot_tsig_key_init_str(&params->tsig_key, kstr);
+	if (ret != KNOT_EOK) {
+		ERR("invalid key specification\n");
 	}

 	free(kstr);
+
 	return ret;
 }