From 729a79bd5d5a1594cbf4be09066df039e6374f02 Mon Sep 17 00:00:00 2001
From: Mark Wooding <mdw@distorted.org.uk>
Date: Mon, 22 Dec 2014 20:32:58 +0000
Subject: [PATCH] zone.lisp: Include configurable search path for TLSA
 association data.

---
 zone.lisp | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/zone.lisp b/zone.lisp
index 841d62a..726791f 100644
--- a/zone.lisp
+++ b/zone.lisp
@@ -1077,6 +1077,13 @@
 		       (return value)))
 		   'tlsa-selector))))))
 
+(export '*tlsa-pathname-defaults*)
+(defvar *tlsa-pathname-defaults*
+  (list (make-pathname :directory '(:relative "certs") :type "cert")
+	(make-pathname :directory '(:relative "keys") :type "pub"))
+  "Default pathname components for TLSA records.")
+(pushnew '*tlsa-pathname-defaults* *zone-config*)
+
 (defun convert-tlsa-selector-data (data selector match)
   "Convert certificate association DATA as required by SELECTOR and MATCH.
 
@@ -1098,8 +1105,13 @@
        bin))
     (pathname
      (with-temporary-files (context :base "tmpfile.tmp")
-       (let* ((kind (identify-tlsa-selector-file data))
-	      (raw (raw-tlsa-assoc-data kind selector data context)))
+       (let* ((file (or (find-if #'probe-file
+				 (mapcar (lambda (template)
+					   (merge-pathnames data template))
+					 *tlsa-pathname-defaults*))
+			 (error "Couldn't find TLSA file `~A'" data)))
+	      (kind (identify-tlsa-selector-file file))
+	      (raw (raw-tlsa-assoc-data kind selector file context)))
 	 (read-tlsa-match-data match raw context))))))
 
 (defzoneparse :tlsa (name data rec)
-- 
2.11.0