From 70cb26bb002225766d3721e0919bca570f4b39d3 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Sun, 15 Mar 2015 21:25:38 +0100
Subject: [PATCH] Read trust anchor file without ldns

---
 src/dnssec.c        | 95 ++++++++++++++++++++++-----------------------
 src/dnssec.h        |  2 +-
 src/util-internal.c |  2 -
 src/util-internal.h |  4 ++
 4 files changed, 52 insertions(+), 51 deletions(-)

diff --git a/src/dnssec.c b/src/dnssec.c
index eb2a7342..bbad2aa5 100644
--- a/src/dnssec.c
+++ b/src/dnssec.c
@@ -47,6 +47,7 @@
 #include "types-internal.h"
 #include "dnssec.h"
 #include "rr-dict.h"
+#include "gldns/str2wire.h"
 
 void priv_getdns_call_user_callback(getdns_dns_req *, struct getdns_dict *);
 
@@ -604,16 +605,25 @@ done_free_trusted:
 }				/* getdns_validate_dnssec */
 
 int
-priv_getdns_parse_ta_file(time_t *ta_mtime, ldns_rr_list *ta_rrs)
+priv_getdns_parse_ta_file(time_t *ta_mtime, getdns_list *ta_rrs)
 {
-	uint32_t ttl = 3600;
-	ldns_rdf* orig = NULL, *prev = NULL;
-	int line = 1;
-	ldns_status s;
-	ldns_rr *rr;
-	int nkeys;
+
+	struct gldns_file_parse_state pst;
 	struct stat st;
+	struct {
+		uint16_t id;
+		uint16_t flags;
+		uint16_t qdcount;
+		uint16_t ancount;
+		uint16_t nscount;
+		uint16_t arcount;
+		uint8_t rr[8192]; /* Reasonable max size for a single RR */
+	} pkt;
+	size_t len, dname_len;
 	FILE *in;
+	priv_getdns_rr_iter rr_iter;
+	getdns_dict *rr_dict;
+	int ta_count = 0;
 
 	if (stat(TRUST_ANCHOR_FILE, &st) != 0)
 		return 0;
@@ -621,58 +631,47 @@ priv_getdns_parse_ta_file(time_t *ta_mtime, ldns_rr_list *ta_rrs)
 	if (ta_mtime)
 		*ta_mtime = st.st_mtime;
 
-	in = fopen(TRUST_ANCHOR_FILE, "r");
-	if (!in)
+	if (!(in = fopen(TRUST_ANCHOR_FILE, "r")))
 		return 0;
 
-	nkeys = 0;
-	while (! feof(in)) {
-		rr = NULL;
-		s = ldns_rr_new_frm_fp_l(&rr, in, &ttl, &orig, &prev, &line);
-		if (s == LDNS_STATUS_SYNTAX_EMPTY /* empty line */
-		    || s == LDNS_STATUS_SYNTAX_TTL /* $TTL */
-		    || s == LDNS_STATUS_SYNTAX_ORIGIN /* $ORIGIN */)
-			continue;
+	pkt.id = pkt.flags = pkt.qdcount = pkt.nscount = pkt.arcount = 0;
+	pkt.ancount = htons(1);
 
-		if (s != LDNS_STATUS_OK) {
-			ldns_rr_free(rr);
-			nkeys = 0;
+	memset(&pst, 0, sizeof(pst));
+	pst.default_ttl = 3600;
+	pst.lineno = 1;
+
+	while (!feof(in)) {
+		len = sizeof(pkt.rr);
+		dname_len = 0;
+		if (gldns_fp2wire_rr_buf(in, pkt.rr, &len, &dname_len, &pst))
 			break;
-		}
-		if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_DS ||
-		    ldns_rr_get_type(rr) == LDNS_RR_TYPE_DNSKEY) {
-
-			nkeys++;
-			if (ta_rrs) {
-				ldns_rr_list_push_rr(ta_rrs, rr);
-				continue;
-			}
-		}
-		ldns_rr_free(rr);
+		if (len == 0)  /* empty, $TTL, $ORIGIN */
+			continue;
+		if (gldns_wirerr_get_type(pkt.rr, len, dname_len) 
+		    != LDNS_RR_TYPE_DS &&
+		    gldns_wirerr_get_type(pkt.rr, len, dname_len)
+		    != LDNS_RR_TYPE_DNSKEY)
+			continue;
+		if (!priv_getdns_rr_iter_init(&rr_iter, (void *)&pkt, sizeof(pkt)))
+			break;
+		if (!(rr_dict = priv_getdns_rr_iter2rr_dict(NULL, &rr_iter)))
+			break;
+		if (ta_rrs && getdns_list_append_dict(ta_rrs, rr_dict))
+			break;
+		ta_count++;
 	}
-	ldns_rdf_deep_free(orig);
-	ldns_rdf_deep_free(prev);
 	fclose(in);
-	return nkeys;
+
+	return ta_count;
 }
 
 getdns_list *
 getdns_root_trust_anchor(time_t *utc_date_of_anchor)
 {
-	getdns_list  *tas_gd_list = NULL;
-	ldns_rr_list *tas_rr_list = ldns_rr_list_new();
-
-	if (! tas_rr_list)
-		return NULL;
-
-	if (! priv_getdns_parse_ta_file(utc_date_of_anchor, tas_rr_list)) {
-		goto done_free_tas_rr_list;
-	}
-	tas_gd_list = create_list_from_rr_list(NULL, tas_rr_list);
-
-done_free_tas_rr_list:
-	ldns_rr_list_deep_free(tas_rr_list);
-	return tas_gd_list;
+	getdns_list *ta_rrs = getdns_list_create();
+	(void) priv_getdns_parse_ta_file(utc_date_of_anchor, ta_rrs);
+	return ta_rrs;
 }
 
 /* dnssec.c */
diff --git a/src/dnssec.h b/src/dnssec.h
index a9cae8ec..30af7705 100644
--- a/src/dnssec.h
+++ b/src/dnssec.h
@@ -44,7 +44,7 @@
 /* Do some additional requests to fetch the complete validation chain */
 void priv_getdns_get_validation_chain(getdns_dns_req *dns_req);
 
-int priv_getdns_parse_ta_file(time_t *ta_mtime, ldns_rr_list *ta_rrs);
+int priv_getdns_parse_ta_file(time_t *ta_mtime, getdns_list *ta_rrs);
 
 #endif
 
diff --git a/src/util-internal.c b/src/util-internal.c
index 98596c62..1a734828 100644
--- a/src/util-internal.c
+++ b/src/util-internal.c
@@ -50,7 +50,6 @@
 #include "gldns/str2wire.h"
 #include "gldns/gbuffer.h"
 #include "gldns/pkthdr.h"
-#include "rr-iter.h"
 
 /**
   * this is a comprehensive list of extensions and their data types
@@ -217,7 +216,6 @@ priv_getdns_rr_iter2rr_dict(getdns_context *context, priv_getdns_rr_iter *i)
 	uint8_t ff_bytes[256];
 	uint16_t rr_type;
 
-	assert(context);
 	assert(i);
 	if (!(rr_dict = getdns_dict_create_with_context(context)))
 		return NULL;
diff --git a/src/util-internal.h b/src/util-internal.h
index e469fae8..0c610139 100644
--- a/src/util-internal.h
+++ b/src/util-internal.h
@@ -40,6 +40,7 @@
 
 #include <ldns/ldns.h>
 #include "context.h"
+#include "rr-iter.h"
 
 #define SCHED_DEBUG 0
 #define WIRE_DEBUG 1
@@ -120,6 +121,9 @@ getdns_return_t dict_to_sockaddr(struct getdns_dict * ns,
 getdns_return_t sockaddr_to_dict(struct getdns_context *context,
     struct sockaddr_storage *sockaddr, struct getdns_dict ** output);
 
+getdns_dict *
+priv_getdns_rr_iter2rr_dict(getdns_context *context, priv_getdns_rr_iter *i);
+
 struct getdns_dns_req;
 struct getdns_dict *create_getdns_response(struct getdns_dns_req *completed_request);